Apache Syncope 2.1.9 released, digital identity management

by · Published · Updated

Apache Syncope is an open-source system for managing digital identities in an enterprise environment, implemented using Java EE technology.

Architecture

Admin UI is the web-based console for configuring and administering running deployments, with full support for delegated administration.

End-user UI is the web-based application for self-registration, self-service and password reset

CLI is the command-line application for interacting with Apache Syncope from scripts, particularly useful for system administrators.

Core is the central component, providing all services offered by Apache Syncope.
It exposes a fully-compliant JAX-RS 2.0 RESTful interface which enables third-party applications, written in any programming language, to consume IdM services.

  • Logic implements the overall business logic that can be triggered via REST services, and controls some additional features (notifications, reports and audit over all)
  • Provisioning is involved with managing the internal (via workflow) and external (via specific connectors) representation of users, groups and any objects.
    This component often needs to be tailored to meet the requirements of a specific deployment, as it is the crucial decision point for defining and enforcing the consistency and transformations between internal and external data. The default all-Java implementation can be extended for this purpose. In addition, an Apache Camel-based implementation is also available as an extension, which brings all the power of runtime changes and adaptation.
  • Workflow is one of the pluggable aspects of Apache Syncope: this lets every deployment choose the preferred engine from a provided list – including the one based on Flowable BPM, the reference open source BPMN 2.0 implementation – or define new, custom ones.
  • Persistence manages all data (users, groups, attributes, resources, …​) at a high level using a standard JPA 2.0 approach. The data is persisted to an underlying database, referred to as Internal Storage . Consistency is ensured via the comprehensive transaction management provided by the Spring Framework.
    Globally, this offers the ability to easily scale up to a million entities and at the same time allows great portability with no code changes: MySQL, MariaDB, PostgreSQL, Oracle and MS SQL Server are fully supported deployment options.
  • Security defines a fine-grained set of entitlements which can be granted to administrators, thus enabling the implementation of delegated administration scenarios

Third-party applications are provided full access to IdM services by leveraging the REST interface, either via the Java SyncopeClient library (the basis of Admin UI, End-user UI and CLI) or plain HTTP calls.

Apache Syncope 2.1.9 has been released.

Changelog

Bug

  • [SYNCOPE-1606] – Syncope returns an exception when doing two sequential operations for the same user from the toggle panel
  • [SYNCOPE-1607] – Console Page preferences not working
  • [SYNCOPE-1613] – startAt date is set to start field for SCHEDULED, PULL and PUSH TaskTOs
  • [SYNCOPE-1616] – CSV and single push / pull concurrency issues
  • [SYNCOPE-1619] – SearchPanel should display the input field based on the type of the selected property
  • [SYNCOPE-1620] – JWT validation requires exp and nbf claims
  • [SYNCOPE-1622] – ConnId Connectors not pooled with Resource override

Improvement

  • [SYNCOPE-1608] – Allow wildcard group membership search
  • [SYNCOPE-1609] – Reduce the number of table joins into PostgreSQL JSONB persistence implementation
  • [SYNCOPE-1610] – Set Reconciliation to work with Pull and Push Correlation Rules if available
  • [SYNCOPE-1611] – Caffeine Cache for Virtual Attribute Cache
  • [SYNCOPE-1624] – Toggle panel improvements

Download

Tags: