Hi, We have the same issue for admin group. Created another JIRA to track the that issue.
https://wso2.org/jira/browse/IDENTITY-6205 Thanks, On Fri, Jul 21, 2017 at 2:37 PM, Indunil Upeksha Rathnayake < [email protected]> wrote: > Hi, > > > > On Fri, Jul 21, 2017 at 2:29 PM, Gayan Gunawardana <[email protected]> wrote: > >> Whatever the implementation behavior should be identical among user list >> command and user filter command. With new implementation if admin user has >> SCIM ID it will be returned from both list and filter. >> > > Yes. I have created a JIRA to handle this issue. > > [1] https://wso2.org/jira/browse/IDENTITY-6177 > > >> On Fri, Jul 21, 2017 at 2:17 PM, Hasanthi Purnima Dissanayake < >> [email protected]> wrote: >> >>> Hi Indunil, >>> >>> Please refer following mail in Architecture [1]. Seems Sathya is going >>> to provide SCIM support for admin users by generating admin users' SCIM >>> userId. After this implementation it seems this issue will be fixed. >>> >>> [1] mail : [Architecture] [IS] SCIM Support for Admin Users >>> >>> Thanks, >>> >>> Hasanthi Dissanayake >>> >>> Software Engineer | WSO2 >>> >>> E: [email protected] >>> M :0718407133| http://wso2.com <http://wso2.com/> >>> >>> On Fri, Jul 21, 2017 at 2:11 PM, Gayan Gunawardana <[email protected]> >>> wrote: >>> >>>> >>>> >>>> On Fri, Jul 21, 2017 at 2:06 PM, Indunil Upeksha Rathnayake < >>>> [email protected]> wrote: >>>> >>>>> Hi, >>>>> >>>>> I have checked followings with IS 5.3.0 WUM updated pack. >>>>> >>>>> 1) List users >>>>> curl -v -k --user admin:admin https://localhost:9443/wso2/scim/Users >>>>> Result: *{"Errors":[{"description":"Users not found in the user >>>>> store.","code":"404"}]}* >>>>> >>>>> 2) Filter admin user >>>>> curl -v -k --user admin:admin https://localhost:9443/wso2/sc >>>>> im/Users?filter=userName+Eq+%22admin%22 >>>>> Result: >>>>> *{"schemas":["urn:scim:schemas:core:1.0"],"totalResults":1,"Resources":[{"userName":"admin"}]}* >>>>> >>>>> Seems like there is a contradiction here. When listing all the users, >>>>> admin user details won't retrieved, but retrieved with the filtering. >>>>> Since >>>>> admin user doesn't have a SCIM ID, it shouldn't retrieved in any >>>>> scenarios. >>>>> WDT? >>>>> >>>> Yes so filter command should not return admin user if it doesn't have >>>> SCIM ID. >>>> >>>>> >>>>> Thanks and Regards >>>>> >>>>> >>>>> On Fri, Nov 6, 2015 at 9:33 AM, Nadeesha Meegoda <[email protected]> >>>>> wrote: >>>>> >>>>>> Thanks Chamila. Unerstood! >>>>>> >>>>>> On Thu, Nov 5, 2015 at 9:48 PM, Chamila Wijayarathna < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Nadeesha, >>>>>>> >>>>>>> As I mentioned in my previous mail, super admin and tenant admin are >>>>>>> not created with a SCIM ID, so you can't retrieve them using SCIM GET. >>>>>>> >>>>>>> I was suggesting above request to get other users of tenant, if you >>>>>>> are interested, since the command you were using previously for >>>>>>> retrieving >>>>>>> tenant users were wrong. >>>>>>> >>>>>>> Thanks >>>>>>> >>>>>>> On Thu, Nov 5, 2015 at 5:03 PM, Nadeesha Meegoda <[email protected] >>>>>>> > wrote: >>>>>>> >>>>>>>> Hi all, >>>>>>>> >>>>>>>> So I requested to get the SCIM ID as what Chamila mentioned by the >>>>>>>> following command >>>>>>>> curl -v -k --user [email protected]:123456 >>>>>>>> https://localhost:9443/wso2/scim/Users?filter=userNameEqtenant >>>>>>>> >>>>>>>> But still this doesn't give any result only a http 404 error. So >>>>>>>> tenant admins also are considered for the special flaw? >>>>>>>> >>>>>>>> On Thu, Nov 5, 2015 at 3:41 PM, Gayan Gunawardana <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On Thu, Nov 5, 2015 at 3:13 PM, Darshana Gunawardana < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Thu, Nov 5, 2015 at 12:45 PM, Gayan Gunawardana < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Thu, Nov 5, 2015 at 11:26 AM, Chamila Wijayarathna < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi Nadeesha, >>>>>>>>>>>> >>>>>>>>>>>> When creating super admin or tenant admin users, they don't get >>>>>>>>>>>> created with a SCIM ID since they are considered as special users >>>>>>>>>>>> in IS. >>>>>>>>>>>> Because of this when listing users through scim, those users will >>>>>>>>>>>> not get >>>>>>>>>>>> listed. >>>>>>>>>>>> But if you want, you can add a SCIM ID manually by updating the >>>>>>>>>>>> user and then you will be able to list the also as SCIM Users. >>>>>>>>>>>> >>>>>>>>>>>> When listing users of tenants, you need to use credentials of >>>>>>>>>>>> tenant admin users. When sending SCIM request with admin:admin, >>>>>>>>>>>> you will >>>>>>>>>>>> only see users at super tenant. Also for filter, don't use @ >>>>>>>>>>>> tenant.com, because if u logged in as tenant admin and list >>>>>>>>>>>> users, there you won't see user name with @tenant.com, so your >>>>>>>>>>>> curl command to filter a user at tenant should be as follows. >>>>>>>>>>>> >>>>>>>>>>>> curl -v -k --user [email protected]:admin123 http >>>>>>>>>>>> s://localhost:9443/wso2/scim/Users?filter=userNameEqtenant >>>>>>>>>>>> <https://localhost:9443/wso2/scim/[email protected]> >>>>>>>>>>>> >>>>>>>>>>>> Thanks >>>>>>>>>>>> >>>>>>>>>>>> On Wed, Nov 4, 2015 at 8:40 PM, Nadeesha Meegoda < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hi Chamila, >>>>>>>>>>>>> >>>>>>>>>>>>> I'm using the embedded ldap which comes default in IS. In that >>>>>>>>>>>>> SCIM comes enabled as default. >>>>>>>>>>>>> >>>>>>>>>>>>> On Wed, Nov 4, 2015 at 6:27 PM, Chamila Wijayarathna < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi Nadeesha, >>>>>>>>>>>>>> >>>>>>>>>>>>>> What is the value of SCIMEnabled configuration in your >>>>>>>>>>>>>> user-mgt.xml? >>>>>>>>>>>>>> >>>>>>>>>>>>>> Are you using LDAP or JDBC user store manager? >>>>>>>>>>>>>> >>>>>>>>>>>>> @Chamila >>>>>>>>>>> >>>>>>>>>>> admin user is added in very fist server start up by calling >>>>>>>>>>> "addInitialAdminData" in AbstractUserStoreManager. In embedded ldap >>>>>>>>>>> scenario concrete "doAddUser" method will be invoked in >>>>>>>>>>> ReadWriteLDAPUserStoreManager so user will be directly added to >>>>>>>>>>> user store >>>>>>>>>>> without going through SCIM listener (without going through any >>>>>>>>>>> listener). >>>>>>>>>>> Since there is no SCIM listener engagement SCIM ID will not be >>>>>>>>>>> added to >>>>>>>>>>> user store. >>>>>>>>>>> >>>>>>>>>>> I am not sure about we are not getting SCIM ID just because of >>>>>>>>>>> admin user is a special user or kind of implementation we have >>>>>>>>>>> right now. >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Chamila checked with me on this and he meant admin user is >>>>>>>>>> special due to the same reason you explained above. Basically admin >>>>>>>>>> user is >>>>>>>>>> created through special flow compared to normal users. >>>>>>>>>> >>>>>>>>> If we generate SCIM ID even in that special flaw. Is that correct >>>>>>>>> ? >>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Adding Johann. >>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Wed, Nov 4, 2015 at 6:20 PM, Nadeesha Meegoda < >>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi IS Team, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I was trying to filter and get admin users SCIM ID and >>>>>>>>>>>>>>> failed, even tried for tenant admin and still I couldn't filter >>>>>>>>>>>>>>> and get the >>>>>>>>>>>>>>> SCIM ID >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Command used : >>>>>>>>>>>>>>> curl -v -k --user admin:admin https://localhost:9443/wso2/sc >>>>>>>>>>>>>>> im/Users?filter=userNameEqadmin >>>>>>>>>>>>>>> curl -v -k --user admin:admin https://localhost:9443/wso2/sc >>>>>>>>>>>>>>> im/[email protected] >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Searching through the jira found out that in the past, >>>>>>>>>>>>>>> listing admin users as scim users were removed as per [1] >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> How can we filter and get the admin/tenant admin SCIM ID? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> [1] - https://wso2.org/jira/browse/IDENTITY-503 >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> *Nadeesha Meegoda* >>>>>>>>>>>>>>> Software Engineer - QA >>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>> email : [email protected] >>>>>>>>>>>>>>> mobile: +94783639540 >>>>>>>>>>>>>>> <%2B94%2077%202273555> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>> Mobile:(+94)788193620 >>>>>>>>>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> *Nadeesha Meegoda* >>>>>>>>>>>>> Software Engineer - QA >>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>> email : [email protected] >>>>>>>>>>>>> mobile: +94783639540 >>>>>>>>>>>>> <%2B94%2077%202273555> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>>>>>>> Software Engineer >>>>>>>>>>>> Mobile:(+94)788193620 >>>>>>>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Gayan Gunawardana >>>>>>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>>>>>> Email: [email protected] >>>>>>>>>>> Mobile: +94 (71) 8020933 >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Regards, >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> *Darshana Gunawardana*Senior Software Engineer >>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>> >>>>>>>>>> *E-mail: [email protected] <[email protected]>* >>>>>>>>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . >>>>>>>>>> Middleware >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Gayan Gunawardana >>>>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>>>> Email: [email protected] >>>>>>>>> Mobile: +94 (71) 8020933 >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Nadeesha Meegoda* >>>>>>>> Software Engineer - QA >>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>> lean.enterprise.middleware >>>>>>>> email : [email protected] >>>>>>>> mobile: +94783639540 >>>>>>>> <%2B94%2077%202273555> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>> Software Engineer >>>>>>> Mobile:(+94)788193620 >>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Nadeesha Meegoda* >>>>>> Software Engineer - QA >>>>>> WSO2 Inc.; http://wso2.com >>>>>> lean.enterprise.middleware >>>>>> email : [email protected] >>>>>> mobile: +94783639540 >>>>>> <%2B94%2077%202273555> >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Indunil Upeksha Rathnayake >>>>> Software Engineer | WSO2 Inc >>>>> Email [email protected] >>>>> Mobile 0772182255 >>>>> >>>> >>>> >>>> >>>> -- >>>> Gayan Gunawardana >>>> Senior Software Engineer; WSO2 Inc.; http://wso2.com/ >>>> Email: [email protected] >>>> Mobile: +94 (71) 8020933 >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >> >> >> -- >> Gayan Gunawardana >> Senior Software Engineer; WSO2 Inc.; http://wso2.com/ >> Email: [email protected] >> Mobile: +94 (71) 8020933 >> > > > > -- > Indunil Upeksha Rathnayake > Software Engineer | WSO2 Inc > Email [email protected] > Mobile 0772182255 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Regards, *Darshana Gunawardana*Associate Technical Lead WSO2 Inc.; http://wso2.com *E-mail: [email protected] <[email protected]>* *Mobile: +94718566859*Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
