Hello Jose.
Thanks for your continued assistance.
# Extension schema
The response for `https://example.com/identity/restv1/scim/v2/Schemas/urn:ietf:params:scim:schemas:extension:gluu:2.0:User` is
```
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Schema"
],
"id": "urn:ietf:params:scim:schemas:extension:gluu:2.0:User",
"meta": {
"resourceType": "Schema",
"location": "https://example.com/identity/restv1/scim/v2/Schemas/urn:ietf:params:scim:schemas:extension:gluu:2.0:User"
},
"name": "GluuUserCustomExtension",
"description": "Gluu User Custom Extension",
"attributes": [
{
"name": "oxEnrollmentCode",
"type": "string",
"multiValued": false,
"description": "oxEnrollmentCode",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "entryUUID",
"type": "string",
"multiValued": false,
"description": "entryUUID",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "st",
"type": "string",
"multiValued": false,
"description": "State or Province",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "c",
"type": "string",
"multiValued": false,
"description": "Country",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "roomNumber",
"type": "string",
"multiValued": false,
"description": "Room Number",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "manager",
"type": "string",
"multiValued": false,
"description": "Manager",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "postalCode",
"type": "string",
"multiValued": false,
"description": "Postal or Zip Code",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "l",
"type": "string",
"multiValued": false,
"description": "City",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "uuid",
"type": "string",
"multiValued": false,
"description": "Universally unique ID",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "employeeNumber",
"type": "string",
"multiValued": false,
"description": "Employee Number",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "o",
"type": "string",
"multiValued": false,
"description": "Organization",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "postOfficeBox",
"type": "string",
"multiValued": false,
"description": "Postal Box",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "street",
"type": "string",
"multiValued": false,
"description": "Street",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
},
{
"name": "departmentNumber",
"type": "string",
"multiValued": false,
"description": "Organizational Department",
"required": false,
"caseExact": false,
"mutability": "readWrite",
"returned": "default",
"uniqueness": "none"
}
]
}
```
Note that I plan on removing most of the listed extension attributes except `uuid`, as I will most likely rely on a dynamic scope for OIDC to pull the primary address from `oxTrustAddresses` instead and leave the standard address fields blank.
# Log output
Log output from `/opt/gluu/jetty/identity/logs/oxtrust.log` with logging level set to `TRACE`
```
2018-12-14 08:34:50,610 TRACE [qtp804611486-15] [org.gluu.oxtrust.service.filter.AuthorizationProcessingFilter] (AuthorizationProcessingFilter.java:64) - REST call to '/scim/v2/Users/@!C852.9127.04FD.BD19!0001!A27B.3B68!0000!C8F4.6D16.D3AD.5612' intercepted
2018-12-14 08:34:50,611 INFO [qtp804611486-15] [org.gluu.oxtrust.service.filter.AuthorizationProcessingFilter] (AuthorizationProcessingFilter.java:78) - Path is protected, proceeding with authorization processing...
