[midPoint] Problem with correlation and external attribute
Ivan Noris
ivan.noris at evolveum.com
Fri Sep 25 12:12:25 CEST 2020
Hi Andrea,
take an inspiration from e.g.
https://github.com/Evolveum/midpoint-samples/blob/master/samples/schema/extension-piracy.xsd
See targetNamespace and xmlns:tns definitions in <xsd:schema element.
Ivan
On 25. 9. 2020 11:50, Andrea Picconi via midPoint wrote:
>
> Hi Ethan,
>
>
>
> it's probably just that ... I'll try to find a way to create it
> myself, even if I don't know how.
>
> Thanks again Ethan, thanks Ivan
>
>
>
> *From:*midPoint <midpoint-bounces at lists.evolveum.com> *On Behalf Of
> *Ethan Kromhout via midPoint
> *Sent:* Friday, September 25, 2020 11:25 AM
> *To:* midpoint at lists.evolveum.com
> *Cc:* Ethan Kromhout <kromhout at unc.edu>
> *Subject:* Re: [midPoint] Problem with correlation and external attribute
>
>
>
> Ivan and Andrea,
>
> Is it problematic that the targetNamespace used in this extension
> could collide with one of the midPoint provided ones? I've always use
> a URN unique to my organization.
>
> Ethan
>
> On 9/25/20 4:10 AM, Ivan Noris via midPoint wrote:
>
> Hi Andrea,
>
> can you try searching by that extension attribute in midPoint
> using Query playground?
>
> Ivan
>
> On 25. 9. 2020 9:44, Andrea Picconi via midPoint wrote:
>
> Hi again,
>
>
>
> I also tried @Ethan Kromhout <mailto:kromhout at unc.edu>’s
> example, but it still gives me the two errors I showed you in
> the previous mail.
>
> I probably did something wrong in the setting, below how I set
> it all up:
>
>
>
> this is my extension_user_field schema namespace:
>
>
>
> <xsd:schema elementFormDefault=/"qualified"/
>
>
> targetNamespace=/"http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"/
> <http://midpoint.evolveum.com/xml/ns/public/resource/instance-3>
>
>
> xmlns:tns=/"http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"/
> <http://midpoint.evolveum.com/xml/ns/public/resource/instance-3>
>
>
> xmlns:a=/"http://prism.evolveum.com/xml/ns/public/annotation-3"/
> <http://prism.evolveum.com/xml/ns/public/annotation-3>
>
>
> xmlns:c=/"http://midpoint.evolveum.com/xml/ns/public/common/common-3"/
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>
> xmlns:xsd=/"http://www.w3.org/2001/XMLSchema"/
> <http://www.w3.org/2001/XMLSchema>>
>
>
>
> here the indexed attribute:
>
>
>
> <xsd:element name=/"uidLDAP"/ type=/"xsd:string"/
> minOccurs=/"0"/ maxOccurs=/"1"/>
>
> <xsd:annotation>
>
> <xsd:appinfo>
>
> <a:indexed>true</a:indexed>
>
> <a:displayName>LDAP UID</a:displayName>
>
> <a:displayOrder>550</a:displayOrder>
>
> <a:help>UID from LDAP</a:help>
>
> </xsd:appinfo>
>
> </xsd:annotation>
>
> </xsd:element>
>
>
>
> here instead the correlation that I have tried, starting from
> what you have seen above:
>
>
>
> <correlation>
>
> <q:equal>
>
> <q:path
> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
> <http://midpoint.evolveum.com/xml/ns/public/resource/instance-3>>extension/uidLDAP</q:path>
>
> <expression>
>
> <path
> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
> <http://midpoint.evolveum.com/xml/ns/public/resource/instance-3>>
>
> declare namespace
> ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
> <http://midpoint.evolveum.com/xml/ns/public/resource/instance-3>;
>
> $projection/attributes/ri:sAMAccountName
>
> </path>
>
> </expression>
>
> </q:equal>
>
> </correlation>
>
>
>
> Could you tell me where I'm wrong?
