Kind reminder. Any thoughts??
Στις Δευτέρα, 30 Νοεμβρίου 2020 στις 3:03:40 μ.μ. UTC+2, ο χρήστης Fotis M έγραψε: > Hello to everyone, > > Right now only one scim server/target can be configured in cas via the > following properties > > # cas.scim.version=2 > # cas.scim.target= > # cas.scim.oauthToken= > # cas.scim.username= > # cas.scim.password= > > Ηοwever that creates two problems. > 1) All services must use the same scim server/target > 2) Data from services that we do not want to have a relationship with > scim, are being sent > to the scim server. > > In order to fix these two problems, we would like to implement scim, > based on a per service configuration. > > We are currently thinking two different approaches to accomplish that. > > 1) add the scim properties(version,target,oauthToken,username,password) > as fields to AbstractRegisteredService.java. Then, refactor the scim > module to read the necessary scim properties to contact the scim target > from the properties of the specific service, instead of trying to call the > same scim target regardless of which service actually used cas. > > 2) change the scim cas properties to a list so multiple server/targets can > be configured via cas. properties. > For example the scim part of cas.properties could look like that. > cas.scim[0]version=2 > cas.scim[0].target= GoogleServerHere > cas.scim[0].oauthToken= ASecretToken > cas.scim[0].username= OurCompanyUsername > cas.scim[0].password= OneCompanyPassword > > > cas.scim[1]version=2 > cas.scim[1].target= WebexServerHere > cas.scim[1].oauthToken= AnotherVerySecretToken > cas.scim[1].username= OurCompanyUsername > cas.scim[1].password= SecondCompanyPassword > > After that add a single new field-property to > AbstractRegisteredService.java, for example > String ScimTargetChoice, in order to allow each service to pick whichever > server/target ti wants, among the choices listed in cas.properties. Then > refactor the scim module to accommodate for the changes. > > We are leaning towards the second approach. > Do you find one of the approaches preferable to the other? Is there a > better way to implement the new functionality that we haven't thought? > > Best regards, > Fotis > > > -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/4b21a372-dab4-4334-a013-9b0bd7f85bb5n%40apereo.org.
