[prev in list] [next in list] [prev in thread] [next in thread]
List: wsas-java-dev
Subject: Re: [Dev] Filtering Internal roles through SCIM API
From: Denuwanthi De Silva <denuwanthi () wso2 ! com>
Date: 2019-07-26 9:20:16
Message-ID: CACqUA1XUOORi1opkM9rDBuX25_P8FThFF6s-1ap32CZqMenJ6w () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi all,
We agreed upon to proceed with 'domain' parameter to filter Application and
Internal roles as well. This will be applicable to *role* filtering.
In case of filtering *Users* using roles, domain parameter for that case
should only take user store domain roles.
Thanks,
On Fri, Jul 26, 2019 at 2:28 PM Denuwanthi De Silva <denuwanthi@wso2.com>
wrote:
> Hi all,
>
> We agreed upon to proceed with 'domain' parameter to filter Application
> and Internal roles as well. This will be applicable to *role* filtering.
> In case of filtering *Users* using roles, domain parameter for that case
> should only take user store domain roles.
>
> Thanks,
>
> On Fri, Jul 26, 2019 at 10:50 AM Isura Karunaratne <isura@wso2.com> wrote:
>
>> Hi Sarubi,
>>
>> AFAIK, all the endpoints in the Identity Server behave Internal /
>> Application roles same as secondary user stores. In fact, we can treat it
>> is a separate user store.
>>
>> What are the disadvantages of implementing the domain parameter support
>> for Internal/Applications roles?
>>
>> I am +1 the fix for the consistency.
>>
>> On the other hand, how can we search for all the Application roles which
>> are ending with some characters?
>>
>> Ex.
>>
>> *https://localhost:9443/scim2/Groups?filter=displayName+ew+
>> <https://localhost:9443/scim2/Groups?filter=displayName+sw+>**cation*
>>
>> In such cases, If we don't have the domain parameter, there is no way to
>> filter Application roles only.
>>
>> Cheers,
>> Isura.
>>
>>
>>
>>
>>
>>
>>
>> On Fri, Jul 26, 2019 at 10:36 AM Sarubi Thillainathan <sarubi@wso2.com>
>> wrote:
>>
>>> Hi Denuanthi/All,
>>>
>>> The purpose of introducing the domain parameter is to specify the
>>> specific domain (that is user store) which the user wants to query out
>>> regardless of roles (/Groups endpoint) or users (/Users endpoints). Hence
>>> it is not suitable to mix up with the WSO2 roles type in it because users
>>> don't contain any internal or application types. Because the requirement
>>> which you specified only applicable for the /Groups endpoint not for /User
>>> endpoints. So I'm -1 to mix up.
>>>
>>> If the user wants to query out the internal/hybrid roles they can use,
>>> *curl -v -k --user admin:admin
>>> 'https://localhost:9443/scim2/Groups?filter=displayName+sw+
>>> <https://localhost:9443/scim2/Groups?filter=displayName+sw+>*
>>> *Application/**app'*
>>> instead of as you specified,
>>>
>>>> *curl -v -k --user admin:admin
>>>> 'https://localhost:9443/scim2/Groups?filter=displayName+sw+app&
>>>> <https://localhost:9443/scim2/Groups?filter=displayName+sw+app&>domain=Application'*
>>>
>>>
>>> So far I don't see any blocker for the users to query the
>>> internal/hybrid roles. If we really want to have a query parameter for it,
>>> it's better to introduce a new parameter to specify the roles types only
>>> for the /Groups endpoint. According to the SCIM specification, we can
>>> support an additional parameter if we want, since the internal/hybrid roles
>>> are only specific for our Identity Server.
>>>
>>> Thanks,
>>> Sarubi.
>>>
>>> On Thu, Jul 25, 2019 at 1:16 PM gayan gunawardana <
>>> gmgunawardana@gmail.com> wrote:
>>>
>>>>
>>>>
>>>> On Thu, Jul 25, 2019 at 12:39 PM Denuwanthi De Silva <
>>>> denuwanthi@wso2.com> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> 1. In WSO2 Identity Server, when filtering roles/groups through SCIM
>>>>> API, internal roles are not filtered.
>>>>> Ex: internal roles
>>>>> -*Internal*/system
>>>>> -*Application*/myapp
>>>>>
>>>>> Sample filter request:
>>>>> *curl -v -k --user admin:admin
>>>>> 'https://localhost:9443/scim2/Groups?filter=displayName+sw+Application
>>>>> <https://localhost:9443/scim2/Groups?filter=displayName+sw+Application>'*
>>>>>
>>>>> We need to support for above type of filtering.
