8.1 - Jade

Main milestones:

In CzechIdM system exists bulk actions on each agenda. This actions are initialized from the frontend and works synchronously. CzechIdM 8.1.0 brings bulk actions, that allow execute the actions on the backend asynchronously.

Bulk action on backend starts new long running task and process items in this task. Now is supports backend bulk actions for agenda of identities. Exactly you can uses this actions works with identities:

  • Role assignment
  • Role removing
  • Remove
  • Disable (manually)
  • Enable (manually)
  • Re-save

    More about bulk backend actions you can find here.

On many projects, we encounter a source of data about users, employees or org. structures that work with so-called time slices. For better works with this time slots, agenda of contract's time slices was created.

The basic idea is that time slices are stored in a self-contained agenda. This agenda only contains time slices for identity contracts. If a given slice is currently valid, its values will be copied into the linked identity contract. Every day a scheduled task is performed, which calculates whether another slice is valid. Such a slice becomes currently used as a contract (its values are copied into the contract).

More about time slices you can find here.

Standard validation policy now allow set how many password can't be same as passwords before. The attribute sets this feature calls Number of old passwords checked for match. Check with old password is done with new password (during password change) and all old password is in BCrypt hash. This check is done during password policy validation and works for all users.

More about password history you can find here.

In CzechIdM, we use dynamic forms in a number of places. For example, as extended entity attributes (Identity, Contract, Node ..), connector configuration, dynamic accounts in virtual systems.

Dynamic forms now supports localization into all supported languages in CzechIdM.

More about localization of dynamic form you can find here.

We are proud to have created a module that exposes an interface above CzechIdM to communicate via the SCIM 2.0 specification.

The System for Cross-domain Identity Management (SCIM) specification is designed to make managing user identities in cloud-based applications and services easier. The specification suite seeks to build upon experience with existing schemas and deployments, placing specific emphasis on simplicity of development and integration, while applying existing authentication, authorization, and privacy models.

The SCIM module is not part of the base product.

More about the SCIM module you can find here.

  • #1056 - [Feature] Time slices of contracts - implementation
  • #1081 - [Feature] Bulk operation on identities
  • #1068 - [Feature] Time slices of contracts - new sync
  • #1015 - [Feature] Content with result codes
  • #1107 - [Feature] Compatibility CzechIdM 8.1.0 with JBoss (WildFly)
  • #1067 - [Feature] Time slices of contracts - forward account management
  • #1072 - [Feature] Release FE modules
  • #1063 - [Feature] Block login after X unsuccessful login attemps
  • #1008 - [Feature] Support manually created root organization in the synchronization of tree nodes
  • #269 - [Feature] History password entity
  • #1078 - [Feature] Slow displaying of guarantees ends with an error
  • #1106 - [Feature] Add new filter for identity (identifiers)
  • #786 - [Feature] Target system detail - tab with roles
  • #1115 - [Defect] Canceled subprocess doesn't trigger the parent process
  • #1048 - [Feature] Check password policy generating
  • #1096 - [Feature] Number of identities with defined parameteres
  • #1101 - [Feature] Rest integration test
  • #1100 - [Feature] Validity protection mode for contract controlled by slice
  • #1120 - [Feature] Localization for eav attributes
  • #1104 - [Defect] Synchronization with MISSING ACCOUNT is running after stopping it
  • #273 - [Feature] Edit entity event processors order and disable
  • #1087 - [Feature] Configurable sender of email templates
  • #1084 - [Defect] Role request should be canceled after contract is deleted
  • #1090 - [Feature] Add processed items for AbstractLongRunningTaskExecutor
  • #1102 - [Feature] Show controlled entity in the accounts table
  • #1110 - [Feature] Use SSL for database connection
  • #1105 - [Feature] Bulk action for create event notify
  • #853 - [Feature] Boolean system configuration options cannot be unset
  • #960 - [Feature] Problem with missing batch
  • #957 - [Feature] Add personal identifier as identity attribute
  • #1079 - [Feature] Mixing the organization and the name of the position in one column
  • #1098 - [Defect] Fix probrem with icons on IE
  • #1001 - [Defect] Notification - virtual system
  • #1051 - [Feature] Persistent type isn't changed in saveValues
  • #1069 - [Feature] Allow null string as password
  • #1076 - [Feature] Add JodaTime to DATE and DATETIME types of EAV
  • #1077 - [Defect] Removal automatic role from orgranization
  • #1046 - [Feature] CzechIdM can use an external data source
  • #1073 - [Feature] System accounts - Show link to connected entity
  • #1112 - [Defect] New folder in the role catalog is not displayed in the tree
  • #526 - [Feature] TreeNode synchronization
  • #1103 - [Feature] Enable lookupService in Groovy scripts
  • #1074 - [Defect] Script sandbox problem when using custom synchronization filter
  • #516 - [Feature] Cannot delete connector configuration property (eav)
  • #623 - [Feature] Filters extension
  • #932 - [Feature] Automatic roles - use tabs on role detail
  • #1049 - [Feature] Change modifier for method getSmsNumber



  • #1135 - [Feature] Bulk action improvements


  • #1128 - [Defect] Event processing - check parent event type for duplicates
  • #995 - [Defect] Contracts synchronization invokes account management twice
  • #1129 - [Defect] Boolean eav attribute with default value
  • #1137 - [Defect] Sync of slices does not use contract EAV definition

Known issues

  • #1033 - Dependency of scheduled tasks doesn't works for synchronization now.