Hi Johan,
On Sun, Jul 13, 2014 at 4:20 AM, Johann Nallathamby <[email protected]> wrote: > Hi Ishara/Darshana, > > How does this compare with the new provisioning configurations we provide > through UI in IS 5.0? > > Currently we have capability for service providers to configure which user > store they want the users/groups to be provisioned to in Service Provider > UI under inbound provisioning configurations. The same thing is also there > in the Resident Service Provider configurations. In both places we can skip > selecting a user store which is effectively dumb mode. In that case how > should this work with the file based configurations? > > If we haven't thought about it my idea is, > > 1. If configuration says dumb mode then no service provider should be able > to provision to any user store (its a global config that needs to be > honoured, we might need to lock the option in the UI). > Current implementation this works in this way. what we have to do is lock the SCIM provisioning. > 2. If configuration says non-dumb mode, then service providers can > selectively provision to user stores according to their preference (even > can do dumb mode by not selecting user store in inbound provisioning UI). > In this case if no user store is selected, users can be provisioned to any user store, if its selected users will be provisioned only to that user store . This is how it works. @Darshana Please add if something missing. Thanks, -Ishara > > Thoughts? > > Thanks, > Johann. > > > On Fri, Jul 11, 2014 at 6:58 PM, Ishara Karunarathna <[email protected]> > wrote: > >> Hi Gayan, >> >> >> On Fri, Jul 11, 2014 at 1:15 AM, Gayan Gunawardana <[email protected]> >> wrote: >> >>> Hi Ishara, >>> >>> Could you please elaborate more about dump mode in SCIMUserManager and >>> how the changes should be reflected to dump mode. >>> >> In dumb mode IS which is configured in dumb mode will act as a >> provisioning hub only. It wont store Users or Roles in its user store. >> It will re provision these resources to configures SCIM service providers. >> >> You will configure this in provisioning-config.xml configuration file. >> [IS_Home]/repository/conf/ >> >> Thanks, >> -Ishara >> >> >>> Thanks, >>> Gayan >>> >>> >>> On Thu, Jul 10, 2014 at 9:20 AM, Gayan Gunawardana <[email protected]> >>> wrote: >>> >>>> Hi, >>>> >>>> There are around 10 use-cases under [1] here *3.2.2 Modifying with >>>> patch*. I have already done first use-case and working on other >>>> use-cases as well. >>>> >>>> [1] >>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>> >>>> >>>> >>>> On Wed, Jul 9, 2014 at 11:20 PM, Johann Nallathamby <[email protected]> >>>> wrote: >>>> >>>>> +1. This is a valuable addition to IS. >>>>> >>>>> >>>>> On Wed, Jul 9, 2014 at 11:44 AM, Ishara Karunarathna < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi Gayan, >>>>>> >>>>>> >>>>>> On Tue, Jul 8, 2014 at 10:39 PM, Gayan Gunawardana <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi Ishara, >>>>>>> >>>>>>> Thanks for the information. >>>>>>> >>>>>>> Are we going to support all use-cases according to [1] ? >>>>>>> >>>>>>> >>>>>> Under User and Group resources mainly we have to implement Patch >>>>>> operation and >>>>>> there are some improvement in listing and filtering. >>>>>> >>>>>> I think its better to start with implementing with PATCH operation. >>>>>> >>>>>> >>>>>>> [1] >>>>>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>>>>> >>>>>>> >>>>>>> On Wed, Jul 9, 2014 at 10:39 AM, Ishara Karunarathna < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi Gayan, >>>>>>>> >>>>>>>> >>>>>>>> On Tue, Jul 8, 2014 at 9:32 PM, Gayan Gunawardana <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hi All, >>>>>>>>> >>>>>>>>> Currently WSO2 Identity Server does not support PATCH method for >>>>>>>>> SCIM end points. >>>>>>>>> >>>>>>>>> The major limitation came up with that is in order to add single >>>>>>>>> user into a group, new user has to be sent with all existing users. >>>>>>>>> >>>>>>>>> Above requirement can be archived by adding PATCH method support >>>>>>>>> for JAX-RS implementation and doing mirror changes to update group >>>>>>>>> operation. >>>>>>>>> >>>>>>>> Yes patch is not only for add users to group and it is more useful >>>>>>>> than