[jira] [Resolved] (SYNCOPE-1826) Search fails if search condition contains four digits at the end of the value
[ https://issues.apache.org/jira/browse/SYNCOPE-1826?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1826. Resolution: Resolved > Search fails if search condition contains four digits at the end of the value > - > > Key: SYNCOPE-1826 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1826 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.8 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.9, 4.0.0 > > > Suppose to create a user, group or any object with username/name or any other > attribute with value like "sh test app 0722" (ending with four digits). Then > search for that user with the specific search condition: search is not going > to return any result. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SYNCOPE-1826) Search fails if search condition contains four digits at the end of the value
[ https://issues.apache.org/jira/browse/SYNCOPE-1826?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli updated SYNCOPE-1826: --- Description: Suppose to create a user, group or any object with username/name or any other attribute with value like "sh test app 0722" (ending with four digits). Then search for that user with the specific search condition: search is not going to return any result. was: Suppose to create a user, group or any object with username/name or any other attribute with value like "sh test app 0722" (ending with four digits). Then search for that user with the specific search condition. Search is not going to return any result. > Search fails if search condition contains four digits at the end of the value > - > > Key: SYNCOPE-1826 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1826 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.8 >Reporter: Andrea Patricelli >Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.9, 4.0.0 > > > Suppose to create a user, group or any object with username/name or any other > attribute with value like "sh test app 0722" (ending with four digits). Then > search for that user with the specific search condition: search is not going > to return any result. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1826) Search fails if search condition contains four digits at the end of the value
Andrea Patricelli created SYNCOPE-1826: -- Summary: Search fails if search condition contains four digits at the end of the value Key: SYNCOPE-1826 URL: https://issues.apache.org/jira/browse/SYNCOPE-1826 Project: Syncope Issue Type: Bug Components: core Affects Versions: 3.0.8 Reporter: Andrea Patricelli Assignee: Andrea Patricelli Fix For: 3.0.9, 4.0.0 Suppose to create a user, group or any object with username/name or any other attribute with value like "sh test app 0722" (ending with four digits). Then search for that user with the specific search condition. Search is not going to return any result. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [DISCUSS] Removal of non-JSON JPA support in 4.0
Hi all, no issues on my side. Best regards, Andrea On 02/08/24 14:47, Francesco Chicchiriccò wrote: Hi all, now that MariaDB has received its JSON flavor [1], I would like to discuss the possibility to simplify the 4.0 codebase by removing support for non-JSON JPA flavors. Historically, JPA support was provided since the beginning under core/persistence-jpa. At a certain point, some way to leverage the possibility to manipulate JSON strings for user, group and any object attributes was introduced for PostgreSQL first, then MySQL, Oracle and finally MariaDB. The purpose: higher throughput and lower search operation roundtrips. Such "flavors" were implemented under core/persistence-jpa-json. It's been quite some time, however, that all new deployments have been starting directly with one of JSON flavors rather than with their non-JSON, original, counterparts. Hence, I am proposing to keep, for 4.0, only such JSON flavors. Removing the non-JSON flavors will result in simplified code, easier to maintain. One side issue of such a proposal is that Syncope 4.0 will not be able to run on H2 any more. H2 is currently used for several unit tests, integration test profiles, standalone and even in the embedded profile for archetype. To solve this, I've been experimenting with embedded PostgreSQL [2], a nice AL-2.0 project which provides support to run a PostgreSQL instance, without Docker, on all major platforms including GNU / Linux, Mac OS and Windows. I must say it works quite well: I was able to remove H2 from everywhere relevant (hence, I've left it there for fir/build-tools): I think I should be ready to open a PR against master shortly. Incidentally, such work allowed me to discover an issue [3] that I've already fixed for Syncope 3.0. Do you see any relevant reason to keep non-JSON JPA flavors in Syncope 4.0, or any relevant issue in removing H2? Regards. [1] https://issues.apache.org/jira/browse/SYNCOPE-1662 [2] https://github.com/zonkyio/embedded-postgres [3] https://issues.apache.org/jira/browse/SYNCOPE-1825 -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Resolved] (SYNCOPE-1824) Password policies are not always enforced on linked account password while updating account
[ https://issues.apache.org/jira/browse/SYNCOPE-1824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1824. Resolution: Resolved > Password policies are not always enforced on linked account password while > updating account > --- > > Key: SYNCOPE-1824 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1824 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.8 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.9, 4.0.0 > > > Given a user with one or more linked accounts associated, update one or more > linked account passwords only, without changing the user password. > Password policies are not enforced and even not compliant password are going > to be accepted, resulting in further errors while updating the user password. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (SYNCOPE-1824) Password policies are not always enforced on linked account password while updating account
[ https://issues.apache.org/jira/browse/SYNCOPE-1824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli reassigned SYNCOPE-1824: -- Assignee: Andrea Patricelli > Password policies are not always enforced on linked account password while > updating account > --- > > Key: SYNCOPE-1824 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1824 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.8 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.9, 4.0.0 > > > Given a user with one or more linked accounts associated, update one or more > linked account passwords only, without changing the user password. > Password policies are not enforced and even not compliant password are going > to be accepted, resulting in further errors while updating the user password. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1824) Password policies are not always enforced on linked account password while updating account
Andrea Patricelli created SYNCOPE-1824: -- Summary: Password policies are not always enforced on linked account password while updating account Key: SYNCOPE-1824 URL: https://issues.apache.org/jira/browse/SYNCOPE-1824 Project: Syncope Issue Type: Bug Components: core Affects Versions: 3.0.8 Reporter: Andrea Patricelli Fix For: 3.0.9, 4.0.0 Given a user with one or more linked accounts associated, update one or more linked account passwords only, without changing the user password. Password policies are not enforced and even not compliant password are going to be accepted, resulting in further errors while updating the user password. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [VOTE] Apache Syncope 3.0.7 2nd attempt
+1. Best regards, Andrea On 20/05/24 09:15, Francesco Chicchiriccò wrote: I've created a 3.0.7 release, with the following artifacts up for a vote: GIT source tag (f0a9c658c7): https://github.com/apache/syncope/releases/tag/syncope-3.0.7 List of changes: https://github.com/apache/syncope/blob/syncope-3.0.7/CHANGES Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.7/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1088/ Staging site: https://syncope.apache.org/3.0.7/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [VOTE] Apache Syncope 3.0.7
+1. Best regards, Andrea On 17/05/24 10:56, Francesco Chicchiriccò wrote: I've created a 3.0.7 release, with the following artifacts up for a vote: GIT source tag (c105692b25): https://github.com/apache/syncope/releases/tag/syncope-3.0.7 List of changes: https://github.com/apache/syncope/blob/syncope-3.0.7/CHANGES Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.7/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1087/ Staging site: https://syncope.apache.org/3.0.7/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Created] (SYNCOPE-1819) API search of any objects by name returns wrong empty result
Andrea Patricelli created SYNCOPE-1819:
--
Summary: API search of any objects by name returns wrong empty
result
Key: SYNCOPE-1819
URL: https://issues.apache.org/jira/browse/SYNCOPE-1819
Project: Syncope
Issue Type: Bug
Components: core
Affects Versions: 3.0.6
Reporter: Andrea Patricelli
Fix For: 3.0.7, 4.0.0
Searching any objects by name like this in the playground environment
{code:java}
curl -X 'GET' \
'https://syncope-vm2.apache.org/syncope/rest/anyObjects/Canon%20MF%208030cn' \
-H 'accept: */*' \
-H 'X-Syncope-Domain: Master' \
-H 'Authorization: Basic YWRtaW46cGFzc3dvcmQ='{code}
returns bad 404 result instead of the any object with name "Canon MF 8030cn".
Search by key still works and the same issue happens on Json persistence.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Resolved] (SYNCOPE-1818) Wrong status value propagated to external resources if changed while pulling
[
https://issues.apache.org/jira/browse/SYNCOPE-1818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Patricelli resolved SYNCOPE-1818.
Resolution: Resolved
> Wrong status value propagated to external resources if changed while pulling
>
>
> Key: SYNCOPE-1818
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1818
> Project: Syncope
> Issue Type: Bug
> Components: core
>Affects Versions: 3.0.6
> Reporter: Andrea Patricelli
> Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 3.0.7, 4.0.0
>
>
> In some specific cases the status of an user on an external resource could
> change remotely. If, simultaneously, some other attribute is changed and a
> propagation is fired the wrong status is propagated on the external resources.
