Grouper Developers Forum

[Jim Fox <>]

Our version of the web service (not quite in production) always tries to 
create a subject if one is not found, whether by new user logging in or 
being added to a group.  We do this because our subject database lags 
behind the up-to-date, 'real' source of people.  We do this in the web 
service, though, not in a custom source object.

Jim


On Thu, 15 Apr 2010, Chris Hyzer wrote:

> Date: Thu, 15 Apr 2010 13:41:44 -0700
> From: Chris Hyzer 
> <>
> To: Tom Barton 
> <>
> Cc: 
> ""
>  
> <>
> Subject: RE: [grouper-dev] hasMember and subjectNotFound
>
> Well, in the API you ask if a Subject is in a Group.  If you don't have a 
> Subject, you cant see if it is in a Group.  With the web service, you ask if 
> subjectId ABC is in group BCD.  If the subject doesn't exist, the service 
> returns a failure code, with SUBJECT_NOT_FOUND.  I think it should return a 
> success code of false (not in group), and SUBJECT_NOT_FOUND.  i.e. I don't 
> think it should have to be a recoverable exception, I think it should be a 
> normal response.  Thoughts?
>
> Thanks,
> Chris
>
> -----Original Message-----
> From: Tom Barton 
> [mailto:]
> Sent: Thursday, April 15, 2010 4:37 PM
> To: Chris Hyzer
> Cc: 
>
> Subject: Re: [grouper-dev] hasMember and subjectNotFound
>
> If you are asking for advice on what to do about this within Penn's
> implementation, I'd be looking for a way to reduce that 1hr cycle time.
>
> If you are asking for advice on what the grouper toolkit should do when
> a user can authenticate but they're unknown as a Subject, that sounds
> like what the subjectNotFound exception is meant to signal. Are you
> saying that, at present, a client of grouper web services cannot
> translate that signal into some reasonable user experience, eg, a nice
> "we don't know what you're allowed to do yet" message rather than 150
> lines of java exception blather?
>
> Tom
>
> Chris Hyzer wrote:
> > Hey,
> >
> >
> >
> > In web services, in a hasMember call, you pass in a SubjectFinder.  And
> > in the SubjectFinder you specify a subject Id or a subject Identifier,
> > and for either you can also optionally specify a source.
> >
> >
> >
> > At Penn we have the situation where new Penn People try to use an app,
> > and the hourly job that copies their user data to Grouper hasn't run
> > yet, so there is a subject not found exception error thrown from web
> > services.  However, in LDAP I believe it is just returned as a "false"
> > when the person is not in the system.  I think a solution would be to
> > have a custom source where if a person isn't found, it looks in the data
> > of record, and if there, adds them to the grouper source table.  Another
> > solution is to have the "hasMember" web service return a SUCCESS-false
> > when the subject is not found, since the subject is not in the group if
> > it is not found.  I could add an option so that subjectNotFound is an
> > error if we like.
> >
> >
> >
> > Do other people want this behavior?
> >
> >
> >
> > Thanks,
> >
> > Chris
> >
> >
> >
> > Ps. We have a massaged description field that is searchable that merges
> > all the various names and affiliations, which is why we don't just go to
> > the system of record and do the hourly copy...