Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
tutorial:adm:modules_crt_lrt_notification [2018/02/19 22:30]
poulm 		tutorial:adm:modules_crt_lrt_notification [2019/01/31 13:50]
kopro [Notification configuration]
Line 1: Line 1:
 +====== Modules - Certificates: - Scheduled tasks and notifications ======
  
 +In this tutorial, we will create a new scheduled task. This scheduled task will send a notification when certificates will be a few days before expiring.
 +
 +===== What do you need before you start =====
 +  * You need install **CzechIdM 7.7.0** (and higher).
 +  * You need be logged in as **admin**.
 +  * You need enable **Certificate** module.
 +
 +===== Create scheduled task =====
 +In the left menu select **Settings** and then **Task scheduler**. And click on **Add** button.
 +
 +{{ :tutorial:adm:ca_lrt_01.png |}}
 +
 +In a popup window choose **CertificateExpirationWarningOwnerTaskExecutor** and fill in a number of days before a certificate will expire you want to receive notification, in our tutorial it is 3. (There is another scheduled task **CertificateExpirationWarningAdminTaskExecutor**, which is similar, just notification is sent to users with role defined in scheduled task.)
 +
 +{{ :tutorial:adm:ca_lrt_02.png |}}
 +
 +As you can see in the following picture, there is now new scheduled task with a parameter of 3 **days before**. In column **Action** there is a green button "play" and by clicking on it, the scheduled task will start. (If you want to start this task automatically, look in tutorial about [[tutorial:adm:create_and_configure_trigger|triggers]].)
 +
 +{{ :tutorial:adm:ca_lrt_03.png |}}
 +
 +Scheduled task will send a notification to the owner of the certificate when certificate would expire in 3 days.
 +
 +{{ :tutorial:adm:ca_lrt_04.png |}}
 +
 +Congratulations, now your certificates will never expire.
 +
 +===== Notification configuration =====
 +In this part of tutorial, there are mentioned a few certificate notifications, which can be easily configurated.
 +The configuration of these notifications is in the left menu **Settings**->**Configuration**.
 +
 +Configured notification topics (email by default):
 +  * **certificateExpiredOwner** - When a certificate is expired, notification is sent to certificate owner. 
 +    * Can be disabled by property ''idm.sec.crt.processor.certificate-expired-notification-owner-processor.enabled=false''.
 +  * **certificateExpiredAdmin** - When a certificate is expired, notification is sent to certificate admin. 
 +    * Certificate admins are identities with role configured by property ''idm.sec.crt.processor.certificate-expired-notification-admin-processor.adminRole''. When no identity is found, then notification isn't sent. 
 +    * Can be disabled by property ''idm.sec.crt.processor.certificate-expired-notification-admin-processor.enabled=false''.
 +  * **certificateRevokedOwner** - When a certificate is revoked, notification is sent to certificate owner.
 +    * Can be disabled by property ''idm.sec.crt.processor.certificate-revoked-notification-owner-processor.enabled=false''.
 +  * **certificateRevokedAdmin** - When a certificate is revoked, notification is sent to certificate admin. 
 +    * Certificate admins are identities with role configured by property ''idm.sec.crt.processor.certificate-revoked-notification-admin-processor.adminRole''. When no identity is found, then notification isn't sent. 
 +    * Can be disabled by property ''idm.sec.crt.processor.certificate-revoked-notification-admin-processor.enabled=false''.
 +  * **certificateCreatedOwner** - When a certificate is created, notification is sent to certificate owner.
 +    * Can be disabled by property ''idm.sec.crt.processor.certificate-created-notification-owner-processor.enabled=false''.
 +  * **certificateCreatedAdmin** - When a certificate is created, notification is sent to certificate admin. 
 +    * Certificate admins are identities with role configured by property ''idm.sec.crt.processor.certificate-created-notification-admin-processor.adminRole''. When no identity is found, then notification isn't sent. 
 +    * Can be disabled by property ''idm.sec.crt.processor.certificate-created-notification-admin-processor.enabled=false''.
 +  * **requestApproved** - When a certificate request is approved, notification is sent to certificate owner.
 +  * **requestDisapproved** - When a certificate request is disapproved, notification is sent to certificate owner.
 +  * **certificateCreatedPasswordOwner** - notification with new password generates or filled during creating certificate.
 +
 +Each topic has a template with the same name with ''Crt'' prefix in module resources.
  • by cem