> For example, if an active (on syncope) user on resource-pull changes its
> surname, email and status (set to disabled) and a pull is fired, a
> propagation on some target resources occurs, depending on email and/or
> surname mapping. Propagation status is wrong, for example if pulled
> "disabled" the user is propagated active, i.e. {{__ENABLE__}} attribute is
> set to {{false}}.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Assigned] (SYNCOPE-1818) Wrong status value propagated to external resources if changed while pulling
[ https://issues.apache.org/jira/browse/SYNCOPE-1818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli reassigned SYNCOPE-1818: -- Assignee: Andrea Patricelli > Wrong status value propagated to external resources if changed while pulling > > > Key: SYNCOPE-1818 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1818 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.6 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.7, 4.0.0 > > > In some specific cases the status of an user on an external resource could > change remotely. If, simultaneously, some other attribute is changed and a > propagation is fired the wrong status is propagated on the external resources. > For example, if an active (on syncope) user on resource-pull changes its > surname, email and status (set to disabled) and a pull is fired, a > propagation on some target resources occurs, depending on email and/or > surname mapping. Propagation status is wrong, for example if pulled > "disabled" the user is propagated active, i.e. `__ENABLE__` attribute is set > to `false`. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1818) Wrong status value propagated to external resources if changed while pulling
Andrea Patricelli created SYNCOPE-1818: -- Summary: Wrong status value propagated to external resources if changed while pulling Key: SYNCOPE-1818 URL: https://issues.apache.org/jira/browse/SYNCOPE-1818 Project: Syncope Issue Type: Bug Components: core Affects Versions: 3.0.6 Reporter: Andrea Patricelli Fix For: 3.0.7, 4.0.0 In some specific cases the status of an user on an external resource could change remotely. If, simultaneously, some other attribute is changed and a propagation is fired the wrong status is propagated on the external resources. For example, if an active (on syncope) user on resource-pull changes its surname, email and status (set to disabled) and a pull is fired, a propagation on some target resources occurs, depending on email and/or surname mapping. Propagation status is wrong, for example if pulled "disabled" the user is propagated active, i.e. `__ENABLE__` attribute is set to `false`. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1813) Wrong provisioning result shown after batch operation
Andrea Patricelli created SYNCOPE-1813: -- Summary: Wrong provisioning result shown after batch operation Key: SYNCOPE-1813 URL: https://issues.apache.org/jira/browse/SYNCOPE-1813 Project: Syncope Issue Type: Bug Components: console Affects Versions: 3.0.6 Reporter: Andrea Patricelli Fix For: 3.0.7, 4.0.0 # Login in console as admin # Click on user and then manage resources # Select two or more resources which should go into different propagation outcomes and then click on the gear to execute a batch operation. E.g. if you run in embedded mode use ws-target-resource-nopropagation2 and resource-testdb # Run provision and you'll see the result window with wrong outcome order: result should be resource-testdb -> FAILURE and ws-target-resource-nopropagation2 -> NOT_ATTEMPTED. It's the opposite, instead. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (SYNCOPE-1809) Cleanup of uid-on-create attribute on resource unassignment
[ https://issues.apache.org/jira/browse/SYNCOPE-1809?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1809. Resolution: Resolved > Cleanup of uid-on-create attribute on resource unassignment > --- > > Key: SYNCOPE-1809 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1809 > Project: Syncope > Issue Type: Improvement > Components: core >Affects Versions: 3.0.6 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.7, 4.0.0 > > > Suppose to have an external resource that generates ids on its side and you > should set for a specific mapping the "Schema to hold values for identifiers > generated upon Create by the external Identity Store" with a specific plain > attribute name, i.e. "uid on create". > When that resource is unassigned from the user, group or any object, that > attribute value should be cleared to guarantee consistency in future > assignments of the same resource and to cleanup all info related to the > removed resource. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1809) Cleanup of uid-on-create attribute on resource unassignment
Andrea Patricelli created SYNCOPE-1809: -- Summary: Cleanup of uid-on-create attribute on resource unassignment Key: SYNCOPE-1809 URL: https://issues.apache.org/jira/browse/SYNCOPE-1809 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 3.0.6 Reporter: Andrea Patricelli Assignee: Andrea Patricelli Fix For: 3.0.7, 4.0.0 Suppose to have an external resource that generates ids on its side and you should set for a specific mapping the "Schema to hold values for identifiers generated upon Create by the external Identity Store" with a specific plain attribute name, i.e. "uid on create". When that resource is unassigned from the user, group or any object, that attribute value should be cleared to guarantee consistency in future assignments of the same resource and to cleanup all info related to the removed resource. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (SYNCOPE-1782) Upgrade to AdminLTE v4
[ https://issues.apache.org/jira/browse/SYNCOPE-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1782. Resolution: Resolved > Upgrade to AdminLTE v4 > -- > > Key: SYNCOPE-1782 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1782 > Project: Syncope > Issue Type: Task > Components: console, enduser >Reporter: Francesco Chicchiriccò > Assignee: Andrea Patricelli >Priority: Major > Fix For: 4.0.0 > > > AdminLTE is currently used in its v3 version, based on Bootstrap 4. > Wicket components are instead working with Bootstrap 5, hence a few glitches > can be seen (modal windows do not close correctly, drop downs not showing...). > AdminLTE v4 (not yet released at present) will be instead based on Bootstrap > 5 so this will align everything - see https://github.com/ColorlibHQ/AdminLTE -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (SYNCOPE-1782) Upgrade to AdminLTE v4
[ https://issues.apache.org/jira/browse/SYNCOPE-1782?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli reassigned SYNCOPE-1782: -- Assignee: Andrea Patricelli > Upgrade to AdminLTE v4 > -- > > Key: SYNCOPE-1782 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1782 > Project: Syncope > Issue Type: Task > Components: console, enduser >Reporter: Francesco Chicchiriccò > Assignee: Andrea Patricelli >Priority: Major > Fix For: 4.0.0 > > > AdminLTE is currently used in its v3 version, based on Bootstrap 4. > Wicket components are instead working with Bootstrap 5, hence a few glitches > can be seen (modal windows do not close correctly, drop downs not showing...). > AdminLTE v4 (not yet released at present) will be instead based on Bootstrap > 5 so this will align everything - see https://github.com/ColorlibHQ/AdminLTE -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [VOTE] Apache Syncope 3.0.6
+1. Best regards and merry Christmas everybody, Andrea On 22/12/23 10:52, Francesco Chicchiriccò wrote: I've created a 3.0.6 release, with the following artifacts up for a vote: GIT source tag (f9912ceea5): https://github.com/apache/syncope/releases/tag/syncope-3.0.6 List of changes: https://github.com/apache/syncope/blob/syncope-3.0.6/CHANGES Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.6/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1086/ Staging site: https://syncope.apache.org/3.0.6/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Created] (SYNCOPE-1792) Error in console while editing conf parameter with values containing numbers
Andrea Patricelli created SYNCOPE-1792: -- Summary: Error in console while editing conf parameter with values containing numbers Key: SYNCOPE-1792 URL: https://issues.apache.org/jira/browse/SYNCOPE-1792 Project: Syncope Issue Type: Bug Components: console Affects Versions: 3.0.5 Reporter: Andrea Patricelli Fix For: 3.0.6, 4.0.0 Create a new multivalue configuration parameter with type String and values some UUIDs or simple numbers like 1,2,3, etc. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (SYNCOPE-1779) Missing support for underscore in queries
[ https://issues.apache.org/jira/browse/SYNCOPE-1779?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1779. Resolution: Resolved > Missing support for underscore in queries > - > > Key: SYNCOPE-1779 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1779 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.5 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.6, 4.0.0 > > > Supposing to have 2 users respectively with username "test_user" and > "testUser", queries like "test_*" return both. The same issue happens with > search by plain attributes. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (SYNCOPE-1779) Missing support for underscore in queries
[ https://issues.apache.org/jira/browse/SYNCOPE-1779?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli reassigned SYNCOPE-1779: -- Assignee: Andrea Patricelli > Missing support for underscore in queries > - > > Key: SYNCOPE-1779 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1779 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.5 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.6, 4.0.0 > > > Supposing to have 2 users respectively with username "test_user" and > "testUser", queries like "test_*" return both. The same issue happens with > search by plain attributes. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1779) Missing support for underscore in queries
Andrea Patricelli created SYNCOPE-1779: -- Summary: Missing support for underscore in queries Key: SYNCOPE-1779 URL: https://issues.apache.org/jira/browse/SYNCOPE-1779 Project: Syncope Issue Type: Bug Components: core Affects Versions: 3.0.5 Reporter: Andrea Patricelli Fix For: 3.0.6, 4.0.0 Supposing to have 2 users respectively with username "test_user" and "testUser", queries like "test_*" return both. The same issue happens with search by plain attributes. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [VOTE] Apache Syncope 3.0.5
+1 for me. Best regards, Andrea On 29/09/23 17:06, Francesco Chicchiriccò wrote: I've created a 3.0.5 release, with the following artifacts up for a vote: GIT source tag (3d845010d1): https://github.com/apache/syncope/releases/tag/syncope-3.0.5 List of changes: https://github.com/apache/syncope/blob/syncope-3.0.5/CHANGES Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.5/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1084/ Staging site: https://syncope.apache.org/3.0.5/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Updated] (SYNCOPE-1774) Admin console does not recognize parameter type
[ https://issues.apache.org/jira/browse/SYNCOPE-1774?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli updated SYNCOPE-1774: --- Affects Version/s: 4.0.0 > Admin console does not recognize parameter type > --- > > Key: SYNCOPE-1774 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1774 > Project: Syncope > Issue Type: Bug > Components: console >Affects Versions: 3.0.4, 4.0.0 > Reporter: Andrea Patricelli >Priority: Minor > Fix For: 3.0.5 > > > # Login as admin in console > # Add or edit a new Long configuration parameter and save. > # Re-open in edit the parameter and you'll find that the type is String > instead of Long and the text area is showed as text and not numeric. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1774) Admin console does not recognize parameter type
Andrea Patricelli created SYNCOPE-1774: -- Summary: Admin console does not recognize parameter type Key: SYNCOPE-1774 URL: https://issues.apache.org/jira/browse/SYNCOPE-1774 Project: Syncope Issue Type: Bug Components: console Affects Versions: 3.0.4 Reporter: Andrea Patricelli Fix For: 3.0.5 # Login as admin in console # Add or edit a new Long configuration parameter and save. # Re-open in edit the parameter and you'll find that the type is String instead of Long and the text area is showed as text and not numeric. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [VOTE] Apache Syncope 3.0.4
+1. Best regards, Andrea Il ven 7 lug 2023, 10:11 Francesco Chicchiriccò ha scritto: > I've created a 3.0.4 release, with the following artifacts up for a vote: > > GIT source tag (eff73b0772): > https://github.com/apache/syncope/releases/tag/syncope-3.0.4 > > List of changes: > https://github.com/apache/syncope/blob/syncope-3.0.4/CHANGES > > Staging artifacts: > https://dist.apache.org/repos/dist/dev/syncope/3.0.4/ > > Maven staging repo: > https://repository.apache.org/content/repositories/orgapachesyncope-1083/ > > Staging site: > https://syncope.apache.org/3.0.4/index.html > > PGP release keys (signed using 273DF287): > http://www.apache.org/dist/syncope/KEYS > > Vote will be open for 72 hours. > > [ ] +1 approve > [ ] +0 no opinion > [ ] -1 disapprove (and reason why) > > Here's my +1 > Regards. > > -- > Francesco Chicchiriccò > > Tirasa - Open Source Excellence > http://www.tirasa.net/ > > Member at The Apache Software Foundation > Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail > http://home.apache.org/~ilgrosso/ > >
