On Tue, Aug 15, 2017 at 10:44 PM, Johann Nallathamby <[email protected]>
wrote:
> IAM Team,
>
> I found below two critical issues in IS 5.3.0 SCIM 1.1 implementation.
>
> 1. Users/{id} PATCH operation expects the "schemas" attribute to be empty.
> If the core schema value is given it throws an error [1].
>
> 2. "userName" attribute is mandatory in Users/{id} PATCH operation. This
> is not the case according to the spec [2].
>
> I think the first issue is a MUST fix. Because all the users who will try
> our SCIM patch implementation will face this issue and discontinue
> trying/using WSO2 IS 5.3.0. So I think this must be fixed.
>
Yes we have to look at fixing this issue in backward-compatible manner.
>
> The second issue seems to be a problem with our implementation design. I
> don't know if this could be easily fixed. May be it can be fixed at the
> cost of performance. Someone has to check on this. But if that is the case
> what is going to be our stance here? Compliance vs. Performance. Which side
> do we take? I would say compliance is more important. What are your
> thoughts?
>
We can fix this issue as well but need to check for API changes.
>
> [1] https://wso2.org/jira/browse/IDENTITY-6271
> [2] https://wso2.org/jira/browse/IDENTITY-6272
>
> Thanks & Regards,
> Johann.
>
> --
>
> *Johann Dilantha Nallathamby*
> Senior Lead Solutions Engineer
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+94777776950*
> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
>
--
Gayan Gunawardana
Senior Software Engineer; WSO2 Inc.; http://wso2.com/
Email: [email protected]
Mobile: +94 (71) 8020933
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
