[英]Why does the WSO2 IS 5.6.0 SCIM2 Group API throw error when trying to insert or update users?
[英]Account Locked attribute not getting added in response for scim2 GET Users API in wso2
我正在嘗試檢索在 WSO2 IS 5.9 版本中鎖定帳戶的用戶列表。 在將帳戶鎖定屬性添加到以下聲明后,我嘗試了:
瓮:ietf:參數:scim:架構:核心:2.0
urn:ietf:params:scim:schemas:core:2.0:User
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
我也按照下面的 URL 以及添加自定義聲明: https://is.docs.wso2.com/en/5.9.0/developextending-im2
{ "attributeURI":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:accountLock",
"attributeName":"accountLock",
"dataType":"boolean",
"multiValued":"false",
"description":"Account lock",
"required":"false",
"caseExact":"false",
"mutability":"readwrite",
"returned":"default",
"uniqueness":"none",
"subAttributes":"null",
"multiValuedAttributeChildName":"null",
"canonicalValues":[],
"referenceTypes":[]
}
但我仍然無法獲得 accountLock 屬性以響應 scim2 的 GET Users API。
回復
"totalResults": 10, "startIndex": 1, "itemsPerPage": 10, "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "Resources": [ { "emails": [ "divya@abc.com" ], "meta": { "created": "2020-06-25T07:49:35.465Z", "lastModified": "2020-06-25T11:20:13.482Z", "resourceType": "User" }, "name": { "givenName": "guest", "familyName": "guest" }, "groups": [ { "display": "Application/sp1" }, { "display": "Application/sp2" }, { "display": "Application/Read" } ], "id": "9ffbed2e-3703-470c-a2c8-e738f4c09709", "userName": "guest12" } ]}```
以下原因可能會導致 accoutLock 屬性未出現在 SCIM2 GET 用戶響應中。
您可能錯過了添加新屬性 ("urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:accountLock")作為 urn:ietf:params:scim:schemas:extension:enterprise 的子屬性: 2.0:用戶 object。 ( https://is.docs.wso2.com/en/5.9.0/develop/extending-scim2-user-schemas/#extending-the-scim-20-api中的第 3 點。“subAttributes”:“ accoutLock verifyEmail問密碼員工人數成本中心組織部部門經理")
"attributeURI":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "attributeName":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "dataType ":"complex", "multiValued":"false", "description":"Enterprise User", "required":"false", "caseExact":"false", "mutability":"readWrite", "returned" :"default", "uniqueness":"none", "subAttributes":"accoutLock verifyEmail askPassword employeeNumber costCenter 組織部門部門經理", "canonicalValues":[], "referenceTypes":["external"] }```
添加的自定義聲明( https://is.docs.wso2.com/en/5.9.0/develop/extending-scim2-user-schemas/#add-the-custom-claim )的映射屬性應該是現有的如果您使用默認的 LDAP 用戶存儲,則在 LDAP 架構中的屬性。 (但是,如果您犯了這個錯誤,您將無法更新/添加聲明值。它會為用戶提供One or more attributes you are trying to add/update are not supported by underlying LDAP for user:
錯誤)
SCIM2 GET 用戶的響應不包含沒有值的屬性。 因此,將 true/false 設置為聲明值。
此外,將新屬性添加到 urn:ietf:params:scim:schemas:extension:enterprise:2.0:User claim dialect 就足夠了。 按照https://is.docs.wso2.com/en/5.9.0/develop/extending-scim2-user-schemas/中的步驟操作
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.