that. >>>>>>>> >>>>>>>>> >>>>>>>>> But according to the spec [1] PATCH method has many powerful >>>>>>>>> features like selectively sending added users and deleted users. >>>>>>>>> >>>>>>>> Here you are pointing to the the wrong draft API which is not >>>>>>>> finalized yet and still its PATCH operation is under discussion. At the >>>>>>>> moment >>>>>>>> WSO2IS support for SCIM draft API 1.1, So I think its better to >>>>>>>> support PATCH operation in draft API 1.1 [1] Until we support for next >>>>>>>> version. >>>>>>>> >>>>>>>> >>>>>>>> Thanks, >>>>>>>> -Ishara >>>>>>>> >>>>>>>> [1] >>>>>>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>>>>>> >>>>>>>> and still WSO2 IS support for draft API 1.1. So you w >>>>>>>> Yes patch is not only for add users to group and it is more useful >>>>>>>> than that. >>>>>>>> >>>>>>>>> >>>>>>>>> Example >>>>>>>>> >>>>>>>>> PATCH /Groups/acbf3ae7-8463-4692-b4fd-9b4da3f908ce >>>>>>>>> >>>>>>>>> { >>>>>>>>> "schemas": ["urn:scim:schemas:core:2.0:Group"], >>>>>>>>> "members": [ >>>>>>>>> { >>>>>>>>> "display": "Babs Jensen", >>>>>>>>> "$ref": >>>>>>>>> "https://example.com/v1/Users/2819c223-7f76-453a-919d-413861904646";, >>>>>>>>> "value": "2819c223-7f76-453a-919d-413861904646" >>>>>>>>> "operation": "delete" >>>>>>>>> }, >>>>>>>>> { >>>>>>>>> "display": "James Smith", >>>>>>>>> "$ref": >>>>>>>>> "https://example.com/v1/Users/08e1d05d-121c-4561-8b96-473d93df9210";, >>>>>>>>> "value": "08e1d05d-121c-4561-8b96-473d93df9210" >>>>>>>>> } >>>>>>>>> ] >>>>>>>>> } >>>>>>>>> >>>>>>>>> Current charon [2] implementation does not decode single member >>>>>>>>> into member object and rather it sends members id as a String array >>>>>>>>> list or >>>>>>>>> members display name as a String array list. This is a kind of major >>>>>>>>> bottleneck to implement selective delete operation. >>>>>>>>> >>>>>>>>> Are we going to scope PATCH implementation? >>>>>>>>> >>>>>>>>> WDYT? >>>>>>>>> >>>>>>>>> >>>>>>>>> [1] >>>>>>>>> http://tools.ietf.org/html/draft-ietf-scim-api-02#section-3.3.2 >>>>>>>>> >>>>>>>>> [2] https://docs.wso2.com/display/IS500/Working+with+SCIM >>>>>>>>> -- >>>>>>>>> Gayan Gunawardana >>>>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>>>> Email: [email protected] >>>>>>>>> Mobile: +94 (71) 8020933 >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Ishara Karunarathna >>>>>>>> Senior Software Engineer >>>>>>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>>>>>>> >>>>>>>> email: [email protected], blog: isharaaruna.blogspot.com, >>>>>>>> mobile: +94 718211678 >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Gayan Gunawardana >>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>> Email: [email protected] >>>>>>> Mobile: +94 (71) 8020933 >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Ishara Karunarathna >>>>>> Senior Software Engineer >>>>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>>>>> >>>>>> email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94 >>>>>> 718211678 >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Thanks & Regards, >>>>> >>>>> *Johann Dilantha Nallathamby* >>>>> Associate Technical Lead & Product Lead of WSO2 Identity Server >>>>> Integration Technologies Team >>>>> WSO2, Inc. >>>>> lean.enterprise.middleware >>>>> >>>>> Mobile - *+94777776950* >>>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>>> >>>> >>>> >>>> >>>> -- >>>> Gayan Gunawardana >>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>> Email: [email protected] >>>> Mobile: +94 (71) 8020933 >>>> >>> >>> >>> >>> -- >>> Gayan Gunawardana >>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>> Email: [email protected] >>> Mobile: +94 (71) 8020933 >>> >> >> >> >> -- >> Ishara Karunarathna >> Senior Software Engineer >> WSO2 Inc. - lean . enterprise . middleware | wso2.com >> >> email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94 >> 718211678 >> > > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Associate Technical Lead & Product Lead of WSO2 Identity Server > Integration Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > -- Ishara Karunarathna Senior Software Engineer WSO2 Inc. - lean . enterprise . middleware | wso2.com email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94 718211678
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
