<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div id="appendonsend"></div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> Keith Hazelton <hazelton@internet2.edu><br>
<b>Sent:</b> Monday, March 30, 2020 4:43 PM<br>
<b>To:</b> Richard Frovarp <richard.frovarp@ndsu.edu><br>
<b>Subject:</b> Re: [midPoint] Example AMQP / Async resource?</font>
<div> </div>
</div>
<div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Richard,</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
The best description of the current Grouper-to-midPoint AMQP message based connector is found
<a href="https://spaces.at.internet2.edu/display/MID/Grouper+integration+demo#Grouperintegrationdemo-Startingnearreal-timesynchronizationfromGroupertomidPoint" title="https://spaces.at.internet2.edu/display/MID/Grouper+integration+demo#Grouperintegrationdemo-Startingnearreal-timesynchronizationfromGroupertomidPoint">
here</a>. The most relevant section starts with <a href="https://spaces.at.internet2.edu/display/MID/Grouper+integration+demo#Grouperintegrationdemo-Startingnearreal-timesynchronizationfromGroupertomidPoint" title="https://spaces.at.internet2.edu/display/MID/Grouper+integration+demo#Grouperintegrationdemo-Startingnearreal-timesynchronizationfromGroupertomidPoint">
Starting near-real time synchronization from Grouper to midPoint</a><br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
I agree that the phrase you found on <a href="https://spaces.at.internet2.edu/pages/viewpage.action?spaceKey=MID&title=Detailed+description" id="LPlnk751076">
https://spaces.at.internet2.edu/pages/viewpage.action?spaceKey=MID&title=Detailed+description</a> is misleading. I changed it to the following:<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<em>"RabbitMQ</em> is used to achieve near real-time synchronization from Grouper to midPoint. Grouper publishes changes to AMQP and midPoint updates itself based on those AMQP messages."</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
We need more input from the community to understand which messaging capabilities should be added to the InCommon Trusted Access Platform. I'll try to collect that information.<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Regards, --Keith<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div id="appendonsend"></div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> Richard Frovarp <richard.frovarp@ndsu.edu><br>
<b>Sent:</b> Monday, March 30, 2020 10:09 AM<br>
<b>To:</b> Keith Hazelton <hazelton@internet2.edu><br>
<b>Subject:</b> Re: [midPoint] Example AMQP / Async resource?</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt">
<div class="PlainText">I don't have edit. The one that I was able to find doesn't have the<br>
Grouper reference I thought it did. It does have a bad midPoint<br>
reference.<br>
<br>
<a href="https://spaces.at.internet2.edu/pages/viewpage.action?spaceKey=MID&titl">https://spaces.at.internet2.edu/pages/viewpage.action?spaceKey=MID&titl</a><br>
e=Detailed+description<br>
<br>
"Both Grouper and midPoint can publish events related to specific<br>
changes"<br>
<br>
This is where I thought that midPoint had the ability to publish to<br>
RabbitMQ baked in. <br>
<br>
I guess that the opposite is kind of implied. If they can achieve sync<br>
between the two, and both can publish, that implies that Grouper can<br>
read from RabbitMQ, and it can't do that either. <br>
<br>
Thanks,<br>
Richard<br>
<br>
On Fri, 2020-03-27 at 22:22 +0000, Keith Hazelton wrote:<br>
> Richard, If you can't edit the faulty information, just let me know<br>
> which pages and I can fix it.<br>
> <br>
> <br>
> From: midPoint <midpoint-bounces@lists.evolveum.com> on behalf of<br>
> Richard Frovarp <richard.frovarp@ndsu.edu><br>
> Sent: Friday, March 27, 2020 3:55 PM<br>
> To: midpoint@lists.evolveum.com <midpoint@lists.evolveum.com><br>
> Subject: Re: [midPoint] Example AMQP / Async resource?<br>
> <br>
> Thanks for the answer. I'm quite good at banging my head against<br>
> things, so long as I know it is possible. I'll take a peak at the<br>
> manual resource bit to see if that could possibly help. The DB work<br>
> around is probably my best bet. <br>
> <br>
> The Internet 2 documentation on the TIER package isn't exactly the<br>
> most<br>
> clear about AMQP operations. It makes it seem as though midPoint can<br>
> provision via AMQP, AND that Grouper can get additions through AMQP.<br>
> And it appears that neither are true. I'll see if I have enough karma<br>
> to edit, otherwise will find someone to fix the page I found.<br>
> <br>
> Thanks again,<br>
> Richard<br>
> <br>
> On Fri, 2020-03-27 at 21:50 +0100, Pavol Mederly wrote:<br>
> > Hello Richard,<br>
> > <br>
> > you're right -- Grouper AMQP connector (and any existing AMQP<br>
> support<br>
> > in <br>
> > midPoint as well) is used solely to transfer data from external<br>
> > system <br>
> > (Grouper) to midPoint.<br>
> > <br>
> > When considering the other way (from midPoint to external systems),<br>
> > we <br>
> > have no explicit support for messaging now.<br>
> > <br>
> > As described here <br>
> > (<a href="https://wiki.evolveum.com/display/midPoint/Messaging+Resources">https://wiki.evolveum.com/display/midPoint/Messaging+Resources</a>)<br>
> the <br>
> > expected approach would be to implement something similar to<br>
> manual <br>
> > resource connector we have in midPoint now. But it's not quite<br>
> easy, <br>
> > considering you are new to midPoint, as you said.<br>
> > <br>
> > The preferred option is to contact us to develop this kind of<br>
> > connector <br>
> > for you, or the other way is to use a kind of fallback you are<br>
> > thinking <br>
> > about. If it's a temporary solution, (before converting all your <br>
> > resources to directly interface midPoint), then it could be<br>
> > acceptable. <br>
> > I think.<br>
> > <br>
> > Best regards,<br>
> > <br>
> > Pavol Mederly<br>
> > Software developer<br>
> > evolveum.com<br>
> > <br>
> > On 27/03/2020 21:32, Richard Frovarp wrote:<br>
> > > Are there any examples or documentation for any sort of async<br>
> > > provisioning resources? I know that there is the read one for<br>
> > > Grouper,<br>
> > > but I'm also looking for something that could create and update<br>
> > > accounts. Maybe following the Grouper example I could get that to<br>
> > > work,<br>
> > > I'm just not sure. I am exceptionally new to midPoint. A hint of<br>
> > > what<br>
> > > class to extend would be helpful.<br>
> > > <br>
> > > Our custom engineered IAM solution does all of its work via<br>
> > > RabbitMQ.<br>
> > > Given my current time constraints to get off of that one, I don't<br>
> > > see<br>
> > > it practical that I can switch all of our resources that store<br>
> > > accounts<br>
> > > over to custom resources. I am better off in the short term<br>
> > > leveraging<br>
> > > the existing code that I have, some of which is in Perl, than<br>
> > > trying to<br>
> > > go full into midPoint. That is why I am trying to follow the path<br>
> > > of<br>
> > > AMQP. I think my fallback would be to have midPoint write to a<br>
> DB,<br>
> > > have<br>
> > > a separate process monitor for updates there, and emit messages.<br>
> > > Hoping<br>
> > > for something a bit more elegant.<br>
> > > <br>
> > > Thanks for any and all suggestions.<br>
> > > <br>
> > > Richard<br>
> > > _______________________________________________<br>
> > > midPoint mailing list<br>
> > > midPoint@lists.evolveum.com<br>
> > > <a href="https://lists.evolveum.com/mailman/listinfo/midpoint">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
> > <br>
> > _______________________________________________<br>
> > midPoint mailing list<br>
> > midPoint@lists.evolveum.com<br>
> > <a href="https://lists.evolveum.com/mailman/listinfo/midpoint">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
> _______________________________________________<br>
> midPoint mailing list<br>
> midPoint@lists.evolveum.com<br>
> <a href="https://lists.evolveum.com/mailman/listinfo/midpoint">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
> _______________________________________________<br>
> midPoint mailing list<br>
> midPoint@lists.evolveum.com<br>
> <a href="https://lists.evolveum.com/mailman/listinfo/midpoint">https://lists.evolveum.com/mailman/listinfo/midpoint</a></div>
</span></font></div>
</div>
</div>
</body>
</html>