the official release 1.1.7 in the
1.1.X branch or is there a work around (even manual) that will allow me
to get my crypted ldap passwords (which remain working) to a persistence
store (mysql) password for a 1.1.7 syncope?
Best Regards,
Nik
process into our
current update procedures - I guess I will do some tests.
On 10/12/2013 11:19, Nik wrote:
Hi fellow syncopers,
Looking at the syncope wiki pages I have had a little question on my
mind for a while.
I was wondering how I can upgrade/uodate an embedded syncope IDM from
1.1.2
direct
e:
WEB-INF/classes/persistence.properties
WEB-INF/classes/security.properties
etc
f) do a backup as per [2]
g) zip up the deployed syncope IDM into 2 new wars (syncope.war &
syncope-console.war)for safety.
OR
Is there a better/simpler way?
Best Regards,
Nik
[1]
https://cwiki.apache.org/
ns)?
Hi Nik,
something similar was recently discussed [1] and I think it is
worth being added to [2]: any volonteer?
Regards.
[1] http://markmail.org/message/gbkg5m6mm2cmfel3
[2] https://cwiki.apache.org/confluence/display/SYNCOPE/FAQ
Hi Francesco,
This appears to be the issue.
Let me
On 10/08/2013 04:44 PM, Nik wrote:
On 10/08/2013 04:02 PM, Francesco Chicchiriccò wrote:
On 08/10/2013 15:56, Nik wrote:
Hi Guys,
I have been testing 1.1.2 against a production system of ours with
approx 2160 users in an ldap repository.
It works well. But when I execute a reconciliation
On 10/08/2013 04:02 PM, Francesco Chicchiriccò wrote:
On 08/10/2013 15:56, Nik wrote:
Hi Guys,
I have been testing 1.1.2 against a production system of ours with
approx 2160 users in an ldap repository.
It works well. But when I execute a reconciliation task I hit some
issues even although
nceException: The transaction has
been rolled back. See the nested exceptions for details on the errors
that occurred.
FailedObject: org.apache.syncope.core.persistence.beans.TaskExec@3455d699
My question is, is this a bug (if yes, maybe it is already fixed in
later versions)?
rgds,
Nik
4)
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:194)
at
org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:323)
... 59 more
Any help would be appreciated.
rgds,
Nik
onsidered by dev as a useful RFE?
or
- is this impossible, forget it?
today we can do:
[nik@anvil uforge-syncope]$ curl -u admin:password -H "Content-Type:
application/xml" -X GET
http://10.0.0.183:9090/syncope/rest/schema/{role}/read/{resourceEntitlement}
|
Thanks for replying Francesco.
It is clear now.
rgds,
Nik
On 25/06/2013 10:26, Nik wrote:
Hi Guys,
Doc [1] states that the /rest (json mode) interface will be removed
after 1.2.0. Does this mean we will be
stuck with only the very human unreadble xml output form, or will
there be an
, examples as
described in [2], in addition to pleasing
xml lovers?
rgds,
Nik
[nik@anvil conf]$ curl -u admin:password -H "Content-Type:
application/xml" -X GET http://10.0.0.183:9090/syncope/cxf/configurations
createRequest.allowed
true
notificationjob.cron
can
prove this already with my tests, but I would like to be sure of it from
you)
rgds,
Nik
Il 24/06/2013 12:18, Nik ha scritto:
oops, I meant to say:
Is it possible to get the resource assignment on the user reconn in
step [1] without having to go through step [3]?
You can create a "
oops, I meant to say:
Is it possible to get the resource assignment on the user reconn in step
[1] without having to go through step [3]?
rgds,
Nik
1. by a direct resource assignment
2. by an indirect resource assignment (by role I mean)
So, you have two link with the resource
Thanks
On 06/24/2013 11:05 AM, Fabio Martelli wrote:
Il 24/06/2013 10:46, Nik ha scritto:
This seems strange to me, Fabio,
Are you saying when we remove the last role assignment on a user.
The user will be deleted! Why?
It will be removed from the EXTERNAL resource when the last link
(directly
This seems strange to me, Fabio,
Are you saying when we remove the last role assignment on a user. The
user will be deleted! Why?
It will be removed from the EXTERNAL resource when the last link
(directly or indirectly) with this resource will be removed.
Regards,
F.
rgds,
Nik
Hi
regards,
F.
So now I'm confused Fabio ;-)
1) I assign a role to a user
2) I remove the role from the user by membership
3) the user is not deprovisioned on ldap or syncope (as I would expect
and want)
(the capability one phase delete is ENABLED on the resource)
Am I missing your point?
rgds
isable any
de-provisioning operation you can uncheck delete capability on your
connector configuration instance.
This seems strange to me, Fabio,
Are you saying when we remove the last role assignment on a user. The
user will be deleted! Why?
rgds,
Nik
Thanks for the feed back Fabio.
I like your suggestions and ideas (of course) ;-)
rgds,
Nik
Il 12/06/2013 10:45, Nik ha scritto:
Cheers Fabio,
I have not enabled "synchronization" (by using my ldap changelog)
because I believed reconciliation took care of making ALL changes
from
and those after, the full recon, which don't show these
links anymore as valid and then remove these entries from the syncope db.
rgds,
Nik
Il 11/06/2013 17:47, Nik ha scritto:
Hi Guys,
I have recently seen a comment on this alias that reconciliation
doesn't take care of deletio
gless,
since
the syncope and ldap remain synchronized.
rgds,
Nik
Cheers Fabio.
All your advice makes sense and I will follow for subsequent issues if
and when they arise!
& yes today I'm lucky (thanks again to Francesco, for the back port of
Revision 1485957 to the
1_1_X/2 branch(es), it was the only thing I was trying to achieve)
regards,
Nik
onfig, pom, files etc do get integrated fine) but
maybe this is not what to do when dealing with actual code.
I have a repo with the trunk code up to date (source for my fix)!
[nik@anvil syncope_trunk]$ svn info
Path: .
Working Copy Root Path: /home/nik/UShareSoft/WKS/syncope_trunk
URL:
Well I agree :-)
Sometimes we only see what our brain thinks we see :-)
still when it works I see a light ;-)
Nik (not a Maven at all)
On 07/06/2013 15:23, Nik wrote:
and finally... maven makes a bit more sense than 10 mins ago:
Oooh, we are lucky that Maven only requires 3 coordinates
ditto ;-)
On 07/06/2013 15:14, Nik wrote:
Hehe Francesco :-) I understand and I did this earlier, aswell:
[...]
:
[INFO] Configured Artifact:
org.connid.bundles.db:org.connid.bundles.db.table:2.5.1:jar
Downloading:
https://repository.apache.org/content/repositories/snapshots/org/connid
and finally... maven makes a bit more sense than 10 mins ago:
Thanks guys:
[INFO] Assembling webapp [console] in
[/home/nik/UShareSoft/WKS/syncopeOnGlassfish/syncope-archetype/console/target/syncope-console]
[INFO] Processing war project
[INFO] Copying webapp resources
[/home/nik/UShareSoft
aven2/org/connid/bundles/db/org.connid.bundles.db.table/2.5.1/org.connid.bundles.db.table-2.5.1.jar
http://repo.maven.apache.org/maven2/org/connid/bundles/db/org.connid.bundles.db.table/2.1.5/org.connid.bundles.db.table-2.1.5.jar
Hehe Francesco :-) I understand and I did this earlier, aswell:
VIZ:
Hehe Francesco :-) I understand and I did this earlier, aswell:
VIZ:
[nik@anvil syncope-archetype]$ diff ./core/pom.xml ./core/core_pom_ori.xml
110,114d109
<
< org.connid.bundles.db
< org.connid.bundles.db.table
< test
<
But I arrive back to the starting point. I don't get my db connector jar :-(
[nik@anvil syncope-archetype]$ find . -name
org.connid.bundles.db.table-2.1.5.jar
[nik@anvil syncope-archetype]$ ls -lrt /opt/syncope/bundles/
total 4924
-rw-rw-r--. 1 nik nik 3320691 Jun 7
On 06/07/2013 12:52 PM, Francesco Chicchiriccò wrote:
On 07/06/2013 12:49, Nik wrote:
Thanks Andrea,
Updating both the parent and core poms as you advise (and also doing
the same for the console pom, just in case!).