>>>>>
>>>> I suppose for SCIM specification there is no speciality with Internal
>>>> roles. Hence +1 to support above feature.
>>>>
>>>>>
>>>>> 2.
>>>>> When considering role types in WSO2 Identity Server. There are mainly
>>>>> 2 types.
>>>>> 1.userstore domain based roles ex: PRIMARY/myrole
>>>>> 2. internal/hybrid roles ex:Application/myapp
>>>>>
>>>>> We have introduced a new parameter to filter users and roles using a
>>>>> 'domain' parameter recently.
>>>>>
>>>>> *Ex: curl -v -k --user admin:admin
>>>>> 'https://localhost:9443/scim2/Groups?filter=displayName+sw+myrole&
>>>>> <https://localhost:9443/scim2/Groups?filter=displayName+sw+myrole&>domain=Primary'*
>>>>>
>>>>
>>>>> Here users and roles can be filtered according to the userstore domain.
>>>>>
>>>>> *So, my question is do we have to support this new domain based filter
>>>>> for internal roles as well?*
>>>>> *ex: curl -v -k --user admin:admin
>>>>> 'https://localhost:9443/scim2/Groups?filter=displayName+sw+app&
>>>>> <https://localhost:9443/scim2/Groups?filter=displayName+sw+app&>domain=Application'*
>>>>>
>>>>> one concern I have is,
>>>>> 1.Application domain is not necessarily a userstore domain. Therefore
>>>>> whether it is correct to mix those domains.
>>>>>
>>>> I think better approach is having two type of parameters for user store
>>>> domains (domain) and for internal roles (say type). But type parameter
>>>> should be able to support multiple values such as Internal, Application.
>>>>
>>>>>
>>>>>
>>>>> Please provide your thoughts on this.
>>>>>
>>>>> Thanks,
>>>>> --
>>>>> Denuwanthi De Silva
>>>>> Associate Technical Lead;
>>>>> WSO2 Inc.; http://wso2.com,
>>>>> Email: denuwanthi@wso2.com
>>>>> Blog: https://denuwanthi.wordpress.com/
>>>>> https://medium.com/@denuwanthi.hasanthika
>>>>> Contact No: 0771391097
>>>>> _______________________________________________
>>>>> Dev mailing list
>>>>> Dev@wso2.org
>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>
>>>>
>>>>
>>>> --
>>>> Gayan
>>>> _______________________________________________
>>>> Dev mailing list
>>>> Dev@wso2.org
>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>
>>>
>>>
>>> --
>>> *Sarubi Thillainathan* | Software Engineer | WSO2 Inc.
>>> (m) +94 (0) 76 684 9101 | (e) sarubi@wso2.com,stsarut@gmail.com
>>>
>>> *[image: https://wso2.com/signature] <https://wso2.com/signature>*
>>>
>>
>>
>> --
>>
>> *Isura Dilhara Karunaratne*
>> Technical Lead | WSO2 <http://wso2.com/>
>> *lean.enterprise.middleware*
>> Email: isura@wso2.com
>> Mob : +94 772 254 810
>> Blog : https://medium.com/@isurakarunaratne
>>
>>
>>
>>
>
> --
> Denuwanthi De Silva
> Associate Technical Lead;
> WSO2 Inc.; http://wso2.com,
> Email: denuwanthi@wso2.com
> Blog: https://denuwanthi.wordpress.com/
> https://medium.com/@denuwanthi.hasanthika
> Contact No: 0771391097
>
--
Denuwanthi De Silva
Associate Technical Lead;
WSO2 Inc.; http://wso2.com,
Email: denuwanthi@wso2.com
Blog: https://denuwanthi.wordpress.com/
https://medium.com/@denuwanthi.hasanthika
Contact No: 0771391097
[Attachment #5 (text/html)]
<div dir="ltr"><div>Hi all,</div><div><br></div><div>We agreed upon to proceed with \
'domain' parameter to filter Application and Internal roles as well. This \
will be applicable to <b>role</b> filtering.</div><div>In case of filtering \
<b>Users</b> using roles, domain parameter for that case should only take user store \
domain roles. <br></div><div><br></div><div>Thanks,</div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Jul 26, 2019 at 2:28 PM \
Denuwanthi De Silva <<a \
href="mailto:denuwanthi@wso2.com">denuwanthi@wso2.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hi \
all,</div><div><br></div><div>We agreed upon to proceed with 'domain' \
parameter to filter Application and Internal roles as well. This will be applicable \
to <b>role</b> filtering.</div><div>In case of filtering <b>Users</b> using roles, \
domain parameter for that case should only take user store domain roles. \
<br></div><div><br></div><div>Thanks,<br></div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Jul 26, 2019 at 10:50 \
AM Isura Karunaratne <<a href="mailto:isura@wso2.com" \
target="_blank">isura@wso2.com</a>> wrote:<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi \
Sarubi,<div><br></div><div>AFAIK, all the endpoints in the Identity Server behave \
Internal / Application roles same as secondary user stores. In fact, we can treat it \
is a separate user store.</div><div><br></div><div>What are the disadvantages of \
implementing the domain parameter support for Internal/Applications roles? \
</div><div><br></div><div>I am +1 the fix for the consistency. \
</div><div><br></div><div>On the other hand, how can we search for all the \
Application roles which are ending with some characters? \
</div><div><br></div><div>Ex.</div><div><br></div><div><i \
style="color:rgb(80,0,80)"><a \
href="https://localhost:9443/scim2/Groups?filter=displayName+sw+" \
target="_blank">https://localhost:9443/scim2/Groups?filter=displayName+ew+</a></i><i \
style="color:rgb(80,0,80)">cation</i><br></div><div><i \
style="color:rgb(80,0,80)"><br></i></div>In such cases, If we don't have the \
domain parameter, there is no way to filter Application roles only. \
<div><br></div><div>Cheers,</div><div>Isura. \
<br><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Jul 26, 2019 at 10:36 \
AM Sarubi Thillainathan <<a href="mailto:sarubi@wso2.com" \
target="_blank">sarubi@wso2.com</a>> wrote:<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi \
Denuanthi/All,<div><br></div><div>The purpose of introducing the domain parameter is \
to specify the specific domain (that is user store) which the user wants to query out \
regardless of roles (/Groups endpoint) or users (/Users endpoints). Hence it is not \
suitable to mix up with the WSO2 roles type in it because users don't contain any \
internal or application types. Because the requirement which you specified only \
applicable for the /Groups endpoint not for /User endpoints. So I'm -1 to mix \
up.</div><div><br></div><div>If the user wants to query out the internal/hybrid roles \
they can use,</div><div><i style="color:rgb(80,0,80)">curl -v -k --user admin:admin \
'<a href="https://localhost:9443/scim2/Groups?filter=displayName+sw+" \
target="_blank">https://localhost:9443/scim2/Groups?filter=displayName+sw+</a></i><i \
style="color:rgb(80,0,80)"><b>Application/</b></i><i \
style="color:rgb(80,0,80)">app'</i><br \
class="gmail-m_1269969677832876137gmail-m_523764917547106782gmail-m_-2670936669964553373gmail-Apple-interchange-newline"></div><div><div>instead \
of as you specified,</div></div><div><blockquote style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" \
class="gmail_quote"><i>curl -v -k --user admin:admin '<a \
href="https://localhost:9443/scim2/Groups?filter=displayName+sw+app&" \
target="_blank">https://localhost:9443/scim2/Groups?filter=displayName+sw+app&</a><b>domain=Application</b>'</i></blockquote></div><div \
style="color:rgb(80,0,80)"><i><br></i></div><div><div><span \
style="background-color:rgb(255,255,255)"><font color="#000000">So far I don't \
see any blocker for the users to query the internal/hybrid roles. If we really want \
to have a query parameter for it, it's better to introduce a new parameter to \
specify the roles types only for the /Groups endpoint. According to the SCIM \
specification, we can support an additional parameter if we want, since the \
internal/hybrid roles are only specific for our Identity Server. \
</font></span></div></div><div><span style="background-color:rgb(255,255,255)"><font \
color="#000000"><br></font></span></div><div><span \
style="background-color:rgb(255,255,255)"><font \
color="#000000">Thanks,</font></span></div><div><span \
style="background-color:rgb(255,255,255)"><font \
color="#000000">Sarubi.</font></span></div></div><br><div class="gmail_quote"><div \
dir="ltr" class="gmail_attr">On Thu, Jul 25, 2019 at 1:16 PM gayan gunawardana <<a \
href="mailto:gmgunawardana@gmail.com" target="_blank">gmgunawardana@gmail.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div \
dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On \
Thu, Jul 25, 2019 at 12:39 PM Denuwanthi De Silva <<a \
