On 19/09/2013 17:32, Colm O hEigeartaigh wrote:
Hi all,
It is not possible to create a "suspended" user at the moment using
the REST API, or at least in a simple test-case I've run:
INFO: Outbound Message
---------------------------
ID: 1
Address: http://localhost:8080/syncope/cxf/users.json
Http-Method: POST
Content-Type: application/json
Headers: {Content-Type=[application/json], Authorization=[Basic
YWRtaW46cGFzc3dvcmQ=], Accept=[*/*]}
Payload: {"username":"alice","password":"password","status":"suspended"}
The user gets created with an "active" status. Is this a bug, or is
there some reason why this should not be permitted? If the former, I
will take a look at fixing it..
Hi Colm,
this is because of the default workflow definition [1] [2] that
"auto-activates" any user not assigned to role 9; users with role 9 woll
instead go through approval (take a look at exclusive gateway "createGW").
Changing such user workflow definition is probably the first step to
take at any real IdM deployment, IMO.
Regards.
[1]
http://svn.us.apache.org/repos/asf/syncope/branches/1_1_X/core/src/main/resources/userWorkflow.bpmn20.xml
[2] https://cwiki.apache.org/confluence/display/SYNCOPE/Default+Workflow
--
Francesco Chicchiriccò
ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/
