<div dir="ltr">Pavol,<div><br></div><div>We've chosen to restrain from implementing org hierarchy until we're in conditions to migrate to 3.6.</div><div>I'll tell you how it goes when that happens!</div><div><br></div><div>Thanks for your insights and concern.<br></div><div>Regards,</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><br></div><div dir="ltr"><font face="arial, helvetica, sans-serif"><b>Rodrigo Yanis.</b><br><img src="http://www.identicum.com/img/favicon.ico">Identicum S.A.<br></font>Jorge Newbery 3226<br>Tel: +54 (11) 4552-3050<font face="arial, helvetica, sans-serif"><br><a href="mailto:ryanis@identicum.com" target="_blank"><font color="#0b5394">ryanis@identicum.com</font></a><br><a href="http://www.identicum.com/" target="_blank"><font color="#0b5394">www.identicum.com</font></a></font></div></div></div></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">2017-04-03 14:37 GMT-03:00 Pavol Mederly <span dir="ltr"><<a href="mailto:mederly@evolveum.com" target="_blank">mederly@evolveum.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    <p>Hello Rodrigo,</p>
    <p>I have looked at the source code for 3.5. Your observations
      correlate well with the sources:</p>
    <p><a href="https://github.com/Evolveum/midpoint/blob/support-3.5/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AssignmentEvaluator.java#L758" target="_blank">https://github.com/Evolveum/<wbr>midpoint/blob/support-3.5/<wbr>model/model-impl/src/main/<wbr>java/com/evolveum/midpoint/<wbr>model/impl/lens/<wbr>AssignmentEvaluator.java#L758</a></p>
    <p>In order to authorizations be applied, summary evaluation order
      should be 1. So now I see why unbounded max order does not work. <br>
    </p>
    <p>Unfortunately, I don't see an easy fix, other than setting
      <authorization> on each org struct element, or inducing a
      role carrying this <authorization> from each org struct
      element. As far as I know, this could be achieved automatically
      using an object template - not very elegant solution, but it might
      work. <br>
    </p>
    <p>Or, maybe someone else has a nicer workaround for this.</p>
    <p>(I briefly thought of fixing this in support branch in 3.5 but -
      honestly - I'm afraid of making any significant changes into
      non-refactored AssignmentEvaluator. In 3.6 this will certainly
      work.)<br>
    </p>
    <p>Best regards,<br>
    </p><span class="">
    <pre class="m_5258961181874473473moz-signature" cols="72">Pavol Mederly
Software developer
<a href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
    </span><div><div class="h5"><div class="m_5258961181874473473moz-cite-prefix">On 03.04.2017 18:40, Rodrigo Yanis
      wrote:<br>
    </div>
    <blockquote type="cite">
      <div dir="ltr">Pavol,
        <div><br>
        </div>
        <div>That is exactly the case I was describing, yes. Thanks for
          you thorough explanation. I tried your recommendation by
          configuring the inducement to the role with an unbounded max
          order, as well as the minimum order with 1 - unfortunately
          this didn't work. We are currently running under midpoint 3.5.</div>
        <div>I've been trying a few other scenarios too, and I was able
          to successfully propagate authorizations inheritance under the
          following model:</div>
        <div><br>
        </div>
        <div>OrgA (Root Org)</div>
         |
        <div>[A]<br>
           |
          <div>OrgB-----[I]----->OrgA<span style="font-family:monospace;font-size:10.4px"><br>
            </span></div>
           |<br>
          [A]<br>
           |
          <div>User</div>
        </div>
        <br>
        Only by inducing OrgA into OrgB the inheritance worked. I also
        tried adding a new OrgC as a child to OrgB, and authorizations
        would work only after inducing OrgB into OrgC.
        <div><br>
        </div>
        <div>Thanks again<br>
          <div><br>
          </div>
        </div>
      </div>
      <div class="gmail_extra"><br clear="all">
        <div>
          <div class="m_5258961181874473473gmail_signature" data-smartmail="gmail_signature">
            <div dir="ltr">
              <div>
                <div dir="ltr">
                  <div>
                    <div dir="ltr">
                      <div>
                        <div dir="ltr">
                          <div dir="ltr">
                            <div dir="ltr"><br>
                            </div>
                            <div dir="ltr"><font face="arial, helvetica,
                                sans-serif"><b>Rodrigo Yanis.</b><br>
                                <img src="http://www.identicum.com/img/favicon.ico">Identicum
                                S.A.<br>
                              </font>Jorge Newbery 3226<br>
                              Tel: +54 (11) 4824-9971<font face="arial,
                                helvetica, sans-serif"><br>
                                <a href="mailto:ryanis@identicum.com" target="_blank"><font color="#0b5394">ryanis@identicum.com</font></a><br>
                                <a href="http://www.identicum.com/" target="_blank"><font color="#0b5394">www.identicum.com</font></a></font></div>
                          </div>
                        </div>
                      </div>
                    </div>
                  </div>
                </div>
              </div>
            </div>
          </div>
        </div>
        <br>
        <div class="gmail_quote">2017-03-31 18:01 GMT-03:00 Pavol
          Mederly <span dir="ltr"><<a href="mailto:mederly@evolveum.com" target="_blank">mederly@evolveum.com</a>></span>:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div bgcolor="#FFFFFF" text="#000000">
              <p>Hello Rodrigo,</p>
              <p>so you have something like this</p>
              <p><tt>OrgA -----[I]-----> RoleA<br>
                    ^<br>
                    |<br>
                    |</tt><tt><br>
                </tt><tt>OrgB</tt><tt><br>
                    ^<br>
                    |<br>
                    |<br>
                </tt><tt>user</tt></p>
              <p>"I" means inducement. Unlabeled edges are assignments.
                Although it may seem strange to you, imagine the same
                situation, but this time dealing with roles and
                metaroles:</p>
              <p><tt>MetaroleA -----[I]-----> MetaroleB        ....
                  "level 2"<br>
                     ^<br>
                     |<br>
                     |</tt><tt><br>
                   Pirate                       <wbr>            ....
                  "level 1"<br>
                     ^<br>
                     |<br>
                     |<br>
                   </tt><tt>jack                         <wbr>           
                  .... "level 0"<br>
                </tt></p>
              <p>Now it's quite clear that the content (constructions,
                focus mappings, ...) attached to MetaroleB via simple
                inducements should not be applied to jack, but to the
                Pirate role. The reason is: <br>
              </p>
              <ol>
                <li>They reside at the level of "evaluation order 2".</li>
                <li>The inducement itself is a standard one (with the
                  order=1).</li>
                <li>So the content of the inducement (constructions,
                  focus mappings, ...) applies to level 2-1 = 1, i.e.
                  role Pirate.</li>
              </ol>
              <p>In the second case you'd need to use
                <order>2</order> for inducements to apply
                them to level 0, i.e. jack.</p>
              <p>But what about your original case with organizations?</p>
              <p>Here the situation is more complex, because you don't
                know the resulting level of RoleA: it depends on the
                number of organizational levels. However, for such cases
                midPoint provides "orderConstraint" element for
                inducements. In 3.5, you could specify your RoleA
                inducement with:</p>
              <p><tt><orderConstraint></tt><tt><br>
                </tt><tt>  <minOrder>1</minOrder></tt><tt><br>
                </tt><tt>  <maxOrder>unbounded</maxOrder></tt><tt><br>
                </tt><tt></orderConstraint></tt><tt><br>
                </tt><tt><focusType>UserType</focusType<wbr>>   
                          <!-- to disallow applying Role1 to
                  organizations --></tt><br>
              </p>
              <p>As far as I know, this should work.</p>
              <p>In 3.6 there are some changes, fixes, and
                clarifications for this mechanism, so minor changes
                would be needed.</p>
              <p>If you'd want more technical description (relevant to
                3.6), here it is: <a href="https://github.com/Evolveum/midpoint/blob/master/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AssignmentPathSegmentImpl.java#L72" target="_blank">https://github.com/Evolveum/mi<wbr>dpoint/blob/master/model/model<wbr>-impl/src/main/java/com/evolve<wbr>um/midpoint/model/impl/lens/As<wbr>signmentPathSegmentImpl.java#<wbr>L72</a><br>
              </p>
              <p>Hope this helps,<br>
              </p>
              <span>
                <pre class="m_5258961181874473473m_3654158347829956826moz-signature" cols="72">Pavol Mederly
Software developer
<a href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
              </span>
              <div>
                <div class="m_5258961181874473473h5">
                  <div class="m_5258961181874473473m_3654158347829956826moz-cite-prefix">On
                    31.03.2017 22:41, Rodrigo Yanis wrote:<br>
                  </div>
                  <blockquote type="cite">
                    <div dir="ltr">Hello Pavol,
                      <div><br>
                      </div>
                      <div>Furthering on this issue - while removing <b style="font-size:12.8px"><focusType>UserType</<wbr>focusType>
                        </b><span style="font-size:12.8px">from the
                          inducement definition solves authorization
                          inheritance for when the user is assigned to
                          the Org in which the inducement is defined,
                          this doesn't seem to apply to assignment of
                          Orgs that are child of this Org.</span></div>
                      <div><span style="font-size:12.8px"><br>
                        </span></div>
                      <div><span style="font-size:12.8px">For example,
                          Org A defines inducement to role A with </span><span style="font-size:12.8px">authorization
                          definitions, Org B is then set to be child of
                          Org A, Org B is then assigned to user. User is
                          indirectly assigned to role A, but
                          authorization does not work.</span></div>
                      <div><span style="font-size:12.8px"><br>
                        </span></div>
                      <div><span style="font-size:12.8px">Furthermore,
                          if we define authorizations directly into Org
                          A, and then assign Org B (child of A) to user,
                          authorizations are not inherited.</span></div>
                      <div><span style="font-size:12.8px"><br>
                        </span></div>
                      <div><span style="font-size:12.8px">Do you think
                          of any workaround for this scenario?</span></div>
                      <div><span style="font-size:12.8px"><br>
                        </span></div>
                      <div><span style="font-size:12.8px">Thanks,</span></div>
                    </div>
                    <div class="gmail_extra"><br clear="all">
                      <div>
                        <div class="m_5258961181874473473m_3654158347829956826gmail_signature" data-smartmail="gmail_signature">
                          <div dir="ltr">
                            <div>
                              <div dir="ltr">
                                <div>
                                  <div dir="ltr">
                                    <div>
                                      <div dir="ltr">
                                        <div dir="ltr">
                                          <div dir="ltr"><br>
                                          </div>
                                          <div dir="ltr"><font face="arial, helvetica,
                                              sans-serif"><b>Rodrigo
                                                Yanis.</b><br>
                                              <img src="http://www.identicum.com/img/favicon.ico">Identicum
                                              S.A.<br>
                                            </font>Jorge Newbery 3226<br>
                                            Tel: +54 (11) 4824-9971<font face="arial, helvetica,
                                              sans-serif"><br>
                                              <a href="mailto:ryanis@identicum.com" target="_blank"><font color="#0b5394">ryanis@identicum.com</font></a><br>
                                              <a href="http://www.identicum.com/" target="_blank"><font color="#0b5394">www.identicum.com</font></a></font></div>
                                        </div>
                                      </div>
                                    </div>
                                  </div>
                                </div>
                              </div>
                            </div>
                          </div>
                        </div>
                      </div>
                      <br>
                      <div class="gmail_quote">2017-01-10 10:08
                        GMT-03:00 Martin Marchese <span dir="ltr"><<a href="mailto:mmarchese@identicum.com" target="_blank">mmarchese@identicum.com</a>></span>:<br>
                        <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                          <div dir="ltr">Thanks Pavol for your answer. I
                            just created a JIRA for this.</div>
                          <div class="gmail_extra"><span><br clear="all">
                              <div>
                                <div class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488gmail_signature" data-smartmail="gmail_signature">
                                  <div dir="ltr">
                                    <div>
                                      <div dir="ltr">
                                        <div>
                                          <div dir="ltr">
                                            <div>
                                              <div dir="ltr">
                                                <div>
                                                  <div dir="ltr"><b><span></span><span></span>Ing.
                                                      Martín Marchese</b><br>
                                                    <img src="http://www.identicum.com/img/favicon.ico">Identicum S.A.<br>
                                                    Jorge Newbery 3226<br>
                                                    Tel: +54 (11)
                                                    4552-3050<br>
                                                    <a href="mailto:mmarchese@identicum.com" target="_blank">mmarchese@identicum.com</a><br>
                                                    <a href="http://www.identicum.com" target="_blank">www.identicum.com</a></div>
                                                </div>
                                              </div>
                                            </div>
                                          </div>
                                        </div>
                                      </div>
                                    </div>
                                  </div>
                                </div>
                              </div>
                              <br>
                            </span>
                            <div>
                              <div class="m_5258961181874473473m_3654158347829956826h5">
                                <div class="gmail_quote">On Mon, Jan 9,
                                  2017 at 10:45 AM, Pavol Mederly <span dir="ltr"><<a href="mailto:mederly@evolveum.com" target="_blank">mederly@evolveum.com</a>></span>
                                  wrote:<br>
                                  <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                    <div bgcolor="#FFFFFF" text="#000000">
                                      <p>Well... to be more precise:
                                        focusType check at that line
                                        expects that the focus type is
                                        present in LensContext. But, for
                                        the purpose of evaluation of
                                        user assignments during login,
                                        the focus type in LensContext is
                                        not filled-in.</p>
                                      <p>Please write the JIRA and we'll
