Whatever the implementation behavior should be identical among user list command and user filter command. With new implementation if admin user has SCIM ID it will be returned from both list and filter.
On Fri, Jul 21, 2017 at 2:17 PM, Hasanthi Purnima Dissanayake < hasan...@wso2.com> wrote: > Hi Indunil, > > Please refer following mail in Architecture [1]. Seems Sathya is going to > provide SCIM support for admin users by generating admin users' SCIM > userId. After this implementation it seems this issue will be fixed. > > [1] mail : [Architecture] [IS] SCIM Support for Admin Users > > Thanks, > > Hasanthi Dissanayake > > Software Engineer | WSO2 > > E: hasan...@wso2.com > M :0718407133| http://wso2.com <http://wso2.com/> > > On Fri, Jul 21, 2017 at 2:11 PM, Gayan Gunawardana <ga...@wso2.com> wrote: > >> >> >> On Fri, Jul 21, 2017 at 2:06 PM, Indunil Upeksha Rathnayake < >> indu...@wso2.com> wrote: >> >>> Hi, >>> >>> I have checked followings with IS 5.3.0 WUM updated pack. >>> >>> 1) List users >>> curl -v -k --user admin:admin https://localhost:9443/wso2/scim/Users >>> Result: *{"Errors":[{"description":"Users not found in the user >>> store.","code":"404"}]}* >>> >>> 2) Filter admin user >>> curl -v -k --user admin:admin https://localhost:9443/wso2/sc >>> im/Users?filter=userName+Eq+%22admin%22 >>> Result: >>> *{"schemas":["urn:scim:schemas:core:1.0"],"totalResults":1,"Resources":[{"userName":"admin"}]}* >>> >>> Seems like there is a contradiction here. When listing all the users, >>> admin user details won't retrieved, but retrieved with the filtering. Since >>> admin user doesn't have a SCIM ID, it shouldn't retrieved in any scenarios. >>> WDT? >>> >> Yes so filter command should not return admin user if it doesn't have >> SCIM ID. >> >>> >>> Thanks and Regards >>> >>> >>> On Fri, Nov 6, 2015 at 9:33 AM, Nadeesha Meegoda <nadees...@wso2.com> >>> wrote: >>> >>>> Thanks Chamila. Unerstood! >>>> >>>> On Thu, Nov 5, 2015 at 9:48 PM, Chamila Wijayarathna <cham...@wso2.com> >>>> wrote: >>>> >>>>> Hi Nadeesha, >>>>> >>>>> As I mentioned in my previous mail, super admin and tenant admin are >>>>> not created with a SCIM ID, so you can't retrieve them using SCIM GET. >>>>> >>>>> I was suggesting above request to get other users of tenant, if you >>>>> are interested, since the command you were using previously for retrieving >>>>> tenant users were wrong. >>>>> >>>>> Thanks >>>>> >>>>> On Thu, Nov 5, 2015 at 5:03 PM, Nadeesha Meegoda <nadees...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> So I requested to get the SCIM ID as what Chamila mentioned by the >>>>>> following command >>>>>> curl -v -k --user ten...@new.com:123456 >>>>>> https://localhost:9443/wso2/scim/Users?filter=userNameEqtenant >>>>>> >>>>>> But still this doesn't give any result only a http 404 error. So >>>>>> tenant admins also are considered for the special flaw? >>>>>> >>>>>> On Thu, Nov 5, 2015 at 3:41 PM, Gayan Gunawardana <ga...@wso2.com> >>>>>> wrote: >>>>>> >>>>>>> >>>>>>> >>>>>>> On Thu, Nov 5, 2015 at 3:13 PM, Darshana Gunawardana < >>>>>>> darsh...@wso2.com> wrote: >>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Nov 5, 2015 at 12:45 PM, Gayan Gunawardana <ga...@wso2.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On Thu, Nov 5, 2015 at 11:26 AM, Chamila Wijayarathna < >>>>>>>>> cham...@wso2.com> wrote: >>>>>>>>> >>>>>>>>>> Hi Nadeesha, >>>>>>>>>> >>>>>>>>>> When creating super admin or tenant admin users, they don't get >>>>>>>>>> created with a SCIM ID since they are considered as special users in >>>>>>>>>> IS. >>>>>>>>>> Because of this when listing users through scim, those users will >>>>>>>>>> not get >>>>>>>>>> listed. >>>>>>>>>> But if you want, you can add a SCIM ID manually by updating the >>>>>>>>>> user and then you will be able to list the also as SCIM Users. >>>>>>>>>> >>>>>>>>>> When listing users of tenants, you need to use credentials of >>>>>>>>>> tenant admin users. When sending SCIM request with admin:admin, you >>>>>>>>>> will >>>>>>>>>> only see users at super tenant. Also for filter, don't use @ >>>>>>>>>> tenant.com, because if u logged in as tenant admin and list >>>>>>>>>> users, there you won't see user name with @tenant.com, so your >>>>>>>>>> curl command to filter a user at tenant should be as follows. >>>>>>>>>> >>>>>>>>>> curl -v -k --user ad...@tenant.com:admin123 http >>>>>>>>>> s://localhost:9443/wso2/scim/Users?filter=userNameEqtenant >>>>>>>>>> <https://localhost:9443/wso2/scim/Users?filter=usernameeqten...@hello.com> >>>>>>>>>> >>>>>>>>>> Thanks >>>>>>>>>> >>>>>>>>>> On Wed, Nov 4, 2015 at 8:40 PM, Nadeesha Meegoda < >>>>>>>>>> nadees...@wso2.com> wrote: >>>>>>>>>> >>>>>>>>>>> Hi Chamila, >>>>>>>>>>> >>>>>>>>>>> I'm using the embedded ldap which comes default in IS. In that >>>>>>>>>>> SCIM comes enabled as default. >>>>>>>>>>> >>>>>>>>>>> On Wed, Nov 4, 2015 at 6:27 PM, Chamila Wijayarathna < >>>>>>>>>>> cham...@wso2.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi Nadeesha, >>>>>>>>>>>> >>>>>>>>>>>> What is the value of SCIMEnabled configuration in your >>>>>>>>>>>> user-mgt.xml? >>>>>>>>>>>> >>>>>>>>>>>> Are you using LDAP or JDBC user store manager? >>>>>>>>>>>> >>>>>>>>>>> @Chamila >>>>>>>>> >>>>>>>>> admin user is added in very fist server start up by calling >>>>>>>>> "addInitialAdminData" in AbstractUserStoreManager. In embedded ldap >>>>>>>>> scenario concrete "doAddUser" method will be invoked in >>>>>>>>> ReadWriteLDAPUserStoreManager so user will be directly added to user >>>>>>>>> store >>>>>>>>> without going through SCIM listener (without going through any >>>>>>>>> listener). >>>>>>>>> Since there is no SCIM listener engagement SCIM ID will not be added >>>>>>>>> to >>>>>>>>> user store. >>>>>>>>> >>>>>>>>> I am not sure about we are not getting SCIM ID just because of >>>>>>>>> admin user is a special user or kind of implementation we have right >>>>>>>>> now. >>>>>>>>> >>>>>>>> >>>>>>>> Chamila checked with me on this and he meant admin user is special >>>>>>>> due to the same reason you explained above. Basically admin user is >>>>>>>> created >>>>>>>> through special flow compared to normal users. >>>>>>>> >>>>>>> If we generate SCIM ID even in that special flaw. Is that correct ? >>>>>>> >>>>>>>> >>>>>>>> Thanks, >>>>>>>> >>>>>>>>> >>>>>>>>> Adding Johann. >>>>>>>>> >>>>>>>>>> >>>>>>>>>>>> Thanks >>>>>>>>>>>> >>>>>>>>>>>> On Wed, Nov 4, 2015 at 6:20 PM, Nadeesha Meegoda < >>>>>>>>>>>> nadees...@wso2.