Differences

This shows you the differences between two versions of the page.

--- devel:documentation:adm:uniform_password [2021/04/06 12:16]
svandav [How can be this feature enabled?]
+++ devel:documentation:adm:uniform_password [2021/09/09 07:20] (current)
svandav
@@ Line 6: / Line 6: @@
 **This feature solves this scenario:**
    - Let's have the **synchronization of new identities**. This synchronization will create new **identity I**.
    - This synchronization is followed by the **synchronization of contracts**, which creates 2 **new contracts C1, C2** for identity **I**.
@@ Line 26: / Line 25: @@
   * **to** state: **Valid** or **Future contract**.
+{{ :devel:documentation:adm:uniformpwd01.png?800 |}}
+{{ :devel:documentation:adm:uniformpwd02.png?800 |}}
 <note tip>**This feature can be disabled** by **disabling** the **IdentityInitUniformPasswordProcessor** initialization processor. This processor creates states of uniform password entities. Therefore, if you deactivate this processor, the entire uniform password feature will also be **deactivated**.</note>
+===== How to change password also in IdM? =====
+For use same uniform password on systems and **in the IdM**, you have to enable this feature by the checkbox **"Change password through IdM"** on the **uniform password detail**.
+{{ :devel:documentation:adm:uniformpwd03.png?800 |}}
 ===== How this feature works? =====
@@ Line 33: / Line 42: @@
 There is life cycle of this feature:
- - **Contract synchronization is started** with a new transaction ID.
+   - **Contract synchronization is started** with a new transaction ID.
- - After the synchronization of contracts, the recalculation of **HR processes is started**.
+   - After the synchronization of contracts, the recalculation of **HR processes is started**.
- - Newly created contracts will cause a change of identity status (for example from **Created** to **Future contract**). This change will be caught in the **IdentityInitUniformPasswordProcessor** processor, which will create a new entity state with the code `IDENTITY_UNIFORM_PASSWORD` (**uniformPasswordManager.createEntityState(identity)**). This status will be followed by the generated uniform password, which will be stored in confidential storage.
+   - Newly created contracts will cause a change of identity status (for example from **Created** to **Future contract**). This change will be caught in the **IdentityInitUniformPasswordProcessor** processor, which will create a new entity state with the code `IDENTITY_UNIFORM_PASSWORD` (**uniformPasswordManager.createEntityState(identity)**). This status will be followed by the generated uniform password, which will be stored in confidential storage.
- - After the recalculation of HR processes is completed, the recalculation of automatic roles will start. Automatic roles will be assigned to contracts and account management will begin, starting the account creation process.
+   - After the recalculation of HR processes is completed, the recalculation of automatic roles will start. Automatic roles will be assigned to contracts and account management will begin, starting the account creation process.
- - As part of the account creation, it will be detected that there is an **entity state** for the given identity with the code `IDENTITY_UNIFORM_PASSWORD`. In this case, the account will **not generate a new password, but will use the password from the given entity state**.
+   - As part of the account creation, it will be detected that there is an **entity state** for the given identity with the code `IDENTITY_UNIFORM_PASSWORD`. In this case, the account will **not generate a new password, but will use the password from the given entity state**.
- - Once the account is created, the `ProvisioningUniformPasswordNotificationProcessor` will ensure that the **system name** is added to the entity state. This system name will then be used in the final **notification**.
+   - Once the account is created, the `ProvisioningUniformPasswordNotificationProcessor` will ensure that the **system name** is added to the entity state. This system name will then be used in the final **notification**.
- - **After the end of the whole transaction** (the end of all connected events), the LRT will be notified, ensuring the synchronization of the end. The LRT begins the **uniform password end process** (**uniformPasswordManager.endUniformPasswordProcess(transactionId)**). Ie. that it sends a **notification** (to the topic `TOPIC_UNIFORM_PASSWORD_SET`) to all identities for which an entity state has been created within the given transaction, about the generation of new accounts on the given systems and a uniform password.
+   - **After the end of the whole transaction** (the end of all connected events), the LRT will be notified, ensuring the synchronization of the end. The LRT begins the **uniform password end process** (**uniformPasswordManager.endUniformPasswordProcess(transactionId)**). Ie. that it sends a **notification** (to the topic `TOPIC_UNIFORM_PASSWORD_SET`) to all identities for which an entity state has been created within the given transaction, about the generation of new accounts on the given systems and a uniform password.
- - After all notification is sent will be **all entity states** with code `IDENTITY_UNIFORM_PASSWORD` and created in given transaction **deleted**.
+   - After all notification is sent will be **all entity states** with code `IDENTITY_UNIFORM_PASSWORD` and created in given transaction **deleted**.
 ===== Future improvements =====