                                        fix that.<br>
                                      </p>
                                      <span>
                                        <pre class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496moz-signature" cols="72">Pavol Mederly
Software developer
<a href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
                                      </span>
                                      <div>
                                        <div class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488h5">
                                          <div class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496moz-cite-prefix">On
                                            09.01.2017 14:41, Pavol
                                            Mederly wrote:<br>
                                          </div>
                                          <blockquote type="cite">
                                            <p>Martin,</p>
                                            <p>I've played with your
                                              case for a while and it
                                              seems that <b><focusType>UserType</focusType<wbr>></b>
                                              is the problem. After
                                              removing it, the
                                              authorizations are
                                              propagated correctly.<br>
                                            </p>
                                            <p>I'm not sure why it is
                                              so; as it should work, as
                                              far as I know. I suspect a
                                              bug at
                                              AssignmentEvaluator:682,
                                              but I'm not sure.<br>
                                            </p>
                                            <p>Maybe you could file a
                                              JIRA for this.<br>
                                            </p>
                                            <pre class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496moz-signature" cols="72">Pavol Mederly
Software developer
<a href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
                                            <div class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496moz-cite-prefix">On
                                              03.01.2017 19:10, Martin
                                              Marchese wrote:<br>
                                            </div>
                                            <blockquote type="cite">
                                              <div dir="ltr">
                                                <div>Hi All,</div>
                                                <div><br>
                                                </div>
                                                <div>Within our MidPoint
                                                  3.5 deployment, we
                                                  have created an Org
                                                  Structure which
                                                  induces a role to
                                                  users.</div>
                                                <div><br>
                                                </div>
                                                <div>This role, contains
                                                  all kind of
                                                  authorizations for
                                                  users (REST acccess,
                                                  GUI access, etc).</div>
                                                <div><br>
                                                </div>
                                                <div>Once the
                                                  organization is
                                                  assigned to a user, it
                                                  gets the role assigned
                                                  but not the
                                                  authorizations.
                                                  However, if we assign
                                                  the role directly to
                                                  the user, all the
                                                  authorizations are
                                                  assigned OK.</div>
                                                <div><br>
                                                </div>
                                                <div>I was wondering if
                                                  there is not any kind
                                                  of order for
                                                  authorizations (as it
                                                  is for inducements).
                                                  Or anything that we
                                                  might be missing in
                                                  our objects?</div>
                                                <div><br>
                                                </div>
                                                <div>Below, I send the
                                                  examples of how our
                                                  Org and Role look
                                                  like:</div>
                                                <div><br>
                                                </div>
                                                <div><br>
                                                </div>
                                                <div>Org:</div>
                                                <div>-----</div>
                                                <div>
                                                  <div><org
                                                    oid="00000000-0000-1de4-0009-0<wbr>00000000001"></div>
                                                  <div> 
                                                     <name>MEGC</name></div>
                                                  <div>...</div>
                                                  <div>   
                                                    <inducement
                                                    id="6"></div>
                                                  <div>     
                                                    <targetRef
                                                    oid="00000000-0000-1de4-0003-0<wbr>00000000001"
type="RoleType"></targetRef></div>
                                                  <div>     
                                                    <orderConstraint></div>
                                                  <div>       
                                                    <orderMax>unbounded</orderMax></div>
                                                  <div>     
                                                    </orderConstraint></div>
                                                  <div>     
                                                    <focusType>UserType</focusType<wbr>></div>
                                                  <div>   
                                                     </inducement></div>
                                                  <div>...</div>
                                                  <div></org></div>
                                                </div>
                                                <div><br>
                                                </div>
                                                <div>Role:</div>
                                                <div>-------</div>
                                                <div><br>
                                                </div>
                                                <div>
                                                  <div><role
                                                    oid="00000000-0000-1de4-0003-0<wbr>00000000001"<br>
                                                  </div>
                                                  <div>      xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" target="_blank">http://midpoint.evolv<wbr>eum.com/xml/ns/public/common/c<wbr>ommon-3</a>">
                                                     