href="mailto:denuwanthi@wso2.com" target="_blank">denuwanthi@wso2.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div \
dir="ltr"><div>Hi,</div><div><br></div><div>1. In WSO2 Identity Server, when \
filtering roles/groups through SCIM API, internal roles are not \
filtered.</div><div>Ex: internal roles</div><div> \
-<b>Internal</b>/system</div><div> \
-<b>Application</b>/myapp</div><div><br></div><div>Sample filter \
request:</div><div><i>curl -v -k --user admin:admin '<a \
href="https://localhost:9443/scim2/Groups?filter=displayName+sw+Application" \
target="_blank">https://localhost:9443/scim2/Groups?filter=displayName+sw+Application</a>'</i></div><div><i><br></i></div><div>We \
need to support for above type of filtering.<br></div></div></blockquote><div>I \
suppose for SCIM specification there is no speciality with Internal roles. Hence +1 \
to support above feature.</div><blockquote class="gmail_quote" style="margin:0px 0px \
0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div \
dir="ltr"><div></div><div><i></i></div><div><br></div><div>2.<br></div><div>When \
considering role types in WSO2 Identity Server. There are mainly 2 types. \
<br></div><div>1.userstore domain based roles ex: PRIMARY/myrole<br></div><div>2. \
internal/hybrid roles ex:Application/myapp</div><div><br></div><div>We have \
introduced a new parameter to filter users and roles using a 'domain' \
parameter recently.<br></div><div><br></div><div><i>Ex: curl -v -k --user admin:admin \
'<a href="https://localhost:9443/scim2/Groups?filter=displayName+sw+myrole&" \
target="_blank">https://localhost:9443/scim2/Groups?filter=displayName+sw+myrole&</a><b>domain=Primary</b>'</i></div></div></blockquote><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><br></div><div>Here users and \
roles can be filtered according to the userstore \
domain.</div><div><br></div><div><b>So, my question is do we have to support this new \
domain based filter for internal roles as well?</b></div><div><i>ex: curl -v -k \
--user admin:admin '<a \
href="https://localhost:9443/scim2/Groups?filter=displayName+sw+app&" \
target="_blank">https://localhost:9443/scim2/Groups?filter=displayName+sw+app&</a><b>domain=Application</b>'</i></div><div><br></div><div>one \
concern I have is,</div><div>1.Application domain is not necessarily a userstore \
domain. Therefore whether it is correct to mix those \
domains.</div></div></blockquote><div>I think better approach is having two type of \
parameters for user store domains (domain) and for internal roles (say type). But \
type parameter should be able to support multiple values such as Internal, \
Application. </div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div \
dir="ltr"><div><br></div><div><br></div><div>Please provide your thoughts on \
this.<br></div><div><br></div><div>Thanks,<br></div><div><div>-- <br><div dir="ltr" \
class="gmail-m_1269969677832876137gmail-m_523764917547106782gmail-m_-2670936669964553373gmail-m_-8451593166494311547gmail-m_-8940308772400921056gmail_signature"><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div><div>Denuwanthi De Silva<br>Associate Technical Lead; <br>WSO2 \
Inc.; <a href="http://wso2.com" target="_blank">http://wso2.com</a>,<br></div>Email: \
<a href="mailto:denuwanthi@wso2.com" \
target="_blank">denuwanthi@wso2.com</a><br></div>Blog: <a \
href="https://denuwanthi.wordpress.com/" \
target="_blank">https://denuwanthi.wordpress.com/ <br></a></div><div> \
<a href="https://medium.com/@denuwanthi.hasanthika" \
target="_blank">https://medium.com/@denuwanthi.hasanthika</a><br></div><div>Contact \
No: 0771391097<br></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
_______________________________________________<br>
Dev mailing list<br>
<a href="mailto:Dev@wso2.org" target="_blank">Dev@wso2.org</a><br>
<a href="http://wso2.org/cgi-bin/mailman/listinfo/dev" rel="noreferrer" \
target="_blank">http://wso2.org/cgi-bin/mailman/listinfo/dev</a><br> \
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" \
class="gmail-m_1269969677832876137gmail-m_523764917547106782gmail-m_-2670936669964553373gmail-m_-8451593166494311547gmail_signature">Gayan</div></div>
_______________________________________________<br>
Dev mailing list<br>
<a href="mailto:Dev@wso2.org" target="_blank">Dev@wso2.org</a><br>
<a href="http://wso2.org/cgi-bin/mailman/listinfo/dev" rel="noreferrer" \
target="_blank">http://wso2.org/cgi-bin/mailman/listinfo/dev</a><br> \
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" \
class="gmail-m_1269969677832876137gmail-m_523764917547106782gmail-m_-2670936669964553373gmail_signature"><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div><b>Sarubi \
Thillainathan</b> | Software Engineer | WSO2 Inc.</div><div>(m) +94 (0) 76 684 9101 | \
(e) <a href="mailto:sarubi@wso2.com" target="_blank">sarubi@wso2.com</a>,<a \
href="mailto:stsarut@gmail.com" target="_blank">stsarut@gmail.com</a></div></div><div \
dir="ltr"><div style="font-size:12.8px"><font color="#000000"><b><a \
href="https://wso2.com/signature" target="_blank"><img \
src="http://c.content.wso2.com/signatures/wso2-signature-general.png" \
alt="https://wso2.com/signature"></a><br></b></font></div><div \
style="color:rgb(136,136,136);font-size:12.8px"><font \
color="#666666"></font></div></div></div></div></div></div></div></div> \
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" \
class="gmail-m_1269969677832876137gmail-m_523764917547106782gmail_signature"><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><div><div><b>Isura Dilhara \
Karunaratne<br></b></div><font color="#666666"><font \
style="background-color:rgb(255,255,255)">Technical Lead | <a href="http://wso2.com/" \
target="_blank">WSO2</a></font></font><span \
style="color:rgb(136,136,136);font-family:arial;font-size:small"> \
</span></div><div><b \
style="color:rgb(136,136,136);font-family:arial;font-size:small"><font \
color="#666666">lean.enterprise.middleware</font></b><font color="#666666"><font \
style="background-color:rgb(255,255,255)"><br></font></font></div><div><div dir="ltr" \
style="font-size:12.8px"><div><font color="#666666">Email: <a \
href="mailto:isura@wso2.com" target="_blank">isura@wso2.com</a></font></div><font \
color="#666666">Mob : +94 772 254 810</font></div><div dir="ltr" \
style="font-size:12.8px"><font color="#666666">Blog : </font><a \
href="https://medium.com/@isurakarunaratne" style="font-size:small" \
target="_blank">https://medium.com/@isurakarunaratne</a></div><div dir="ltr" \
style="font-size:12.8px"><br></div><font \
color="#666666"><br></font></div><div><br></div></div></div></div></div></div></div></ \
div></div></div></div></div></div></div></div></div></div></div></div></div></div> \
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" \
class="gmail-m_1269969677832876137gmail_signature"><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div><div>Denuwanthi De Silva<br>Associate Technical Lead; <br>WSO2 \
Inc.; <a href="http://wso2.com" target="_blank">http://wso2.com</a>,<br></div>Email: \
<a href="mailto:denuwanthi@wso2.com" \
target="_blank">denuwanthi@wso2.com</a><br></div>Blog: <a \
href="https://denuwanthi.wordpress.com/" \
target="_blank">https://denuwanthi.wordpress.com/ <br></a></div><div> \
<a href="https://medium.com/@denuwanthi.hasanthika" \
target="_blank">https://medium.com/@denuwanthi.hasanthika</a><br></div><div>Contact \
No: 0771391097<br></div></div></div></div></div></div></div></div></div></div></div> \
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" \
class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div><div>Denuwanthi De \
Silva<br>Associate Technical Lead; <br>WSO2 Inc.; <a href="http://wso2.com" \
target="_blank">http://wso2.com</a>,<br></div>Email: <a \
href="mailto:denuwanthi@wso2.com" \
target="_blank">denuwanthi@wso2.com</a><br></div>Blog: <a \
href="https://denuwanthi.wordpress.com/" \
target="_blank">https://denuwanthi.wordpress.com/ <br></a></div><div> \
<a href="https://medium.com/@denuwanthi.hasanthika" \
target="_blank">https://medium.com/@denuwanthi.hasanthika</a><br></div><div>Contact \
No: 0771391097<br></div></div></div></div></div></div></div></div></div></div></div>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic