IETF Logo Mail Archive

[scim] Proposed resolution - root search optionality (ticket 42)

Phil Hunt <phil.hunt@oracle.com> Mon, 28 October 2013 18:46 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDAE821E80C0 for <scim@ietfa.amsl.com>; Mon, 28 Oct 2013 11:46:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.258
X-Spam-Level:
X-Spam-Status: No, score=-6.258 tagged_above=-999 required=5 tests=[AWL=0.340, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HvCY67xsCh7o for <scim@ietfa.amsl.com>; Mon, 28 Oct 2013 11:46:23 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) by ietfa.amsl.com (Postfix) with ESMTP id C8D8A21E80BA for <scim@ietf.org>; Mon, 28 Oct 2013 11:46:22 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by userp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r9SIkFFo026828 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <scim@ietf.org>; Mon, 28 Oct 2013 18:46:16 GMT
Received: from userz7021.oracle.com (userz7021.oracle.com [156.151.31.85]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r9SIkEaR021381 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <scim@ietf.org>; Mon, 28 Oct 2013 18:46:15 GMT
Received: from abhmt106.oracle.com (abhmt106.oracle.com [141.146.116.58]) by userz7021.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r9SIkEU5021352 for <scim@ietf.org>; Mon, 28 Oct 2013 18:46:14 GMT
Received: from [192.168.1.12] (/24.86.29.34) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 28 Oct 2013 11:46:14 -0700
From: Phil Hunt <phil.hunt@oracle.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D773C827-7D2D-4B97-9AE0-1DE63DC45DDC"
Message-Id: <CE5277E2-886A-4379-9C15-6A57679C1241@oracle.com>
Date: Mon, 28 Oct 2013 11:46:49 -0700
To: "scim@ietf.org WG" <scim@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
X-Mailer: Apple Mail (2.1510)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Subject: [scim] Proposed resolution - root search optionality (ticket 42)
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Oct 2013 18:46:29 -0000

Proposed text. Replace section 3.2.2.1 Query Endpoints with (ticket 42 - http://trac.tools.ietf.org/wg/scim/trac/ticket/42 ):

3.2.2.1 Query Enpoints

Resource Queries
A query MAY be performed against any specific resource endpoint or resource. For example:

Resource (e.g. /Users/{userid}),
Resource Type endpoint (e.g. /Users or /Groups)
Root Queries
A server MAY support queries at the server root (e.g. /) for the purpose of returning resources of more than one resource type.

A search against a server root indicates that ALL resources within the server SHALL be included subject to filtering. For example, a filter against 'meta.resourceType' could be used to restrict results to one or more specific resource types.

When processing search operations across endpoints that include more than one SCIM resource type (e.g. a search from the server root endpoint), filters MUST be processed in the same fashion as outlined in Section 3.2.2.2. For filtered attributes that are not part of a particular resource type, the service provider SHALL treat the attribute as if there is no attribute value. For example, a presence or equality filter for an undefined attribute evaluates as FALSE.

Please confirm if you agree with this subtle change which makes root searches optional to the server.

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com

v2.23.0 | Report a Bug | By Email