On 06/10/20 09:26, Martin van Es wrote: > Hi, > > It's been a while since I last took a look at Syncope but we have recently > decided that it may fill a gap in our provisioning landscape. > > Our project is brought to life to enable collaborative organisations for > research projects in the Netherlands. As is normal in the education world, > authorisation and authentication is done using federation protocols like SAML > and OIDC which we provide, but some relying parties need a specific directory > structure for legacy applications that we want to provide, or at least help > them with, but we don't want to give them access to our master directory for > read-only purposes. > > One of the challenges in this landscape is that some relying parties need > POSIX compliant entries (uidNumber + gidNumber) but they are resource > specific. Ranges will be different across targets and we might need to reuse > existing uid/gidNumbers during migration. > > So, (I think) we need (to keep track of) resource specific counters. > Would this be straightforward or in some way possible using Syncope?
Hi Martin, so you'd want to keep different counters for different External Resources, and inject appropriate values from such counters during propagation, to populate attributes like as uidNumber and gidNumber, for example. I think it can be as straightforward as (1) defining appropriate configuration parameters to hold counter values and (2) creating PropagationActions classes to implement the value injection and counter increment logic. HTH Regards. -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