gives the following:
[nik@anvil syncope-archetype]$ rm -rf ~/.m2
[nik@anvil
Thanks Andrea,
Updating both the parent and core poms as you advise (and also doing the
same for the console pom, just in case!).
gives the following:
[nik@anvil syncope-archetype]$ rm -rf ~/.m2
[nik@anvil syncope-archetype]$ mvn clean package
-Dbundles.directory=/opt/syncope/bundles
Hi Anrea,
Thanks for getting back to me.
Trying your suggestion gives:
[nik@anvil syncope-archetype]$ diff pom.xml gen_pom_ori.xml
31,32d30
< 2.1.5
< org.connid.bundles.db.table
84,89d81
<
< org.connid.bundles.db
< org.connid.bundles.db.table
< ${connid.db.table.ver
).
Anyway, we have other rather "messy" options to package software for our
use, for the moment, things may change in
the long term.
Thanks for the advice in any case.
rgds,
Nik
Sorry Nik,
but this is a tipical architectural question and the right answer
would be possible only if we wer
So here is my real question Massi. This is what I really want.
When I generate syncope-core how can I do it so the deafult
connectors are part of the syncope-core.war? The goal is to
help me do a package install and deploy from less bits.
Nik
;)
On 05/06/2013 13:39, Nik wrote:
I'm havi
ar) @ core ---
[INFO] Packaging webapp
[INFO] Assembling webapp [core] in
[/home/nik/UShareSoft/WKS/syncopeOnGlassfish/syncope-archetype/core/target/syncope]
[INFO] Processing war project
[INFO] Copying webapp resources
[/home/nik/UShareSoft/WKS/syncopeOnGlassfish/syncope-archetype/core/src
are skipped.
[INFO]
[INFO] --- maven-war-plugin:2.1.1:war (default-war) @ core ---
[INFO] Packaging webapp
[INFO] Assembling webapp [core] in
[/home/nik/UShareSoft/WKS/syncopeOnGlassfish/syncope-archetype/core/target/syncope]
[INFO] Processing war project
[INFO] Copying webapp resources
[/home
org.connid.bundles.ldap
1.2.6
org.connid.bundles.soap
0.7
org.connid.bundles.csvdir
rgds,
Nik
Hi Massi,
That's what I thought, looking at the mvn output, but when I looked
for it, I found nothing:
[nik@anvil syncope-archetype]$ find . -name
org.connid.bundles.soap-1.2.6.jar
[nik@anvil syncope-arch
Hi Massi,
That's what I thought, looking at the mvn output, but when I looked for
it, I found nothing:
[nik@anvil syncope-archetype]$ find . -name
org.connid.bundles.soap-1.2.6.jar
[nik@anvil syncope-archetype]$
Searching for any soap jar; I'm guessing the connector is not the
ROR]
[ERROR] After correcting the problems, you can resume the build with the
command
[ERROR] mvn -rf :core
[nik@anvil syncope-archetype]$
It is obviously not finding a repo to get the specified connector(s)
from the pom. How can I resolve this issue so it can find the connector? Or
rather
Hi German, I don't know much about the syncope rest api works in any
detail but why dont you increase the log level tracing of
org.apache.syncope.common to "ALL" and/or perhaps
org.apache.syncope.core.rest aswell?
rgds,
Nik
On 06/04/2013 05:00 PM, Francesco Chicchiriccò wrote:
Thanks Fabio.
rgds,
Nik
Il 03/06/2013 18:35, Nik ha scritto:
Hi Guys,
I searched the syncope wiki pages for "separation of duties" or
"segregation of duties" - it comes up blank.
