[midPoint] Fw: Example AMQP / Async resource?

Keith Hazelton hazelton at internet2.edu
Mon Mar 30 23:46:39 CEST 2020 


________________________________
From: Keith Hazelton <hazelton at internet2.edu>
Sent: Monday, March 30, 2020 4:43 PM
To: Richard Frovarp <richard.frovarp at ndsu.edu>
Subject: Re: [midPoint] Example AMQP / Async resource?

Richard,

The best description of the current Grouper-to-midPoint AMQP message based connector is found here<https://spaces.at.internet2.edu/display/MID/Grouper+integration+demo#Grouperintegrationdemo-Startingnearreal-timesynchronizationfromGroupertomidPoint>. The most relevant section starts with Starting near-real time synchronization from Grouper to midPoint<https://spaces.at.internet2.edu/display/MID/Grouper+integration+demo#Grouperintegrationdemo-Startingnearreal-timesynchronizationfromGroupertomidPoint>

I agree that the phrase you found on https://spaces.at.internet2.edu/pages/viewpage.action?spaceKey=MID&title=Detailed+description is misleading. I changed it to the following:

"RabbitMQ is used to achieve near real-time synchronization from Grouper to midPoint. Grouper publishes changes to AMQP and midPoint updates itself based on those AMQP messages."

We need more input from the community to understand which messaging capabilities should be added to the InCommon Trusted Access Platform. I'll try to collect that information.

         Regards,   --Keith


________________________________
From: Richard Frovarp <richard.frovarp at ndsu.edu>
Sent: Monday, March 30, 2020 10:09 AM
To: Keith Hazelton <hazelton at internet2.edu>
Subject: Re: [midPoint] Example AMQP / Async resource?

I don't have edit. The one that I was able to find doesn't have the
Grouper reference I thought it did. It does have a bad midPoint
reference.

https://spaces.at.internet2.edu/pages/viewpage.action?spaceKey=MID&titl
e=Detailed+description

"Both Grouper and midPoint can publish events related to specific
changes"

This is where I thought that midPoint had the ability to publish to
RabbitMQ baked in.

I guess that the opposite is kind of implied. If they can achieve sync
between the two, and both can publish, that implies that Grouper can
read from RabbitMQ, and it can't do that either.

Thanks,
Richard

On Fri, 2020-03-27 at 22:22 +0000, Keith Hazelton wrote:
> Richard, If you can't edit the faulty information, just let me know
> which pages and I can fix it.
>
>
> From: midPoint <midpoint-bounces at lists.evolveum.com> on behalf of
> Richard Frovarp <richard.frovarp at ndsu.edu>
> Sent: Friday, March 27, 2020 3:55 PM
> To: midpoint at lists.evolveum.com <midpoint at lists.evolveum.com>
> Subject: Re: [midPoint] Example AMQP / Async resource?
>
> Thanks for the answer. I'm quite good at banging my head against
> things, so long as I know it is possible. I'll take a peak at the
> manual resource bit to see if that could possibly help. The DB work
> around is probably my best bet.
>
> The Internet 2 documentation on the TIER package isn't exactly the
> most
> clear about AMQP operations. It makes it seem as though midPoint can
> provision via AMQP, AND that Grouper can get additions through AMQP.
> And it appears that neither are true. I'll see if I have enough karma
> to edit, otherwise will find someone to fix the page I found.
>
> Thanks again,
> Richard
>
> On Fri, 2020-03-27 at 21:50 +0100, Pavol Mederly wrote:
> > Hello Richard,
> >
> > you're right -- Grouper AMQP connector (and any existing AMQP
> support
> > in
> > midPoint as well) is used solely to transfer data from external
> > system
> > (Grouper) to midPoint.
> >
> > When considering the other way (from midPoint to external systems),
> > we
> > have no explicit support for messaging now.
> >
> > As described here
> > (https://wiki.evolveum.com/display/midPoint/Messaging+Resources)
> the
> > expected approach would be to implement something similar to
> manual
> > resource connector we have in midPoint now. But it's not quite
> easy,
> > considering you are new to midPoint, as you said.
> >
> > The preferred option is to contact us to develop this kind of
> > connector
> > for you, or the other way is to use a kind of fallback you are
> > thinking
> > about. If it's a temporary solution, (before converting all your
> > resources to directly interface midPoint), then it could be
> > acceptable.
> > I think.
> >
> > Best regards,
> >
> > Pavol Mederly
> > Software developer
> > evolveum.com
> >
> > On 27/03/2020 21:32, Richard Frovarp wrote:
> > > Are there any examples or documentation for any sort of async
> > > provisioning resources? I know that there is the read one for
> > > Grouper,
> > > but I'm also looking for something that could create and update
> > > accounts. Maybe following the Grouper example I could get that to
> > > work,
> > > I'm just not sure. I am exceptionally new to midPoint. A hint of
> > > what
> > > class to extend would be helpful.
> > >
> > > Our custom engineered IAM solution does all of its work via
> > > RabbitMQ.
> > > Given my current time constraints to get off of that one, I don't
> > > see
> > > it practical that I can switch all of our resources that store
> > > accounts
> > > over to custom resources. I am better off in the short term
> > > leveraging
> > > the existing code that I have, some of which is in Perl, than
> > > trying to
> > > go full into midPoint. That is why I am trying to follow the path
> > > of
> > > AMQP. I think my fallback would be to have midPoint write to a
> DB,
> > > have
> > > a separate process monitor for updates there, and emit messages.
> > > Hoping
> > > for something a bit more elegant.
> > >
> > > Thanks for any and all suggestions.
> > >
> > > Richard
> > > _______________________________________________
> > > midPoint mailing list
> > > midPoint at lists.evolveum.com
> > > https://lists.evolveum.com/mailman/listinfo/midpoint
> >
> > _______________________________________________
> > midPoint mailing list
> > midPoint at lists.evolveum.com
> > https://lists.evolveum.com/mailman/listinfo/midpoint
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200330/7e9d109a/attachment.htm>

More information about the midPoint mailing list