| Note |
|---|
This page has not been updated since migration to Keycloak: https://github.com/openmrs/openmrs-contrib-itsm-id |
| Table of Contents |
|---|
Introduction
...
OpenLDAP: the data storage for all OpenMRS ID data for verified users (after checking email). Atlas authenticates directly with LDAP.
Keycloak: Sign up and user manager, connects with OpenLDAP for user storage. Works as SSO for Jira and Confluence cloud, as well as Talk. We use
id.openmrs.orgas the domain for our users.Postfix: redirects Jira and Confluence cloud emails from
id.openmrs.orgto their desired emails.[Deprecated] ID Dashboard: web application that facilitates creation of new OpenMRS IDs, profile editing. Information is retrieved from cache in MongoDB, or loaded from OpenLDAP if not on cache.
Formage: admin screen in ID dashboard to modify users (change group membership for LDAP group). Expected to be replaced soon.
[Deprecated] Atlassian Crowd: Provides Legacy system that used to provide user management for Atlassian toolsJira and Confluence. It works as a bridge between LDAP and those applications.
| Expand | ||||||
|---|---|---|---|---|---|---|
| ||||||
Legacy diagram before keycloak and Postfix. Jira, Crowd and Wiki have a local/internal user to fix connections with Crowd/LDAP. They also an internal captcha to catch users with multiple failure attempts.
|
LDAP Objects
LDAP is a hierarchical data storage.
...
A username 'jane_doe' is represented as "uid=jane_doe,ou=users,dc=openmrs,dc=org" , which is 'user ID jane_doe' child node of node 'ou=users' of node 'dc=openmrs,dc=org'.
Full Hierarchy
| Gliffy | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|