From 73fe39109614c1be3893b960302c7acbe5127c62 Mon Sep 17 00:00:00 2001
From: Paul Caskey <pcaskey@internet2.edu>
Date: Sat, 26 Aug 2023 00:22:01 +0000
Subject: [PATCH] bump Grouper to 4.5.4

---
 Workbench/grouper_daemon/Dockerfile           |    2 +-
 Workbench/grouper_data/Dockerfile             |    2 +-
 Workbench/grouper_ui/Dockerfile               |    2 +-
 Workbench/grouper_ws/Dockerfile               |    2 +-
 .../securityPolicy/000-security-policy.xml    |   28 +-
 .../010-system-configuration.xml              | 1903 ++++++++++++-----
 .../webproxy/container_files/httpd/index.html |    2 +-
 7 files changed, 1440 insertions(+), 501 deletions(-)

diff --git a/Workbench/grouper_daemon/Dockerfile b/Workbench/grouper_daemon/Dockerfile
index 79fb8cf..58ade03 100644
--- a/Workbench/grouper_daemon/Dockerfile
+++ b/Workbench/grouper_daemon/Dockerfile
@@ -1,4 +1,4 @@
-FROM i2incommon/grouper:4.5.2
+FROM i2incommon/grouper:4.5.4
 
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
 
diff --git a/Workbench/grouper_data/Dockerfile b/Workbench/grouper_data/Dockerfile
index 08bedad..97fcd03 100644
--- a/Workbench/grouper_data/Dockerfile
+++ b/Workbench/grouper_data/Dockerfile
@@ -1,4 +1,4 @@
-FROM i2incommon/grouper:4.5.2
+FROM i2incommon/grouper:4.5.4
 
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
 
diff --git a/Workbench/grouper_ui/Dockerfile b/Workbench/grouper_ui/Dockerfile
index 2e8d2a5..3e14a3c 100644
--- a/Workbench/grouper_ui/Dockerfile
+++ b/Workbench/grouper_ui/Dockerfile
@@ -1,4 +1,4 @@
-FROM i2incommon/grouper:4.5.2
+FROM i2incommon/grouper:4.5.4
 
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
 
diff --git a/Workbench/grouper_ws/Dockerfile b/Workbench/grouper_ws/Dockerfile
index 09b2663..5727b12 100644
--- a/Workbench/grouper_ws/Dockerfile
+++ b/Workbench/grouper_ws/Dockerfile
@@ -1,4 +1,4 @@
-FROM i2incommon/grouper:4.5.2
+FROM i2incommon/grouper:4.5.4
 
 LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
 
diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml
index 601e34d..ffd8450 100644
--- a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml
+++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/securityPolicy/000-security-policy.xml
@@ -7,15 +7,15 @@
     <authentication>
         <modules>
             <loginForm>
-                <name>internalLoginForm</name>
+                <identifier>internalLoginForm</identifier>
                 <description>Internal username/password authentication, default user password, login form</description>
             </loginForm>
             <httpBasic>
-                <name>internalBasic</name>
+                <identifier>internalBasic</identifier>
                 <description>Internal username/password authentication, using HTTP basic auth</description>
             </httpBasic>
             <saml2>
-                <name>mySamlSso</name>
+                <identifier>mySamlSso</identifier>
                 <description>My internal enterprise SAML-based SSO system.</description>
                 <serviceProvider>
                     <entityId>midpointdemo-shibboleth</entityId>
@@ -44,13 +44,13 @@
                 </serviceProvider>
             </saml2>
             <httpHeader>
-              <name>httpHeader</name>
+              <identifier>httpHeader</identifier>
 	      <logoutUrl>https://__CSPHOSTNAME__/MPSSO/Shibboleth.sso/Logout</logoutUrl>
               <usernameHeader>REMOTE_USER</usernameHeader>
             </httpHeader>
         </modules>
         <sequence>
-            <name>admin-gui-saml-internal</name>
+            <identifier>admin-gui-saml-internal</identifier>
             <description>
                 Internal SAML2 GUI authentication sequence.
             </description>
@@ -60,13 +60,13 @@
                 <urlSuffix>saml-internal</urlSuffix>
             </channel>
             <module>
-                <name>mySamlSso</name>
+                <identifier>mySamlSso</identifier>
                 <order>30</order>
                 <necessity>sufficient</necessity>
             </module>
         </sequence>
         <sequence>
-            <name>admin-gui-emergency</name>
+            <identifier>admin-gui-emergency</identifier>
             <description>
                 Special GUI authentication sequence that is using just the internal user password.
             </description>
@@ -78,13 +78,13 @@
             <requireAssignmentTarget oid="00000000-0000-0000-0000-000000000004" relation="org:default" type="c:RoleType">
             </requireAssignmentTarget>
             <module>
-                <name>internalLoginForm</name>
+                <identifier>internalLoginForm</identifier>
                 <order>30</order>
                 <necessity>sufficient</necessity>
             </module>
         </sequence>
         <sequence>
-            <name>admin-gui-default</name>
+            <identifier>admin-gui-default</identifier>
             <description>
                 Special GUI authentication sequence that is using Shibboleth SP
             </description>
@@ -94,13 +94,13 @@
                 <urlSuffix>shib</urlSuffix>
             </channel>
             <module>
-                <name>httpHeader</name>
+                <identifier>httpHeader</identifier>
                 <order>30</order>
                 <necessity>sufficient</necessity>
             </module>
         </sequence>
         <sequence>
-            <name>rest</name>
+            <identifier>rest</identifier>
             <description>
                 Authentication sequence for REST service.
             </description>
@@ -110,13 +110,13 @@
                 <urlSuffix>rest-default</urlSuffix>
             </channel>
             <module>
-                <name>internalBasic</name>
+                <identifier>internalBasic</identifier>
                 <order>10</order>
                 <necessity>sufficient</necessity>
             </module>
         </sequence>
         <sequence>
-            <name>actuator</name>
+            <identifier>actuator</identifier>
             <description>
                 Authentication sequence for actuator.
             </description>
@@ -126,7 +126,7 @@
                 <urlSuffix>actuator-default</urlSuffix>
             </channel>
             <module>
-                <name>internalBasic</name>
+                <identifier>internalBasic</identifier>
                 <order>10</order>
                 <necessity>sufficient</necessity>
             </module>
diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml
index 5ac96fb..7205bba 100644
--- a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml
+++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/systemConfigurations/010-system-configuration.xml
@@ -22,101 +22,89 @@
     <!--         <assignmentPolicyEnforcement>relative</assignmentPolicyEnforcement> -->
     <!--         </globalAccountSynchronizationSettings> -->
     <globalSecurityPolicyRef oid="00000000-0000-0000-0000-000000000120"/>
-    <logging>
-        <classLogger>
-            <level>ERROR</level>
-            <package>ro.isdc.wro.extensions.processor.css.Less4jProcessor</package>
-        </classLogger>
-        <classLogger>
-            <!-- disabled because INFO log during of creating
-            new authentication filter chain -->
-            <level>OFF</level>
-            <package>org.springframework.security.web.DefaultSecurityFilterChain</package>
-        </classLogger>
-        <classLogger>
-            <!-- disabled because of MID-744, helper insert messages on ERROR
-            level which should not be there (probably should be on TRACE) -->
-            <level>OFF</level>
-            <package>org.hibernate.engine.jdbc.spi.SqlExceptionHelper</package>
-        </classLogger>
-        <!-- Disabled because we treat locking-related exceptions in the repository.
