On Fri, Jul 21, 2017 at 2:06 PM, Indunil Upeksha Rathnayake < [email protected]> wrote:
> Hi, > > I have checked followings with IS 5.3.0 WUM updated pack. > > 1) List users > curl -v -k --user admin:admin https://localhost:9443/wso2/scim/Users > Result: *{"Errors":[{"description":"Users not found in the user > store.","code":"404"}]}* > > 2) Filter admin user > curl -v -k --user admin:admin https://localhost:9443/wso2/ > scim/Users?filter=userName+Eq+%22admin%22 > Result: > *{"schemas":["urn:scim:schemas:core:1.0"],"totalResults":1,"Resources":[{"userName":"admin"}]}* > > Seems like there is a contradiction here. When listing all the users, > admin user details won't retrieved, but retrieved with the filtering. Since > admin user doesn't have a SCIM ID, it shouldn't retrieved in any scenarios. > WDT? > Yes so filter command should not return admin user if it doesn't have SCIM ID. > > Thanks and Regards > > > On Fri, Nov 6, 2015 at 9:33 AM, Nadeesha Meegoda <[email protected]> > wrote: > >> Thanks Chamila. Unerstood! >> >> On Thu, Nov 5, 2015 at 9:48 PM, Chamila Wijayarathna <[email protected]> >> wrote: >> >>> Hi Nadeesha, >>> >>> As I mentioned in my previous mail, super admin and tenant admin are not >>> created with a SCIM ID, so you can't retrieve them using SCIM GET. >>> >>> I was suggesting above request to get other users of tenant, if you are >>> interested, since the command you were using previously for retrieving >>> tenant users were wrong. >>> >>> Thanks >>> >>> On Thu, Nov 5, 2015 at 5:03 PM, Nadeesha Meegoda <[email protected]> >>> wrote: >>> >>>> Hi all, >>>> >>>> So I requested to get the SCIM ID as what Chamila mentioned by the >>>> following command >>>> curl -v -k --user [email protected]:123456 https://localhost:9443/wso2/sc >>>> im/Users?filter=userNameEqtenant >>>> >>>> But still this doesn't give any result only a http 404 error. So tenant >>>> admins also are considered for the special flaw? >>>> >>>> On Thu, Nov 5, 2015 at 3:41 PM, Gayan Gunawardana <[email protected]> >>>> wrote: >>>> >>>>> >>>>> >>>>> On Thu, Nov 5, 2015 at 3:13 PM, Darshana Gunawardana < >>>>> [email protected]> wrote: >>>>> >>>>>> >>>>>> >>>>>> On Thu, Nov 5, 2015 at 12:45 PM, Gayan Gunawardana <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> >>>>>>> >>>>>>> On Thu, Nov 5, 2015 at 11:26 AM, Chamila Wijayarathna < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi Nadeesha, >>>>>>>> >>>>>>>> When creating super admin or tenant admin users, they don't get >>>>>>>> created with a SCIM ID since they are considered as special users in >>>>>>>> IS. >>>>>>>> Because of this when listing users through scim, those users will not >>>>>>>> get >>>>>>>> listed. >>>>>>>> But if you want, you can add a SCIM ID manually by updating the >>>>>>>> user and then you will be able to list the also as SCIM Users. >>>>>>>> >>>>>>>> When listing users of tenants, you need to use credentials of >>>>>>>> tenant admin users. When sending SCIM request with admin:admin, you >>>>>>>> will >>>>>>>> only see users at super tenant. Also for filter, don't use @ >>>>>>>> tenant.com, because if u logged in as tenant admin and list users, >>>>>>>> there you won't see user name with @tenant.com, so your curl >>>>>>>> command to filter a user at tenant should be as follows. >>>>>>>> >>>>>>>> curl -v -k --user [email protected]:admin123 http >>>>>>>> s://localhost:9443/wso2/scim/Users?filter=userNameEqtenant >>>>>>>> <https://localhost:9443/wso2/scim/[email protected]> >>>>>>>> >>>>>>>> Thanks >>>>>>>> >>>>>>>> On Wed, Nov 4, 2015 at 8:40 PM, Nadeesha Meegoda < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi Chamila, >>>>>>>>> >>>>>>>>> I'm using the embedded ldap which comes default in IS. In that >>>>>>>>> SCIM comes enabled as default. >>>>>>>>> >>>>>>>>> On Wed, Nov 4, 2015 at 6:27 PM, Chamila Wijayarathna < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi Nadeesha, >>>>>>>>>> >>>>>>>>>> What is the value of SCIMEnabled configuration in your >>>>>>>>>> user-mgt.xml? >>>>>>>>>> >>>>>>>>>> Are you using LDAP or JDBC user store manager? >>>>>>>>>> >>>>>>>>> @Chamila >>>>>>> >>>>>>> admin user is added in very fist server start up by calling >>>>>>> "addInitialAdminData" in AbstractUserStoreManager. In embedded ldap >>>>>>> scenario concrete "doAddUser" method will be invoked in >>>>>>> ReadWriteLDAPUserStoreManager so user will be directly added to user >>>>>>> store >>>>>>> without going through SCIM listener (without going through any >>>>>>> listener). >>>>>>> Since there is no SCIM listener engagement SCIM ID will not be added to >>>>>>> user store. >>>>>>> >>>>>>> I am not sure about we are not getting SCIM ID just because of admin >>>>>>> user is a special user or kind of implementation we have right now. >>>>>>> >>>>>> >>>>>> Chamila checked with me on this and he meant admin user is special >>>>>> due to the same reason you explained above. Basically admin user is >>>>>> created >>>>>> through special flow compared to normal users. >>>>>> >>>>> If we generate SCIM ID even in that special flaw. Is that correct ? >>>>> >>>>>> >>>>>> Thanks, >>>>>> >>>>>>> >>>>>>> Adding Johann. >>>>>>> >>>>>>>> >>>>>>>>>> Thanks >>>>>>>>>> >>>>>>>>>> On Wed, Nov 4, 2015 at 6:20 PM, Nadeesha Meegoda < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Hi IS Team, >>>>>>>>>>> >>>>>>>>>>> I was trying to filter and get admin users SCIM ID and failed, >>>>>>>>>>> even tried for tenant admin and still I couldn't filter and get the >>>>>>>>>>> SCIM ID >>>>>>>>>>> >>>>>>>>>>> Command used : >>>>>>>>>>> curl -v -k --user admin:admin https://localhost:9443/wso2/sc >>>>>>>>>>> im/Users?filter=userNameEqadmin >>>>>>>>>>> curl -v -k --user admin:admin https://localhost:9443/wso2/sc >>>>>>>>>>> im/[email protected] >>>>>>>>>>> >>>>>>>>>>> Searching through the jira found out that in the past, listing >>>>>>>>>>> admin users as scim users were removed as per [1] >>>>>>>>>>> >>>>>>>>>>> How can we filter and get the admin/tenant admin SCIM ID? >>>>>>>>>>> >>>>>>>>>>> [1] - https://wso2.org/jira/browse/IDENTITY-503 >>>>>>>>>>> >>>>>>>>>>> Thanks >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> *Nadeesha Meegoda* >>>>>>>>>>> Software Engineer - QA >>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>> email : [email protected] >>>>>>>>>>> mobile: +94783639540 >>>>>>>>>>> <%2B94%2077%202273555> >>>>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Dev mailing list >>>>>>>>>>> [email protected] >>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>>>>> Software Engineer >>>>>>>>>> Mobile:(+94)788193620 >>>>>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> *Nadeesha Meegoda* >>>>>>>>> Software Engineer - QA >>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>> lean.enterprise.middleware >>>>>>>>> email : [email protected] >>>>>>>>> mobile: +94783639540 >>>>>>>>> <%2B94%2077%202273555> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>>> Software Engineer >>>>>>>> Mobile:(+94)788193620 >>>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Gayan Gunawardana >>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>> Email: [email protected] >>>>>>> Mobile: +94 (71) 8020933 >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Regards, >>>>>> >>>>>> >>>>>> *Darshana Gunawardana*Senior Software Engineer >>>>>> WSO2 Inc.; http://wso2.com >>>>>> >>>>>> *E-mail: [email protected] <[email protected]>* >>>>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Gayan Gunawardana >>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>> Email: [email protected] >>>>> Mobile: +94 (71) 8020933 >>>>> >>>> >>>> >>>> >>>> -- >>>> *Nadeesha Meegoda* >>>> Software Engineer - QA >>>> WSO2 Inc.; http://wso2.com >>>> lean.enterprise.middleware >>>> email : [email protected] >>>> mobile: +94783639540 >>>> <%2B94%2077%202273555> >>>> >>> >>> >>> >>> -- >>> *Chamila Dilshan Wijayarathna,* >>> Software Engineer >>> Mobile:(+94)788193620 >>> WSO2 Inc., http://wso2.com/ >>> >> >> >> >> -- >> *Nadeesha Meegoda* >> Software Engineer - QA >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> email : [email protected] >> mobile: +94783639540 >> <%2B94%2077%202273555> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Indunil Upeksha Rathnayake > Software Engineer | WSO2 Inc > Email [email protected] > Mobile 0772182255 > -- Gayan Gunawardana Senior Software Engineer; WSO2 Inc.; http://wso2.com/ Email: [email protected] Mobile: +94 (71) 8020933
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
