Menu
▾
▴
Re: [Unity-idm-discuss] resart of unity 3.9.0 drop scim schema
|
From: Sander A. <sa....@fz...> - 2022-10-17 05:57:47
|
Hi Krzysztof,
On Fri, 2022-10-14 at 12:28 +0200, Krzysztof Benedyczak wrote:
> Hi Sander,
>
> W dniu 14.10.2022 o 09:47, Sander Apweiler pisze:
> > Hi Krzysztof,
> > by setting up the scim api in unity 3.9.0 I found a problem. Our
> > configuration is normally loaded from config files. I know this is
> > not
> > possible for the scim schema so I set up it in the console
> > endpoint.
> > For some reason one attribute was not released and I increased the
> > log.
> > Due the bug where unity stopped logging after changing the loglevel
> > I
> > restartet unity. But sadly all configured schema are gone. Is this
> > intendend? If not, may this happen on latest version as well? We
> > are
> > going to start our tests on 3.11 next week.
>
> The situation is slightly different. If you have enabled endpoints
> reloading from config files, then all your reconfigurations of
> endpoints
> done at runtime in console (so in IdPs and Services) will be lost
> after
> restart. You need to put all you configuration in files.
OK.
>
> In case of SCIM schema it holds as well. The only problem here is
> that
> JSON configuration of schema mappings is very complex. Instead of
> documenting it we provided an option to export it from the console
> (upload button next to each schema). So you can edit it in console,
> save, and then export to a file (JSON). Contents of this file can be
> pasted to configuration of endpoint.
OK. Yeah I know schemas could be exported but this was implemented in
the 3.9.1 release to which we did not update yet.
>
> We should improve this workflow, however were waiting for you
> feedback.
> The easiest thing for us would be to allow for reading the JSON from
> file set in endpoint configuration. Then the workflow would be the
> same
> as today, but instead of pasting JSON to your endpoint config file
> (needs escaping, hard), it would sit on a disk. We can also consider
> direct export to the configured file, if schama was originally loaded
> from a config file. WDYT?
We are testing the 3.11(.1) release and after exporting the schema JSON
we are going to test the upload via config file.
Exporting it to the config file would not work in out setup, due the
usage of config management software. But maybe it would work to just
enter the path to the schema JSON files, like it is implemented for the
translation profiles:
unityServer.core.translationProfiles.input_edugain=${CONF}/modules/saml
/tr-input-eduGAIN.json
Best regards,
Sander
>
> Best,
> Krzysztof
>
>
>
--
Federated Systems and Data
Juelich Supercomputing Centre
phone: +49 2461 61 8847
fax: +49 2461 61 6656
email: sa....@fz...
-----------------------------------------------------------------------
-----------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Volker Rieke
Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Astrid Lambrecht,
Prof. Dr. Frauke Melchior
-----------------------------------------------------------------------
-----------------------------------------------------------------------
|