-             Otherwise the log is filled-in with (innocent but ugly-looking) messages like
-             "ERROR (o.h.engine.jdbc.batch.internal.BatchingBatch): HHH000315: Exception executing batch [Deadlock detected.
-             The current transaction was rolled back." -->
-        <classLogger>
-            <level>OFF</level>
-            <package>org.hibernate.engine.jdbc.batch.internal.BatchingBatch</package>
-        </classLogger>
-        <!-- Disabled because of the same reason; this time concerning messages like
-             "INFO (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
-             HHH000010: On release of batch it still contained JDBC statements" -->
-        <classLogger>
-            <level>WARN</level>
-            <package>org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl</package>
-        </classLogger>
-        <!-- Disabled because of MID-4636 -->
-        <classLogger>
-            <level>OFF</level>
-            <package>org.hibernate.internal.ExceptionMapperStandardImpl</package>
-        </classLogger>
-        <classLogger>
-            <!-- disabled because of MID-1612, jasper library needs to be fixed -->
-            <level>OFF</level>
-            <package>net.sf.jasperreports.engine.fill.JRFillDataset</package>
-        </classLogger>
-        <classLogger>
-            <!-- disabled because we don't need to see every property file
-            loading message (unnecessary log pollution) -->
-            <level>WARN</level>
-            <package>org.apache.wicket.resource.PropertiesFactory</package>
-        </classLogger>
-        <classLogger>
-            <!-- disabled because we don't need to see every log message for every key
-            when resource bundle doesn't exist for specific locale (unnecessary log pollution) -->
-            <level>ERROR</level>
-            <package>org.springframework.context.support.ResourceBundleMessageSource</package>
-        </classLogger>
-        <classLogger>
-            <!-- Standard useful logger -->
-            <level>INFO</level>
-            <package>com.evolveum.midpoint.model.impl.lens.projector.Projector</package>
-        </classLogger>
-        <classLogger>
-            <!-- Standard useful logger -->
-            <level>INFO</level>
-            <package>com.evolveum.midpoint.model.impl.lens.Clockwork</package>
-        </classLogger>
-        <classLogger>
-            <level>DEBUG</level>
-            <package>com.evolveum.polygon.connector.grouper</package>
-        </classLogger>
 
-        <appender xsi:type="c:FileAppenderConfigurationType" name="MIDPOINT_LOG"
-                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-            <pattern>%date [%X{subsystem}] [%thread] %level \(%logger\): %msg%n</pattern>
-            <fileName>${midpoint.home}/log/midpoint.log</fileName>
-            <filePattern>${midpoint.home}/log/midpoint-%d{yyyy-MM-dd}.%i.log</filePattern>
-            <maxHistory>10</maxHistory>
-            <maxFileSize>100MB</maxFileSize>
-            <append>true</append>
-        </appender>
-        <!-- Appender for profiling purposes -->
-        <appender xsi:type="c:FileAppenderConfigurationType" name="MIDPOINT_PROFILE_LOG"
-                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-            <pattern>%date %level: %msg%n</pattern>
-            <fileName>${midpoint.home}/log/midpoint-profile.log</fileName>
-            <filePattern>${midpoint.home}/log/midpoint-profile-%d{yyyy-MM-dd}.%i.log</filePattern>
-            <maxHistory>10</maxHistory>
-            <maxFileSize>100MB</maxFileSize>
-            <append>true</append>
-        </appender>
-        <rootLoggerAppender>MIDPOINT_LOG</rootLoggerAppender>
-        <rootLoggerLevel>INFO</rootLoggerLevel>
-        <auditing>
-            <enabled>false</enabled>
-            <details>false</details>
-        </auditing>
+
+    <logging>
+            <classLogger>
+                <!-- disabled because INFO log during of creating new authentication filter chain -->
+                <level>OFF</level>
+                <package>org.springframework.security.web.DefaultSecurityFilterChain</package>
+            </classLogger>
+            <classLogger>
+                <!-- disabled because of MID-744, helper insert messages on ERROR
+                level which should not be there (probably should be on TRACE) -->
+                <level>OFF</level>
+                <package>org.hibernate.engine.jdbc.spi.SqlExceptionHelper</package>
+            </classLogger>
+            <!-- Disabled because we treat locking-related exceptions in the repository.
+                 Otherwise the log is filled-in with (innocent but ugly-looking) messages like
+                 "ERROR (o.h.engine.jdbc.batch.internal.BatchingBatch): HHH000315: Exception executing batch [Deadlock detected.
+                 The current transaction was rolled back." -->
+            <classLogger>
+                <level>OFF</level>
+                <package>org.hibernate.engine.jdbc.batch.internal.BatchingBatch</package>
+            </classLogger>
+            <!-- Disabled because of the same reason; this time concerning messages like
+                 "INFO (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
+                 HHH000010: On release of batch it still contained JDBC statements" -->
+            <classLogger>
+                <level>WARN</level>
+                <package>org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl</package>
+            </classLogger>
+            <!-- Disabled because of MID-4636 -->
+            <classLogger>
+                <level>OFF</level>
+                <package>org.hibernate.internal.ExceptionMapperStandardImpl</package>
+            </classLogger>
+            <classLogger>
+                <!-- disabled because we don't need to see every property file
+                loading message (unnecessary log pollution) -->
+                <level>WARN</level>
+                <package>org.apache.wicket.resource.PropertiesFactory</package>
+            </classLogger>
+            <classLogger>
+                <!-- disabled because we don't need to see every log message for every key
+                when resource bundle doesn't exist for specific locale (unnecessary log pollution) -->
+                <level>ERROR</level>
+                <package>org.springframework.context.support.ResourceBundleMessageSource</package>
+            </classLogger>
+            <classLogger>
+                <!-- Standard useful logger -->
+                <level>INFO</level>
+                <package>com.evolveum.midpoint.model.impl.lens.projector.Projector</package>
+            </classLogger>
+            <classLogger>
+                <!-- Standard useful logger -->
+                <level>INFO</level>
+                <package>com.evolveum.midpoint.model.impl.lens.Clockwork</package>
+            </classLogger>
+            <appender xsi:type="c:FileAppenderConfigurationType" name="MIDPOINT_LOG"
+                      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+                <pattern>%date [%X{subsystem}] [%thread] %level \(%logger\): %msg%n</pattern>
+                <fileName>/tmp/logmidpoint</fileName>
+                <filePattern>${midpoint.home}/log/midpoint-%d{yyyy-MM-dd}.%i.log</filePattern>
+                <maxHistory>0</maxHistory>
+                <maxFileSize>2000MB</maxFileSize>
+                <append>true</append>
+            </appender>
+            <appender xsi:type="c:FileAppenderConfigurationType" name="MIDPOINT_PROFILE_LOG"
+                      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+                <pattern>%date %level: %msg%n</pattern>
+                <fileName>${midpoint.home}/log/midpoint-profile.log</fileName>
+                <filePattern>${midpoint.home}/log/midpoint-profile-%d{yyyy-MM-dd}.%i.log</filePattern>
+                <maxHistory>10</maxHistory>
+                <maxFileSize>100MB</maxFileSize>
+                <append>true</append>
+            </appender>
+            <rootLoggerAppender>MIDPOINT_LOG</rootLoggerAppender>
+            <rootLoggerLevel>INFO</rootLoggerLevel>
+            <auditing>
+                <enabled>false</enabled>
+                <details>false</details>
+            </auditing>
     </logging>
+
+
     <defaultObjectPolicyConfiguration id="101">
         <type>UserType</type>
         <objectTemplateRef xmlns:tns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" oid="8098b124-c20c-4965-8adf-e528abedf7a4" relation="org:default" type="tns:ObjectTemplateType"/>
@@ -289,371 +277,1322 @@
     <deploymentInformation>
         <name>CSP-Workbench</name>
     </deploymentInformation>
+
     <adminGuiConfiguration>
-        <userDashboardLink>
-            <targetUrl>/self/profile</targetUrl>
-            <label>PageSelfDashboard.profile</label>
-            <description>PageSelfDashboard.profile.description</description>
-            <icon>
-                <cssClass>fa fa-user</cssClass>
-            </icon>
-            <color>green</color>
-            <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfProfile</authorization>
-            <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfAll</authorization>
-        </userDashboardLink>
-        <userDashboardLink>
-            <targetUrl>/self/credentials</targetUrl>
-            <label>PageSelfDashboard.credentials</label>
-            <description>PageSelfDashboard.credentials.description</description>
-            <icon>
-                <cssClass>fa fa-shield</cssClass>
-            </icon>
-            <color>blue</color>
-            <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfCredentials</authorization>
-            <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfAll</authorization>
-        </userDashboardLink>
-        <userDashboardLink>
-            <targetUrl>/admin/users</targetUrl>
-            <label>PageSelfDashboard.listUsers</label>
-            <icon>
-                <cssClass>fa fa-users</cssClass>
-            </icon>
-            <color>red</color>
-            <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users</authorization>
-        </userDashboardLink>
-        <userDashboardLink>
-            <targetUrl>/admin/resources</targetUrl>
-            <label>PageSelfDashboard.listResources</label>
-            <icon>
-                <cssClass>fa fa-database</cssClass>
-            </icon>
-            <color>purple</color>
-            <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#resources</authorization>
-        </userDashboardLink>
-        <objectCollectionViews>
-            <objectCollectionView>
-                <identifier>my-cases</identifier>
-                <display>
-                    <label>My cases</label>
-                    <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
-                    <pluralLabel>
-                        <orig>My cases</orig>
-                        <translation>
-                            <key>MyCases.title</key>
-                        </translation>
-                    </pluralLabel>
-                    <singularLabel>My case</singularLabel>
-                    <icon>
-                        <cssClass>fe fe-case-object</cssClass>
-                    </icon>
-                </display>
-                <displayOrder>1000</displayOrder>
-                <type>CaseType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000344" relation="org:default" type="c:ObjectCollectionType">
-                    </collectionRef>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>manual-case-view</identifier>
-                <display>
-                    <label>Manual cases</label> <!-- "Manual provisioning cases" is too long for the menu -->
-                    <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
-                    <pluralLabel>
-                        <orig>All manual cases</orig>
-                        <translation>
-                            <key>AllManualCases.title</key>
-                        </translation>
-                    </pluralLabel>
-                    <singularLabel>Manual case</singularLabel>
-                    <tooltip>Manual provisioning cases</tooltip>
-                </display>
-                <displayOrder>1010</displayOrder>
-                <type>CaseType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000340" relation="org:default" type="c:ArchetypeType">
-                    </collectionRef>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>operation-request-case-view</identifier>
-                <display>
-                    <label>Requests</label> <!-- "Operation requests" is too long for the menu -->
-                    <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
-                    <pluralLabel>
-                        <orig>All requests</orig>
-                        <translation>
-                            <key>AllRequests.title</key>
-                        </translation>
-                    </pluralLabel>
-                    <singularLabel>Request</singularLabel>
-                    <tooltip>Operation requests</tooltip>
-                </display>
-                <displayOrder>1020</displayOrder>
-                <type>CaseType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000341" relation="org:default" type="c:ArchetypeType">
-                    </collectionRef>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>approval-case-view</identifier>
-                <display>
-                    <label>Approvals</label> <!-- "Approval cases" is too long for the menu -->
-                    <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
-                    <pluralLabel>
-                        <orig>All approvals</orig>
-                        <translation>
-                            <key>AllApprovals.title</key>
-                        </translation>
-                    </pluralLabel>
-                    <singularLabel>Approval</singularLabel>
-                    <tooltip>Approval cases</tooltip>
-                </display>
-                <displayOrder>1030</displayOrder>
-                <type>CaseType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000342" relation="org:default" type="c:ArchetypeType">
-                    </collectionRef>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>reconciliation-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000501" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>recomputation-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000502" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>import-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000503" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>live-sync-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000504" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>async-update-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000505" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>cleanup-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000506" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>report-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000507" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>single-bulk-action-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000508" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>iterative-bulk-action-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000509" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>certification-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000520" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>approval-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000521" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>utility-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000528" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>system-tasks-view</identifier>
-                <refreshInterval>30</refreshInterval>
-                <type>TaskType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000529" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>dashboard-reports-view</identifier>
-                <type>ReportType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000170" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-            <objectCollectionView>
-                <identifier>collection-reports-view</identifier>
-                <type>ReportType</type>
-                <collection>
-                    <collectionRef oid="00000000-0000-0000-0000-000000000171" relation="org:default" type="c:ArchetypeType"/>
-                </collection>
-            </objectCollectionView>
-        </objectCollectionViews>
-        <objectDetails>
-            <objectDetailsPage>
-                <type>c:TaskType</type>
-                <container>
-                    <displayOrder>150</displayOrder>
+            <homePage>
+                <type>UserType</type>
+                <widget>
+                    <identifier>myAccesses</identifier>
                     <display>
-                        <label>Advanced options</label>
+                        <label>
+                            <orig>My accesses</orig>
+                            <translation>
+                                <key>PageSelfDashboard.myAccesses</key>
+                            </translation>
+                        </label>
+                        <cssClass>col-12 col-xxl-6</cssClass>
+                        <icon>
+                            <cssClass>fe fe-assignment</cssClass>
+                        </icon>
                     </display>
-                    <item>
-                        <c:path>cleanupAfterCompletion</c:path>
-                    </item>
-                    <item>
-                        <c:path>threadStopAction</c:path>
-                    </item>
-                    <item>
-                        <c:path>binding</c:path>
-                    </item>
-                    <item>
-                        <c:path>dependent</c:path>
-                    </item>
-                </container>
-                <container>
-                    <displayOrder>900</displayOrder>
+                    <displayOrder>10</displayOrder>
+                    <action>
+                        <identifier>viewAll</identifier>
+                        <display>
+                            <label>
+                                <orig>View all</orig>
+                                <translation>
+                                    <key>PageSelfDashboard.button.viewAll</key>
+                                </translation>
+                            </label>
+                            <icon>
+                                <cssClass>fa fa-search</cssClass>
+                            </icon>
+                        </display>
+                        <target>
+                            <targetUrl>/self/profile/user</targetUrl>
+                            <panelIdentifier>allAssignments</panelIdentifier>
+                        </target>
+                    </action>
+                    <action>
+                        <identifier>requestAccess</identifier>
+                        <display>
+                            <label>
+                                <orig>Request access</orig>
+                                <translation>
+                                    <key>PageRequestAccess.title</key>
+                                </translation>
+                            </label>
+                            <icon>
+                                <cssClass>fas fa-plus-circle</cssClass>
+                            </icon>
+                        </display>
+                        <target>
+                            <targetUrl>/self/requestAccess</targetUrl>
+                        </target>
+                    </action>
+                    <panelType>allAssignments</panelType>
+                    <previewSize>5</previewSize>
+                </widget>
+                <widget>
+                    <identifier>myRequests</identifier>
                     <display>
-                        <label>Operational attributes (state)</label>
+                        <label>
+                            <orig>My requests</orig>
+                            <translation>
+                                <key>PageSelfDashboard.myRequests</key>
+                            </translation>
+                        </label>
+                        <cssClass>col-12 col-xxl-6</cssClass>
+                        <icon>
+                            <cssClass>fe fe-case</cssClass>
+                        </icon>
                     </display>
-                    <item>
-                        <c:path>executionStatus</c:path>
-                    </item>
-                    <item>
-                        <c:path>schedulingState</c:path>
-                    </item>
-                    <item>
-                        <c:path>node</c:path>
-                    </item>
-                    <item>
-                        <c:path>nodeAsObserved</c:path>
-                    </item>
-                    <item>
-                        <c:path>resultStatus</c:path>
-                    </item>
-                    <item>
-                        <c:path>result</c:path>
-                    </item>
-                    <item>
-                        <c:path>nextRunStartTimestamp</c:path>
-                    </item>
-                    <item>
-                        <c:path>nextRetryTimestamp</c:path>
-                    </item>
-                    <item>
-                        <c:path>unpauseAction</c:path>
-                    </item>
-                    <item>
-                        <c:path>taskIdentifier</c:path>
-                    </item>
-                    <item>
-                        <c:path>parent</c:path>
-                    </item>
-                    <item>
-                        <c:path>waitingReason</c:path>
-                    </item>
-                    <item>
-                        <c:path>stateBeforeSuspend</c:path>
-                    </item>
-                    <item>
-                        <path>schedulingStateBeforeSuspend</path>
-                    </item>
-                    <item>
-                        <c:path>category</c:path>
-                    </item>
-                    <item>
-                        <c:path>otherHandlersUriStack</c:path>
-                    </item>
-                    <item>
-                        <c:path>channel</c:path>
-                    </item>
-                    <item>
-                        <c:path>subtaskRef</c:path>
-                    </item>
-                    <item>
-                        <c:path>dependentTaskRef</c:path>
-                    </item>
-                    <item>
-                        <c:path>lastRunStartTimestamp</c:path>
-                    </item>
-                    <item>
-                        <c:path>lastRunFinishTimestamp</c:path>
-                    </item>
-                    <item>
-                        <c:path>completionTimestamp</c:path>
-                    </item>
-                </container>
-                <container>
-                    <displayOrder>910</displayOrder>
-                    <visibility>hidden</visibility>
+                    <displayOrder>20</displayOrder>
+                    <action>
+                        <identifier>viewAll</identifier>
+                        <display>
+                            <label>
+                                <orig>View all</orig>
+                                <translation>
+                                    <key>PageSelfDashboard.button.viewAll</key>
+                                </translation>
+                            </label>
+                            <icon>
+                                <cssClass>fa fa-search</cssClass>
+                            </icon>
+                        </display>
+                        <target>
+                            <targetUrl>/admin/casesAll</targetUrl>
+                            <collectionIdentifier>my-cases</collectionIdentifier>
+                        </target>
+                    </action>
+                    <panelType>myRequests</panelType>
+                    <previewSize>5</previewSize>
+                </widget>
+                <widget>
+                    <identifier>myWorkItems</identifier>
                     <display>
-                        <label>Operational attributes (progress)</label>
+                        <label>
+                            <orig>My work items</orig>
+                            <translation>
+                                <key>PageSelfDashboard.workItems</key>
+                            </translation>
+                        </label>
+                        <cssClass>col-12 col-xxl-6</cssClass>
+                        <icon>
+                            <cssClass>fa fa-inbox</cssClass>
+                        </icon>
                     </display>
-                    <item>
-                        <c:path>progress</c:path>
-                    </item>
-                    <item>
-                        <c:path>expectedTotal</c:path>
-                    </item>
-                    <item>
-                        <c:path>stalledSince</c:path>
-                    </item>
-                </container>
-
-            </objectDetailsPage>
-        </objectDetails>
-        <enableExperimentalFeatures>true</enableExperimentalFeatures>
-        <configurableUserDashboard>
-            <identifier>admin-dashboard</identifier>
-            <configurableDashboardRef oid="00000000-0000-0000-0001-000000000001" relation="org:default" type="c:DashboardType"/>
-        </configurableUserDashboard>
-    </adminGuiConfiguration>
+                    <displayOrder>40</displayOrder>
+                    <action>
+                        <identifier>viewAll</identifier>
+                        <display>
+                            <label>
+                                <orig>View all</orig>
+                                <translation>
+                                    <key>PageSelfDashboard.button.viewAll</key>
+                                </translation>
+                            </label>
+                            <icon>
+                                <cssClass>fa fa-search</cssClass>
+                            </icon>
+                        </display>
+                        <target>
+                            <targetUrl>/admin/myWorkItems</targetUrl>
+                        </target>
+                    </action>
+                    <panelType>myWorkItems</panelType>
+                    <previewSize>5</previewSize>
+                </widget>
+                <widget>
+                    <identifier>myAccounts</identifier>
+                    <display>
+                        <label>
+                            <orig>My accounts</orig>
+                            <translation>
+                                <key>PageDashboard.accounts</key>
+                            </translation>
+                        </label>
+                        <cssClass>col-12 col-xxl-6</cssClass>
+                        <icon>
+                            <cssClass>fa fa-male</cssClass>
+                        </icon>
+                    </display>
+                    <displayOrder>30</displayOrder>
+                    <action>
+                        <identifier>viewAll</identifier>
+                        <display>
+                            <label>
+                                <orig>View all</orig>
+                                <translation>
+                                    <key>PageSelfDashboard.button.viewAll</key>
+                                </translation>
+                            </label>
+                            <icon>
+                                <cssClass>fa fa-search</cssClass>
+                            </icon>
+                        </display>
+                        <target>
+                            <targetUrl>/self/profile/user</targetUrl>
+                            <panelIdentifier>projections</panelIdentifier>
+                        </target>
+                    </action>
+                    <panelType>projections</panelType>
+                    <previewSize>5</previewSize>
+                </widget>
+                <widget>
+                    <identifier>profileWidget</identifier>
+                    <display>
+                        <label>
+                            <orig>Profile</orig>
+                            <translation>
+                                <key>PageSelfDashboard.profile</key>
+                            </translation>
+                        </label>
+                        <help>PageSelfDashboard.profile.description</help>
+                        <cssClass>col-md-3</cssClass>
+                        <icon>
+                            <cssClass>bg-green fa fa-user</cssClass>
+                        </icon>
+                    </display>
+                    <panelType>linkWidget</panelType>
+                    <action>
+                        <identifier>profile-widget-action</identifier>
+                        <target>
+                            <targetUrl>/self/profile/user</targetUrl>
+                        </target>
+                    </action>
+                </widget>
+                <widget>
+                    <identifier>credentialsWidget</identifier>
+                    <display>
+                        <label>
+                            <orig>Credentials</orig>
+                            <translation>
+                                <key>PageSelfDashboard.credentials</key>
+                            </translation>
+                        </label>
+                        <help>PageSelfDashboard.credentials.description</help>
+                        <cssClass>col-md-3</cssClass>
+                        <icon>
+                            <cssClass>bg-blue fa fa-shield-alt</cssClass>
+                        </icon>
+                    </display>
+                    <panelType>linkWidget</panelType>
+                    <action>
+                        <identifier>credentials-widget-action</identifier>
+                        <target>
+                            <targetUrl>/self/credentials</targetUrl>
+                        </target>
+                    </action>
+                </widget>
+                <widget>
+                    <identifier>listResourcesWidget</identifier>
+                    <display>
+                        <label>
+                            <orig>List resources</orig>
+                            <translation>
+                                <key>PageSelfDashboard.listResources</key>
+                            </translation>
+                        </label>
+                        <cssClass>col-md-3</cssClass>
+                        <icon>
+                            <cssClass>bg-purple fa fa-database</cssClass>
+                        </icon>
+                    </display>
+                    <panelType>linkWidget</panelType>
+                    <action>
+                        <identifier>list-resources-widget-action</identifier>
+                        <target>
+                            <targetUrl>/admin/resources</targetUrl>
+                        </target>
+                    </action>
+                </widget>
+                <widget>
+                    <identifier>listUsersWidget</identifier>
+                    <display>
+                        <label>
+                            <orig>List users</orig>
+                            <translation>
+                                <key>PageSelfDashboard.listUsers</key>
+                            </translation>
+                        </label>
+                        <cssClass>col-md-3</cssClass>
+                        <icon>
+                            <cssClass>bg-red fa fa-user</cssClass>
+                        </icon>
+                    </display>
+                    <panelType>linkWidget</panelType>
+                    <action>
+                        <identifier>list-resources-widget-action</identifier>
+                        <target>
+                            <targetUrl>/admin/users</targetUrl>
+                        </target>
+                    </action>
+                </widget>
+            </homePage>
+            <objectCollectionViews>
+                <objectCollectionView>
+                    <identifier>my-cases</identifier>
+                    <display>
+                        <label>My cases</label>
+                        <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
+                        <pluralLabel>
+                            <orig>My cases</orig>
+                            <translation>
+                                <key>MyCases.title</key>
+                            </translation>
+                        </pluralLabel>
+                        <singularLabel>My case</singularLabel>
+                        <icon>
+                            <cssClass>fe fe-case-object</cssClass>
+                        </icon>
+                    </display>
+                    <displayOrder>1000</displayOrder>
+                    <type>CaseType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000344" relation="org:default" type="c:ObjectCollectionType">
+                        </collectionRef>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>manual-case-view</identifier>
+                    <display>
+                        <label>Manual cases</label> <!-- "Manual provisioning cases" is too long for the menu -->
+                        <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
+                        <pluralLabel>
+                            <orig>All manual cases</orig>
+                            <translation>
+                                <key>AllManualCases.title</key>
+                            </translation>
+                        </pluralLabel>
+                        <singularLabel>Manual case</singularLabel>
+                        <tooltip>Manual provisioning cases</tooltip>
+                    </display>
+                    <displayOrder>1010</displayOrder>
+                    <type>CaseType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000340" relation="org:default" type="c:ArchetypeType">
+                        </collectionRef>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>operation-request-case-view</identifier>
+                    <display>
+                        <label>Requests</label> <!-- "Operation requests" is too long for the menu -->
+                        <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
+                        <pluralLabel>
+                            <orig>All requests</orig>
+                            <translation>
+                                <key>AllRequests.title</key>
+                            </translation>
+                        </pluralLabel>
+                        <singularLabel>Request</singularLabel>
+                        <tooltip>Operation requests</tooltip>
+                    </display>
+                    <displayOrder>1020</displayOrder>
+                    <type>CaseType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000341" relation="org:default" type="c:ArchetypeType">
+                        </collectionRef>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>approval-case-view</identifier>
+                    <display>
+                        <label>Approvals</label> <!-- "Approval cases" is too long for the menu -->
+                        <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
+                        <pluralLabel>
+                            <orig>All approvals</orig>
+                            <translation>
+                                <key>AllApprovals.title</key>
+                            </translation>
+                        </pluralLabel>
+                        <singularLabel>Approval</singularLabel>
+                        <tooltip>Approval cases</tooltip>
+                    </display>
+                    <displayOrder>1030</displayOrder>
+                    <type>CaseType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000342" relation="org:default" type="c:ArchetypeType">
+                        </collectionRef>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>correlation-case-view</identifier>
+                    <display>
+                        <label>Correlations</label> <!-- "Correlation cases" is too long for the menu -->
+                        <!-- We need to explicitly specify plural label here. Otherwise it will be overwritten by a plural label from archetype. -->
+                        <pluralLabel>
+                            <orig>All correlations</orig>
+                            <translation>
+                                <key>AllCorrelations.title</key>
+                            </translation>
+                        </pluralLabel>
+                        <singularLabel>Correlation</singularLabel>
+                        <tooltip>Correlation cases</tooltip>
+                    </display>
+                    <displayOrder>1040</displayOrder>
+                    <type>CaseType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000345" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>reconciliation-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000501" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>recomputation-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000502" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>import-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000503" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>live-sync-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000504" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>async-update-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000505" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>cleanup-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000506" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>report-tasks-view</identifier>
+                    <display>
+                        <label>Report task</label>
+                        <pluralLabel>
+                            <orig>Report tasks</orig>
+                            <norm>report tasks</norm>
+                            <translation>
+                                <key>ReportTasks.title</key>
+                            </translation>
+                        </pluralLabel>
+                        <icon>
+                            <cssClass>fa fa-chart-pie</cssClass>
+                            <color>green</color>
+                        </icon>
+                    </display>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0002-000000000007" relation="org:default" type="c:ObjectCollectionType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>non-iterative-bulk-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000508" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>iterative-bulk-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000509" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>report-import-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000510" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>export-report-tasks-view</identifier>
+                    <applicableForOperation>add</applicableForOperation>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000511" relation="org:default" type="c:ArchetypeType">
+                            <!-- Report export task -->
+                        </collectionRef>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>export-report-distributed-tasks-view</identifier>
+                    <applicableForOperation>add</applicableForOperation>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000512" relation="org:default" type="c:ArchetypeType">
+                            <!-- Distributed report export task -->
+                        </collectionRef>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>shadow-integrity-check-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000513" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>shadows-refresh-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000514" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>objects-delete-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000515" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>shadows-delete-long-time-not-updated-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000516" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>execute-change-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000517" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>execute-deltas-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000518" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>reindex-repository-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000519" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>object-integrity-check-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000522" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>validity-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000530" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>trigger-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000531" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>propagation-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000532" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>multi-propagation-task-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000533" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>certification-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000520" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>approval-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000521" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>utility-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000528" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>system-tasks-view</identifier>
+                    <refreshInterval>30</refreshInterval>
+                    <type>TaskType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000529" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>dashboard-reports-view</identifier>
+                    <type>ReportType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000170" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>collection-reports-view</identifier>
+                    <type>ReportType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000171" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>application-role</identifier>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>RoleType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000328" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>business-role</identifier>
+                    <applicableForOperation>add</applicableForOperation>
+                    <type>RoleType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000321" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>application</identifier>
+                    <display>
+                        <label>Application.panel.applications</label>
+                    </display>
+                    <type>ServiceType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000329" relation="org:default" type="c:ArchetypeType"/>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>event-mark</identifier>
+                    <type>c:MarkType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000700" relation="org:default" type="c:ArchetypeType">
+                            <!-- Event mark -->
+                        </collectionRef>
+                    </collection>
+                </objectCollectionView>
+                <objectCollectionView>
+                    <identifier>object-mark</identifier>
+                    <type>c:MarkType</type>
+                    <collection>
+                        <collectionRef oid="00000000-0000-0000-0000-000000000701" relation="org:default" type="c:ArchetypeType">
+                            <!-- Object mark -->
+                        </collectionRef>
+                    </collection>
+                </objectCollectionView>
+            </objectCollectionViews>
+            <objectDetails>
+                <objectDetailsPage>
+                    <type>c:TaskType</type>
+                    <panel>
+                        <identifier>advanced-options-panel</identifier>
+                        <display>
+                            <label>Advanced options</label>
+                        </display>
+                        <panelType>formPanel</panelType>
+                        <container>
+                            <identifier>advanced-options</identifier>
+                            <displayOrder>150</displayOrder>
+                            <display>
+                                <label>Advanced options</label>
+                            </display>
+                            <item>
+                                <c:path>cleanupAfterCompletion</c:path>
+                            </item>
+                            <item>
+                                <c:path>threadStopAction</c:path>
+                            </item>
+                            <item>
+                                <c:path>binding</c:path>
+                            </item>
+                            <item>
+                                <c:path>dependent</c:path>
+                            </item>
+                        </container>
+                    </panel>
+                    <panel>
+                        <identifier>operational-attributes-panel</identifier>
+                        <display>
+                            <label>Operational attributes</label>
+                        </display>
+                        <panelType>formPanel</panelType>
+                        <container>
+                            <identifier>operational-attributes</identifier>
+                            <displayOrder>900</displayOrder>
+                            <display>
+                                <label>Operational attributes (state)</label>
+                            </display>
+                            <item>
+                                <c:path>executionState</c:path>
+                            </item>
+                            <item>
+                                <c:path>schedulingState</c:path>
+                            </item>
+                            <item>
+                                <c:path>node</c:path>
+                            </item>
+                            <item>
+                                <c:path>nodeAsObserved</c:path>
+                            </item>
+                            <item>
+                                <c:path>resultStatus</c:path>
+                            </item>
+                            <item>
+                                <c:path>result</c:path>
+                            </item>
+                            <item>
+                                <c:path>nextRunStartTimestamp</c:path>
+                            </item>
+                            <item>
+                                <c:path>nextRetryTimestamp</c:path>
+                            </item>
+                            <item>
+                                <c:path>unpauseAction</c:path>
+                            </item>
+                            <item>
+                                <c:path>taskIdentifier</c:path>
+                            </item>
+                            <item>
+                                <c:path>parent</c:path>
+                            </item>
+                            <item>
+                                <c:path>waitingReason</c:path>
+                            </item>
+                            <item>
+                                <c:path>stateBeforeSuspend</c:path>
+                            </item>
+                            <item>
+                                <path>schedulingStateBeforeSuspend</path>
+                            </item>
+                            <item>
+                                <c:path>category</c:path>
+                            </item>
+                            <item>
+                                <c:path>otherHandlersUriStack</c:path>
+                            </item>
+                            <item>
+                                <c:path>channel</c:path>
+                            </item>
+                            <item>
+                                <c:path>subtaskRef</c:path>
+                            </item>
+                            <item>
+                                <c:path>dependentTaskRef</c:path>
+                            </item>
+                            <item>
+                                <c:path>lastRunStartTimestamp</c:path>
+                            </item>
+                            <item>
+                                <c:path>lastRunFinishTimestamp</c:path>
+                            </item>
+                            <item>
+                                <c:path>completionTimestamp</c:path>
+                            </item>
+                        </container>
+                        <container>
+                            <displayOrder>910</displayOrder>
+                            <visibility>hidden</visibility>
+                            <identifier>operation-attributes-progress</identifier>
+                            <display>
+                                <label>Operational attributes (progress)</label>
+                            </display>
+                            <item>
+                                <c:path>progress</c:path>
+                            </item>
+                            <item>
+                                <c:path>expectedTotal</c:path>
+                            </item>
+                            <item>
+                                <c:path>stalledSince</c:path>
+                            </item>
+                        </container>
+                    </panel>
+                </objectDetailsPage>
+                <objectDetailsPage>
+                    <type>c:UserType</type>
+                    <panel>
+                        <identifier>applications</identifier>
+                        <display>
+                            <label>Application.panel.applications</label>
+                        </display>
+                        <panelType>roleMemberships</panelType>
+                        <listView>
+                            <identifier>applications</identifier>
+                            <type>c:ServiceType</type>
+                            <collection>
+                                <collectionRef oid="00000000-0000-0000-0001-000000000017" type="c:ObjectCollectionType"/>
+                            </collection>
+                            <searchBoxConfiguration>
+                                <objectTypeConfiguration>
+                                    <visibility>hidden</visibility>
+                                    <defaultValue>ServiceType</defaultValue>
+                                    <supportedTypes>ServiceType</supportedTypes>
+                                </objectTypeConfiguration>
+                            </searchBoxConfiguration>
+                        </listView>
+                    </panel>
+                </objectDetailsPage>
+                <resourceDetailsPage>
+                    <panel>
+                        <identifier>rw-type-basic</identifier>
+                        <container>
+                            <identifier>basic</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.objectType.basicSettings</label>
+                            </display>
+                            <item>
+                                <path>schemaHandling/objectType/displayName</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/description</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/kind</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/intent</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/securityPolicyRef</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/default</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>schemaHandling/objectType</path>
+                        </container>
