<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
I've been reviewing the capabilities of the SCIM module (which are
defined by the SCIM specification [1]) and someone correct me if I'm
wrong, but it only seems to provide a subset of the features that we
support in PicketLink. Specifically missing are authentication, and
support for the extended relationship types (basically everything
besides group membership). I'm wondering if it might be worth
providing a PicketLink REST module instead, which would provide two
sets of RESTful services; the first being a SCIM-compliant service,
the second being a more proprietary service that exposes all of the
capabilities of PicketLink.<br>
<br>
On top of this, I think it would be of huge benefit to provide both
Java and JavaScript clients to consume both services. Anil has
already implemented a Java-based SCIM client in the SCIM module, but
imagine if we provided PicketLink JavaScript scripts that web
application developers could drop into their app - this would be a
huge development time saver. I'm also thinking that the JavaScript
clients should support a variety of authentication mechanisms;
BASIC, DIGEST, X509, user/password, OAuth, etc. This is kind of
uncharted territory for me (REST-based auth) so any feedback or
opinions on this would be appreciated.<br>
<br>
Shane<br>
<br>
<br>
[1]
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a href="http://www.simplecloud.info/specs/draft-scim-api-01.html">http://www.simplecloud.info/specs/draft-scim-api-01.html</a>
</body>
</html>