I may be (incorrectly) guessing that syncope's built in Entitlements
may have somet
ription or blog on how to use and
develop these fully.
Best Regards,
Nik
false
owner
false
__ENABLE__
false
uforge_ldap
SUCCESS
uforge_ldap
false
false
false
false
false
false
3mento3
0
[
alues
- link it to an already existing an functioning ldap resource
- propagate the role to ldap
Here is what I have attempted to do unsuccessfully using tomcat env
(which seems to function better for RESTful action than glassfish at
present)
test 1)
[nik@anvil ~]$ curl -u admin:password -X POST
have attempted to do unsuccessfully using tomcat env
(which seems to function better for RESTful action than glassfish at
present)
test 1)
[nik@anvil ~]$ curl -u admin:password -X POST
http://localhost:9080/syncope/cxf/roles --data
"bambi6bambi6falseresourceEntitlementscanuforge_ldap
to an already existing an functioning ldap resource
- propagate the role to ldap
Here is what I have attempted to do unsuccessfully using tomcat env
(which seems to function better for RESTful action than glassfish at
present)
test 1)
[nik@anvil ~]$ curl -u admin:password -X POST
http
Thank you for the update Francesco.
rgds,
Nik
On 30/05/2013 10:04, Nik wrote:
That did the trick, thanks Massi.
The wars now launch sucessfully in glassfish.
Have you got an ETA on the non-workaround fix by any chance ;-)
See https://issues.apache.org/jira/browse/SYNCOPE-376
Regards
That did the trick, thanks Massi.
The wars now launch sucessfully in glassfish.
Have you got an ETA on the non-workaround fix by any chance ;-)
rgds,
Nik
On 28/05/2013 16:03, Nik wrote:
On 05/28/2013 03:42 PM, Francesco Chicchiriccò wrote:
On 28/05/2013 15:38, Nik wrote:
[...]
When I
On 05/28/2013 05:09 PM, Francesco Chicchiriccò wrote:
On 28/05/2013 17:02, Nik wrote:
What is the value of the 'quartz.sql' property in your
core/src/main/resources/persistence.properties?
quartz.sql=tables_mysql_innodb.sql
Ok: could you please:
1. drop and create again (or
What is the value of the 'quartz.sql' property in your
core/src/main/resources/persistence.properties?
quartz.sql=tables_mysql_innodb.sql
Ok: could you please:
1. drop and create again (or just make empty) your current MySQL database
2. download [1], save it under core/src/main/resources/qua
"TYPE=InnoDB" to "ENGINE=InnoDB" (or any relevant change
needed to make it work)
I wanted to do this several times over the past days, but how if there
is no main source path:
VIZ
[nik@anvil org.apache.syncope]$ find . -name tables_mysql.sql
/core/target/syncope/WE
any relevant change
needed to make it work)
I wanted to do this several times over the past days, but how if there
is no main source path:
VIZ
[nik@anvil org.apache.syncope]$ find . -name tables_mysql.sql
./core/target/syncope/WEB-INF/classes/quartz/tables_mysql.sql
./core/target/war/wor
One point.
I use a mysql jdb connector from our webservice component in glassfish
rather than adding yet another msyql connector jar.
It is mysql-connector-java-5.1.25.tar.gz, so I'm guessing this is not a
compatibility issue?
Nik
On 05/28/2013 04:22 PM, Francesco Chicchiriccò wrote:
On 05/28/2013 04:22 PM, Francesco Chicchiriccò wrote:
On 28/05/2013 16:18, Nik wrote:
Another thing I noticed:
When I configure the persistence properties to be innodb mysql.
The quartz tables do not get written in the target DB even when they
are present in the init sql
file:
[nik@anvil
Another thing I noticed:
When I configure the persistence properties to be innodb mysql.