                                                    <name>MidPoint
                                                    Custom
                                                    User</name></div>
                                                  <div> 
                                                    <roleType>APPLICATION</roleTyp<wbr>e></div>
                                                  <div><span class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496gmail-Apple-tab-span" style="white-space:pre-wrap">   </span><authorization></div>
                                                  <div><span class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496gmail-Apple-tab-span" style="white-space:pre-wrap">           </span><description>Permisos
GUI</description></div>
                                                  <div><span class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496gmail-Apple-tab-span" style="white-space:pre-wrap">           </span><action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfDashboard" target="_blank">http://midpoint.evolve<wbr>um.com/xml/ns/public/security/<wbr>authorization-ui-3#selfDashboa<wbr>rd</a></action></div>
                                                  <div><span class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496gmail-Apple-tab-span" style="white-space:pre-wrap">           </span><action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfCredentials" target="_blank">http://midpoint.evolve<wbr>um.com/xml/ns/public/security/<wbr>authorization-ui-3#selfCredent<wbr>ials</a></action></div>
                                                  <div><span class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496gmail-Apple-tab-span" style="white-space:pre-wrap">   </span></authorization></div>
                                                  <div><span class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496gmail-Apple-tab-span" style="white-space:pre-wrap">   </span>...</div>
                                                  <div></role></div>
                                                </div>
                                                <div><br>
                                                </div>
                                                <div>Thanks in Advance</div>
                                                <div><br>
                                                </div>
                                                <div>
                                                  <div class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496gmail_signature">
                                                    <div dir="ltr">
                                                      <div>
                                                        <div dir="ltr">
                                                          <div>
                                                          <div dir="ltr">
                                                          <div>
                                                          <div dir="ltr">
                                                          <div>
                                                          <div dir="ltr"><b><span></span><span></span>Ing.
                                                          Martín
                                                          Marchese</b><br>
                                                          <img src="http://www.identicum.com/img/favicon.ico">Identicum S.A.<br>
                                                          Jorge Newbery
                                                          3226<br>
                                                          Tel: +54 (11)
                                                          4552-3050<br>
                                                          <a href="mailto:mmarchese@identicum.com" target="_blank">mmarchese@identicum.com</a><br>
                                                          <a href="http://www.identicum.com" target="_blank">www.identicum.com</a></div>
                                                          </div>
                                                          </div>
                                                          </div>
                                                          </div>
                                                          </div>
                                                        </div>
                                                      </div>
                                                    </div>
                                                  </div>
                                                </div>
                                              </div>
                                              <br>
                                              <fieldset class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496mimeAttachmentHeader"></fieldset>
                                              <br>
                                              <pre>______________________________<wbr>_________________
midPoint mailing list
<a class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>
</pre>
      </blockquote>
      