>
>
>
> Thank you,
>
> Andrea
>
>
>
> *From:*midPoint <midpoint-bounces at lists.evolveum.com>
> <mailto:midpoint-bounces at lists.evolveum.com>*On Behalf Of
> *Ethan Kromhout via midPoint
> *Sent:* Wednesday, September 23, 2020 3:12 PM
> *To:* midpoint at lists.evolveum.com
> <mailto:midpoint at lists.evolveum.com>
> *Cc:* Ethan Kromhout <kromhout at unc.edu> <mailto:kromhout at unc.edu>
> *Subject:* Re: [midPoint] Problem with correlation and
> external attribute
>
>
>
> I have used an extension attribute in a similar way, though it
> wasn't with AD. In my case I explicitly called out the
> namespace of the custom schema, not sure if that was required,
> but it works okay. Do note that the custom attribute must be
> indexed.
>
> In my schema I have the namespace and indexed attribute, note
> the "targetNamespace":
>
> <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
> <xsd:schema elementFormDefault="qualified"
> targetNamespace="http://unc.edu/xml/ns/uncPerson"
> <http://unc.edu/xml/ns/uncPerson>
> xmlns:tns="http://example.com/xml/ns/mySchema"
> <http://example.com/xml/ns/mySchema>
>
> xmlns:a="http://prism.evolveum.com/xml/ns/public/annotation-3"
> <http://prism.evolveum.com/xml/ns/public/annotation-3>
>
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> <http://www.w3.org/2001/XMLSchema>>
>
> <xsd:element name="subId" type="xsd:string" minOccurs="0"
> maxOccurs="1">
> <xsd:annotation>
> <xsd:appinfo>
> <a:indexed>true</a:indexed>
> <a:displayName>subId</a:displayName>
> <a:help>Subject ID</a:help>
> <a:displayOrder>150</a:displayOrder>
> </xsd:appinfo>
> </xsd:annotation>
> </xsd:element>
>
> Then in the correlation I reference that namespace as uncPerson:
>
> <correlation>
> <q:equal>
> <q:path
> xmlns:uncPerson="http://unc.edu/xml/ns/uncPerson"
> <http://unc.edu/xml/ns/uncPerson>>extension/uncPerson:subId</q:path>
> <expression>
> <path
> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
> <http://midpoint.evolveum.com/xml/ns/public/resource/instance-3>>
> declare namespace
> ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
> <http://midpoint.evolveum.com/xml/ns/public/resource/instance-3>;
> $account/attributes/ri:pid
> </path>
> </expression>
> </q:equal>
> </correlation>
>
> Ethan
>
> On 9/23/20 8:55 AM, Andrea Picconi via midPoint wrote:
>
> Hi all,
>
>
>
> I have a problem for which I have searched for a solution
> everywhere, but I couldn’t find anything: I am making a
> correlation between an extended attribute present in the
> user in midpoint (*/uidLDAP/*) and the */sAMAccountName/*
> attribute of an AD account that I need to import.
>
> below, you can see one of the tests made (of the many)
>
>
>
>
>
> but this does not give me any errors, it just tells me
> that the correlation has reported an unmatched:
>
>
>
>
>
>
>
> But if I try to force the correlation by choosing the
> "change owner" option and going to grab the correct user
> by hand in midpoint, it works
>
>
>
>
>
> So i think the problem comes from the attribute path on
> midpoint (the extended one):
>
>
>
>
>
> Has anyone already tried to use an extended attribute in
> the first correlation path?
>
> Could you help me?
>
>
>
> Thank you and regards,
>
>
>
>
>
> *Andrea Picconi*
>
> /IAM (Identity Access Management)/
>
>
>
> Innovery
> Skype: precons
> T: +39 06 51963439 (int. 196)
>
> Strada Quattro Palazzina A6 c/o Centro Direzionale
> Milanofiori, 20057 Assago (MI).
> www.innovery.net <http://www.innovery.net/>| T: +39 06
> 519 63 439
>
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
> --
>
> Ivan Noris
>
> Senior Identity Engineer
>
> evolveum.com
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
--
Ivan Noris
Senior Identity Engineer
evolveum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200925/c03909be/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 15140 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200925/c03909be/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1993 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200925/c03909be/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 3937 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200925/c03909be/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 9128 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200925/c03909be/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 4210 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200925/c03909be/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 8050 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200925/c03909be/attachment-0004.png>
More information about the midPoint
mailing list