Skip to end of metadata
Go to start of metadata

Version Warning

The content below is for Apache Syncope <= 1.2 - for later versions the Reference Guide is available.

Introduction

This wiki page aims to show how to manage external resources by using Syncope console.

Pre-Requisites

In order to manage an external resource, connector instance must be defined.

Create new Resource

  1. Click on tab Resources (Fig. Resource Tab).
  2. Click on subtab Resources (Fig. Resource Form).
  3. Click on Create new Resource button.
  4. Click on tab Resource Details and provide required information
  • Name
    Resource name.
  • Connector
    Connector name.
  • Enforce mandatory constraint
    If checked all the schemas mapped as mandatory into the schema mappings of a certain external resource will be considered globally mandatory for each user linked to that resource.
  • Propagation primary
    Check if the resource is primary.
    If a propagation towards a primary external resource fails, all the remaining propagations towards other external resources won't be executed.
  • Propagation priority
    Indicates the execution priority of the propagation task related to the external resource to be created.
    Syncope will order propagations by propagation priority specified on each resource.
  • Propagation mode
    Type of propagation that are supported by the resource.
    ONE_PHASE: propagation towards the external resource is closed at request time.
    TWO_PHASE: propagation towards the external resource is closed in two steps.
    step 1 - Syncope submit the propagation request to the external resource.
    step 2 - external resource send a notification about the propagation execution's result to Syncope
  • Create trace level
    Trace level for the propagation of a create operation.
  • Update trace level
    Trace level for the propagation of an update operation.
  • Delete trace level
    Trace level for the propagation of a delete operation.
  • Synchronization trace level
    Trace level for the synchronization operation.
  • Reset Token
    Every time you want to reset the synchronization token for a certain external resource you have to edit the resource, check Reset Token and click on Save button.
  1. Click on tab Schema Mappings and add mappings for your external resource (Fig. Schema Mapping)..
  • To add a new mapping, click on Add Attribute.
  • To remove a mapping, check its checkbox.
  1. Click on tab Connector property in order to override overridable connector instance properties
  2. Click on tab Security in order to add Account, Password and Sync Policies (Fig. Security Tab).
  3. Click on Save button.

Schema mapping

Provide the mapping between Syncope information and external resource attribute names.

In order to define a new mapping the following information must be provided:

Internal mapping types

Type of Syncope information to be mapped

  • Username
  • SyncopeUserId
  • Password
  • UserSchema
  • UserDerivedSchema
  • UserVirtualSchema
Internal Attributes

Syncope information to be mapped/propagated.
Must be specified if and only if the type of information is a schema (normal, derived or virtual)

External Attributes

Name of the external resource attribute to be mapped.
Value of the Internal Attribute will be propagated towards the external resource using the name specified in this field.
External attributes must be specified if and only if Account Id and Password checkboxes are not checked.

Mandatory condition

Mandatory condition is a JEXL expression evaluating to boolean (true or false).
When 'enforce mandatory condition" is checked as well, Syncope will consider any attribute part of the schema mapping (with mandatory condition evaluated to true) as mandatory, even though the corresponding attribute schema is not defined as mandatory.

Account Id

Check it if you are mapping the key field (to be sent as _UID_) of the external resource to be configured

Password

Check it if you are mapping the password field (to be sent as _PASSWORD_) of the external resource to be configured

For some resources like as LDAP or Active Directory an Account link must be provided.
This field has to specified as a JEXL expression.

Example

Internal mapping types

Internal mapping

External Attributes

Mandatory condition

Account Id

Password

Username

 

 

true

X

 

Password

 

 

true

 

X

UserSchema

surname

sn

true

 

 

UserSchema

firstname

cn

true

 

 

UserSchema

email

email

false

 

 

Edit Resource

  1. Click on tab Resources (Fig. Resource Tab).
  2. Click on subtab Resources (Fig. Resource Form).
  3. Click on Edit Link.
  4. Change configuration parameters as described in Create new Resource paragraph.
  5. Click on Save button.

Delete Resource

  1. Click on tab Resources (Fig. Resource Tab).
  2. Click on subtab Resources (Fig. Resource Form).
  3. Click on Delete link to remove a resource.
  4. Confirm operation.