[jira] [Created] (SYNCOPE-1764) Connector capabilities and/or configuration are not updated in cluster environments
Andrea Patricelli created SYNCOPE-1764: -- Summary: Connector capabilities and/or configuration are not updated in cluster environments Key: SYNCOPE-1764 URL: https://issues.apache.org/jira/browse/SYNCOPE-1764 Project: Syncope Issue Type: Bug Components: core Affects Versions: 3.0.3 Environment: Cluster environment with at least 2 core instances sharing the same persistence through OpenJPA remote commit provider Reporter: Andrea Patricelli Fix For: 3.0.4, 4.0.0 # Login as admin in console # Update connector capabilities or configuration, e.g. add CREATE and UPDATE capabilities # This change is reflected on persistence on all core instances, but is not taken into account because of some in-memory outdated information -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [VOTE] Apache Syncope 2.1.14
+1. Best regards, Andrea On 05/05/23 16:29, Francesco Chicchiriccò wrote: I've created a 2.1.14 release, with the following artifacts up for a vote: Please note that GIT links are not from gitbox.apache.org as usual, but from GitHub mirror due to current incident https://status.apache.org/incidents/y1t4w1bx0bc9 GIT source tag (2bc40ed425): https://github.com/apache/syncope/releases/tag/syncope-2.1.14 List of changes: https://github.com/apache/syncope/blob/syncope-2.1.14/CHANGES Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/2.1.14/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1082/ Staging site (not a typo, it is the same as for 3.0.3 being under vote): https://syncope.apache.org/3.0.3/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [VOTE] Apache Syncope 3.0.3
+1. Best regards, Andrea On 05/05/23 11:22, Francesco Chicchiriccò wrote: I've created a 3.0.3 release, with the following artifacts up for a vote: Please note that GIT links are not from gitbox.apache.org as usual, but from GitHub mirror due to current incident https://status.apache.org/incidents/y1t4w1bx0bc9 GIT source tag (7350b35933): https://github.com/apache/syncope/releases/tag/syncope-3.0.3 List of changes: https://github.com/apache/syncope/blob/syncope-3.0.3/CHANGES Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.3/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1081/ Staging site: https://syncope.apache.org/3.0.3/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Deleted] (SYNCOPE-1754) Multiple provision/deprovision members invocation generate entity exists error
[ https://issues.apache.org/jira/browse/SYNCOPE-1754?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli deleted SYNCOPE-1754: --- > Multiple provision/deprovision members invocation generate entity exists > error > --- > > Key: SYNCOPE-1754 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1754 > Project: Syncope > Issue Type: Bug > Reporter: Andrea Patricelli >Priority: Major > > # Login to console as admin > # Choose a group, e.g. managingDirector and click on provision members or > deprovision members once > # Re-click on provision members or deprovision members > # You'll see an error entity exists error for all further invocations -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SYNCOPE-1754) Multiple provision/deprovision members invocation generate entity exists error
[ https://issues.apache.org/jira/browse/SYNCOPE-1754?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli updated SYNCOPE-1754: --- Affects Version/s: 3.0.3 (was: 3.0.2) > Multiple provision/deprovision members invocation generate entity exists > error > --- > > Key: SYNCOPE-1754 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1754 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.3 > Reporter: Andrea Patricelli >Priority: Major > Fix For: 3.0.3, 4.0.0 > > > # Login to console as admin > # Choose a group, e.g. managingDirector and click on provision members or > deprovision members once > # Re-click on provision members or deprovision members > # You'll see an error entity exists error for all further invocations -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1754) Multiple provision/deprovision members invocation generate entity exists error
Andrea Patricelli created SYNCOPE-1754: -- Summary: Multiple provision/deprovision members invocation generate entity exists error Key: SYNCOPE-1754 URL: https://issues.apache.org/jira/browse/SYNCOPE-1754 Project: Syncope Issue Type: Bug Components: core Affects Versions: 3.0.2 Reporter: Andrea Patricelli Fix For: 3.0.3, 4.0.0 # Login to console as admin # Choose a group, e.g. managingDirector and click on provision members or deprovision members once # Re-click on provision members or deprovision members # You'll see an error entity exists error for all further invocations -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1751) Improve password auto generation on propagation
Andrea Patricelli created SYNCOPE-1751: -- Summary: Improve password auto generation on propagation Key: SYNCOPE-1751 URL: https://issues.apache.org/jira/browse/SYNCOPE-1751 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 3.0.2 Reporter: Andrea Patricelli Assignee: Andrea Patricelli Fix For: 3.0.3, 4.0.0 When "generate random password" flag is true on the resource, the actual implementation generates a password only when missing on user create on Syncope, not on the effective create on resource. Moreover the password generation does not take into account policies on realms. Improve the auto-generation behavior by: # Use also realm policies in password generator. # Generate random password (only if the flag is true) on effective user creation on resource (could be an update on Syncope). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1742) Exception in console when defining a date for delegation
Andrea Patricelli created SYNCOPE-1742:
--
Summary: Exception in console when defining a date for delegation
Key: SYNCOPE-1742
URL: https://issues.apache.org/jira/browse/SYNCOPE-1742
Project: Syncope
Issue Type: Bug
Components: console
Affects Versions: 3.0.2
Reporter: Andrea Patricelli
Fix For: 3.0.3, 4.0.0
# Login as admin into console
# Go to Configuration -> security and then click on Delegations tab
# Create a new delegation defining Delegating and Delegated
# In the third step select a start date and add also the time
You'll get a stacktrace on video with the following exception
{code:java}
Could not convert value: 16/03/23 to type: java.time.OffsetDateTime. Could not
find compatible converter. {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (SYNCOPE-1739) Wrong volume mapping for source code in fit docker profile
[
https://issues.apache.org/jira/browse/SYNCOPE-1739?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Patricelli updated SYNCOPE-1739:
---
Description:
# Generate a new project from archetype with group id for example "com.example"
# In the generated fit/pom.xml file you'll find a docker profile with wrong
volume mapping, like this:
{code:java}
${settings.localRepository}/com.example/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/com.example-syncope-core-classes.jar:ro{code}
instead of
{code:java}
${settings.localRepository}/com/example/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/com.example-syncope-core-classes.jar:ro{code}
Moreover should be added a volume mapping also with common module jar for core,
console and enduser and wa containers.
was:
# Generate a new project from archetype with group id for example "com.example"
# In the generated fit/pom.xml file you'll find a docker profile with wrong
volume mapping, like this:
{code:java}
${settings.localRepository}/com.example/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/com.example-syncope-core-classes.jar:ro{code}
instead of
{code:java}
${settings.localRepository}/com/example/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/com.example-syncope-core-classes.jar:ro{code}
> Wrong volume mapping for source code in fit docker profile
> ---
>
> Key: SYNCOPE-1739
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1739
> Project: Syncope
> Issue Type: Bug
> Components: archetype
> Affects Versions: 3.0.2
>Reporter: Andrea Patricelli
>Priority: Major
> Fix For: 3.0.3, 4.0.0
>
>
> # Generate a new project from archetype with group id for example
> "com.example"
> # In the generated fit/pom.xml file you'll find a docker profile with wrong
> volume mapping, like this:
> {code:java}
> ${settings.localRepository}/com.example/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/com.example-syncope-core-classes.jar:ro{code}
> instead of
> {code:java}
> ${settings.localRepository}/com/example/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/com.example-syncope-core-classes.jar:ro{code}
> Moreover should be added a volume mapping also with common module jar for
> core, console and enduser and wa containers.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Created] (SYNCOPE-1739) Wrong volume mapping for source code in fit docker profile
Andrea Patricelli created SYNCOPE-1739:
--
Summary: Wrong volume mapping for source code in fit docker
profile
Key: SYNCOPE-1739
URL: https://issues.apache.org/jira/browse/SYNCOPE-1739
Project: Syncope
Issue Type: Bug
Components: archetype
Affects Versions: 3.0.2
Reporter: Andrea Patricelli
Fix For: 3.0.3, 4.0.0
# Generate a new project from archetype with group id for example "com.example"
# In the generated fit/pom.xml file you'll find a docker profile with wrong
volume mapping, like this:
{code:java}
${settings.localRepository}/com.example/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/com.example-syncope-core-classes.jar:ro{code}
instead of
{code:java}
${settings.localRepository}/com/example/syncope-core/${project.version}/syncope-core-${project.version}-classes.jar:/opt/syncope/lib/com.example-syncope-core-classes.jar:ro{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Resolved] (SYNCOPE-1732) Console does not support custom Access Policy Configuration
[ https://issues.apache.org/jira/browse/SYNCOPE-1732?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1732. Resolution: Resolved > Console does not support custom Access Policy Configuration > --- > > Key: SYNCOPE-1732 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1732 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 3.0.2 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.3, 4.0.0 > > > Though on core side is possible to define and use a custom > AccessPolicyConf, console only supports editing configuration for > DefaultAccessPolicyConf, HttpRequestAccessPolicyConf, > TimeBasedAccessPolicyConf > since the panel fields are bound to these types. > The panel must be extended to also support generic AccessPolicyConf objects > like other configurations like ReportletConf, etc. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (SYNCOPE-1732) Console does not support custom Access Policy Configuration
[ https://issues.apache.org/jira/browse/SYNCOPE-1732?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli reassigned SYNCOPE-1732: -- Assignee: Andrea Patricelli > Console does not support custom Access Policy Configuration > --- > > Key: SYNCOPE-1732 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1732 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 3.0.2 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.3, 4.0.0 > > > Though on core side is possible to define and use a custom > AccessPolicyConf, console only supports editing configuration for > DefaultAccessPolicyConf, HttpRequestAccessPolicyConf, > TimeBasedAccessPolicyConf > since the panel fields are bound to these types. > The panel must be extended to also support generic AccessPolicyConf objects > like other configurations like ReportletConf, etc. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1732) Console does not support custom Access Policy Configuration
Andrea Patricelli created SYNCOPE-1732: -- Summary: Console does not support custom Access Policy Configuration Key: SYNCOPE-1732 URL: https://issues.apache.org/jira/browse/SYNCOPE-1732 Project: Syncope Issue Type: Improvement Components: console Affects Versions: 3.0.2 Reporter: Andrea Patricelli Fix For: 3.0.3, 4.0.0 Though on core side is possible to define and use a custom AccessPolicyConf, console only supports editing configuration for DefaultAccessPolicyConf, HttpRequestAccessPolicyConf, TimeBasedAccessPolicyConf since the panel fields are bound to these types. The panel must be extended to also support generic AccessPolicyConf objects like other configurations like ReportletConf, etc. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [VOTE] Apache Syncope 3.0.2
+1 for me. Best regards, Andrea On 17/02/23 11:08, Francesco Chicchiriccò wrote: I've created a 3.0.2 release, with the following artifacts up for a vote: GIT source tag (182c219da9): https://gitbox.apache.org/repos/asf?p=syncope.git;a=tag;h=182c219da9 List of changes: https://gitbox.apache.org/repos/asf?p=syncope.git;a=blob_plain;f=CHANGES;hb=182c219da9 Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.2/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1079/ Staging site: https://syncope.apache.org/3.0.2/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Resolved] (SYNCOPE-1728) Unable to create LDAP authentication module from console
[
https://issues.apache.org/jira/browse/SYNCOPE-1728?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Patricelli resolved SYNCOPE-1728.
Resolution: Resolved
> Unable to create LDAP authentication module from console
> -
>
> Key: SYNCOPE-1728
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1728
> Project: Syncope
> Issue Type: Bug
> Components: console
>Affects Versions: 3.0.1
> Reporter: Andrea Patricelli
> Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 3.0.2, 4.0.0
>
>
> # Login into console as admin
> # Navigate to WA and create a new authentication module with type
> LDAPAuthModuleConf
> # Compile required fields and click on "next" button
> # You'll see a stacktrace with exception on missing panel, this is due to a
> {code:java}
> java.io.NotSerializableException: java.lang.reflect.Field{code}
> exception while building a MultiFieldPanel in the Configuration wizard step
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Assigned] (SYNCOPE-1728) Unable to create LDAP authentication module from console
[
https://issues.apache.org/jira/browse/SYNCOPE-1728?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Patricelli reassigned SYNCOPE-1728:
--
Assignee: Andrea Patricelli
> Unable to create LDAP authentication module from console
> -
>
> Key: SYNCOPE-1728
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1728
> Project: Syncope
> Issue Type: Bug
> Components: console
>Affects Versions: 3.0.1
> Reporter: Andrea Patricelli
> Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 3.0.2, 4.0.0
>
>
> # Login into console as admin
> # Navigate to WA and create a new authentication module with type
> LDAPAuthModuleConf
> # Compile required fields and click on "next" button
> # You'll see a stacktrace with exception on missing panel, this is due to a
> {code:java}
> java.io.NotSerializableException: java.lang.reflect.Field{code}
> exception while building a MultiFieldPanel in the Configuration wizard step
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Created] (SYNCOPE-1728) Unable to create LDAP authentication module from console
Andrea Patricelli created SYNCOPE-1728:
--
Summary: Unable to create LDAP authentication module from console
Key: SYNCOPE-1728
URL: https://issues.apache.org/jira/browse/SYNCOPE-1728
Project: Syncope
Issue Type: Bug
Components: console
Affects Versions: 3.0.1
Reporter: Andrea Patricelli
Fix For: 3.0.2
# Login into console as admin
# Navigate to WA and create a new authentication module with type
LDAPAuthModuleConf
# Compile required fields and click on "next" button
# You'll see a stacktrace with exception on missing panel, this is due to a
{code:java}
java.io.NotSerializableException: java.lang.reflect.Field{code}
exception while building a MultiFieldPanel in the Configuration wizard step
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
Re: [VOTE] Apache Syncope 3.0.1
+1. Best regards, Andrea On 13/01/23 08:32, Francesco Chicchiriccò wrote: I've created a 3.0.1 release, with the following artifacts up for a vote: GIT source tag (e1d0c5b32d): https://gitbox.apache.org/repos/asf?p=syncope.git;a=tag;h=e1d0c5b32d List of changes: https://gitbox.apache.org/repos/asf?p=syncope.git;a=blob_plain;f=CHANGES;hb=e1d0c5b32d Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.1/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1076/ Staging site: https://syncope.apache.org/3.0.1/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [VOTE] Apache Syncope 2.1.13
+1. Best regards, Andrea On 09/12/22 10:55, Francesco Chicchiriccò wrote: I've created a 2.1.13 release, with the following artifacts up for a vote: GIT source tag (2d7958221b): https://gitbox.apache.org/repos/asf?p=syncope.git;a=tag;h=2d7958221b List of changes: https://gitbox.apache.org/repos/asf?p=syncope.git;a=blob_plain;f=CHANGES;hb=2d7958221b Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/2.1.13/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1075/ Staging site: https://syncope.apache.org/2.1.13/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [DISCUSS] Settings for next major release
No objections, it looks good to me. Best regards, Andrea On 24/11/22 11:14, Francesco Chicchiriccò wrote: Hi all, after releasing 3.0.0, I would propose to copy the current master branch to 3_0_X and then to set the master branch to: * Spring Boot 3.0.x * CXF 4.0.0-SNAPSHOT * CAS 7.0.x * JDK 17 Globally, these dependencies will also mark the final move from javax.* to jakarta.* namespace. About Syncope version, I was thinking to set 4.0.0-SNAPSHOT: even though there are no major feature changes already planned for 4.0 Notturno [1], such a massive dependency upgrade should be enough to justify the step from 3.0 to 4.0 (and might fit into semantic versioning as well). WDYT? Regards. [1] https://cwiki.apache.org/confluence/display/SYNCOPE/Roadmap#Roadmap-4.0.0(Notturno) -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [VOTE] Apache Syncope 3.0.0
+1. Best regards, Andrea On 11/11/22 10:22, Francesco Chicchiriccò wrote: I've created a 3.0-0 release, with the following artifacts up for a vote: GIT source tag (5e7d1667df): https://gitbox.apache.org/repos/asf?p=syncope.git;a=tag;h=5e7d1667df List of changes: https://gitbox.apache.org/repos/asf?p=syncope.git;a=blob_plain;f=CHANGES;hb=5e7d1667df Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.0/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1074/ Staging site: https://syncope.apache.org/3.0.0/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Resolved] (SYNCOPE-1708) Allow enable/disable extensions in enduser
[
https://issues.apache.org/jira/browse/SYNCOPE-1708?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Patricelli resolved SYNCOPE-1708.
Resolution: Resolved
> Allow enable/disable extensions in enduser
> --
>
> Key: SYNCOPE-1708
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1708
> Project: Syncope
> Issue Type: Improvement
> Components: enduser
>Affects Versions: 3.0.0-M2
> Reporter: Andrea Patricelli
> Assignee: Andrea Patricelli
>Priority: Minor
> Fix For: 3.0.0
>
>
> Currently enduser supports customization of the basic features like user
> attributes edit, change password, etc. through the {{customFormLayout.json}}
> file.
> Improve this mechanism also to support extensions customizability, e.g.
> disable UserRequests even if the Flowable extension has been enabled on
> syncope.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Created] (SYNCOPE-1708) Allow enable/disable extensions in enduser
Andrea Patricelli created SYNCOPE-1708: -- Summary: Allow enable/disable extensions in enduser Key: SYNCOPE-1708 URL: https://issues.apache.org/jira/browse/SYNCOPE-1708 Project: Syncope Issue Type: Improvement Components: enduser Affects Versions: 3.0.0-M2 Reporter: Andrea Patricelli Assignee: Andrea Patricelli Fix For: 3.0.0 Currently enduser supports customization of the basic features like user attributes edit, change password, etc. through the `customFormLayout.json` file. Improve this mechanism also to support extensions customizability, e.g. disable UserRequests even if the Flowable extension has been enabled on syncope. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [VOTE] Apache Syncope 3.0.0-M2
+1. Best regards, Andrea On 27/10/22 15:40, Francesco Chicchiriccò wrote: I've created a 3.0-0-M2 release, with the following artifacts up for a vote: GIT source tag (690dbfcaab): https://gitbox.apache.org/repos/asf?p=syncope.git;a=tag;h=690dbfcaab List of changes: https://gitbox.apache.org/repos/asf?p=syncope.git;a=blob_plain;f=CHANGES;hb=690dbfcaab Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.0-M2/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1073/ Staging site: https://syncope.apache.org/3.0.0-M2/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [VOTE] Apache Syncope 3.0.0-M1
+1. Best regards, Andrea On 14/10/22 09:16, Francesco Chicchiriccò wrote: -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: About SYNCOPE-1696
You're right! the doc says till ES 7.X.
Thanks for the feedback.
Best regards,
Andrea
On 30/09/22 09:05, Francesco Chicchiriccò wrote:
Hi Andrea,
I agree with you, option (2) looks definitely better, especially
because, if I am not mistaking, the library [1] does not support yet
Elasticsearch 8.x, which we are using on master branch.
Regards.
On 29/09/22 17:14, Andrea Patricelli wrote:
Hi all,
About SYNCOPE-1696 I found this log4j2 appender [1] that seems to be
a kind of "fork" extension (not mentioned in the official doc), but
still quite active project.
Now I see two ways to proceed:
1. Use the library and all its features OOTB. As far as I understood
this extension "simply" performs HTTP calls to ES to write data and
allows to log on ES transparently like
log.info("Hello, World!");
.
2. Configure a custom audit appender as the Syslog or Rewrite one,
which directly uses the ES client to write on Elasticsearch.
Though solution 1 seems to be a good way to proceed, it is not so
widely used because the most common way to direct logs on ES is to
use Logstash and Filebeat. But on the other hand requires only some
configuration, without writing too much code.
Solution 2 is a bit more "raw" and requires a bit more work, but we
would use the same ES client instantiated by the extension and have
more control on the overall solution and maintenance.
I would lean for solution 2, following the implementation to index
users, any objs and groups by using a custom appender to place under
elasticsearch extension, but would like to know your opinion.
Best regards,
Andrea
[1] https://github.com/rfoltyns/log4j2-elasticsearch
--
Andrea Patricelli
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope
About SYNCOPE-1696
Hi all,
About SYNCOPE-1696 I found this log4j2 appender [1] that seems to be a
kind of "fork" extension (not mentioned in the official doc), but still
quite active project.
Now I see two ways to proceed:
1. Use the library and all its features OOTB. As far as I understood
this extension "simply" performs HTTP calls to ES to write data and
allows to log on ES transparently like
log.info("Hello, World!");
.
2. Configure a custom audit appender as the Syslog or Rewrite one,
which directly uses the ES client to write on Elasticsearch.
Though solution 1 seems to be a good way to proceed, it is not so widely
used because the most common way to direct logs on ES is to use Logstash
and Filebeat. But on the other hand requires only some configuration,
without writing too much code.
Solution 2 is a bit more "raw" and requires a bit more work, but we
would use the same ES client instantiated by the extension and have more
control on the overall solution and maintenance.
I would lean for solution 2, following the implementation to index
users, any objs and groups by using a custom appender to place under
elasticsearch extension, but would like to know your opinion.
Best regards,
Andrea
[1] https://github.com/rfoltyns/log4j2-elasticsearch
<https://github.com/rfoltyns/log4j2-elasticsearch>
--
Andrea Patricelli
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope
[jira] [Resolved] (SYNCOPE-1698) Aux classes number doubles when saving external resource
[ https://issues.apache.org/jira/browse/SYNCOPE-1698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1698. Resolution: Resolved > Aux classes number doubles when saving external resource > - > > Key: SYNCOPE-1698 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1698 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.0-M0 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.0 > > > # Create an external resource and define at least one set of provisioning > rules (mapping) with at least one auxiliary class assigned. > # Open in edit the resource or the mapping itself and change something, then > save. > # You can see, from console and on the database that the number of auxiliary > classes (auxClasses field of the ExternalResource) doubles at each save. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1695. Resolution: Resolved > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 3.0.0-M0 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (SYNCOPE-1698) Aux classes number doubles when saving external resource
[ https://issues.apache.org/jira/browse/SYNCOPE-1698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli reassigned SYNCOPE-1698: -- Assignee: Andrea Patricelli > Aux classes number doubles when saving external resource > - > > Key: SYNCOPE-1698 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1698 > Project: Syncope > Issue Type: Bug > Components: core >Affects Versions: 3.0.0-M0 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.0 > > > # Create an external resource and define at least one set of provisioning > rules (mapping) with at least one auxiliary class assigned. > # Open in edit the resource or the mapping itself and change something, then > save. > # You can see, from console and on the database that the number of auxiliary > classes (auxClasses field of the ExternalResource) doubles at each save. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1698) Aux classes number doubles when saving external resource
Andrea Patricelli created SYNCOPE-1698: -- Summary: Aux classes number doubles when saving external resource Key: SYNCOPE-1698 URL: https://issues.apache.org/jira/browse/SYNCOPE-1698 Project: Syncope Issue Type: Bug Components: core Affects Versions: 3.0.0-M0 Reporter: Andrea Patricelli Fix For: 3.0.0 # Create an external resource and define at least one set of provisioning rules (mapping) with at least one auxiliary class assigned. # Open in edit the resource or the mapping itself and change something, then save. # You can see, from console and on the database that the number of auxiliary classes (auxClasses field of the ExternalResource) doubles at each save. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1696) Audit Elasticsearch persistence
Andrea Patricelli created SYNCOPE-1696: -- Summary: Audit Elasticsearch persistence Key: SYNCOPE-1696 URL: https://issues.apache.org/jira/browse/SYNCOPE-1696 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 3.0.0-M0 Reporter: Andrea Patricelli Fix For: 3.0.0 Give the possibility to switch the audit messages persistence on Elasticsearch, instead of the Syncope database. This will improve search performances and give more powerful search features. Besides the main goal there could be also some query improvements to implement, like passing more that on type or category in the AuditQuery. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli updated SYNCOPE-1695: --- Fix Version/s: (was: 2.1.13) > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 3.0.0-M0 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli updated SYNCOPE-1695: --- Affects Version/s: (was: 2.1.12) > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 3.0.0-M0 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli reassigned SYNCOPE-1695: -- Assignee: Andrea Patricelli > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695 ] Andrea Patricelli deleted comment on SYNCOPE-1695: was (Author: andreapatricelli): Dear Avetik, Glad to hear about your interest in Apache Syncope project, but such kind of requests should be done on the appropriate mailing list [here|https://syncope.apache.org/mailing-lists]. Please use the [u...@syncope.apache.org|mailto:u...@syncope.apache.org] ML to ask what you're looking for. Thanks and regards! > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 >Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695 ] Andrea Patricelli deleted comment on SYNCOPE-1695: was (Author: andreapatricelli): Dear Avetik, Glad to hear about your interest in Apache Syncope project, but such kind of requests should be done on the appropriate mailing list here [1]. Please use the u...@syncope.apache.org ML to ask for what you're looking for. Thanks and regards! [1] https://syncope.apache.org/mailing-lists -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 >Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695 ] Andrea Patricelli deleted comment on SYNCOPE-1695: was (Author: andreapatricelli): Dear Avetik, Glad to hear about your interest in Apache Syncope project, but such kind of requests should be done on the appropriate mailing list here [1]. Please use the u...@syncope.apache.org ML to ask for what you're looking for. Thanks and regards! [1] https://syncope.apache.org/mailing-lists -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 >Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695 ] Andrea Patricelli deleted comment on SYNCOPE-1695: was (Author: JIRAUSER295918): Dear Colleagues, Appreciate if you may advise about who can help us to get a configuration file example for 2-Factor Authentication for Apache Syncope? Best regards, Avetik > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 > Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17606578#comment-17606578 ] Andrea Patricelli commented on SYNCOPE-1695: Dear Avetik, Glad to hear about your interest in Apache Syncope project, but such kind of requests should be done on the appropriate mailing list here [1]. Please use the u...@syncope.apache.org ML to ask for what you're looking for. Thanks and regards! [1] https://syncope.apache.org/mailing-lists -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 >Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17606579#comment-17606579 ] Andrea Patricelli commented on SYNCOPE-1695: Dear Avetik, Glad to hear about your interest in Apache Syncope project, but such kind of requests should be done on the appropriate mailing list here [1]. Please use the u...@syncope.apache.org ML to ask for what you're looking for. Thanks and regards! [1] https://syncope.apache.org/mailing-lists -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 >Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [jira] [Created] (SYNCOPE-1695) History console view improvements
Dear Avetik, Glad to hear about your interest in Apache Syncope project, but such kind of requests should be done on the appropriate mailing list here [1]. Please use the u...@syncope.apache.org ML to ask for what you're looking for. Thanks and regards! [1] https://syncope.apache.org/mailing-lists On 19/09/22 14:09, avetik.yessa...@ihost.am.INVALID wrote: Dear Andrea, Appreciate if you can advise who can provide 2-Factor Authentication configuration sample for Apache Syncope. Best regards, Avetik -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695 ] Andrea Patricelli deleted comment on SYNCOPE-1695: was (Author: JIRAUSER295918): Dear Andrea, Appreciate if you can advise who can provide 2-Factor Authentication configuration sample for Apache Syncope. Best regards, Avetik > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 > Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695 ] Andrea Patricelli deleted comment on SYNCOPE-1695: was (Author: JIRAUSER295917): Dear Andrea, Appreciate if you can advise who can provide 2-Factor Authentication configuration sample for Apache Syncope. Best regards, Avetik > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 > Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SYNCOPE-1695) History console view improvements
[ https://issues.apache.org/jira/browse/SYNCOPE-1695?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17606577#comment-17606577 ] Andrea Patricelli commented on SYNCOPE-1695: Dear Avetik, Glad to hear about your interest in Apache Syncope project, but such kind of requests should be done on the appropriate mailing list [here|https://syncope.apache.org/mailing-lists]. Please use the [u...@syncope.apache.org|mailto:u...@syncope.apache.org] ML to ask what you're looking for. Thanks and regards! > History console view improvements > - > > Key: SYNCOPE-1695 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 > Project: Syncope > Issue Type: Improvement > Components: console >Affects Versions: 2.1.12, 3.0.0-M0 >Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.13, 3.0.0 > > > Audit view in console could be improved by: > * In the history section the diff should be between before and after by > default and the user must choose across which versions the diff shall be > computed > * adjust the Console code to get both LOGIC and PULL events, or even not > specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SYNCOPE-1695) History console view improvements
Andrea Patricelli created SYNCOPE-1695: -- Summary: History console view improvements Key: SYNCOPE-1695 URL: https://issues.apache.org/jira/browse/SYNCOPE-1695 Project: Syncope Issue Type: Improvement Components: console Affects Versions: 3.0.0-M0, 2.1.12 Reporter: Andrea Patricelli Fix For: 2.1.13, 3.0.0 Audit view in console could be improved by: * In the history section the diff should be between before and after by default and the user must choose across which versions the diff shall be computed * adjust the Console code to get both LOGIC and PULL events, or even not specifying anything, just the user key -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: Audit view improvements
On 12/09/22 16:06, Francesco Chicchiriccò wrote: On 12/09/22 16:01, Andrea Patricelli wrote: On 12/09/22 15:51, Francesco Chicchiriccò wrote: On 12/09/22 15:43, Andrea Patricelli wrote: Hi all, since audit, in some Syncope installations is (and must be) critically important and very often helps to understand the history of critical user data, I would like to suggest some improvements to the view in console: In the history section the diff should be between before and after, but now is always between before and now. The main goal here is to see who changed what in that specific audit event. This makes sense. Maybe even better if one can choose across which versions the diff shall be computed. Agree! ATM the history shows only a part of the events that can occur on the user, for example events coming from pull aren't shown as well. What do you mean? Events originated by Console / REST are audited under LOGIC, events originated by Pull are audited under PULL: when you enable both, you get audit for both. Yes, both are audited by the configured appenders, but only LOGIC events are visible in console. Some little but necessary changes are needed to the code to PULL events to the view, too. Ah, I see, you mean to adjust the Console code to get both LOGIC and PULL, or even not specifying anything, just the user key - which would require some minor changes on the REST side too. Yes, exactly. I'd suggest to open an issue to improve, at least, user, group and any object audit accessibility in console. WDYT Best regards, Andrea -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: Audit view improvements
On 12/09/22 15:51, Francesco Chicchiriccò wrote: On 12/09/22 15:43, Andrea Patricelli wrote: Hi all, since audit, in some Syncope installations is (and must be) critically important and very often helps to understand the history of critical user data, I would like to suggest some improvements to the view in console: In the history section the diff should be between before and after, but now is always between before and now. The main goal here is to see who changed what in that specific audit event. This makes sense. Maybe even better if one can choose across which versions the diff shall be computed. Agree! ATM the history shows only a part of the events that can occur on the user, for example events coming from pull aren't shown as well. What do you mean? Events originated by Console / REST are audited under LOGIC, events originated by Pull are audited under PULL: when you enable both, you get audit for both. Yes, both are audited by the configured appenders, but only LOGIC events are visible in console. Some little but necessary changes are needed to the code to PULL events to the view, too. I'd suggest to open an issue to improve, at least, user, group and any object audit accessibility in console. WDYT Best regards, Andrea -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Audit view improvements
Hi all, since audit, in some Syncope installations is (and must be) critically important and very often helps to understand the history of critical user data, I would like to suggest some improvements to the view in console: In the history section the diff should be between before and after, but now is always between before and now. The main goal here is to see who changed what in that specific audit event. ATM the history shows only a part of the events that can occur on the user, for example events coming from pull aren't shown as well. I'd suggest to open an issue to improve, at least, user, group and any object audit accessibility in console. WDYT Best regards, Andrea -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Resolved] (SYNCOPE-1665) In enduser manage provisioning result on create/update and set feedback accordingly
[ https://issues.apache.org/jira/browse/SYNCOPE-1665?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1665. Resolution: Fixed > In enduser manage provisioning result on create/update and set feedback > accordingly > --- > > Key: SYNCOPE-1665 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1665 > Project: Syncope > Issue Type: Improvement > Components: enduser >Affects Versions: 3.0.0-M0 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 3.0.0 > > > * Improve error management, giving a feedback based on propagation statuses > * Make some refactoring if possible > * Use notification panels instead redirect where needed -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: About PR #363 and SYNCOPE-1665
Hi, I've resumed the work on the issue. Hope to finish by friday or monday. Best regards, Andrea On 05/09/22 09:14, Andrea Patricelli wrote: Hi Francesco, no ATM I had no chance to work on it. The plan is to resume and finish the job this week. I'll update you on Wednesday in order to have an idea about the status of the work. Best regards, Andrea On 05/09/22 08:44, Francesco Chicchiriccò wrote: Hi Andrea, any update in the last two weeks, since your e-mail below? It would be nice to have such an improvement onboard for next 3.0.0-M1. Regards. On 23/08/22 09:53, Francesco Chicchiriccò wrote: On 22/08/22 16:34, Andrea Patricelli wrote: Hi, yes you're right. Basically the solution has been provided, but the PR needs some refactoring and to reuse already existing console modules like StatusPanel. This unfortunately is not trivial, because extracting some console classes into common is a waterfall of changes and refactorings that takes some time, and did not have the chance to finish this work, yet. At this point I see three solutions: 1. Keep this "embryonal" work as the actual solution and only make some graphical refinements. 2. Continue the work on using console modules, moving classes to common, etc. Hopefully I can resume and finish the work next week. 3. Move the issue to the next release since this is mainly an improvement and not a critical bugfix or new core feature. Thanks Andrea, no need to rush: I don't expect next release for Syncope 3.0 before a couple of weeks. Regards. On 22/08/22 16:05, Francesco Chicchiriccò wrote: Hi Andrea, I see that your PR #363 was not updated lately. I see also that SYNCOPE-1665 is set for Syncope 3.0.0 so I was wondering if you could provide an update about such work, thanks. Regards. [1] https://github.com/apache/syncope/pull/363 -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: About PR #363 and SYNCOPE-1665
Hi Francesco, no ATM I had no chance to work on it. The plan is to resume and finish the job this week. I'll update you on Wednesday in order to have an idea about the status of the work. Best regards, Andrea On 05/09/22 08:44, Francesco Chicchiriccò wrote: Hi Andrea, any update in the last two weeks, since your e-mail below? It would be nice to have such an improvement onboard for next 3.0.0-M1. Regards. On 23/08/22 09:53, Francesco Chicchiriccò wrote: On 22/08/22 16:34, Andrea Patricelli wrote: Hi, yes you're right. Basically the solution has been provided, but the PR needs some refactoring and to reuse already existing console modules like StatusPanel. This unfortunately is not trivial, because extracting some console classes into common is a waterfall of changes and refactorings that takes some time, and did not have the chance to finish this work, yet. At this point I see three solutions: 1. Keep this "embryonal" work as the actual solution and only make some graphical refinements. 2. Continue the work on using console modules, moving classes to common, etc. Hopefully I can resume and finish the work next week. 3. Move the issue to the next release since this is mainly an improvement and not a critical bugfix or new core feature. Thanks Andrea, no need to rush: I don't expect next release for Syncope 3.0 before a couple of weeks. Regards. On 22/08/22 16:05, Francesco Chicchiriccò wrote: Hi Andrea, I see that your PR #363 was not updated lately. I see also that SYNCOPE-1665 is set for Syncope 3.0.0 so I was wondering if you could provide an update about such work, thanks. Regards. [1] https://github.com/apache/syncope/pull/363 -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [DISCUSS] Remove Camel Provisioning Manager
Hi all, Even if I agree with Misagh, I can confirm that even customers that were interested in the camel extension finally decided not to use it in favour of extending the default one. So agree on removing this feature on master. Just to know, we're going to upgrade camel deps and support it on branch 2.1.X right? Best regards, Andrea Il mer 24 ago 2022, 13:16 Francesco Chicchiriccò ha scritto: > Hi all, > working for SYNCOPE-1692, which involves some changes in the provisioning > process, I've realized that the Camel Provisioning Manager extension [1], > while featuring some very smart code has probably never been used in any > production deployment, at least none that I am aware of. > > Over time, the cost of managing such (possibly unused) extension has > become quite relevant, hence I am proposing to remove it from the master > branch, so that next 3.0.0 release will not contain it anymore. > > Thoughts? > Regards. > > [1] https://github.com/apache/syncope/tree/master/ext/camel > > -- > Francesco Chicchiriccò > > Tirasa - Open Source Excellence > http://www.tirasa.net/ > > Member at The Apache Software Foundation > Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail > http://home.apache.org/~ilgrosso/ > >
Re: About PR #363 and SYNCOPE-1665
Hi, yes you're right. Basically the solution has been provided, but the PR needs some refactoring and to reuse already existing console modules like StatusPanel. This unfortunately is not trivial, because extracting some console classes into common is a waterfall of changes and refactorings that takes some time, and did not have the chance to finish this work, yet. At this point I see three solutions: 1. Keep this "embryonal" work as the actual solution and only make some graphical refinements. 2. Continue the work on using console modules, moving classes to common, etc. Hopefully I can resume and finish the work next week. 3. Move the issue to the next release since this is mainly an improvement and not a critical bugfix or new core feature. Best regards, Andrea On 22/08/22 16:05, Francesco Chicchiriccò wrote: Hi Andrea, I see that your PR #363 was not updated lately. I see also that SYNCOPE-1665 is set for Syncope 3.0.0 so I was wondering if you could provide an update about such work, thanks. Regards. [1] https://github.com/apache/syncope/pull/363 -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [DISCUSS] LiveSync
Hi all, I've read the wiki and have only a question ATM: why do we need new mapping, couldn't we rely on the existing mapping and enable/disable livesync by resource and/or provision and/or mapped attributes? Best regards, Andrea On 17/08/22 09:22, Francesco Chicchiriccò wrote: Hi all, I have put some considerations about LiveSync in [1]: feel free to comment and / or amend / complete. Anyone stepping in for implementation? Regards. [1] https://cwiki.apache.org/confluence/display/SYNCOPE/%5BDISCUSS%5D+LiveSync -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [VOTE] Apache Syncope 2.1.12
+1. Best regards, Andrea On 05/08/22 12:59, Francesco Chicchiriccò wrote: I've created a 2.1.12 release, with the following artifacts up for a vote: GIT source tag (27127447f1): https://gitbox.apache.org/repos/asf?p=syncope.git;a=tag;h=27127447f1 List of changes: https://gitbox.apache.org/repos/asf?p=syncope.git;a=blob_plain;f=CHANGES;hb=27127447f1 Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/2.1.12/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1070/ Staging site: https://syncope.apache.org/2.1.12/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: [VOTE] Apache Syncope 3.0.0-M0
+1 for me, too. Best regards, Andrea On 05/08/22 15:17, Francesco Chicchiriccò wrote: I've created a 3.0-0-M0 release, with the following artifacts up for a vote: GIT source tag (23df3585ff): https://gitbox.apache.org/repos/asf?p=syncope.git;a=tag;h=23df3585ff List of changes: https://gitbox.apache.org/repos/asf?p=syncope.git;a=blob_plain;f=CHANGES;hb=23df3585ff Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/3.0.0-M0/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1071/ Staging site: https://syncope.apache.org/3.0.0-M0/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Commented] (SYNCOPE-1671) Wrong JobDelegate column name in scheduled task table
[ https://issues.apache.org/jira/browse/SYNCOPE-1671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17517907#comment-17517907 ] Andrea Patricelli commented on SYNCOPE-1671: I've just investigated and the "JobJobDelegate" depends on italian label. The other behavior instead is present also with other languages. > Wrong JobDelegate column name in scheduled task table > - > > Key: SYNCOPE-1671 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1671 > Project: Syncope > Issue Type: Bug > Components: console >Affects Versions: 2.1.11 >Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.12, 3.0.0 > > Attachments: image-2022-04-06-09-18-18-136.png > > > As shown in the image the column label is wrong and generates an uncaught > exception while clicking on the column name. This kicks the user out of the > console. > The problem about the label affects only italian language, the issue about > the sudden logout also other languages. > !image-2022-04-06-09-18-18-136.png! -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (SYNCOPE-1671) Wrong JobDelegate column name in scheduled task table
[ https://issues.apache.org/jira/browse/SYNCOPE-1671?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli updated SYNCOPE-1671: --- Description: As shown in the image the column label is wrong and generates an uncaught exception while clicking on the column name. This kicks the user out of the console. The problem about the label affects only italian language, the issue about the sudden logout also other languages. !image-2022-04-06-09-18-18-136.png! was: As shown in the image the column label is wrong and generates an uncaught exception while clicking on the column name. This kicks the user out of the console. !image-2022-04-06-09-18-18-136.png! > Wrong JobDelegate column name in scheduled task table > - > > Key: SYNCOPE-1671 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1671 > Project: Syncope > Issue Type: Bug > Components: console >Affects Versions: 2.1.11 > Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.12, 3.0.0 > > Attachments: image-2022-04-06-09-18-18-136.png > > > As shown in the image the column label is wrong and generates an uncaught > exception while clicking on the column name. This kicks the user out of the > console. > The problem about the label affects only italian language, the issue about > the sudden logout also other languages. > !image-2022-04-06-09-18-18-136.png! -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (SYNCOPE-1671) Wrong JobDelegate column name in scheduled task table
[ https://issues.apache.org/jira/browse/SYNCOPE-1671?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli updated SYNCOPE-1671: --- Summary: Wrong JobDelegate column name in scheduled task table (was: Wrong JobDelegate column name in scheduled task table ) > Wrong JobDelegate column name in scheduled task table > - > > Key: SYNCOPE-1671 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1671 > Project: Syncope > Issue Type: Bug > Components: console >Affects Versions: 2.1.11 > Reporter: Andrea Patricelli >Priority: Major > Fix For: 2.1.12, 3.0.0 > > Attachments: image-2022-04-06-09-18-18-136.png > > > As shown in the image the column label is wrong and generates an uncaught > exception while clicking on the column name. This kicks the user out of the > console. > > !image-2022-04-06-09-18-18-136.png! -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Created] (SYNCOPE-1671) Wrong JobDelegate column name in scheduled task table
Andrea Patricelli created SYNCOPE-1671: -- Summary: Wrong JobDelegate column name in scheduled task table Key: SYNCOPE-1671 URL: https://issues.apache.org/jira/browse/SYNCOPE-1671 Project: Syncope Issue Type: Bug Components: console Affects Versions: 2.1.11 Reporter: Andrea Patricelli Fix For: 2.1.12, 3.0.0 Attachments: image-2022-04-06-09-18-18-136.png As shown in the image the column label is wrong and generates an uncaught exception while clicking on the column name. This kicks the user out of the console. !image-2022-04-06-09-18-18-136.png! -- This message was sent by Atlassian Jira (v8.20.1#820001)
Re: [VOTE] Apache Syncope 2.1.11
+1. Best regards, Andrea On 18/03/22 10:29, Francesco Chicchiriccò wrote: I've created a 2.1.11 release, with the following artifacts up for a vote: GIT source tag (326c221): https://gitbox.apache.org/repos/asf?p=syncope.git;a=tag;h=326c221 List of changes: https://gitbox.apache.org/repos/asf?p=syncope.git;a=blob;f=CHANGES;hb=326c221 Staging artifacts: https://dist.apache.org/repos/dist/dev/syncope/2.1.11/ Maven staging repo: https://repository.apache.org/content/repositories/orgapachesyncope-1069/ Staging site: http://syncope.apache.org/2.1.11/index.html PGP release keys (signed using 273DF287): http://www.apache.org/dist/syncope/KEYS Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Here's my +1 Regards. -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: What should be the value of any.search.dao property in. the persistence.properties
Hi Vinay, You should anyway use this any.search.dao=org.apache.syncope.core.persistence.jpa.dao.ElasticsearchAnySearchDAO since queries are performed on ES, in order to have the best performances while searching. On the other end, if you set to PGJPAJSONAnySearchDAO, instead, you're just telling to Syncope not to use ES to perform searches, but go directly on db through JSON-based queries, anyway faster than the basic queries. Best regards, Andrea On 14/03/22 18:49, Vinay Kavala wrote: Hi Team, I have enabled Elastic Search on my local syncope instance and it was working fine with the prescribed changes. Now I am planning to implement JSONB usage as well and am following the documentation provided in the syncope docs athttps://syncope.apache.org/docs/2.1/reference-guide.html#postgresql-jsonb I have a question now for the any.search.dao property in. the persistence.properties file what should be the value of it? #any.search.dao=org.apache.syncope.core.persistence.jpa.dao.ElasticsearchAnySearchDAO any.search.dao=org.apache.syncope.core.persistence.jpa.dao.PGJPAJSONAnySearchDAO I currently commented out the ElasticSearchDao entry and enabled the JSONAnySearchDAO. Is this correct? or what should be the value for it? I am seeing few issues in my local when I start up the server, not sure if it is related to the same.. just wanted to confirm what is the correct value for it. Thanks, Vinay -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
Re: Time for 2.1.11
Hi all, I've just found a problem related to this [1] issue, thus I had to re-open it. Going to fix it ASAP. Best regards, Andrea [1] https://issues.apache.org/jira/browse/SYNCOPE-1656 On 10/03/22 16:04, Francesco Chicchiriccò wrote: HI all, I believe it is time to cut 2.1.11, with 14 outstanding issues fixed [1] and > 5 months since 2.1.10. Unless there is any objection, I would start the release process tomorrow morning CET. Regards. [1] https://issues.apache.org/jira/issues/?jql=statusCategory%20%3D%20done%20AND%20project%20%3D%2012313120%20AND%20fixVersion%20%3D%2012350677%20ORDER%20BY%20priority%20DESC%2C%20key%20ASC -- Andrea Patricelli Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope
[jira] [Reopened] (SYNCOPE-1656) Remediations are not created on update while pulling
[
https://issues.apache.org/jira/browse/SYNCOPE-1656?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Patricelli reopened SYNCOPE-1656:
# Link an user to a specific resource.
# Change data of the user, on the resource, in order to have an error while
pulling in update (e.g. to clash with some unique value or username of another
user).
# Finally pull the same user through the reconciliation API (or in console
from explore resource). You'll get a persistence error like this:
{code:java}
Unknown: ArgumentException: Encountered new object in persistent field
"org.apache.syncope.core.persistence.jpa.entity.JPARemediation.pullTask" during
attach. However, this field does not allow cascade attach. Set the cascade
attribute for this field to CascadeType.MERGE or CascadeType.ALL (JPA
annotations) or "merge" or "all" (JPA orm.xml). You cannot attach a reference
to a new object without cascading.{code}
> Remediations are not created on update while pulling
>
>
> Key: SYNCOPE-1656
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1656
> Project: Syncope
> Issue Type: Bug
> Components: core
>Affects Versions: 2.1.10
> Reporter: Andrea Patricelli
>Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 2.1.11, 3.0.0
>
>
> # Create an user on Syncope and setup some constraint or validation on an
> attribute. For example define an unique attribute, then set a value for it in
> the user.
> # Create an entity on an external resource that matches with the user
> created at step 1. Syncope is going to perform an update.
> # Create a pull task on that resource with remediation flagged.
> # Run the pull task and you'll see a failure on that user pull, but no
> remediations are created. The same behavior while creating an user creates
> remediation, instead.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Comment Edited] (SYNCOPE-1666) Security Answer encryption
[
https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17502157#comment-17502157
]
Andrea Patricelli edited comment on SYNCOPE-1666 at 3/7/22, 9:09 AM:
-
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
[https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
Sample code:
First of all enable pgcrypto extension.
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;"{code}
{code:java}
UPDATE syncopeuser SET securityanswer = encode(digest(securityanswer,
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
Sample code:
{code:java}
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
{code}
* Oracle
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
[https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
Sample code:
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
Sampple code:
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
If you need more control you can even opt for a BASH or Python script that
generates data to write on the database. For example you can generate with BASH
terminale SHA2 strings as shown here:
[https://beamtic.com/terminal-hash-making|http://example.com/]
was (Author: andreapatricelli):
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
[https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
Sample code:
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;" UPDATE
syncopeuser SET securityanswer = encode(digest('the security answer',
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
Sample code:
{code:java}
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
{code}
* Oracle
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
[https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
Sample code:
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
Sampple code:
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
If you need more control you can even opt for a BASH or Python script that
generates data to write on the database. For example you can generate with BASH
terminale SHA2 strings as shown here:
[https://beamtic.com/terminal-hash-making|http://example.com/]
> Security Answer encryption
> ---
>
> Key: SYNCOPE-1666
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
> Project: Syncope
> Issue Type: Improvement
> Components: core
>Affects Versions: 2.1.10
>Reporter: Andrea Patricelli
>Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive
> information, must be encrypted. We hav to use the same algorithms available
> for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on
> already existing installations.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Comment Edited] (SYNCOPE-1666) Security Answer encryption
[
https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17502157#comment-17502157
]
Andrea Patricelli edited comment on SYNCOPE-1666 at 3/7/22, 9:07 AM:
-
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
[https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
Sample code:
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;" UPDATE
syncopeuser SET securityanswer = encode(digest('the security answer',
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
Sample code:
{code:java}
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
{code}
* Oracle
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
[https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
Sample code:
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
Sampple code:
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
If you need more control you can even opt for a BASH or Python script that
generates data to write on the database. For example you can generate with BASH
terminale SHA2 strings as shown here:
[https://beamtic.com/terminal-hash-making|http://example.com/]
was (Author: andreapatricelli):
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
[https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
Sample code:
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;" UPDATE
syncopeuser SET securityanswer = encode(digest('the security answer',
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
{code:java}
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
{code}
* Oracle
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
[https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
Sample code:
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
Sampple code:
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
If you need more control you can even opt for a BASH or Python script that
generates data to write on the database. For example you can generate with BASH
terminale SHA2 strings as shown here:
[https://beamtic.com/terminal-hash-making|http://example.com/]
> Security Answer encryption
> ---
>
> Key: SYNCOPE-1666
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
> Project: Syncope
> Issue Type: Improvement
> Components: core
>Affects Versions: 2.1.10
>Reporter: Andrea Patricelli
>Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive
> information, must be encrypted. We hav to use the same algorithms available
> for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on
> already existing installations.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Comment Edited] (SYNCOPE-1666) Security Answer encryption
[
https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17502157#comment-17502157
]
Andrea Patricelli edited comment on SYNCOPE-1666 at 3/7/22, 9:07 AM:
-
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
[https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
Sample code:
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;" UPDATE
syncopeuser SET securityanswer = encode(digest('the security answer',
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
{code:java}
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
{code}
* Oracle
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
[https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
Sample code:
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
Sampple code:
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
If you need more control you can even opt for a BASH or Python script that
generates data to write on the database. For example you can generate with BASH
terminale SHA2 strings as shown here:
[https://beamtic.com/terminal-hash-making|http://example.com/]
was (Author: andreapatricelli):
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
* [https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
* Here a sample code to hash in SHA256
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;" UPDATE
syncopeuser SET securityanswer = encode(digest('the security answer',
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
* Oracle
#
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
# [https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
*
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
If you need more control you can even opt for a BASH or Python script that
generates data to write on the database. For example you can generate with BASH
terminale SHA2 strings as shown here:
[https://beamtic.com/terminal-hash-making|http://example.com]
> Security Answer encryption
> ---
>
> Key: SYNCOPE-1666
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
> Project: Syncope
> Issue Type: Improvement
> Components: core
>Affects Versions: 2.1.10
>Reporter: Andrea Patricelli
>Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive
> information, must be encrypted. We hav to use the same algorithms available
> for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on
> already existing installations.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Comment Edited] (SYNCOPE-1666) Security Answer encryption
[
https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17502157#comment-17502157
]
Andrea Patricelli edited comment on SYNCOPE-1666 at 3/7/22, 9:06 AM:
-
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
* [https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
* Here a sample code to hash in SHA256
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;" UPDATE
syncopeuser SET securityanswer = encode(digest('the security answer',
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
* Oracle
#
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
# [https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
*
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
If you need more control you can even opt for a BASH or Python script that
generates data to write on the database. For example you can generate with BASH
terminale SHA2 strings as shown here:
[https://beamtic.com/terminal-hash-making|http://example.com]
was (Author: andreapatricelli):
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
* [https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
* Here a sample code to hash in SHA256
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;" UPDATE
syncopeuser SET securityanswer = encode(digest('the security answer',
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
* Oracle
#
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
# [https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
*
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
> Security Answer encryption
> ---
>
> Key: SYNCOPE-1666
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
> Project: Syncope
> Issue Type: Improvement
> Components: core
>Affects Versions: 2.1.10
>Reporter: Andrea Patricelli
>Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive
> information, must be encrypted. We hav to use the same algorithms available
> for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on
> already existing installations.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Commented] (SYNCOPE-1666) Security Answer encryption
[
https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17502157#comment-17502157
]
Andrea Patricelli commented on SYNCOPE-1666:
In order to upgrade existing enviroments using security questions and answers
the best choice is need to act directly on database.
Here are some native utilities for the supported DBMSes:
* PostgreSQL 12+:
* [https://www.postgresql.org/docs/12/pgcrypto.html#id-1.11.7.34.5]
* Here a sample code to hash in SHA256
{code:java}
psql -U [pg_user] -d [pg_db_name] -c "CREATE EXTENSION pgcrypto;" UPDATE
syncopeuser SET securityanswer = encode(digest('the security answer',
'sha256'), 'hex') where securityanswer is not null;{code}
* MySQL 8+
[https://dev.mysql.com/doc/refman/8.0/en/encryption-functions.html]
UPDATE syncopeuser SET securityanswer = SHA2(securityanswer, 256) where
securityanswer is not null;
* Oracle
#
[https://docs.oracle.com/en/database/oracle/oracle-database/12.2/arpls/DBMS_CRYPTO.html]
# [https://docs.oracle.com/database/121/SQLRF/functions183.htm#SQLRF55647]
{code:java}
UPDATE syncopeuser SET securityanswer = rawtohex(standard_hash (
securityanswer, 'SHA256')) where securityanswer is not null;{code}
* SQLServer 2017+
*
[https://docs.microsoft.com/it-it/sql/t-sql/functions/hashbytes-transact-sql?view=sql-server-ver15]
{code:java}
UPDATE syncopeuser SET securityanswer = select CONVERT(VARCHAR(MAX), (SELECT
HASHBYTES('SHA2_256',securityanswer)), 1) where securityanswer is not
null;{code}
> Security Answer encryption
> ---
>
> Key: SYNCOPE-1666
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1666
> Project: Syncope
> Issue Type: Improvement
> Components: core
> Affects Versions: 2.1.10
>Reporter: Andrea Patricelli
>Assignee: Andrea Patricelli
>Priority: Major
> Fix For: 2.1.11, 3.0.0
>
>
> Security answer is stored as cleartext field, but, since contains sesitive
> information, must be encrypted. We hav to use the same algorithms available
> for password.
> Provide also an upgrade guide and a migration tool to encrypt passwords on
> already existing installations.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Resolved] (SYNCOPE-1666) Security Answer encryption
[ https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli resolved SYNCOPE-1666. Resolution: Resolved > Security Answer encryption > --- > > Key: SYNCOPE-1666 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1666 > Project: Syncope > Issue Type: Improvement > Components: core >Affects Versions: 2.1.10 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 2.1.11, 3.0.0 > > > Security answer is stored as cleartext field, but, since contains sesitive > information, must be encrypted. We hav to use the same algorithms available > for password. > Provide also an upgrade guide and a migration tool to encrypt passwords on > already existing installations. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Assigned] (SYNCOPE-1666) Security Answer encryption
[ https://issues.apache.org/jira/browse/SYNCOPE-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andrea Patricelli reassigned SYNCOPE-1666: -- Assignee: Andrea Patricelli > Security Answer encryption > --- > > Key: SYNCOPE-1666 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1666 > Project: Syncope > Issue Type: Improvement > Components: core >Affects Versions: 2.1.10 > Reporter: Andrea Patricelli > Assignee: Andrea Patricelli >Priority: Major > Fix For: 2.1.11, 3.0.0 > > > Security answer is stored as cleartext field, but, since contains sesitive > information, must be encrypted. We hav to use the same algorithms available > for password. > Provide also an upgrade guide and a migration tool to encrypt passwords on > already existing installations. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Created] (SYNCOPE-1666) Security Answer encryption
Andrea Patricelli created SYNCOPE-1666: -- Summary: Security Answer encryption Key: SYNCOPE-1666 URL: https://issues.apache.org/jira/browse/SYNCOPE-1666 Project: Syncope Issue Type: Improvement Components: core Affects Versions: 2.1.10 Reporter: Andrea Patricelli Fix For: 2.1.11, 3.0.0 Security answer is stored as cleartext field, but, since contains sesitive information, must be encrypted. We hav to use the same algorithms available for password. Provide also an upgrade guide and a migration tool to encrypt passwords on already existing installations. -- This message was sent by Atlassian Jira (v8.20.1#820001)
