IETF Logo Mail Archive

Re: [scim] Request for Input

Erik Wahlström <erik.wahlstrom@nexussafe.com> Thu, 28 March 2013 17:54 UTC

Return-Path: <prvs=37999AAD08=erik.wahlstrom@nexussafe.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0921521F90CC for <scim@ietfa.amsl.com>; Thu, 28 Mar 2013 10:54:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.298
X-Spam-Level:
X-Spam-Status: No, score=-2.298 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uV9Mx+LS7iJo for <scim@ietfa.amsl.com>; Thu, 28 Mar 2013 10:54:02 -0700 (PDT)
Received: from MailEdge.nexussafe.com (mailedge.nexussafe.com [83.241.133.98]) by ietfa.amsl.com (Postfix) with ESMTP id 9CF9121F90B2 for <scim@ietf.org>; Thu, 28 Mar 2013 10:53:59 -0700 (PDT)
Received: from MARVMAILCAS.technxs.com (10.75.28.35) by MailEdge.nexussafe.com (83.241.133.98) with Microsoft SMTP Server (TLS) id 14.1.438.0; Thu, 28 Mar 2013 18:54:05 +0100
Received: from MARVMAILDB.technxs.com ([fe80::95d1:b13:6f90:bdad]) by MarvMailCAS.technxs.com ([::1]) with mapi id 14.01.0438.000; Thu, 28 Mar 2013 18:53:56 +0100
From: Erik Wahlström <erik.wahlstrom@nexussafe.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>
Thread-Topic: [scim] Request for Input
Thread-Index: AQHOKz8Kw3uNirm8ME6e701e8goi/Zi6J5+AgADcOQCAAE9UgA==
Date: Thu, 28 Mar 2013 17:53:55 +0000
Message-ID: <E963C9E3-BC9D-4E54-A409-ABC0B1FC7D9E@nexussafe.com>
References: <CAPx6tN5PwV=hwifdCj3JiOKLsYCQZdewHOh7voau7OLSm3FWvg@mail.gmail.com> <AAE9F872-F35E-4A73-8674-4A7AF6C0537B@oracle.com> <56C3C758F9D6534CA3778EAA1E0C34375C3ADF35@BLUPRD0412MB643.namprd04.prod.outlook.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C3ADF35@BLUPRD0412MB643.namprd04.prod.outlook.com>
Accept-Language: en-US, sv-SE
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.4.226]
Content-Type: multipart/alternative; boundary="_000_E963C9E3BC9D4E54A409ABC0B1FC7D9Enexussafecom_"
MIME-Version: 1.0
Cc: "scim@ietf.org" <scim@ietf.org>, Alexandre Santos <asantos@pingidentity.com>, Phil Hunt <phil.hunt@oracle.com>
Subject: Re: [scim] Request for Input
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2013 17:54:17 -0000

+1
Rather make patch mandatory before adding functionality to PUT and DELETE. Just for simplicity.
/ Erik

On Mar 28, 2013, at 2:10 PM, Kelly Grizzle wrote:

PATCH was added specifically to address the “changing membership of a large group” use case.  The POST/DELETE to the members endpoint was considered when looking into PATCH, but unfortunately this does not work in the general case.  Specifically, this only works if the list elements have a unique identifier, so it fell apart when trying to apply this to adding/removing addresses (which do not have a unique identifier).

I’m not convinced that we need to add another mechanism to solve this use case, but I do agree that PATCH could be simplified.

--Kelly

From: scim-bounces@ietf.org<mailto:scim-bounces@ietf.org> [mailto:scim-bounces@ietf.org] On Behalf Of Phil Hunt
Sent: Wednesday, March 27, 2013 7:02 PM
To: Alexandre Santos
Cc: scim@ietf.org<mailto:scim@ietf.org>
Subject: Re: [scim] Request for Input

I think this may fit in with our discussion of adjusting PATCH to work better with multi-value and complex attributes (ticket 18).

So far, we've been avoiding extended paths that go within the Resource entity (e.g. to address specific attributes).

If you were to do the item below, I think you would have to add the attribute name to the path at the very least.

PUT /Groups/<groupid>/members/Users/<userid>

Still I think that may have problems if the member is actual a URL rather then a simple UUID.

Phil

@independentid
www.independentid.com<http://www.independentid.com>
phil.hunt@oracle.com<mailto:phil.hunt@oracle.com>




On 2013-03-27, at 4:01 PM, Alexandre Santos wrote:


For groups with many users (>10k) it becomes problematic to do POSTs or PUTs. The only alternative would be PATCH. However PATCH is not mandatory.

For this reason we would like to request your input for the following proposal: allow membership changes via PUT and DELETE.

For this the PUT and DELETE commands would be in the format:
PUT /Groups/<groupId>/user/<userId> - to add a user to a group
DELETE /Groups/<groupId>/user/<userId> - to remove the user from the group

Thank you,

Alexandre Santos  | Sr. Development Engineer
PingIdentity  |   www.pingidentity.com<http://www.pingidentity.com/>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
O: 604.697.7056
Email: asantos@pingidentity.com<mailto:asantos@pingidentity.com>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Connect with Ping
Twitter: @pingidentity
LinkedIn Group: Ping's Identity Cloud
Facebook.com/pingidentitypage<http://Facebook.com/pingidentitypage>


_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim

_______________________________________________
scim mailing list
scim@ietf.org<mailto:scim@ietf.org>
https://www.ietf.org/mailman/listinfo/scim

v2.23.0 | Report a Bug | By Email