<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="FR-BE" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal">Hello ,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US">We are trying to implement the o-rbac access model into midpoint.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Here is some documentation about orbac : <a href="http://orbac.org/">
http://orbac.org/</a><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">We are almost there , there is just the concept of activities (set of actions on a service or application to which the same security rule apply)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Which we are unable to find a way to implement in midpoint because there is no such thing in the data model.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Since the data model is dynamic (xml based) and there is a way to extend model objects (users , orgs , roles) with attributes ,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I am wondering if there is a way to create custom objects in the model and do relations with existing objects ?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Kind regards ,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Laurens<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<div lang="FR-BE" link="#005dba" vlink="#6c606a">
<div class="WordSection1">
<table border="0">
<tbody>
<tr>
<td style="BORDER-RIGHT: #fecb00 thin solid; WIDTH: 40%" valign="top"> <img border="0" src="cid:cibg_f07a61fd-1236-4fe1-b306-9ef912596adf.png">
</td>
<td style="WIDTH: 60%" valign="top">
<p style="FONT-SIZE: 10pt; FONT-FAMILY: Arial; LINE-HEIGHT: normal"><span class="TitreCar"><b><span lang="EN-US" style="FONT-SIZE: 15pt; FONT-FAMILY: 'Calibri Light','sans-serif'; COLOR: #0080bf">Laurens BUYSE</span></b></span><br>
<span class="MsoSubtleReference"><span lang="EN-US" style="FONT-FAMILY: 'Calibri Light','sans-serif'; COLOR: #0a00be">Analyst Programmer</span></span><br>
<span lang="EN-US" style="FONT-SIZE: 11pt; FONT-FAMILY: 'Calibri Light','sans-serif'; COLOR: #164397">Operations
<span style="FONT-SIZE: 11pt; FONT-FAMILY: 'Calibri Light'; COLOR: #164397"></span>- Development & Architecture</span><br>
<span lang="EN-US" style="FONT-SIZE: 10pt; FONT-FAMILY: 'Calibri Light','sans-serif'">Kunstlaan 21, 1000 Brussel -
</span><span lang="EN-US" style="FONT-FAMILY: 'Calibri Light','sans-serif'; COLOR: #0080bf"><a href="http://cibg.brussels/"><span style="FONT-SIZE: 10pt; COLOR: #0080bf">cibg.brussels</span></a></span><span lang="EN-US" style="FONT-SIZE: 10pt; FONT-FAMILY: 'Calibri Light','sans-serif'">
- </span><span lang="EN-US" style="FONT-FAMILY: 'Calibri Light','sans-serif'; COLOR: #0080bf"><a href="http://cibg.brussels/disclaimer-1"><span style="FONT-SIZE: 10pt; COLOR: #0080bf">disclaimer</span></a></span><span lang="EN-US" style="FONT-SIZE: 10pt; FONT-FAMILY: 'Calibri Light','sans-serif'"><br>
T +32 2 801 12 47 <span style="COLOR: #fecb00">| </span><span style="FONT-SIZE: 10pt; FONT-FAMILY: 'Calibri Light', 'sans-serif'"><span style="FONT-SIZE: 10pt; FONT-FAMILY: 'Calibri Light'">G</span> +32 477 65 84 97
<span style="COLOR: #fecb00">| </span>Helpdesk +32 2 801 00 00 </span></span><br>
<span lang="EN-US" style="FONT-SIZE: 9pt; FONT-FAMILY: 'Calibri Light','sans-serif'; COLOR: #61c250">Be green, leave it on the screen !</span> <a class="socialLink" href="https://www.linkedin.com/company/cirb_cibg"><img class="socialLink" style="HEIGHT: 25px; WIDTH: 25px" border="0" src="cid:linkedIn_af781ca2-8618-40cc-9064-0ad6eededb29.png"></a><a href="http://www.linkedin.com/company/cirb_cibg"></a> <a class="socialLink" href="https://twitter.com/CIRB_CIBG"><img class="socialLink" style="HEIGHT: 25px; WIDTH: 25px" border="0" src="cid:twitter_d568a372-f34e-4805-9959-7b5a18ef99b6.png"></a> <a href="http://www.environnement.brussels/thematiques/ville-durable/le-label-entreprise-ecodynamique"><img style="HEIGHT: 25px; WIDTH: 25px" border="0" src="cid:logo_eco_mail2_a0aace5a-4de5-479d-86b2-8186e6263c4d.jpg"></a></p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</body>
</html>