[prev in list] [next in list] [prev in thread] [next in thread]
List: wsf-c-dev
Subject: Re: [Dev] What is the correct way to display service providers and identity providers for different
From: Shavindri Dissanayake <shavindri () wso2 ! com>
Date: 2017-11-30 4:55:52
Message-ID: CAKQAT09=UC4xAKhK1yM4voMQ5nbCw41awtmZURVGQhKEBnuP-g () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi Ushani,
Great! Thank you!
Thanks & Regards
Shavindri Dissanayake
Senior Technical Writer
WSO2 Inc.
lean.enterprise.middleware
On Thu, Nov 30, 2017 at 10:12 AM, Ushani Balasooriya <ushani@wso2.com>
wrote:
> Hi Shavindri,
>
> I have already created a doc jira [1].
>
> [1] https://wso2.org/jira/browse/DOCUMENTATION-7097
>
> Thanks
>
>
> On 30 Nov 2017 10:01 am, "Shavindri Dissanayake" <shavindri@wso2.com>
> wrote:
>
>> Hi Ushani,
>>
>> Following up. As per Maneesha's reply, there seems to be a doc gap. Can
>> you create a doc JIRA with the doc gap you identified, please?
>>
>>
>> Thanks & Regards
>> Shavindri Dissanayake
>> Senior Technical Writer
>>
>> WSO2 Inc.
>> lean.enterprise.middleware
>>
>> On Wed, Nov 29, 2017 at 5:53 PM, Ushani Balasooriya <ushani@wso2.com>
>> wrote:
>>
>>> Hi Ishara,
>>>
>>> Thanks a lot for the clarification.
>>>
>>> Regards,
>>> Ushani
>>>
>>> On 29 Nov 2017 5:46 pm, "Ishara Karunarathna" <isharak@wso2.com> wrote:
>>>
>>>> Hi Ushani,
>>>>
>>>>
>>>> On Wed, Nov 29, 2017 at 5:26 PM, Ushani Balasooriya <ushani@wso2.com>
>>>> wrote:
>>>>
>>>>> Hi IAM Team,
>>>>>
>>>>> Any update on this?
>>>>>
>>>> SP applications are specific to clients and IDP configurations are
>>>> specific to the Sever.
>>>>
>>>> For example lets say you create an application in FB and you can manage
>>>> it, if needed you assign different users to admin role then only they can
>>>> mange that application.
>>>> And FB support for user name password authentication later they decide
>>>> to add federation authentication support which is an IDP configuration so
>>>> thats managed by FB server admins.
>>>>
>>>> -Ishara
>>>>
>>>>
>>>>
>>>>> Thanks,
>>>>> Ushani
>>>>>
>>>>> On Wed, Nov 29, 2017 at 11:47 AM, Ushani Balasooriya <ushani@wso2.com>
>>>>> wrote:
>>>>>
>>>>>> Hi Maneesha,
>>>>>>
>>>>>> Thanks for the clarification. Appreciate if someone can explain why
>>>>>> this behavior is different for SP and IDPs? If there is an explanation
>>>>>> would be great to add it in to docs .
>>>>>>
>>>>>> Thanks,
>>>>>> Ushani
>>>>>>
>>>>>> On Wed, Nov 29, 2017 at 11:42 AM, Maneesha Wijesekara <
>>>>>> maneesha@wso2.com> wrote:
>>>>>>
>>>>>>> Hi Ushani,
>>>>>>>
>>>>>>> As per the current implementation, a service provider only visible
>>>>>>> to the user who created, at first. When creating service providers, by
>>>>>>> default a role created as 'Application/{SERVICE_PROVIDER_NAME}. In
>>>>>>> order to make the service provider available for the selected users, you
>>>>>>> can assign users to this role and SP will visible to them as well.
>>>>>>>
>>>>>>> +1 to add this to the documents.
>>>>>>>
>>>>>>> Regards
>>>>>>> Maneesha
>>>>>>>
>>>>>>> On Wed, Nov 29, 2017 at 11:02 AM, Ushani Balasooriya <
>>>>>>> ushani@wso2.com> wrote:
>>>>>>>
>>>>>>>> Hi IAM team,
>>>>>>>>
>>>>>>>> Please consider the below example.
>>>>>>>>
>>>>>>>> 1. *admin* user belongs to *admin* role creates a SP named
>>>>>>>> *adminsp* and an IDP named *adminidp*
>>>>>>>>
>>>>>>>> 2. *admin1* user belongs to the same *admin* role creates a SP
>>>>>>>> named *admin1sp* and an IDP names *admin1idp*.
>>>>>>>>
>>>>>>>> So the current behavior is,
>>>>>>>> 1. Both *admin* and *admin1* users can see the existing *IDPs* (
>>>>>>>> *adminidp* and *admin1idp*) when they log in to the management
>>>>>>>> console.
>>>>>>>>
>>>>>>>> 2. But they can only see the *SP* created by themselves. E.g.,
>>>>>>>> *admin* can see only *adminsp* and *admin1* can see only *admin1sp*
>>>>>>>> .
>>>>>>>>
>>>>>>>> Can you please explain whether this contradicting behavior is
>>>>>>>> expected or whether this is a bug?
>>>>>>>>
>>>>>>>> If not a bug please explain this why and it should go to documents.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> --
>>>>>>>> *Ushani Balasooriya*
>>>>>>>> Associate Technical Lead - EE;
>>>>>>>> WSO2 Inc; http://www.wso2.com/.
>>>>>>>> Mobile; +94772636796
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Maneesha Wijesekara
>>>>>>> Software Engineer - QA Team
>>>>>>> WSO2 Inc.
>>>>>>>
>>>>>>> Email: maneesha@wso2.com
>>>>>>> Linkedin: http://linkedin.com/in/maneeshawijesekara
>>>>>>> Mobile: +94712443119
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> *Ushani Balasooriya*
>>>>>> Associate Technical Lead - EE;
>>>>>> WSO2 Inc; http://www.wso2.com/.
>>>>>> Mobile; +94772636796
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Ushani Balasooriya*
>>>>> Associate Technical Lead - EE;
>>>>> WSO2 Inc; http://www.wso2.com/.
>>>>> Mobile; +94772636796
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Ishara Karunarathna
>>>> Technical Lead
>>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com
>>>>
>>>> email: isharak@wso2.com, blog: isharaaruna.blogspot.com, mobile:
>>>> +94717996791 <+94%2071%20799%206791>
>>>>
>>>>
>>>>
>>
[Attachment #5 (text/html)]
<div dir="ltr">Hi Ushani,<br><br>Great! Thank you!</div><div class="gmail_extra"><br \
clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div \
dir="ltr"><div><font color="#666666">Thanks & Regards</font></div><font \
color="#666666">Shavindri Dissanayake</font><div><font color="#666666">Senior \
Technical Writer</font></div><div><font \
color="#666666"><br></font></div><div><div><font color="#666666">WSO2 \
Inc.</font></div><div><font \
color="#666666">lean.enterprise.middleware</font></div></div></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Thu, Nov 30, 2017 at 10:12 AM, Ushani Balasooriya \
<span dir="ltr"><<a href="mailto:ushani@wso2.com" \
target="_blank">ushani@wso2.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="auto">Hi Shavindri,<div dir="auto"><br></div><div \
dir="auto">I have already created a doc jira [1].</div><div dir="auto"><br></div><div \
dir="auto">[1] <a href="https://wso2.org/jira/browse/DOCUMENTATION-7097" \
target="_blank">https://wso2.org/jira/browse/<wbr>DOCUMENTATION-7097</a></div><div \
dir="auto"><br></div><div dir="auto">Thanks</div><div dir="auto"><br></div></div><div \
class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div \
class="gmail_quote">On 30 Nov 2017 10:01 am, "Shavindri Dissanayake" <<a \
href="mailto:shavindri@wso2.com" target="_blank">shavindri@wso2.com</a>> wrote:<br \
type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi \
Ushani,<div><br></div><div>Following up. As per Maneesha's reply, there seems to \
be a doc gap. Can you create a doc JIRA with the doc gap you identified, \
please?</div><div><br></div></div><div class="gmail_extra"><br clear="all"><div><div \
class="m_4718127474484025359m_-4083232395998591438gmail_signature" \
data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div><font \
color="#666666">Thanks & Regards</font></div><font color="#666666">Shavindri \
Dissanayake</font><div><font color="#666666">Senior Technical \
Writer</font></div><div><font color="#666666"><br></font></div><div><div><font \
color="#666666">WSO2 Inc.</font></div><div><font \
color="#666666">lean.enterprise.middleware</font></div></div></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Wed, Nov 29, 2017 at 5:53 PM, Ushani Balasooriya \
<span dir="ltr"><<a href="mailto:ushani@wso2.com" \
target="_blank">ushani@wso2.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="auto">Hi Ishara,<div dir="auto"><br></div><div \
dir="auto">Thanks a lot for the clarification. </div><div dir="auto"><br></div><div \
dir="auto">Regards,</div><div dir="auto">Ushani</div></div><div \
class="m_4718127474484025359m_-4083232395998591438HOEnZb"><div \
class="m_4718127474484025359m_-4083232395998591438h5"><div \
class="gmail_extra"><br><div class="gmail_quote">On 29 Nov 2017 5:46 pm, "Ishara \
Karunarathna" <<a href="mailto:isharak@wso2.com" \
target="_blank">isharak@wso2.com</a>> wrote:<br type="attribution"><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">Hi Ushani,<br><br><div \
class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 29, 2017 at 5:26 PM, \
Ushani Balasooriya <span dir="ltr"><<a href="mailto:ushani@wso2.com" \
target="_blank">ushani@wso2.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">Hi IAM Team,<div><br></div><div>Any update on \
this? </div></div></blockquote><div>SP applications are specific to clients and IDP \
configurations are specific to the Sever.</div><div><br></div><div>For example lets \
say you create an application in FB and you can manage it, if needed you assign \
different users to admin role then only they can mange that \
application.</div><div>And FB support for user name password authentication later \
they decide to add federation authentication support which is an IDP configuration so \
thats managed by FB server \
admins.</div><div><br></div><div>-Ishara<br></div><div><br></div><div><br></div><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div \
dir="ltr"><div><br></div><div>Thanks,</div><div>Ushani</div></div><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588HOEnZb"><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588h5"><div \
class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 29, 2017 at 11:47 AM, \
Ushani Balasooriya <span dir="ltr"><<a href="mailto:ushani@wso2.com" \
target="_blank">ushani@wso2.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">Hi Maneesha,<div><br></div><div>Thanks for the \
clarification. Appreciate if someone can explain why this behavior is different for \
SP and IDPs? If there is an explanation would be great to add it in to docs \
.</div><div><br></div><div>Thanks,</div><div>Ushani</div></div><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588m_-5215858906882215350HOEnZb"><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588m_-5215858906882215350h5"><div \
class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 29, 2017 at 11:42 AM, \
Maneesha Wijesekara <span dir="ltr"><<a href="mailto:maneesha@wso2.com" \
target="_blank">maneesha@wso2.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">Hi Ushani,<br><div><br></div><div>As per the \
current implementation, a service provider only visible to the user who created, at \
first. When creating service providers, by default a role created as \
'Application/{SERVICE_PROVIDER<wbr>_NAME}. In order to make the service provider \
available for the selected users, you can assign users to this role and SP will \
visible to them as well.</div><div><br></div><div>+1 to add this to the \
documents.</div><div><br></div><div>Regards</div><div>Maneesha</div></div><div \
class="gmail_extra"><div><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588m_-5215858906882215350m_6464231981977601416h5"><br><div \
class="gmail_quote">On Wed, Nov 29, 2017 at 11:02 AM, Ushani Balasooriya <span \
dir="ltr"><<a href="mailto:ushani@wso2.com" \
target="_blank">ushani@wso2.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">Hi IAM team,<div><br></div><div>Please \
consider the below example.</div><div><br></div><div>1. <b>admin</b> user belongs to \
<b>admin</b> role creates a SP named <b>adminsp</b> and an IDP named \
<b>adminidp</b></div><div><br></div><div>2. <b>admin1</b> user belongs to the same \
<b>admin</b> role creates a SP named <b>admin1sp</b> and an IDP names \
<b>admin1idp</b>.</div><div><br></div><div>So the current behavior is,</div><div>1. \
Both <b>admin</b> and <b>admin1</b> users can see the existing <b>IDPs</b> \
(<b>adminidp</b> and <b>admin1idp</b>) when they log in to the management console. \
</div><div><br></div><div>2. But they can only see the <b>SP</b> created by \
themselves. E.g., <b>admin</b> can see only <b>adminsp</b> and <b>admin1</b> can see \
only <b>admin1sp</b>.</div><div><br></div><div>Can you please explain whether this \
contradicting behavior is expected or whether this is a bug? \
</div><div><br></div><div>If not a bug please explain this why and it should go to \
documents.</div><div><br></div><div>Thanks,<span \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036 \
757588m_-5215858906882215350m_6464231981977601416m_-519886946298569741HOEnZb"><font \
color="#888888"><br>-- <br><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036 \
