OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

provision message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [provision] Basic operations (that should be explicit)


I agree that we need to add an explicit rename. 

On the enable/disable and password operations I still have the same
concerns as before. Specifically how does a client know for which PSOs
those operations make sense. For instance our SPML service can be used
to provision user accounts as well as organizations units and other
object types. Obviously reset password does not make sense for
oraganizational units.

Since it is too limiting to only support account provisioning in SPML,
it does not make sense to me to include account specific operations in
the protocol.

Jeff Bohren
Product Architect
OpenNetwork Technologies, Inc
 
Try the industry's only 100% .NET-enabled identity management software.
Download your free copy of Universal IdP Standard Edition today. Go to
www.opennetwork.com/eval.
 


-----Original Message-----
From: Gary Cole [mailto:Gary.P.Cole@Sun.COM] 
Sent: Monday, May 03, 2004 2:06 PM
To: provision@lists.oasis-open.org
Subject: [provision] Basic operations (that should be explicit)


I believe that certain basic operations should be explicit in the SPML
protocol.  For one thing, this helps the protocol reflect the
provisioning domain.  
For another, it reduces dependence on schema.  

The most basic operations are CRUD:
- Create
- Rename
- Update
- Delete

We already have Add, Modify, and Delete, but I think that we should call
out Rename explicitly.  Renaming  has significant implications for the
namespace and for references.

I think we should also have:
- Enable
- Disable
- SetPassword
- ResetPassword
- ExpirePassword

I realize that one could almost perform an equivalent update by: 1)
looking up the schema; and 2) finding the appropriate element or
attribute; and 3) specifying an appropriate value.  However, that method
will differ for each PSP or target.  Basic operations should be simple,
and should not require schema knowledge.

What say you, grand mavens of provisioning?

Gary


To unsubscribe from this mailing list (and be removed from the roster of
the OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/provision/members/leave_wor
kgroup.php.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]