The goals of this version:

Fix known issues with newer versions of currently used third party libraries (e.g. ModelMapper). To be up to date. Some third party libraries cannot be used with our old devstack. Remove obsolete deprecated classes and methods.

Why is migration good for you:

  • Frontend localization can be changed without refresh is needed.
  • Script textarea contains suggestion box (thx to newer library).
  • Frontend performance was increased.
  • More than 100 vulnerabilities are removed

Technology upgrade backend and frontend.


Spring Boot 1.3.8.RELEASE => 2.1.7.RELEASE
Spring 4.2.8.RELEASE => 5.1.9.RELEASE
Spring Security 4.0.4.RELEASE => 5.1.6.RELEASE
Spring Data 1.9.5.RELEASE => 2.1.10.RELEASE
Hibernate 4.3.11.Final => 5.3.10.Final
Spring Data Rest removed at all
Activiti 5.22.0 => 6.0.0
Groovy 2.4.7 => 2.5.8
Groovy Sandbox 1.11 => 1.19
ModelMapper 0.7.8 => 2.3.5
Guava 18.0 => 28.1-jre
Swagger 2.7.0 => 2.9.2
Forest index 0.3.0 => 1.1.1


React from 15.6 to 16.9.
React-router from 2.3 to 5.1.
React-redux from 4.4 to 7.1.
Redux from 3.5 to 4.0.
Redux-immutable from 1.3 to 4.0.
React-ace from 3.7 to 7.0.
Browserify from 13.0 to 16.5.

Planned release 12/2019

  • Differential synchronization.
  • Export/import configuration of roles and systems.
  • IdMTool for build a projects.

Planned till 02/2020

  • Huge simplification of user interface with focus on user experience.

Planned till 04/2020

  • List objects and its attributes on the managed or source system (via account management agenda?)
  • Import and Export for CzechIdM entities (bulk actions) - min. users, roles and their relations.
  • Front End configuration in GUI
  • PAM/PIM module
  • Active Directory File system folders rights management module
  • Easy configuration import/export
  • User Task agenda with history
  • Agenda for password expirations per system
  • Password generation when contracted position starts and its distribution
  • Trace of objects (by ID?) from request to provisioning operation (virtual too) or helpdesk ticket
  • Aggregated audit agenda for Role and Organization
  • Links between object in audit - e.g. from the changed EAV to the Role
  • Organizations synchronization using timestamp
  • Attributes format validators (EAV too)
  • Reset password during the first log in
  • Easy IdM role permissions configuration - templates for most common use-cases
  • Enhanced identity lifecycle processes - new options - contract quarantine, removal from working position, complete identity removal, identity anonymization
  • localization support for user tasks and workflows
  • log error watcher with notifications (SWATCH)
  • synchronization statistics and graphic
  • Events of system operations on dashboard