757588m_-5215858906882215350m_6464231981977601416m_-519886946298569741m_254459347388070951gmail_signature" \
data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><b style="color:rgb(136,136,136)">Ushani \
Balasooriya</b><br style="color:rgb(136,136,136)"><font \
style="color:rgb(136,136,136)" size="1">Associate Technical Lead - EE; </font><div \
style="color:rgb(136,136,136)"><font size="1">WSO2 Inc; <a \
href="http://www.wso2.com/" style="color:rgb(17,85,204)" \
target="_blank">http://www.wso2.com/</a>.</font><br><font size="1">Mobile; <a \
value="+94772786766" \
style="color:rgb(17,85,204)">+94772636796</a></font><br></div><div><br></div></div></div></div></div></div></div></div></div>
</font></span></div></div>
</blockquote></div><br><br clear="all"><div><br></div></div></div><span \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588m_-5215858906882215350m_6464231981977601416HOEnZb"><font \
color="#888888">-- <br><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036 \
757588m_-5215858906882215350m_6464231981977601416m_-519886946298569741gmail_signature" \
data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><span><font color="#888888"><div><div dir="ltr"><div><div \
dir="ltr"><div>Maneesha Wijesekara<br></div><div>Software Engineer - QA \
Team<br></div><div>WSO2 Inc.</div><div><br></div><div>Email: <a \
href="mailto:maneesha@wso2.com" target="_blank">maneesha@wso2.com</a><br><div \
style="font-size:small"><span \
style="color:rgb(102,102,102);font-family:tahoma,sans-serif">Linkedin: </span><a \
href="http://linkedin.com/in/maneeshawijesekara" \
style="font-family:tahoma,sans-serif" \
target="_blank">http://linkedin.com/<wbr>in/maneeshawijesekara</a><font face="tahoma, \
sans-serif"> <br></font></div></div><div>Mobile: <a href="tel:%2B94712443119" \
value="+94774171471" \
target="_blank">+94712443119</a></div></div></div></div></div></font></span></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</font></span></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588m_-5215858906882215350m_6464231981977601416gmail_signature" \
data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><b style="color:rgb(136,136,136)">Ushani \
Balasooriya</b><br style="color:rgb(136,136,136)"><font \
style="color:rgb(136,136,136)" size="1">Associate Technical Lead - EE; </font><div \
style="color:rgb(136,136,136)"><font size="1">WSO2 Inc; <a \
href="http://www.wso2.com/" style="color:rgb(17,85,204)" \
target="_blank">http://www.wso2.com/</a>.</font><br><font size="1">Mobile; <a \
value="+94772786766" \
style="color:rgb(17,85,204)">+94772636796</a></font><br></div><div><br></div></div></div></div></div></div></div></div></div>
</div>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588m_-5215858906882215350gmail_signature" \
data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><b style="color:rgb(136,136,136)">Ushani \
Balasooriya</b><br style="color:rgb(136,136,136)"><font \
style="color:rgb(136,136,136)" size="1">Associate Technical Lead - EE; </font><div \
style="color:rgb(136,136,136)"><font size="1">WSO2 Inc; <a \
href="http://www.wso2.com/" style="color:rgb(17,85,204)" \
target="_blank">http://www.wso2.com/</a>.</font><br><font size="1">Mobile; <a \
value="+94772786766" \
style="color:rgb(17,85,204)">+94772636796</a></font><br></div><div><br></div></div></div></div></div></div></div></div></div>
</div>
</div></div></blockquote></div><br><br clear="all"><br>-- <br><div \
class="m_4718127474484025359m_-4083232395998591438m_-6857212276792067796m_998605799036757588gmail_signature" \
data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span></span><a href="http:///" \
target="_blank"></a><span></span>Ishara Karunarathna<br>Technical Lead<br>WSO2 Inc. - \
lean . enterprise . middleware | <a href="http://wso2.com" \
target="_blank">wso2.com</a><br><br>email: <a href="mailto:isharak@wso2.com" \
target="_blank">isharak@wso2.com</a>, blog: <a \
href="http://isharaaruna.blogspot.com" target="_blank">isharaaruna.blogspot.com</a>, \
mobile: <a href="tel:+94%2071%20799%206791" value="+94717996791" \
target="_blank">+94717996791</a><br><br><img \
src="http://c.content.wso2.com/signatures/wso2-signature-general.png"><br></div></div></div></div></div></div></div></div></div></div>
</div></div>
</blockquote></div></div>
</div></div></blockquote></div><br></div>
</blockquote></div></div>
</div></div></blockquote></div><br></div>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic