Hi Johan, According to offline chat we had, we can ignore Use-Case 03 and Use-Case 04.
For Use-Case 01 I have added extra claim for primary email. For Use-Case 02 since Identity Server does not support storing addresses, I m adding the storing addresses feature and implement patch operation for addresses. Thanks, Gayan On Mon, Jul 14, 2014 at 11:28 AM, Gayan Gunawardana <[email protected]> wrote: > Hi Ishara, > > While looking at patch operation for Users, I have encountered following > issues. > > Use-Case 01 : changing a User's primary email > Issue : Currently there is no way to specify User's primary email (even > thought we can set as "primary":true cannot retrieve) > > Use-Case 02 : changing a User's address > Issue : Are we supporting adding an address for a User > > Use-Case 03 : remove a User's nickname > Issue : Can we send meta information in SCIM request. > > Use-Case 04 : Remove a complex Sub-Attribute and an extended schema > attribute > Issue : Can we send meta information in SCIM request. > > Can you please add your suggestion ? > > > > On Sun, Jul 13, 2014 at 11:53 PM, Ishara Karunarathna <[email protected]> > wrote: > >> Hi Johan, >> >> >> >> On Sun, Jul 13, 2014 at 4:20 AM, Johann Nallathamby <[email protected]> >> wrote: >> >>> Hi Ishara/Darshana, >>> >>> How does this compare with the new provisioning configurations we >>> provide through UI in IS 5.0? >>> >>> Currently we have capability for service providers to configure which >>> user store they want the users/groups to be provisioned to in Service >>> Provider UI under inbound provisioning configurations. The same thing is >>> also there in the Resident Service Provider configurations. In both places >>> we can skip selecting a user store which is effectively dumb mode. In that >>> case how should this work with the file based configurations? >>> >>> If we haven't thought about it my idea is, >>> >>> 1. If configuration says dumb mode then no service provider should be >>> able to provision to any user store (its a global config that needs to be >>> honoured, we might need to lock the option in the UI). >>> >> Current implementation this works in this way. what we have to do is lock >> the SCIM provisioning. >> >> >>> 2. If configuration says non-dumb mode, then service providers can >>> selectively provision to user stores according to their preference (even >>> can do dumb mode by not selecting user store in inbound provisioning UI). >>> >> In this case if no user store is selected, users can be provisioned to >> any user store, if its selected users will be provisioned only to that user >> store . >> >> This is how it works. >> @Darshana Please add if something missing. >> >> Thanks, >> -Ishara >> >>> >>> Thoughts? >>> >>> Thanks, >>> Johann. >>> >>> >>> On Fri, Jul 11, 2014 at 6:58 PM, Ishara Karunarathna <[email protected]> >>> wrote: >>> >>>> Hi Gayan, >>>> >>>> >>>> On Fri, Jul 11, 2014 at 1:15 AM, Gayan Gunawardana <[email protected]> >>>> wrote: >>>> >>>>> Hi Ishara, >>>>> >>>>> Could you please elaborate more about dump mode in SCIMUserManager and >>>>> how the changes should be reflected to dump mode. >>>>> >>>> In dumb mode IS which is configured in dumb mode will act as a >>>> provisioning hub only. It wont store Users or Roles in its user store. >>>> It will re provision these resources to configures SCIM service >>>> providers. >>>> >>>> You will configure this in provisioning-config.xml configuration file. >>>> [IS_Home]/repository/conf/ >>>> >>>> Thanks, >>>> -Ishara >>>> >>>> >>>>> Thanks, >>>>> Gayan >>>>> >>>>> >>>>> On Thu, Jul 10, 2014 at 9:20 AM, Gayan Gunawardana <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> There are around 10 use-cases under [1] here *3.2.2 Modifying with >>>>>> patch*. I have already done first use-case and working on other >>>>>> use-cases as well. >>>>>> >>>>>> [1] >>>>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>>>> >>>>>> >>>>>> >>>>>> On Wed, Jul 9, 2014 at 11:20 PM, Johann Nallathamby <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> +1. This is a valuable addition to IS. >>>>>>> >>>>>>> >>>>>>> On Wed, Jul 9, 2014 at 11:44 AM, Ishara Karunarathna < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi Gayan, >>>>>>>> >>>>>>>> >>>>>>>> On Tue, Jul 8, 2014 at 10:39 PM, Gayan Gunawardana <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hi Ishara, >>>>>>>>> >>>>>>>>> Thanks for the information. >>>>>>>>> >>>>>>>>> Are we going to support all use-cases according to [1] ? >>>>>>>>> >>>>>>>>> >>>>>>>> Under User and Group resources mainly we have to implement Patch >>>>>>>> operation and >>>>>>>> there are some improvement in listing and filtering. >>>>>>>> >>>>>>>> I think its better to start with implementing with PATCH operation. >>>>>>>> >>>>>>>> >>>>>>>>> [1] >>>>>>>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>>>>>>> >>>>>>>>> >>>>>>>>> On Wed, Jul 9, 2014 at 10:39 AM, Ishara Karunarathna < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi Gayan, >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Tue, Jul 8, 2014 at 9:32 PM, Gayan Gunawardana <[email protected] >>>>>>>>>> > wrote: >>>>>>>>>> >>>>>>>>>>> Hi All, >>>>>>>>>>> >>>>>>>>>>> Currently WSO2 Identity Server does not support PATCH method for >>>>>>>>>>> SCIM end points. >>>>>>>>>>> >>>>>>>>>>> The major limitation came up with that is in order to add >>>>>>>>>>> single user into a group, new user has to be sent with all existing >>>>>>>>>>> users. >>>>>>>>>>> >>>>>>>>>>> Above requirement can be archived by adding PATCH method support >>>>>>>>>>> for JAX-RS implementation and doing mirror changes to update group >>>>>>>>>>> operation. >>>>>>>>>>> >>>>>>>>>> Yes patch is not only for add users to group and it is more >>>>>>>>>> useful than that. >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> But according to the spec [1] PATCH method has many powerful >>>>>>>>>>> features like selectively sending added users and deleted users. >>>>>>>>>>> >>>>>>>>>> Here you are pointing to the the wrong draft API which is not >>>>>>>>>> finalized yet and still its PATCH operation is under discussion. At >>>>>>>>>> the >>>>>>>>>> moment >>>>>>>>>> WSO2IS support for SCIM draft API 1.1, So I think its better to >>>>>>>>>> support PATCH operation in draft API 1.1 [1] Until we support for >>>>>>>>>> next >>>>>>>>>> version. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> -Ishara >>>>>>>>>> >>>>>>>>>> [1] >>>>>>>>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>>>>>>>> >>>>>>>>>> and still WSO2 IS support for draft API 1.1. So you w >>>>>>>>>> Yes patch is not only for add users to group and it is more >>>>>>>>>> useful than that. >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Example >>>>>>>>>>> >>>>>>>>>>> PATCH /Groups/acbf3ae7-8463-4692-b4fd-9b4da3f908ce >>>>>>>>>>> >>>>>>>>>>> { >>>>>>>>>>> "schemas": ["urn:scim:schemas:core:2.0:Group"], >>>>>>>>>>> "members": [ >>>>>>>>>>> { >>>>>>>>>>> "display": "Babs Jensen", >>>>>>>>>>> "$ref": >>>>>>>>>>> "https://example.com/v1/Users/2819c223-7f76-453a-919d-413861904646";, >>>>>>>>>>> "value": "2819c223-7f76-453a-919d-413861904646" >>>>>>>>>>> "operation": "delete" >>>>>>>>>>> }, >>>>>>>>>>> { >>>>>>>>>>> "display": "James Smith", >>>>>>>>>>> "$ref": >>>>>>>>>>> "https://example.com/v1/Users/08e1d05d-121c-4561-8b96-473d93df9210";, >>>>>>>>>>> "value": "08e1d05d-121c-4561-8b96-473d93df9210" >>>>>>>>>>> } >>>>>>>>>>> ] >>>>>>>>>>> } >>>>>>>>>>> >>>>>>>>>>> Current charon [2] implementation does not decode single member >>>>>>>>>>> into member object and rather it sends members id as a String array >>>>>>>>>>> list or >>>>>>>>>>> members display name as a String array list. This is a kind of major >>>>>>>>>>> bottleneck to implement selective delete operation. >>>>>>>>>>> >>>>>>>>>>> Are we going to scope PATCH implementation? >>>>>>>>>>> >>>>>>>>>>> WDYT? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> [1] >>>>>>>>>>> http://tools.ietf.org/html/draft-ietf-scim-api-02#section-3.3.2 >>>>>>>>>>> >>>>>>>>>>> [2] https://docs.wso2.com/display/IS500/Working+with+SCIM >>>>>>>>>>> -- >>>>>>>>>>> Gayan Gunawardana >>>>>>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>>>>>> Email: [email protected] >>>>>>>>>>> Mobile: +94 (71) 8020933 >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Ishara Karunarathna >>>>>>>>>> Senior Software Engineer >>>>>>>>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>>>>>>>>> >>>>>>>>>> email: [email protected], blog: isharaaruna.blogspot.com, >>>>>>>>>> mobile: +94 718211678 >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Gayan Gunawardana >>>>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>>>> Email: [email protected] >>>>>>>>> Mobile: +94 (71) 8020933 >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Ishara Karunarathna >>>>>>>> Senior Software Engineer >>>>>>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>>>>>>> >>>>>>>> email: [email protected], blog: isharaaruna.blogspot.com, >>>>>>>> mobile: +94 718211678 >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Thanks & Regards, >>>>>>> >>>>>>> *Johann Dilantha Nallathamby* >>>>>>> Associate Technical Lead & Product Lead of WSO2 Identity Server >>>>>>> Integration Technologies Team >>>>>>> WSO2, Inc. >>>>>>> lean.enterprise.middleware >>>>>>> >>>>>>> Mobile - *+94777776950* >>>>>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Gayan Gunawardana >>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>> Email: [email protected] >>>>>> Mobile: +94 (71) 8020933 >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Gayan Gunawardana >>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>> Email: [email protected] >>>>> Mobile: +94 (71) 8020933 >>>>> >>>> >>>> >>>> >>>> -- >>>> Ishara Karunarathna >>>> Senior Software Engineer >>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>>> >>>> email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94 >>>> 718211678 >>>> >>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Associate Technical Lead & Product Lead of WSO2 Identity Server >>> Integration Technologies Team >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >> >> >> >> -- >> Ishara Karunarathna >> Senior Software Engineer >> WSO2 Inc. - lean . enterprise . middleware | wso2.com >> >> email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94 >> 718211678 >> > > > > -- > Gayan Gunawardana > Software Engineer; WSO2 Inc.; http://wso2.com/ > Email: [email protected] > Mobile: +94 (71) 8020933 > -- Gayan Gunawardana Software Engineer; WSO2 Inc.; http://wso2.com/ Email: [email protected] Mobile: +94 (71) 8020933
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
