IAM Team,
I found below two critical issues in IS 5.3.0 SCIM 1.1 implementation.
1. Users/{id} PATCH operation expects the "schemas" attribute to be empty.
If the core schema value is given it throws an error [1].
2. "userName" attribute is mandatory in Users/{id} PATCH operation. This is
not the case according to the spec [2].
I think the first issue is a MUST fix. Because all the users who will try
our SCIM patch implementation will face this issue and discontinue
trying/using WSO2 IS 5.3.0. So I think this must be fixed.
The second issue seems to be a problem with our implementation design. I
don't know if this could be easily fixed. May be it can be fixed at the
cost of performance. Someone has to check on this. But if that is the case
what is going to be our stance here? Compliance vs. Performance. Which side
do we take? I would say compliance is more important. What are your
thoughts?
[1] https://wso2.org/jira/browse/IDENTITY-6271
[2] https://wso2.org/jira/browse/IDENTITY-6272
Thanks & Regards,
Johann.
--
*Johann Dilantha Nallathamby*
Senior Lead Solutions Engineer
WSO2, Inc.
lean.enterprise.middleware
Mobile - *+94777776950*
Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