The quartz tables do not get written in the target DB even when they are
present in the init sql
file:
[nik@anvil org.apache.syncope]$ grep -c QRTZ
./core/target/syncope/WEB-INF/classes/quartz
On 05/28/2013 03:42 PM, Francesco Chicchiriccò wrote:
On 28/05/2013 15:38, Nik wrote:
[...]
When I deploy and access the console
glassfish (GlassFish Server Open Source Edition 3.1.2 (build
23))throws :
2013-05-27 16:05:04.073+ (68) StandardWrapperValve[default]:
PWC1406
On 05/28/2013 10:36 AM, Francesco Chicchiriccò wrote:
On 27/05/2013 18:16, Nik wrote:
OkI found a problem.
It appears to be a problem coming from the repository.
It happens because there is a redirection in
https://repository.apache.org/content/repositories/snapshots/org/apache/syncope
pache.syncope.console.SyncopeSession.(SyncopeSession.java:99)
at
org.apache.syncope.console.SyncopeApplication.newSession(SyncopeApplication.java:182)
at
org.apache.wicket.Application.fetchCreateAndSetSession(Application.java:1557)
at org.apache.wicket.Session.get(Session.java:168)
[nik@anvi
ypeRepository =
http://repository.apache.org/content/repositories/snapshots
[DEBUG] (f) archetypeVersion = 1.2.0-SNAPSHOT
[DEBUG] (f) basedir = /home/nik/UShareSoft/WKS/syncopeOnGlassfish/test
[DEBUG] (f) interactiveMode = true
[DEBUG] (f) localRepository =id: local
url: file://
Hi Francesco,
Not sure ... I can only "successfully" build to level 1.1.1 using this
maven method on two very
different environments.
At work is a linux box with jdk 1.7:network is a high bandwith fibre-optic
[nik@anvil syncopeOnGlassfish]$ mvn -version
/usr/lib/jvm/java
Apache M
:
[nik@anvil snapshot120]$ mvn archetype:generate \
> -DarchetypeGroupId=org.apache.syncope \
> -DarchetypeArtifactId=syncope-archetype \
>
-DarchetypeRepository=http://repository.apache.org/content/repositories/snapshots
\
> -DarchetypeVersion=1.2.0-SNAPSHOT
/usr/lib/jvm/java
[INFO]
followingto the generated from 1) pom.xml
ASF
https://repository.apache.org/content/repositories/snapshots/
true
And that's it!
I'll try and let you know.
rgds,
Nik
Il 27/05/2013 09:58, Nik ha scritto:
Hi fellow idm-mers,
I'm following t
hing somewhere, because I
only get to 1.1.1
Any guidance to get the core and console at 1.1.2-SNAPSHOT or
1.2.0-SNAPSHOT will be much appreciated.
Best Regards,
Nik
[1]
https://cwiki.apache.org/confluence/display/SYNCOPE/Create+a+new+Syncope+project
[2]
https://repository.apache.org/content/r
or all the help given.
Best Regards,
Nik
Hi Nik,
as long as I understand from your e-mail below:
The first e-mail troubles were caused by a Synchronization Policy with
no alternative schemas set: I took anyway inspiration from that for
making such handling more robust (and avoid NPE!).
The second
lures]: 0/0
Users failed to create: CREATE FAILURE (id/name): null/null with message:
{[RequiredValuesMissing [userId]], [InvalidValues [userId: uid=nik,ou=people,o=usharesoft
- "uid=nik,ou=people,o=usharesoft" is not a valid email address]]}
CREATE FAILURE (id/name): null/nu
cool - thanks Fabio.
Nik
On 07/05/2013 14:04, Nik wrote:
Hi Fabio,
One further question I would like to ask wrt to this subject is.
How can I execute a db export from a CLI?
I have tried the following using syncope-standalone-1.1.1:
[nik@anvil apache-tomcat-7.0.39]$ curl -u admin:password
Hi Fabio,
One further question I would like to ask wrt to this subject is.
How can I execute a db export from a CLI?
I have tried the following using syncope-standalone-1.1.1:
[nik@anvil apache-tomcat-7.0.39]$ curl -u admin:password -H
"Content-Type: application/json" -X
Thanks Francesco.
You have given me something good to think about over the next few days.
rgds,
Nik
On 30/04/2013 15:46, Nik wrote:
Thanks for clarifying this.
It kinda leaves me stuck though.
I want to have RBAC for my app managed by syncope using REST.
I was assuming the AC part of RBAC
resource uforge_ldap
Please help me with my confusion here, if you see what I'm trying
to achieve (i'm sure this is due to my ignorance of IDM terminology)
rgds,
Nik
On 30/04/2013 14:00, Nik wrote:
Hi,
I'm trying to find a way to create/delete/update my own entitlement
na
ource code).
Is there a way to create/delete/update those available in content.xmlby
the syncope REST api?
e.g.
[nik@anvil openidm-project]$ curl -u admin:password -X POST
http://10.0.0.123:9080/syncope/cxf/roles --data
"Collaboratorgenerateupdatepublishmigratescanuforge_ldap&quo
.
Am I correct, in the conclusion?
rgds,
Nik
Some further info.
When I run the CLI
[nik@anvil syncope-1.1.0]$ curl -u admin:password -H “Content-Type:
application/json” -X GET
http://10.0.0.123:9080/syncope/cxf/tasks/sync/list
I see many NPE (see attachment for full details)like:
2013-04
This is excellent and concise Francesco.
I await your MS-AD blog post.
rgds,
Nik
On 22/04/2013 18:47, Nik wrote:
Fabio, Francesco,
I have it working as expected propagating from syncope to opendj.
This is great and I'm very happy. We will do some more investigation
with the REST ap
rganizationalPerson)(objectClass=inetOrgPerson))(cn=jeff4)(uid=*))"
attrs="cn,description,mail,postalAddress,sn,userPassword"
[22/Apr/2013:18:38:34 +0200] SEARCH RES conn=246 op=86 msgID=87 result=0
nentries=1 etime=1
[22/Apr/2013:18:38:34 +0200] MODIFY REQ conn=-1 op=1550 msg
) at least the add is going to the groups base.
[nik@nik-laptop OpenDJ]$ tailf logs/access
[22/Apr/2013:18:02:16 +0200] SEARCH REQ conn=244 op=259 msgID=260
base="" scope=baseObject filter="(objectClass=*)" attrs="subschemaSubentry"
[22/Apr/2013:18:02:16 +0200] SEAR
ovisioning.
You have to remove ldapGroups items from Rolle Mapping.
Ok will do.
rgds,
Nik
Thanks for the extra info Francesco,
I will try your approach after I succeed to do the way Fabio suggest or
rather if I cannot get it to work.
rgds,
Nik
In this approach suggested by Fabio you are directly dealing with the
internal mechanism provided by the ConnId LDAP connector
of this?
rgds,
Nik
On 18/04/2013 10:40, Nik wrote:
Hi Guys,
Call me a twit, if I missed something, obvious ;-)
Hi Nik,
first of all, you are right, what you have found below is true:
in-memory H2 lasts until Tomcat is running.
There has recently been a discussion around this [1], that should
a demo distro that stores data in H2 ram memory
without syncing it to some sort of persistent storage? Can you please
help me with this as I'm re-doing all my work of the last 3 days
now from scratch :-( and would not like to have it disappear if I clear
my volatile memory.
rgds,
Nik
it, it could be a 3 step work flow a) create role(s) and
b) assign role(s) to user(s)
c) send to ldap.
I tried to follow the doc but got lost with inputting the "virtual
value" for an rvirtualdata. Any tips, clarifications, syncope roles
specific blogs or RTFM
rgds,
Nik
78 matches
Mail list logo