On Mon, Sep 21, 2015 at 12:49 AM, Ishara Karunarathna <[email protected]> wrote:
> Hi Prabath, > > On Mon, Sep 21, 2015 at 12:09 PM, Prabath Siriwardena <[email protected]> > wrote: > >> It looks like from the architecture, whether its a dumb or smart is a >> decision made at the SCIM level, not at the provisioning framework level.. >> Is that right..? >> > Yes. > With the current implementation provisioning framework engages in outbound > provisioning only (Works as outbound provisioning framework). In that case > each Inbound provisioning connector has to decide for each SP > configurations whether it works in dumb mode or in smart mode. > And this is only available for SCIM provisioning as It was implemented > from IS 4.6.0 onwards. > This we need to fix. That decision has to be made by the provisioning framework - not by the individual provisioning connector... Thanks & regards, -Prabath > >> Also - I could not find the 'Enable Dumb Mode' option in alpha... >> > Yes this UI option is not yet merged. > > > Thanks, > Ishara > >> >> Thanks & regards, >> -Prabath >> >> On Sun, Sep 20, 2015 at 10:33 PM, Gayan Gunawardana <[email protected]> >> wrote: >> >>> Hi All, >>> >>> In WSO2IS 4.6.0 for SCIM, both inbound and outbound provisioning handled >>> by SCIM provider components. At that time SCIM supported for both Smart and >>> Dumb mode identity provisioning. >>> >>> In WSO2IS 5.0.0 with the introduction of provisioning framework, >>> outbound provisioning was handled by provisioning framework with the >>> support of provisioning connectors. But this dumb mode capability did not >>> move to provisioning framework or SCIM outbound connector. >>> >>> [IDENTITY-3495] We did a refactoring on SCIM provider for WSO2IS 5.1.0 >>> and removed dumb mode implementation from SCIM provider. And here we are >>> going to merge that capability to provisioning framework. >>> >>> >>> Smart Mode SCIM Outbound Provisioning (Green Colour flaw ) >>> >>> In smart mode SCIMUserManager invokes CarbonUserManager to do user >>> operations and meantime DefaultInboundUserProvisioningListener will be >>> fired. DefaultInboundUserProvisioningListener invoke OutboundProvisioning >>> Manager to get list of associated provisioning connectors (Salesforce, >>> Google, SCIM) and execute provisioning via connectors. In this case all >>> SCIM inbound requests deal with Internal user stores as well as send >>> provisions request to outside as well. >>> >>> Dumb Mode SCIM Outbound Provisioning >>> >>> Dumb mode provisioning is useful if there is a requirement to send >>> provisioning request to only outside (via provisioning connectors like >>> Salesforce, Google, SCIM) without store them where WSO2IS act as a >>> provisioning hub. In this case SCIMUserManager directly talk to >>> OutboundProvisioningManager to execute provisioning via provisioning >>> connectors. >>> >>> >>> >>> [image: dumb.png] >>> >>> >>> Service provider vise we can configure whether it operate in dumb mode >>> or smart mode. >>> >>> >>> >>> [image: Screen Shot 2015-09-20 at 9.13.05 AM.png] >>> >>> >>> And in Hub identity server keep track of all identities in connected >>> IDPs with a unique ID specific to each IDP (SCIM_ID, username etc), IDP >>> name, Local unique id, Local user name. >>> >>> For both smart mode and dumb mode we keep this data which will help us >>> to implement a distributed user view of the user in future. >>> >>> >>> -- >>> Gayan Gunawardana >>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>> Email: [email protected] >>> Mobile: +94 (71) 8020933 >>> >> >> >> >> -- >> Thanks & Regards, >> Prabath >> >> Twitter : @prabath >> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena >> >> Mobile : +1 650 625 7950 >> >> http://blog.facilelogin.com >> http://blog.api-security.org >> > > > > -- > Ishara Karunarathna > Senior Software Engineer > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: [email protected], blog: isharaaruna.blogspot.com, mobile: > +94717996791 > -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://blog.facilelogin.com http://blog.api-security.org
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