      

      <fieldset class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496mimeAttachmentHeader"></fieldset>
      

      <pre>______________________________<wbr>_________________
midPoint mailing list
<a class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a class="m_5258961181874473473m_3654158347829956826m_-5603245889074287488m_-5101288925844589496moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>
</pre>
    </blockquote>
    

  </div></div></div>


______________________________<wbr>_________________

midPoint mailing list

<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>

<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>


</blockquote></div>
</div></div></div>

______________________________<wbr>_________________

midPoint mailing list

<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>

<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>


</blockquote></div>
</div>


<fieldset class="m_5258961181874473473m_3654158347829956826mimeAttachmentHeader"></fieldset>
<pre>______________________________<wbr>_________________
midPoint mailing list
<a class="m_5258961181874473473m_3654158347829956826moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a class="m_5258961181874473473m_3654158347829956826moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>
</pre>

</blockquote>
</div></div></div>
______________________________<wbr>_________________

midPoint mailing list

<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>

<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>


</blockquote></div>
</div>


<fieldset class="m_5258961181874473473mimeAttachmentHeader"></fieldset>
<pre>______________________________<wbr>_________________
midPoint mailing list
<a class="m_5258961181874473473moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a class="m_5258961181874473473moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a>
</pre>

</blockquote>
</div></div></div><br>______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a><br>
<br></blockquote></div><br></div>