Note: this component has a complexity level of "expert", which means that objects of this type are not expected to be created or altered. Please contact UnboundID support for assistance if you believe that you have a need to create or modify this type of object.
SCIM Servlet Extensions may be used to present a System for Cross-Domain Identity Management (SCIM) protocol interface to the Directory Server.
↓Parent Component
↓Relations To this Component
↓Properties
↓dsconfig Usage
The SCIM HTTP Servlet Extension component inherits from the HTTP Servlet Extension
The following components have a direct aggregation relation from SCIM Servlet Extensions:
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| ↓ description | ↓ temporary-directory |
| ↓ resource-mapping-file | ↓ temporary-directory-permissions |
| ↓ base-context-path | ↓ max-results |
| ↓ oauth-token-handler | ↓ bulk-max-operations |
| ↓ bulk-max-payload-size | |
| ↓ bulk-max-concurrent-requests | |
| ↓ debug-enabled | |
| ↓ debug-level | |
| ↓ debug-type | |
| ↓ include-stack-trace |
| Description | A description for this HTTP Servlet Extension |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | The path to an XML file defining the resources supported by the SCIM interface and the SCIM-to-LDAP attribute mappings to use. This file defines how to map SCIM resources to/from LDAP entries. There is an out-of-the-box file provided under config/scim-resources.xml and an XML schema file provided under config/scim-resources.xsd. |
| Default Value | config/scim-resources.xml |
| Allowed Values | Unknown |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | The context path to use to access the SCIM interface. The value must start with a forward slash and must represent a valid HTTP context path. |
| Default Value | / |
| Allowed Values | The value must start with a forward slash and must represent a valid HTTP context path. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | The SCIM HTTP Servlet Extension must be disabled and re-enabled for changes to this setting to take effect. Modification requires that this component be disabled and then re-enabled |
| Description | Specifies the OAuth Token Handler implementation that should be used to validate OAuth 2.0 bearer tokens when they are included in a SCIM request. Token handlers must be implemented using a Server SDK Extension. The API allows you to verify and authenticate bearer tokens from different authorization servers as needed. SSL/TLS connection security is required on the HTTP Connection Handler when using OAuth bearer tokens, in order to protect the confidentiality of the token. |
| Default Value | None |
| Allowed Values | The DN of any Oauth Token Handler. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
temporary-directory (Advanced Property)
| Description | Specifies the location of the directory that is used to create temporary files containing SCIM request data. |
| Default Value | scim-data-tmp |
| Allowed Values | Unknown |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
temporary-directory-permissions (Advanced Property)
| Description | Specifies the permissions that should be applied to the directory that is used to create temporary files. |
| Default Value | 700 |
| Allowed Values | A valid UNIX mode string. The mode string must contain three digits between zero and seven. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
max-results (Advanced Property)
| Description | The maximum number of resources that are returned in a response. |
| Default Value | 100 |
| Allowed Values | An integer value. Lower limit is 1. Upper limit is 2147483647 . |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
bulk-max-operations (Advanced Property)
| Description | The maximum number of operations that are permitted in a bulk request. |
| Default Value | 10000 |
| Allowed Values | An integer value. Lower limit is 1. Upper limit is 2147483647 . |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
bulk-max-payload-size (Advanced Property)
| Description | The maximum payload size in bytes of a bulk request. |
| Default Value | 10 MB |
| Allowed Values | A positive integer representing a size. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
bulk-max-concurrent-requests (Advanced Property)
| Description | The maximum number of bulk requests that may be processed concurrently by the server. Any bulk request that would cause this limit to be exceeded is rejected with HTTP status code 503. |
| Default Value | 10 |
| Allowed Values | An integer value. Lower limit is 1. Upper limit is 2147483647 . |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
debug-enabled (Advanced Property)
| Description | Enables debug logging of the SCIM SDK. Debug messages will be forwarded to the Directory Server debug logger with the scope of com.unboundid.directory.server.extensions.scim.SCIMHTTPServletExtension. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | The Directory Server debug logger must be enabled and correctly configured for the debug messages to be forwarded. |
debug-level (Advanced Property)
| Description | The minimum debug level that should be used for messages to be logged. |
| Default Value | info |
| Allowed Values | severe - Indicates that error messages should be logged. warning - Indicates that warning and error messages should be logged. info - Indicates that info, warning, and error messages should be logged. config - Indicates that config, info, warning, and error messages should be logged. fine - Indicates that fine, config, info, warning, and error messages should be logged. finer - Indicates that finer, fine, config, info, warning, and error messages should be logged. finest - Indicates that finest, finer, fine, config, info, warning, and error messages should be logged. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
debug-type (Advanced Property)
| Description | The types of debug messages that should be logged. |
| Default Value | coding-error exception |
| Allowed Values | coding-error - Indicates that messages related to incorrect use of the SCIM SDK should be logged. exception - Indicates that messages related to exceptions that were caught within the SCIM SDK should be logged. other - Indicates that all other messages not covered by any other message type should be logged. |
| Multi-Valued | Yes |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
include-stack-trace (Advanced Property)
| Description | Indicates whether a stack trace of the thread which called the debug method should be included in debug log messages. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
To list the configured HTTP Servlet Extensions:
dsconfig list-http-servlet-extensions
[--property {propertyName}] ...
To view the configuration for an existing HTTP Servlet Extension:
dsconfig get-http-servlet-extension-prop
--extension-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing HTTP Servlet Extension:
dsconfig set-http-servlet-extension-prop
--extension-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new SCIM HTTP Servlet Extension:
dsconfig create-http-servlet-extension
--extension-name {name}
--type scim
[--set {propertyName}:{propertyValue}] ...
To delete an existing HTTP Servlet Extension:
dsconfig delete-http-servlet-extension
--extension-name {name}