The content below is for Apache Syncope <= 1.2 - for later versions the Reference Guide is available. |
Introduction
This wiki page aims to show how to manage external resources by using Syncope console.
Pre-Requisites
In order to manage an external resource, connector instance must be defined.
Create new Resource
- Click on tab Resources (Fig. Resource Tab).
- Click on subtab Resources (Fig. Resource Form).
- Click on Create new Resource button.
- Click on tab Resource Details and provide required information
- Name
Resource name. - Connector
Connector name. - Enforce mandatory constraint
If checked all the schemas mapped as mandatory into the schema mappings of a certain external resource will be considered globally mandatory for each user linked to that resource. - Propagation primary
Check if the resource is primary.
If a propagation towards a primary external resource fails, all the remaining propagations towards other external resources won't be executed. - Propagation priority
Indicates the execution priority of the propagation task related to the external resource to be created.
Syncope will order propagations by propagation priority specified on each resource. - Propagation mode
Type of propagation that are supported by the resource.
ONE_PHASE: propagation towards the external resource is closed at request time.
TWO_PHASE: propagation towards the external resource is closed in two steps.
step 1 - Syncope submit the propagation request to the external resource.
step 2 - external resource send a notification about the propagation execution's result to Syncope - Create trace level
Trace level for the propagation of a create operation. - Update trace level
Trace level for the propagation of an update operation. - Delete trace level
Trace level for the propagation of a delete operation. - Synchronization trace level
Trace level for the synchronization operation. - Reset Token
Every time you want to reset the synchronization token for a certain external resource you have to edit the resource, check Reset Token and click on Save button.
- Click on tab Schema Mappings and add mappings for your external resource (Fig. Schema Mapping)..
- To add a new mapping, click on Add Attribute.
- To remove a mapping, check its checkbox.
- Click on tab Connector property in order to override overridable connector instance properties
- Click on tab Security in order to add Account, Password and Sync Policies (Fig. Security Tab).
- Click on Save button.
Schema mapping
Provide the mapping between Syncope information and external resource attribute names.
In order to define a new mapping the following information must be provided:
Internal mapping types
Type of Syncope information to be mapped
- Username
- SyncopeUserId
- Password
- UserSchema
- UserDerivedSchema
- UserVirtualSchema
Internal Attributes
Syncope information to be mapped/propagated.
Must be specified if and only if the type of information is a schema (normal, derived or virtual)
External Attributes
Name of the external resource attribute to be mapped.
Value of the Internal Attribute will be propagated towards the external resource using the name specified in this field.
External attributes must be specified if and only if Account Id and Password checkboxes are not checked.
Mandatory condition
Mandatory condition is a JEXL expression evaluating to boolean (true or false).
When 'enforce mandatory condition" is checked as well, Syncope will consider any attribute part of the schema mapping (with mandatory condition evaluated to true) as mandatory, even though the corresponding attribute schema is not defined as mandatory.
Account Id
Check it if you are mapping the key field (to be sent as _UID_) of the external resource to be configured
Password
Check it if you are mapping the password field (to be sent as _PASSWORD_) of the external resource to be configured
Account Link
For some resources like as LDAP or Active Directory an Account link must be provided.
This field has to specified as a JEXL expression.
Example
Internal mapping types | Internal mapping | External Attributes | Mandatory condition | Account Id | Password |
|---|
Username | | | true | X | |
Password | | | true | | X |
UserSchema | surname | sn | true | | |
UserSchema | firstname | cn | true | | |
UserSchema | email | email | false | | |
Edit Resource
- Click on tab Resources (Fig. Resource Tab).
- Click on subtab Resources (Fig. Resource Form).
- Click on Edit Link.
- Change configuration parameters as described in Create new Resource paragraph.
- Click on Save button.
Delete Resource
- Click on tab Resources (Fig. Resource Tab).
- Click on subtab Resources (Fig. Resource Form).
- Click on Delete link to remove a resource.
- Confirm operation.