2018-12-14 08:34:50,611 INFO [qtp804611486-15] [org.gluu.oxtrust.service.uma.ScimUmaProtectionService] (ScimUmaProtectionService.java:107) - ==== SCIM Service call intercepted ====
2018-12-14 08:34:50,613 INFO [qtp804611486-15] [org.gluu.oxtrust.service.uma.ScimUmaProtectionService] (ScimUmaProtectionService.java:108) - Authorization header found
2018-12-14 08:34:50,626 INFO [qtp804611486-15] [org.gluu.oxtrust.service.uma.ScimUmaProtectionService] (ScimUmaProtectionService.java:118) - SCIM is protected by UMA
2018-12-14 08:34:50,645 INFO [qtp804611486-15] [org.gluu.oxtrust.service.filter.AuthorizationProcessingFilter] (AuthorizationProcessingFilter.java:82) - Authorization passed
2018-12-14 08:34:50,647 TRACE [qtp804611486-15] [gluu.oxtrust.service.scim2.interceptor.ReferenceURIInterceptor] (ReferenceURIInterceptor.java:52) - Removing '$' char (if any) from attributes param
2018-12-14 08:34:50,648 TRACE [qtp804611486-15] [gluu.oxtrust.service.scim2.interceptor.ReferenceURIInterceptor] (ReferenceURIInterceptor.java:52) - Removing '$' char (if any) from excludedAttributes param
2018-12-14 08:34:50,648 DEBUG [qtp804611486-15] [gluu.oxtrust.service.scim2.interceptor.ReferenceURIInterceptor] (ReferenceURIInterceptor.java:65) - ReferenceURIInterceptor. manage exit
2018-12-14 08:34:50,649 INFO [qtp804611486-15] [gluu.oxtrust.ws.rs.scim2.BaseScimWebService] (BaseScimWebService.java:256) - inspectPatchRequest. Preprocessing of patch request passed
2018-12-14 08:34:50,653 DEBUG [qtp804611486-15] [gluu.oxtrust.ws.rs.scim2.UserWebService] (UserWebService.java:270) - Executing web service method. patchUser
2018-12-14 08:34:50,658 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:269) - transferAttributesToUserResource
2018-12-14 08:34:50,658 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:371) - transferExtendedAttributesToResource of type User
2018-12-14 08:34:50,658 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:382) - transferExtendedAttributesToResource. Revising attributes of extension 'urn:ietf:params:scim:schemas:extension:gluu:2.0:User'
2018-12-14 08:34:50,659 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:390) - transferExtendedAttributesToResource. Copying to resource the value(s) for attribute 'postalCode'
2018-12-14 08:34:50,659 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.ExtensionService] (ExtensionService.java:131) - convertValues. Added value '1234'
2018-12-14 08:34:50,659 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:390) - transferExtendedAttributesToResource. Copying to resource the value(s) for attribute 'uuid'
2018-12-14 08:34:50,659 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.ExtensionService] (ExtensionService.java:131) - convertValues. Added value 'e4a06d82-2e8e-45bf-8903-1faaec70d8da'
2018-12-14 08:34:50,660 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2PatchService] (Scim2PatchService.java:60) - applyPatchOperation of type REMOVE
2018-12-14 08:34:50,660 DEBUG [qtp804611486-15] [gluu.oxtrust.ws.rs.scim2.UserWebService] (UserWebService.java:292) - patchUser. Revising final resource representation still passes validations
2018-12-14 08:34:50,661 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'x509Certificates.value'
2018-12-14 08:34:50,661 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'photos.value'
2018-12-14 08:34:50,661 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'schemas'
2018-12-14 08:34:50,661 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'emails.value'
2018-12-14 08:34:50,662 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'entitlements.value'
2018-12-14 08:34:50,662 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'phoneNumbers.value'
2018-12-14 08:34:50,662 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'ims.value'
2018-12-14 08:34:50,662 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'userName'
2018-12-14 08:34:50,663 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'groups.value'
2018-12-14 08:34:50,663 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:67) - Validating existence of required attribute 'roles.value'
2018-12-14 08:34:50,663 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:92) - Validating value(s) of attribute 'photos.value'
2018-12-14 08:34:50,663 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:92) - Validating value(s) of attribute 'timezone'
2018-12-14 08:34:50,664 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:92) - Validating value(s) of attribute 'emails.value'
2018-12-14 08:34:50,664 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:92) - Validating value(s) of attribute 'phoneNumbers.value'
2018-12-14 08:34:50,664 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:92) - Validating value(s) of attribute 'addresses.country'
2018-12-14 08:34:50,664 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:92) - Validating value(s) of attribute 'locale'
2018-12-14 08:34:50,665 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:208) - validateExtendedAttributes. Revising attributes under schema urn:ietf:params:scim:schemas:extension:gluu:2.0:User
2018-12-14 08:34:50,665 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:226) - validateExtendedAttributes. Got value(s) for attribute 'uuid'
2018-12-14 08:34:50,665 DEBUG [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ResourceValidator] (ResourceValidator.java:171) - validateDataTypeExtendedAttr. Checking attribute 'uuid' for type 'string' with value 'e4a06d82-2e8e-45bf-8903-1faaec70d8da'
2018-12-14 08:34:50,665 INFO [qtp804611486-15] [gluu.oxtrust.model.scim2.util.ScimResourceUtil] (ScimResourceUtil.java:459) - adjustPrimarySubAttributes. Revising "primary":true uniqueness constraints
2018-12-14 08:34:50,666 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:160) - transferAttributesToPerson
2018-12-14 08:34:50,666 INFO [qtp804611486-15] [org.gluu.oxtrust.util.ServiceUtil] (ServiceUtil.java:341) - IN Utils.syncEmailForward()...
2018-12-14 08:34:50,666 INFO [qtp804611486-15] [org.gluu.oxtrust.util.ServiceUtil] (ServiceUtil.java:362) - LEAVING Utils.syncEmailForward()...
2018-12-14 08:34:50,666 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:249) - transferExtendedAttributesToPerson. Flushing attribute postalCode
2018-12-14 08:34:50,667 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:254) - transferExtendedAttributesToPerson. Setting attribute 'uuid' with values [e4a06d82-2e8e-45bf-8903-1faaec70d8da]
2018-12-14 08:34:50,667 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:491) - replacePersonInfo. Updating person info in LDAP
2018-12-14 08:34:50,697 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:269) - transferAttributesToUserResource
2018-12-14 08:34:50,697 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:371) - transferExtendedAttributesToResource of type User
2018-12-14 08:34:50,697 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:382) - transferExtendedAttributesToResource. Revising attributes of extension 'urn:ietf:params:scim:schemas:extension:gluu:2.0:User'
2018-12-14 08:34:50,697 DEBUG [qtp804611486-15] [org.gluu.oxtrust.service.scim2.Scim2UserService] (Scim2UserService.java:390) - transferExtendedAttributesToResource. Copying to resource the value(s) for attribute 'postalCode'
2018-12-14 08:34:50,698 ERROR [qtp804611486-15] [gluu.oxtrust.ws.rs.scim2.UserWebService] (UserWebService.java:314) - Failure at patchUser method
java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
at java.util.ArrayList.rangeCheck(ArrayList.java:657) ~[?:1.8.0_181]
at java.util.ArrayList.get(ArrayList.java:433) ~[?:1.8.0_181]
at org.gluu.oxtrust.service.scim2.Scim2UserService.transferExtendedAttributesToResource(Scim2UserService.java:396) ~[classes/:?]
at org.gluu.oxtrust.service.scim2.Scim2UserService.transferAttributesToUserResource(Scim2UserService.java:365) ~[classes/:?]
at org.gluu.oxtrust.service.scim2.Scim2UserService.replacePersonInfo(Scim2UserService.java:502) ~[classes/:?]
at org.gluu.oxtrust.ws.rs.scim2.UserWebService.patchUser(UserWebService.java:301) [classes/:?]
at org.gluu.oxtrust.ws.rs.scim2.UserWebService$Proxy$_$$_WeldSubclass.patchUser(Unknown Source) [classes/:?]
at org.gluu.oxtrust.service.scim2.interceptor.UserWebServiceDecorator.patchUser(UserWebServiceDecorator.java:200) [classes/:?]
at sun.reflect.GeneratedMethodAccessor1083.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
at org.jboss.weld.annotated.runtime.InvokableAnnotatedMethod.invokeOnInstance(InvokableAnnotatedMethod.java:86) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.bean.proxy.DecoratorProxyMethodHandler.doInvoke(DecoratorProxyMethodHandler.java:78) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.bean.proxy.DecoratorProxyMethodHandler.doInvoke(DecoratorProxyMethodHandler.java:67) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.interceptor.util.proxy.TargetInstanceProxyMethodHandler.invoke(TargetInstanceProxyMethodHandler.java:33) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.bean.proxy.TargetBeanInstance.invoke(TargetBeanInstance.java:91) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.gluu.oxtrust.ws.rs.scim2.UserWebService$Proxy$_$$_Weld$Proxy$.patchUser(Unknown Source) [classes/:?]
at sun.reflect.GeneratedMethodAccessor1082.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
at org.jboss.weld.interceptor.proxy.TerminalAroundInvokeInvocationContext.proceedInternal(TerminalAroundInvokeInvocationContext.java:51) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.interceptor.proxy.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:78) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.gluu.oxtrust.service.scim2.interceptor.ReferenceURIInterceptor.manage(ReferenceURIInterceptor.java:67) [classes/:?]
at sun.reflect.GeneratedMethodAccessor1042.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
at org.jboss.weld.interceptor.reader.SimpleInterceptorInvocation$SimpleMethodInvocation.invoke(SimpleInterceptorInvocation.java:73) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.executeAroundInvoke(InterceptorMethodHandler.java:84) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.executeInterception(InterceptorMethodHandler.java:72) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.interceptor.proxy.InterceptorMethodHandler.invoke(InterceptorMethodHandler.java:56) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.bean.proxy.CombinedInterceptorAndDecoratorStackMethodHandler.invoke(CombinedInterceptorAndDecoratorStackMethodHandler.java:81) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.jboss.weld.bean.proxy.CombinedInterceptorAndDecoratorStackMethodHandler.invoke(CombinedInterceptorAndDecoratorStackMethodHandler.java:68) [weld-core-impl-3.0.5.Final.jar:3.0.5.Final]
at org.gluu.oxtrust.ws.rs.scim2.UserWebService$Proxy$_$$_WeldSubclass.patchUser(Unknown Source) [classes/:?]
at org.gluu.oxtrust.ws.rs.scim2.UserWebService$Proxy$_$$_WeldClientProxy.patchUser(Unknown Source) [classes/:?]
at sun.reflect.GeneratedMethodAccessor1081.invoke(Unknown Source) ~[?:?]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:236) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:406) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:213) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:228) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) [resteasy-jaxrs-3.0.24.Final.jar:3.0.24.Final]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [servlet-api-3.1.jar:3.1.0]
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:865) [jetty-servlet-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1655) [jetty-servlet-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:215) [websocket-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642) [jetty-servlet-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.ocpsoft.rewrite.servlet.RewriteFilter.doFilter(RewriteFilter.java:226) [rewrite-servlet-3.4.2.Final.jar:3.4.2.Final]
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642) [jetty-servlet-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533) [jetty-servlet-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [jetty-security-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1340) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473) [jetty-servlet-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1242) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:220) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:126) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.Server.handle(Server.java:503) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:364) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260) [jetty-server-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:305) [jetty-io-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) [jetty-io-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118) [jetty-io-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333) [jetty-util-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310) [jetty-util-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168) [jetty-util-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126) [jetty-util-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366) [jetty-util-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:765) [jetty-util-9.4.12.v20180830.jar:9.4.12.v20180830]
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:683) [jetty-util-9.4.12.v20180830.jar:9.4.12.v20180830]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181]
2018-12-14 08:34:54,220 TRACE [qtp804611486-9] [org.gluu.oxtrust.service.PermissionService] (PermissionService.java:57) - Checking permissions for target 'log' an 'action'. Identity: access
2018-12-14 08:34:54,224 TRACE [qtp804611486-9] [org.gluu.oxtrust.service.PermissionService] (PermissionService.java:57) - Checking permissions for target 'log' an 'action'. Identity: access
2018-12-14 08:34:54,225 TRACE [qtp804611486-9] [org.gluu.oxtrust.service.PermissionService] (PermissionService.java:57) - Checking permissions for target 'log' an 'action'. Identity: access
2018-12-14 08:34:54,226 TRACE [qtp804611486-9] [org.gluu.oxtrust.service.PermissionService] (PermissionService.java:57) - Checking permissions for target 'log' an 'action'. Identity: access
2018-12-14 08:34:54,229 TRACE [qtp804611486-9] [org.gluu.oxtrust.service.PermissionService] (PermissionService.java:57) - Checking permissions for target 'log' an 'action'. Identity: access
2018-12-14 08:34:54,235 TRACE [qtp804611486-9] [org.gluu.oxtrust.service.PermissionService] (PermissionService.java:57) - Checking permissions for target 'log' an 'action'. Identity: access
2018-12-14 08:34:54,236 TRACE [qtp804611486-9] [org.gluu.oxtrust.service.PermissionService] (PermissionService.java:57) - Checking permissions for target 'log' an 'action'. Identity: access
```
# Custom SCIM script
You are correct in your assumption that I have an active SCIM event handler script. I did not consider that that could cause issues since it only has any implemented functionality for the `createUser` method. I would like to keep it active since it sets a UUID attribute on the user on creation.
However, I disabled the script and the error stopped happening!
For testing I tried the following:
I cleared all array handling in the script, leaving no arrays in my custom script and tried re-enabling it: The error happened again when updating the user.
I disabled my custom script, and tried enabling the template/example script provided with the installation of Gluu, and the error happens again when updating the attribute. The template/example script looks like the following
```
# oxTrust is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text.
# Copyright (c) 2014, Gluu
#
# Author: Jose Gonzalez
#
from org.xdi.model.custom.script.type.scim import ScimType
from org.xdi.util import StringHelper, ArrayHelper
from java.util import Arrays, ArrayList
from org.gluu.oxtrust.ldap.service import PersonService
from org.xdi.service.cdi.util import CdiUtil
from org.gluu.oxtrust.model import GluuCustomPerson
import java
class ScimEventHandler(ScimType):
def __init__(self, currentTimeMillis):
self.currentTimeMillis = currentTimeMillis
def init(self, configurationAttributes):
print "ScimEventHandler (init): Initialized successfully"
return True
def destroy(self, configurationAttributes):
print "ScimEventHandler (destroy): Destroyed successfully"
return True
def getApiVersion(self):
#return 2 if you want the post* scripts being executed
return 1
def createUser(self, user, configurationAttributes):
print "ScimEventHandler (createUser): Current id = " + user.getUid()
testProp1 = configurationAttributes.get("testProp1").getValue2()
testProp2 = configurationAttributes.get("testProp2").getValue2()
print "ScimEventHandler (createUser): testProp1 = " + testProp1
print "ScimEventHandler (createUser): testProp2 = " + testProp2
return True
def updateUser(self, user, configurationAttributes):
personService = CdiUtil.bean(PersonService)
oldUser = personService.getPersonByUid(user.getUid())
print "ScimEventHandler (updateUser): Old displayName %s" % oldUser.getDisplayName()
print "ScimEventHandler (updateUser): New displayName " + user.getDisplayName()
return True
def deleteUser(self, user, configurationAttributes):
print "ScimEventHandler (deleteUser): Current id = " + user.getUid()
return True
def createGroup(self, group, configurationAttributes):
print "ScimEventHandler (createGroup): Current displayName = " + group.getDisplayName()
return True
def updateGroup(self, group, configurationAttributes):
print "ScimEventHandler (updateGroup): Current displayName = " + group.getDisplayName()
return True
def deleteGroup(self, group, configurationAttributes):
print "ScimEventHandler (deleteGroup): Current displayName = " + group.getDisplayName()
return True
def postCreateUser(self, user, configurationAttributes):
return True
def postUpdateUser(self, user, configurationAttributes):
return True
def postDeleteUser(self, user, configurationAttributes):
return True
def postUpdateGroup(self, group, configurationAttributes):
return True
def postCreateGroup(self, group, configurationAttributes):
return True
def postDeleteGroup(self, group, configurationAttributes):
return True
```
So, to sum up, no exceptions are thrown when the SCIM event handler script is **not** active. If the SCIM event handler script **is** active, even the default implementation, an `IndexOutOfBoundsException` exception is thrown.