[scim] How to handle multi-valued attribute elements with none sub-attributes set
David Crome <d.crome@tarent.de> Mon, 18 May 2015 15:16 UTC
Return-Path: <d.crome@tarent.de>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3235A1A913E for <scim@ietfa.amsl.com>; Mon, 18 May 2015 08:16:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.723
X-Spam-Level:
X-Spam-Status: No, score=0.723 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uxFFl74TOEFU for <scim@ietfa.amsl.com>; Mon, 18 May 2015 08:16:38 -0700 (PDT)
Received: from mail-wg0-f69.google.com (mail-wg0-f69.google.com [74.125.82.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36DA51A913D for <scim@ietf.org>; Mon, 18 May 2015 08:16:20 -0700 (PDT)
Received: by wgtl5 with SMTP id l5so55257950wgt.1 for <scim@ietf.org>; Mon, 18 May 2015 08:16:18 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to :content-type; bh=psdkPV+dQSozNZcgJtbzDTX2/JsSgy1nzuddS1G/oyQ=; b=VivNhL64GL+H/FAmxDm8iyDv3H3fadrEW8tciJJ1rWkOXI1xG9QbzI++yVboMFwryM OOwmuHiOZIA0nCvZUhw/xhC3I659jKU7gzC0yUK04Em/hKACnE9YRSLCFqZ1mx8eCxG/ UEYaef2uDNPwA6izLrSy/RKTsReQHyZ7lnZJLWoWCMrwMgiDkTWLKzArDTgTlQQm1LJn iCzXQceyLalHdInDyXYgf0Eu7ZXdlDkrTzhyIjRe/fftmEbJaqMqwRGJt6qv7+aGDt0D 8vcEd1dbMj0fUKgt32dVKEpzXC7Jb/ZQxGeThPBo1PaiIFOxu2i75S86RGmtG7QsKSj8 OCKw==
X-Gm-Message-State: ALoCoQked+M5GhOLP5RkPYRDzHumR4lNut1+MKCDiUGHWH2mSHbImTpPyHfcuO6CnOTsD/yXBLuI
MIME-Version: 1.0
X-Received: by 10.180.19.198 with SMTP id h6mr22963720wie.60.1431962178534; Mon, 18 May 2015 08:16:18 -0700 (PDT)
Received: by 10.180.97.10 with HTTP; Mon, 18 May 2015 08:16:18 -0700 (PDT)
Date: Mon, 18 May 2015 17:16:18 +0200
Message-ID: <CAESGhBfZtHmT5FpeBOQzawVXjp8NmqvFYZwBZTxq5ifZ-C9p=A@mail.gmail.com>
From: David Crome <d.crome@tarent.de>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary="bcaec53d5303fbd61405165caca9"
Archived-At: <http://mailarchive.ietf.org/arch/msg/scim/tFTV_aEPnTExsRi1mtaydcd4MHs>
Subject: [scim] How to handle multi-valued attribute elements with none sub-attributes set
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 May 2015 15:16:42 -0000
Hello,
If I create a user with an multi-valued attribute e.g. an address and none
sub-attributes are set:
"addresses": [
{
}
]
Should the Service Provider ignore means truncated the multi-value
attribute or not accepting the user? I don't think the specification makes
this clear.
What is the definition of an empty multi-valued attribute element? The
specification don't mentioned anything about if a multi-valued attribute
element is empty and how the Service Provider should handle this.
Same for the complex attribute 'name' [1]. If the complex attribute 'name'
has no sub-attributes set, what should the Service Provider do with the
empty attribute?
I think a complex attribute or multi-valued attribute element is empty when
none sub-attribute is set, like the example above. The Service Provider
should ignore the empty attribute.
And if I create a user with an multi-valued attribute e.g. an address with
only the 'primary' sub-attribute set:
"addresses": [
{
"primary": true
}
]
Should this be accepted? SCIM spec says that all sub-attributes of a
multi-valued attribute element (in this case the address) are optional [2].
I think it doesn't makes sense to accept a multi-valued attribute element
if only the meta sub-attribute 'primary' is set.
I think in this case the user should not be accepted because the attribute
is not complete.
Another one: In case of the multi-valued attribute 'emails' the
sub-attribute 'value' "...SHOULD be specified according to [RFC5321]". But
what if the 'value' attribute is missing? Same for the other multi-valued
attributes with the possibility to validate the 'value' sub-attribute.
What do you think?
Greetz,
David
[1] https://tools.ietf.org/html/draft-ietf-scim-core-schema-20#section-2.3.8
[2] https://tools.ietf.org/html/draft-ietf-scim-core-schema-20#section-4.1.2
--
David Crome
Softwareentwicklung
tarent solutions GmbH
Telefon +49 (0) 30 138803-132
Telefax +49 (0) 30 56829495
d.crome@tarent.de
tarent solutions GmbH Niederlassung Berlin
Voltastraße 5, D-13355 Berlin • http://www.tarent.de/
Tel: +49 30 138803-0 • Fax: +49 30 56829495
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-0 • Fax: +49 228 54881-235
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer:
Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg