[Freeipa-devel] FreeIPA ConnId connector for usage with Apache Syncope
Adam Young
ayoung at redhat.com
Mon Feb 3 17:16:56 UTC 2014
On 01/31/2014 05:03 AM, Martin Kosek wrote:
> On 01/31/2014 10:45 AM, Francesco Chicchiriccò wrote:
>> On 30/01/2014 19:25, Dmitri Pal wrote:
>>> On 01/30/2014 11:35 AM, Francesco Chicchiriccò wrote:
> ...
>>> To call into IPA you can use "ipa ..." command line or use out API from
>>> python client. Since you are using Java calling into "ipa" command is
>>> probably the best option.
>> Actually, a RESTful interface (HTTP/JSON) would better suit our development
>> model and deployment scenarios.
> FreeIPA does not have (currently) not RESTful interface (though it is being
> partially designed in [8]). However it has a Kerberos-protected
> JSON-RPC/XML-RPC interface used by clients or Web UI to communicate with the
> server.
For examples of working with it:
http://adam.younglogic.com/2010/07/talking-to-freeipa-json-web-api-via-curl/
I found the Batch command especially helpful: it allows you to send
multiple single commands in one remote call.
Here are some sample data batch commands. They are old, and have not
been tested in a few years, but they should give you a sense of how to
do a few bascia things via the JSON-RPC interface.
http://admiyo.fedorapeople.org/ipa/long_userlist.json
http://admiyo.fedorapeople.org/ipa/sampledata-summit.json
>
> We do not, however, have a good (read "none") documentation of the interface,
> see related discussion in freeipa-users list [6].
>
>>> In future we plan to allow insertion of the users via an ldap command
>>> https://fedorahosted.org/freeipa/ticket/3911 it is on the roadmap for
>>> this spring.
>>>
>>> What are other use cases and workflows you have?
>>> Do you have a password reset self service?
>>> If you do it might be nice external addition to FreeIPA if it integrates
>>> into the UI seamlessly.
>> The idea is to deploy the latest FreeIPA version in our lab, start playing with
>> it and come to this list for asking for more information we are not able to
>> find in the wiki (just to avoid some graceful RTFMs...).
>> Then, every time we get something working, we will also check here whether we
>> are heading into the right direction, if we are missing some important points,
>> etc.
>>
>> Does it sound?
> Sounds good to me, you should be able to find all documentation links in [7].
>
>> Regards.
>>
>>> [1] http://syncope.apache.org/
>>> [2] http://tirasa.github.io/ConnId/
>>> [3] http://java.net/projects/identityconnectors/
>>> [4] https://github.com/Tirasa/ConnIdFreeIPABundle
>> [5]
>> http://tirasa.github.io/ConnId/apidocs/base/org/identityconnectors/framework/spi/operations/package-summary.html
> [6] https://www.redhat.com/archives/freeipa-users/2013-January/msg00109.html
> [7] http://www.freeipa.org/page/Documentation
> [8] http://www.freeipa.org/page/V3/Smart_Proxy
>
> Martin
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
More information about the Freeipa-devel
mailing list