+                        <panelType>rw-type-basic</panelType>
+                    </panel>
+                    <panel>
+                        <identifier>rw-type-delineation</identifier>
+                        <container>
+                            <identifier>delineation</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.objectType.delineation</label>
+                            </display>
+                            <item>
+                                <path>schemaHandling/objectType/delineation/objectClass</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/delineation/auxiliaryObjectClass</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/delineation/searchHierarchyScope</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/delineation/filter</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/delineation/classificationCondition</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>schemaHandling/objectType/delineation</path>
+                        </container>
+                        <panelType>rw-type-delineation</panelType>
+                    </panel>
+                    <panel>
+                        <identifier>rw-attribute-limitations</identifier>
+                        <container>
+                            <identifier>limitationsMapping</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.attributes.limitation</label>
+                            </display>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/limitations/access/read</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/limitations/access/add</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/limitations/access/modify</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/limitations/minOccurs</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/limitations/maxOccurs</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/limitations/processing</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>schemaHandling/objectType/attribute/limitations</path>
+                        </container>
+                        <panelType>rw-attribute-limitations</panelType>
+                    </panel>
+                    <panel>
+                        <identifier>rw-synchronization-reaction-main</identifier>
+                        <container>
+                            <identifier>reactionMainSetting</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.synchronization.reaction.mainSettings</label>
+                            </display>
+                            <item>
+                                <path>schemaHandling/objectType/synchronization/reaction/name</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/synchronization/reaction/description</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/synchronization/reaction/situation</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>schemaHandling/objectType/synchronization/reaction</path>
+                        </container>
+                        <panelType>rw-synchronization-reaction-main</panelType>
+                    </panel>
+                    <panel>
+                        <identifier>rw-synchronization-reaction-optional</identifier>
+                        <container>
+                            <identifier>reactionOptionalSetting</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.synchronization.reaction.optionalSettings</label>
+                            </display>
+                            <item>
+                                <path>schemaHandling/objectType/synchronization/reaction/condition</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/synchronization/reaction/channel</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/synchronization/reaction/order</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>schemaHandling/objectType/synchronization/reaction</path>
+                        </container>
+                        <panelType>rw-synchronization-reaction-optional</panelType>
+                    </panel>
+                    <panel>
+                        <identifier>rw-attribute</identifier>
+                        <container>
+                            <identifier>mainConfigurationAttribute</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.attributes.mainConfiguration</label>
+                            </display>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/ref</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/displayName</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/help</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/description</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/tolerant</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/exclusiveStrong</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/readReplaceMode</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/fetchStrategy</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/attribute/matchingRule</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>schemaHandling/objectType/attribute</path>
+                        </container>
+                        <panelType>rw-attribute</panelType>
+                    </panel>
+                    <panel>
+                        <identifier>rw-association</identifier>
+                        <container>
+                            <identifier>association</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.associations</label>
+                            </display>
+                            <item>
+                                <path>schemaHandling/objectType/association/ref</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/displayName</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/description</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/auxiliaryObjectClass</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/kind</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/intent</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/direction</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/associationAttribute</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/shortcutAssociationAttribute</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/valueAttribute</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/shortcutValueAttribute</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>schemaHandling/objectType/association/explicitReferentialIntegrity</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>schemaHandling/objectType/association</path>
+                        </container>
+                        <panelType>rw-association</panelType>
+                    </panel>
+                </resourceDetailsPage>
+                <resourceDetailsPage>
+                    <panel>
+                        <identifier>rw-connectorConfiguration-partial</identifier>
+                        <container>
+                            <identifier>required</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.configuration</label>
+                            </display>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/jdbcUrlTemplate</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/jdbcDriver</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/password</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/user</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/port</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/host</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/database</path>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>connectorConfiguration/configurationProperties</path>
+                        </container>
+                        <panelType>rw-connectorConfiguration-partial</panelType>
+                    </panel>
+                    <connectorRef type="ConnectorType">
+                        <resolutionTime>run</resolutionTime>
+                        <filter>
+                            <q:and>
+                                <q:equal>
+                                    <q:path>connectorType</q:path>
+                                    <q:value>org.identityconnectors.databasetable.DatabaseTableConnector</q:value>
+                                </q:equal>
+                                <q:equal>
+                                    <q:path>available</q:path>
+                                    <q:value>true</q:value>
+                                </q:equal>
+                            </q:and>
+                        </filter>
+                    </connectorRef>
+                </resourceDetailsPage>
+                <resourceDetailsPage>
+                    <panel>
+                        <identifier>rw-connectorConfiguration-partial</identifier>
+                        <container>
+                            <identifier>required</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.configuration</label>
+                            </display>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/host</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/port</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/connectionSecurity</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/bindDn</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/bindPassword</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>connectorConfiguration/configurationProperties</path>
+                        </container>
+                        <panelType>rw-connectorConfiguration-partial</panelType>
+                    </panel>
+                    <connectorRef type="ConnectorType">
+                        <resolutionTime>run</resolutionTime>
+                        <filter>
+                            <q:and>
+                                <q:equal>
+                                    <q:path>connectorType</q:path>
+                                    <q:value>com.evolveum.polygon.connector.ldap.LdapConnector</q:value>
+                                </q:equal>
+                                <q:equal>
+                                    <q:path>available</q:path>
+                                    <q:value>true</q:value>
+                                </q:equal>
+                            </q:and>
+                        </filter>
+                    </connectorRef>
+                </resourceDetailsPage>
+                <resourceDetailsPage>
+                    <panel>
+                        <identifier>rw-connectorConfiguration-partial</identifier>
+                        <container>
+                            <identifier>required</identifier>
+                            <display>
+                                <label>PageResource.wizard.step.configuration</label>
+                            </display>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/host</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/port</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/connectionSecurity</path>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/bindDn</path>
+                                <visibility>visible</visibility>
+                            </item>
+                            <item>
+                                <path>connectorConfiguration/configurationProperties/bindPassword</path>
+                                <visibility>visible</visibility>
+                            </item>
+                        </container>
+                        <container>
+                            <visibility>hidden</visibility>
+                            <path>connectorConfiguration/configurationProperties</path>
+                        </container>
+                        <panelType>rw-connectorConfiguration-partial</panelType>
+                    </panel>
+                    <connectorRef type="ConnectorType">
+                        <resolutionTime>run</resolutionTime>
+                        <filter>
+                            <q:and>
+                                <q:equal>
+                                    <q:path>connectorType</q:path>
+                                    <q:value>com.evolveum.polygon.connector.ldap.ad.AdLdapConnector</q:value>
+                                </q:equal>
+                                <q:equal>
+                                    <q:path>available</q:path>
+                                    <q:value>true</q:value>
+                                </q:equal>
+                            </q:and>
+                        </filter>
+                    </connectorRef>
+                </resourceDetailsPage>
+            </objectDetails>
+            <configurableUserDashboard>
+                <identifier>admin-dashboard</identifier>
+                <configurableDashboardRef oid="00000000-0000-0000-0001-000000000001" relation="org:default" type="c:DashboardType"/>
+            </configurableUserDashboard>
+            <accessRequest>
+                <roleCatalog>
+                    <collection>
+                        <identifier>allRoles</identifier>
+                        <default>true</default>
+                        <collectionIdentifier>allRoles</collectionIdentifier>
+                    </collection>
+                    <collection>
+                        <identifier>allOrgs</identifier>
+                        <collectionIdentifier>allOrgs</collectionIdentifier>
+                    </collection>
+                    <collection>
+                        <identifier>allServices</identifier>
+                        <collectionIdentifier>allServices</collectionIdentifier>
+                    </collection>
+                </roleCatalog>
+            </accessRequest>
+            <userDashboardLink id="18">
+                <targetUrl>/self/profile</targetUrl>
+                <label>Profile</label>
+                <description>View/edit your profile</description>
+                <icon>
+                    <cssClass>fa fa-user</cssClass>
+                </icon>
+                <color>green</color>
+                <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfProfile</authorization>
+                <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfAll</authorization>
+            </userDashboardLink>
+            <userDashboardLink id="19">
+                <targetUrl>/self/credentials</targetUrl>
+                <label>Credentials</label>
+                <description>View/edit your credentials</description>
+                <icon>
+                    <cssClass>fa fa-shield</cssClass>
+                </icon>
+                <color>blue</color>
+                <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfCredentials</authorization>
+                <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfAll</authorization>
+            </userDashboardLink>
+            <userDashboardLink id="20">
+                <targetUrl>/admin/users</targetUrl>
+                <label>List users</label>
+                <icon>
+                    <cssClass>fa fa-users</cssClass>
+                </icon>
+                <color>red</color>
+                <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users</authorization>
+            </userDashboardLink>
+            <userDashboardLink id="21">
+                <targetUrl>/admin/resources</targetUrl>
+                <label>List resources</label>
+                <icon>
+                    <cssClass>fa fa-database</cssClass>
+                </icon>
+                <color>purple</color>
+                <authorization>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#resources</authorization>
+            </userDashboardLink>
+        </adminGuiConfiguration>
     <workflowConfiguration>
         <useLegacyApproversSpecification>never</useLegacyApproversSpecification>
         <useDefaultApprovalPolicyRules>never</useDefaultApprovalPolicyRules>
@@ -717,50 +1656,51 @@
             </class>
             <class>
                 <name>java.lang.Object</name>
-                    <description>Basic Java operations.</description>
-                    <decision>deny</decision>
-                    <method>
-                        <name>equals</name>
-                        <decision>allow</decision>
-                    </method><method>
-                        <name>hashCode</name>
-                        <decision>allow</decision>
-                    </method>
+                <description>Basic Java operations.</description>
+                <decision>deny</decision>
+                <method>
+                    <name>equals</name>
+                    <decision>allow</decision>
+                </method>
+                <method>
+                    <name>hashCode</name>
+                    <decision>allow</decision>
+                </method>
             </class>
             <class>
                 <name>java.lang.String</name>
-                    <description>String operations are generally safe. But Groovy is adding execute() method which is very dangerous.</description>
-                    <decision>allow</decision> <!-- Default decision for those methods that are not explicitly enumerated. -->
-                    <method>
-                        <name>execute</name>
-                        <decision>deny</decision>
-                    </method>
+                <description>String operations are generally safe. But Groovy is adding execute() method which is very dangerous.</description>
+                <decision>allow</decision> <!-- Default decision for those methods that are not explicitly enumerated. -->
+                <method>
+                    <name>execute</name>
+                    <decision>deny</decision>
+                </method>
             </class>
             <class>
                 <name>java.lang.CharSequence</name>
-                    <decision>allow</decision>
+                <decision>allow</decision>
             </class>
             <class>
                 <name>java.lang.Enum</name>
-                    <decision>allow</decision>
+                <decision>allow</decision>
             </class>
             <class>
                 <name>java.util.List</name>
-                    <description>List operations are generally safe. But Groovy is adding execute() method which is very dangerous.</description>
-                    <decision>allow</decision>
-                    <method>
-                        <name>execute</name>
-                        <decision>deny</decision>
-                    </method>
+                <description>List operations are generally safe. But Groovy is adding execute() method which is very dangerous.</description>
+                <decision>allow</decision>
+                <method>
+                    <name>execute</name>
+                    <decision>deny</decision>
+                </method>
             </class>
             <class>
                 <name>java.util.ArrayList</name>
-                    <description>List operations are generally safe. But Groovy is adding execute() method which is very dangerous.</description>
-                    <decision>allow</decision>
-                    <method>
-                        <name>execute</name>
-                        <decision>deny</decision>
-                    </method>
+                <description>List operations are generally safe. But Groovy is adding execute() method which is very dangerous.</description>
+                <decision>allow</decision>
+                <method>
+                    <name>execute</name>
+                    <decision>deny</decision>
+                </method>
             </class>
             <class>
                 <name>java.util.Map</name>
@@ -817,7 +1757,7 @@
                 <decision>allow</decision>
             </class>
             <class>
-                <name>org.apache.commons.lang.StringUtils</name>
+                <name>org.apache.commons.lang3.StringUtils</name>
                 <description>Apache Commons: Strings</description>
                 <decision>allow</decision>
             </class>
@@ -869,6 +1809,5 @@
             </class> -->
         </permissionProfile>
     </expressions>
-
 </systemConfiguration>
 
diff --git a/Workbench/webproxy/container_files/httpd/index.html b/Workbench/webproxy/container_files/httpd/index.html
index ce9d316..74d1463 100644
--- a/Workbench/webproxy/container_files/httpd/index.html
+++ b/Workbench/webproxy/container_files/httpd/index.html
@@ -9,7 +9,7 @@ <h3>Welcome to the InCommon TAP Workbench!</h3>
 The system contains the following TAP components (click the links to access each component in its own tab):
 
 <ul>
-<li><a href="https://__CSPHOSTNAME__/grouper" target="TAP-WB-GROUPER">Grouper (4.5.2)</a></li>
+<li><a href="https://__CSPHOSTNAME__/grouper" target="TAP-WB-GROUPER">Grouper (4.5.4)</a></li>
 <li><a href="https://__CSPHOSTNAME__/midpoint" target="TAP-WB-MIDPOINT">midPoint (4.7.1)</a></li>
 <ul><li><a href="https://__CSPHOSTNAME__/midPoint-doc.html" target="TAP-WB-MIDPOINT-CONFIG">Technical doc on midPoint's configuration</a></li></ul>
 <li><a href="https://__CSPHOSTNAME__/registry" target="TAP-WB-COMANAGE">COmanage Registry (4.1.0)</a></li>