Coeus

Release 2.1 is a sixth midPoint release code-named Coeus. This release brings new features, better stability and robustness. It is introducing new way of attribute mapping, password policies, provisioning dependencies and robustness features, organizational structure support and a lot of other features.

Release date: Dec 10 2012

Features

midPoint 2.1 provides following features:

Changes

When compared to the previous version, Coeus is introducing following changes:

Changes in the internals, minor improvements and quality assurance:

Quality

Release 2.1 (Coeus) is intended for full production use in enterprise environments. All features are stable and well tested.

Platforms

MidPoint is known to work well in the following deployment environment. The following list is list of tested platforms, i.e. platforms that midPoint team or reliable partners personally tested this release. The version numbers in parentheses are the actual version numbers used for the tests. However it is very likely that midPoint will also work in similar environments. Also note that this list is not closed. MidPoint can be supported in almost any reasonably recent platform (please contant Evolveum for more details).

Java

Web Containers

Databases

Unsupported Platforms

Following list contains platforms that midPoint is known not to work due to various issues. As these platforms are obsolete and/or marginal we have no plans to support midPoint for these platforms.

Download and Install

Release Form

Download

Install Instructions

Binary

http://evolveum.com/downloads/midpoint/2.1/midpoint.war

Installing midPoint from Binary Release - 2.1

Source

Subversion: https://svn.evolveum.com/midpoint/tags/midpoint-2.1/

Installing midPoint from Source Code Release - 2.1

Java API

http://evolveum.com/downloads/midpoint/2.1/midpoint-javadocs-2.1/ [ZIP]

 

XSD Docs

http://evolveum.com/downloads/midpoint/2.1/midpoint-xsddocs-2.1/ [ZIP]

 

Background and History

midPoint is roughly based on OpenIDM version 1. When compared to OpenIDM v1, midPoint code was made significantly "lighter" and provides much more sophisticated features. Although the architectural outline of OpenIDM v1 is still guiding the development of midPoint almost all the OpenIDM v1 code was rewritten. MidPoint is now based on relative changes and contains advanced identity management mechanisms such as advanced RBAC, provisioning consistency, etc.

For the full project background see the midPoint History page.

Known Issues

  1. Consistency mechanism fails to operate correctly in case new user is added (under some cirmustances) (https://jira.evolveum.com/browse/MID-1056)
  2. Strong mappings fail in presence of replace deltas for mapping targets (https://jira.evolveum.com/browse/MID-1067)
  3. Weak mappings are not processes correctly in modify situations (https://jira.evolveum.com/browse/MID-1068)
  4. Two consecutive modifications may produce strange results when resource is down (https://jira.evolveum.com/browse/MID-1054)

Change secret key in keystore

To generate new secret key (with different key size), you have to proceed through this steps:

  1. shudtown midpoint
  2. find JCEKS keystore in midpoint.home (by default it's keystore.jceks, but file name can be different)
  3. generate new key
    keytool -genseckey -alias <SOME_ALIAS> -keystore <KEYSTORE_FILENAME> -storetype jceks -keyalg AES -keysize <KEY_SIZE>
    Supported key sizes are: 128 (doesn't require JCE), 192 and 256 (JCE required)
  4. change configuration in config.xml in midpoint.home
    <encryptionKeyAlias>default</encryptionKeyAlias> change 'default' to <SOME_ALIAS>
  5. add/edit <xmlCipher></xmlCipher> in <keystore> element. You can use smaller cipher key size for encryption. For:
    AES_128 use "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
    AES_256 use "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
    AES_192 use "http://www.w3.org/2001/04/xmlenc#aes192-cbc"
    without quotation. This element is optional, if it doesn't exist AES_128 is used.
  6. From now every encryption operation uses new key, for decryption old key is used.

See Also