Skip to end of metadata
Go to start of metadata

Project Start

midPoint project started in April 2011 by several key people that were working on OpenIDM project. Initial midPoint release was based on the unreleased version 1.7 of OpenIDM. There were several reasons for splitting up with OpenIDM:

  • The publicly visible development effort of OpenIDM by the ForgeRock team efficiently ceased in February 2011. ForgeRock haven't publicly announced any updated plan for OpenIDM.
  • The part of the team that was led by nLight had done most of the design and development work to date. That part of the team had a differing view on further development of OpenIDM than the ForgeRock team had. ForgeRock decided to take a development path different from the one that was originally envisioned for OpenIDM.
  • The "nLight part" of the team was confident that the original design needs just few adjustments and most of these adjustments were expected and accounted for in the design. Therefore it was decided that the existing OpenIDM code should not be wasted and the development should continue in the original spirit.

The people from nLight and few other companies joined forces and established a new company: Evolveum. Evolveum mission is to lead a pragmatic development of professional open-source projects. Short-term goal is to carry on the development of OpenIDM following the original approach. Product name was changed to midPoint. The members of Evolveum team are original authors of significant part of the code base, therefore it was decided to start a completely new project using the code that the Evolveum team "owns" and, in an open-source spirit, reuse some of the other parts of the OpenIDM code base.

ForgeRock announced plans for further OpenIDM development in June 2011. It was obvious that the two development branches are following very different approach:

  • The OpenIDM v2 development led by ForgeRock took an approach of a total rewrite of the complete system. OpenIDMv2 is based on popular but unproven and immature technologies.
  • The midPoint development led by Evolveum took an approach of gradual improvement. MidPoint is based on stable, proven and well understood technologies.

The Age of Titans

First ten midPoint releases were named after Titans from the greek mythology. It begins with Prometheus who brought fire to the men and continues with other Titans. This naming convention describes the overall motive of the era very well. There midPoint releases provided features that a traditional user provisioning system should have. The goal was to build a solid foundation and feature base. The goal was to bring a new project to the state where it can technologically match the competition.

There was always innovation in midPoint, even in this era. But it was mostly hidden inside. MidPoint versions from the era of the Titans feels and looks like an traditional identity management system.

Release 1.7 (Prometheus)

Release Date: May 18th 2011
Major Focus: code restructuring, removing dead meat, get development back in shape
Release Notes: Release 1.7

As the very first step midPoint code was made significantly "lighter", removing some of the "dead meat" that accumulated over the year of hectic OpenIDM development. The code was also stabilized, the tests were fixed and the complete development process was brought back to a reasonable shape. The most significant changes are:

  • Removed OpenESB: OpenESB is a dead project and the hope of reviving it is very low. OpenESB was slowing down OpenIDM development from the very beginning. This does not mean that midPoint cannot be used in "ESB" environment. Just the approach was changed to decouple these technologies. midPoint is provided in a form of simple Java web application (WAR) based on Spring.
  • Removed Glassfish dependency: midPoint is no longer dependent on a specific application server. The primary development and testing platform is now Apache Tomcat.
  • Simplified build: The build system was completely revamped. The new build system is much simpler and based on a "pure" maven without any hacks.
  • Fixing unit tests: The unit tests were reviewed, deprecated unit tests were removed and the tests that are still needed were fixed. The tests would deserve better cleanup, but they are all passing now. And that's how it shall remain from this point on.
  • Architecture update: New wiki was created with an up-to-date information on current midPoint implementation and also the design. The UML models were updated as well, removing unnecessary components exactly as it happened in the code.

midPoint release 1.7 roughly corresponds to the features planned for OpenIDM snapshot 1.7. The state of release of 1.7 is technology preview. It is not intended for production use.

Release 1.8 (Hyperion)

Release Date: August 5th 2011
Major Focus: code cleanup, gradual rework of vital system components, user interface usability improvement
Release Notes: Release 1.8

Hyperion is built up on the previous Prometheus release. The code cleanup continued. There were large reworks in components that were no longer maintainable. The major changes include:

  • Provisioning refactoring. The legacy OpenIDMv1 provisioning code was dropped and re-created using a cleaner code structure.
    • New Unified Connector Framework (UCF) interface was introduced. This partially works around known problems of ICF. It is also a first step in ICF evolution.
  • IDM Model refactoring. Better expression handling and restructured the code for better maintainability.
  • XML repository. New repository implementation based on BaseX XML database engine.
  • Relational database repository is no longer maintained (reimplementation is planned in later releases).
  • Java interfaces. The WSDL-based interface definitions were switched to native Java interfaces (except for IDM Model web service)
  • Basic task manager. Basic architectural changes to support asynchronous tasks and multi-node operation are in place.
  • Logging improvements. Logging configuration is persistent and better supports troubleshooting of IDM deployments, including dynamic developer-grade logging.
  • Error reporting improvements. Errors are propagated all the way to the GUI with a reasonable (and nested) error messages.
  • Automatic initialization. Initial repository content is loaded on first start of the system.
  • Substantial testing improvement. Lots of new unit tests, integration tests and introduced sanity test. Selenium-based test framework with increasing number of automated test cases.

Release 1.9 (Cronus)

Release Date: October 21st 2011
Major Focus: product stabilization, basic password management, basic role management, clean up leftovers
Release Notes: Release 1.9

Cronus has improved many issues of the previous versions and introduced preview of new features:

  • Basic Role-Based Access Control (RBAC): Support for roles, account construction defined by the roles and simple role hierarchy. Beta quality.
  • Assignment: The concept of assignment, differentiation of what user should have and what he has. Beta quality.
  • Resource schema enhancements automatic resource schema generation, schema handling improvements, etc.
  • User activation/deactivation: disable user, enable user
  • Fix password management: Password management in previous versions was kind of a hack. Make a systemic solution.
  • Leftovers and minor improvements delete user reaction, import processes reliability, provisioning scripts
  • Improved testing: Add more automated tests: unit and selenium tests. Create system testing framework.
  • Troubleshooting: Object validation, logging improvement, better error messages

Release 1.10 (Phoebe)

Release Date: February 7th 2012
Major Focus: advanced RBAC, auditing, switch to pure relative changes, reconciliation
Release Notes: Release 1.10

Cronus has improved many issues of the previous versions and introduced preview of new features:

  • Relative changes: Provisioning model is fully based on relative changes (see Relativity)
  • Advanced RBAC: midPoint supports advanced and dynamic Role-based access control (RBAC) mechanism (see Advanced Hybrid RBAC)
    • Expressions in the roles
    • Hierarchical roles
    • Parametric roles (including ability to assign the same role several times with different parameters)
  • Reconciliation: scheduled task to compare actual and desired state of the accounts
  • Basic auditing: auditing implementation allow auditing changes to a (log) file
  • Testing and stabilization: Further testing and codebase stabilization

Release 2.0 (Rhea)

Release Date: June 20th 2012
Major Focus: RDB repository, new GUI, scripting, schema stabilization, production quality
Release Notes: Release 2.0

Rhea has brought production-quality to midPoint and also new features:

  • Identity repository in the relational database
  • Improved administration GUI
  • Groovy Expressions
  • ECMAScript (JavaScript) expressions
  • Protected Accounts
  • Basic Segregation of Duties (SoD): Role exclusions
  • Underlying platform based entirely on Prism Objects
  • Schema stabilization, move to "version 2" schemas, backward compatibility of the schema
  • PolyString support allows automatic conversion of strings in national alphabets
  • Custom schema extensibility
  • API cleanup
  • Further testing and codebase stabilization
  • Provisioning robustness and simple provisioning failures handling
  • Enterprise class scalability (hundreds of thousands of users)

Release 2.1 (Coeus)

Release Date: Dec 10th 2012
Major Focus: attribute mapping, password policies, provisioning dependencies and robustness features, organizational structure
Release Notes: Release 2.1

Coeus has brought new features:

  • Password policies
  • Auditing to SQL tables
  • Provisioning dependencies
  • Provisioning consistency
  • Remote connector discovery
  • Improved attribute mappings and expressions
  • Experimental workflow integration
  • Organizational structure
  • GUI improvements
  • Rule-based RBAC (RB-RBAC) ability by using conditional mappings in user template
  • Experimental JasperReports integration

Release 2.1.1 (Coeus Update 1)

Release Date: Mar 4th 2013
Major Focus: quality and stability improvements, minor features
Release Notes: Release 2.1.1

Coeus update 1 has brought mostly bugfixes, quality and stability improvements.

Release 2.2 (Crius)

Release Date: September 2013
Major Focus: attribute mapping, password policies, provisioning dependencies and robustness features, organizational structure
Release Notes: Release 2.2

Crius has brought new features:

  • Change to Apache License version 2.0
  • Workflow integration
  • Authorizations in GUI
  • Numerous activation enhancements
  • Expressions, mapping and RBAC enhancements
  • Matching rules
  • Major conceptual generalizations
  • Object template improvements
  • Enhancement of assignment enforcement modes
  • Improved resource dependencies
  • Improved synchronization
  • Performance and scalability improvements

Release 2.2.1 (Crius Update 1)

Release Date: Jan 28th 2014
Major Focus: quality and stability improvements, minor features
Release Notes: Release 2.2.1

Crius update 1 has brought mostly bugfixes, quality and stability improvements.

The Age of Enlightenment

MidPoint 3.0 is a turning point. It starts a new age in midPoint development. The "Newton" as we call it is introducing features that are quite unique in the identity management field. It goes beyond traditional identity management. This midPoint version joins together provisioning-based identity management (IDM), privileged identity management (PIM) and organizational structure management into a single, unified model. MidPoint development is no longer trying to match the competition. MidPoint versions from the age of enlightenment are leading the way to discoveries.

Release 3.0 (Newton)

Release Date: 1st June 2014
Major Focus: generic synchronization, entitlements, authorizations, GUI design, cleanup
Release Notes: Release 3.0

Newton has brought new features:

Release 3.1 (Sinan)

Release Date: 2nd February 2015
Major Focus: resorce wizard, usability features, GUI improvements, performance improvements, diagnostics and overall product quality
Release Notes: Release 3.1

Sinan has brought new features:

  • Resource wizard.
  • Improved role and organization user interface.
  • Improved entitlement GUI.
  • Notification support for roles and organizations.
  • Conditional roles and assignments/inducements.
  • Significant performance improvement.

Release 3.1.1 (Sinan Update 1)

Release Date: 24th April 2015
Major Focus: Lookup tables, user interface improvements, quality improvements
Release Notes: Release 3.1.1

Sinan has brought new features:

  • Python scripting
  • Support for enumerated property values
  • Support for value lookup tables
  • Role assignment constraints: minimum and maxim role assignees
  • Validation plug-in
  • Schema refinement by using object template
  • User interface improvements

Release 3.2 (Tycho)

Release Date: 5th August 2015
Major Focus: New advanced LDAP connector, internal improvements and governance technology preview.
Release Notes: Release 3.2

Tycho has brought new features:

  • Password recovery (security questions)
  • Access certification (technology preview)
  • Reworked LDAP connector
  • Provisioning enhacements (auxiliary object classes, native attribute names, etc.)
  • Asynchronous bulk delete task
  • Auditing improvements
  • User interface improvements

Release 3.3 (Lincoln)

Release Date: 1st December 2015
Major Focus: GUI look and feel, self-service, practical usability
Release Notes: Release 3.3

Lincoln has brought new features:

  • Significant GUI look&feel improvements
  • New self-service GUI pages
  • Sequences
  • LDAP-based connector for Active Directory (experimental)
  • Displaying role members on role details page
  • Expanded audit record table and reports
  • Improved localization
  • Numerous practical improvements in many components

Release 3.3.1 (Lincoln Update 1)

Release Date: 7th April 2016
Major Focus: AD over LDAP support, multi-domain AD support, minor improvements
Release Notes: Release 3.3.1

Lincoln Update 1 has brought new features:

  • AD over LDAP connector in production quality
  • Multi-domain AD support
  • Support for volatile resource attributes
  • Several matching rule improvements
  • Expression improvements

Release 3.4 (Heisenberg)

Release Date: 24th June 2016
Major Focus: Governance (access certification), major GUI improvements and customization improvements
Release Notes: Release 3.4

Heisenberg has brought new features:

  • Access certification (production quality)
  • Major GUI improvements
  • Support for overlay projects and deep customization
  • Service objects
  • Matching rules improvements
  • Full support for Java 8

Release 3.4.1 (Heisenberg Update 1)

Release Date: 13th September 2016
Major Focus: AD powershell support, minor features, bugfixes
Release Notes: Release 3.4.1

Heisenberg has brought new features:

  • Powershell (WinRM) support in AD/LDAP connector
  • Object templates can be specified for user, role, org and service subtypes.
  • Dynamic resolution of targetRef in assignment/inducement
  • Password history
  • Support for expression tracing for any individual expression

Java 7 support is deprecated.

Release 3.5 (Einstein)

Release Date: 21st December 2016
Major Focus: Governance features, self-registration, JSON/YAML
Release Notes: Release 3.5

Einstein has brought new features:

  • Governance features
    • Role catalog
    • Role request based on shopping cart
    • Deputy
    • Role lifecycle
    • Object history
  • Self-registration and email-based password reset
  • Support for JSON and YAML data representation

Java 7 is no longer supported.

Future Releases

Please see the Roadmap page for information about a long-term product development.

External links

  • No labels