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hi IS Team, >>>>>>>>>>>>> >>>>>>>>>>>>> I was trying to filter and get admin users SCIM ID and failed, >>>>>>>>>>>>> even tried for tenant admin and still I couldn't filter and get >>>>>>>>>>>>> the SCIM ID >>>>>>>>>>>>> >>>>>>>>>>>>> Command used : >>>>>>>>>>>>> curl -v -k --user admin:admin https://localhost:9443/wso2/sc >>>>>>>>>>>>> im/Users?filter=userNameEqadmin >>>>>>>>>>>>> curl -v -k --user admin:admin https://localhost:9443/wso2/sc >>>>>>>>>>>>> im/Users?filter=usernameeqten...@hello.com >>>>>>>>>>>>> >>>>>>>>>>>>> Searching through the jira found out that in the past, listing >>>>>>>>>>>>> admin users as scim users were removed as per [1] >>>>>>>>>>>>> >>>>>>>>>>>>> How can we filter and get the admin/tenant admin SCIM ID? >>>>>>>>>>>>> >>>>>>>>>>>>> [1] - https://wso2.org/jira/browse/IDENTITY-503 >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> *Nadeesha Meegoda* >>>>>>>>>>>>> Software Engineer - QA >>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>> email : nadees...@wso2.com >>>>>>>>>>>>> mobile: +94783639540 >>>>>>>>>>>>> <%2B94%2077%202273555> >>>>>>>>>>>>> >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>> Dev@wso2.org >>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>>>>>>> Software Engineer >>>>>>>>>>>> Mobile:(+94)788193620 >>>>>>>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> *Nadeesha Meegoda* >>>>>>>>>>> Software Engineer - QA >>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>> email : nadees...@wso2.com >>>>>>>>>>> mobile: +94783639540 >>>>>>>>>>> <%2B94%2077%202273555> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>>>>> Software Engineer >>>>>>>>>> Mobile:(+94)788193620 >>>>>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Gayan Gunawardana >>>>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>>>> Email: ga...@wso2.com >>>>>>>>> Mobile: +94 (71) 8020933 >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Regards, >>>>>>>> >>>>>>>> >>>>>>>> *Darshana Gunawardana*Senior Software Engineer >>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>> >>>>>>>> *E-mail: darsh...@wso2.com <darsh...@wso2.com>* >>>>>>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . >>>>>>>> Middleware >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Gayan Gunawardana >>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>> Email: ga...@wso2.com >>>>>>> Mobile: +94 (71) 8020933 >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Nadeesha Meegoda* >>>>>> Software Engineer - QA >>>>>> WSO2 Inc.; http://wso2.com >>>>>> lean.enterprise.middleware >>>>>> email : nadees...@wso2.com >>>>>> mobile: +94783639540 >>>>>> <%2B94%2077%202273555> >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> *Chamila Dilshan Wijayarathna,* >>>>> Software Engineer >>>>> Mobile:(+94)788193620 >>>>> WSO2 Inc., http://wso2.com/ >>>>> >>>> >>>> >>>> >>>> -- >>>> *Nadeesha Meegoda* >>>> Software Engineer - QA >>>> WSO2 Inc.; http://wso2.com >>>> lean.enterprise.middleware >>>> email : nadees...@wso2.com >>>> mobile: +94783639540 >>>> <%2B94%2077%202273555> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Indunil Upeksha Rathnayake >>> Software Engineer | WSO2 Inc >>> Email indu...@wso2.com >>> Mobile 0772182255 >>> >> >> >> >> -- >> Gayan Gunawardana >> Senior Software Engineer; WSO2 Inc.; http://wso2.com/ >> Email: ga...@wso2.com >> Mobile: +94 (71) 8020933 >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > -- Gayan Gunawardana Senior Software Engineer; WSO2 Inc.; http://wso2.com/ Email: ga...@wso2.com Mobile: +94 (71) 8020933
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
