COmanage Call 28-May-2010
*Attending*
Heather Flanagan, Independent (Chair)
Benn Oshrin, Internet2
Tom Barton, University of Chicago
Jim Leous, The Pennsylvania State University
Steven Carmody, Brown
Ann West, Internet2
Renee Frost, Internet2
Steve Olshansky, Internet2
*New Action Items*
[AI] (Steven) will email the group a proposed demo script.
*Carry Over Action Items*
[AI] (Benn) will assess the current infrastructure inside COmanage and start defining edge testing.
[AI] (Benn, Jim, Chris, Steven,) and possibly others at Brown will discuss what's needed to move ahead with the Women's Science Network VO.
[AI] (Heather) will email the COmanage-dev list with proposed dates/times for an international call in June.
[AI] (Steven) will email the COmanage-dev list a pointer to information on the Shibboleth Discovery Service.
[AI] (Jim) will send the group screenshots of the Penn State Confluence dashboard.
DISCUSSION
*Assessment*
Benn reported that he has now received access to almost all elements of the project. Benn inquired if the AI to perform an assessment related to any specific objectives (demo, service instance, etc.). Heather replied that the assessment should involve Benn becoming familiar with the components and asking for help if immediate assistance is needed with any issues.
*Request for VMs*
Steven and Benn talked during the week and discussed the proposed demo (showing a Shib-protected portal) in general terms. They discussed the set of VMs that will be needed. On May 27, they emailed Dan with a request. The plan is for the VMs to be set up next week.
*Grouper UI*
Tom reported that June 11 is the target release date for Grouper 1.6, which is to include the enhanced light UI. This UI does not address privilege or permissions management. (These features are in web services but not in the Grouper 1.6 UI.)
The Grouper 1.6 light UI should be incorporated into COmanage, and it will be sufficient for the planned demo. However, in the long run, the generic light Grouper UI - with its focus on working with one group or role at a time -- will not necessarily be ideal for the typical COmanage workflows. The Grouper-dev team is looking for a partner to present real needs and use cases for adding roles and permission features into the light UI. Perhaps COmanage could be that partner.
*Demo Plans*
The plan is to develop a COmanage demo in line with Steven's email and diagram of May 21. The demo will be presented at the GENI Engineering Conference in San Diego July 20-22, and possibly elsewhere.
Steven stated that Ken sent new slides to Steven that include attributes that need to be moved around inside the demo.
Also, Steven reported that Ken recently presented a demo, including Shibboleth and Grouper, for a GENI PI at Duke, and it was well received.
GENI has a requirement to be able to assert attributes to various services. It may not be practical for Duke Central IT to put these attributes into the central LDAP directory, and so there are questions around how these attributes will be handled/stored. COmanage may offer a promising approach.
Steven asked whether it would be possible for Grouper inside COmanage to create/grant new permissions, which Shib could then reflect. The use case is a professor giving students in a particular course permission to a GENI resource.
TomB stated that Grouper can certainly be used to define/specify a group that has access to a resource. The issue for the GENI VO use case is that the course roster would most likely be defined in the Duke's Grouper system, not in the proposed GENI instance of COmanage. The GENI instance of COmanage will need access to that course roster information. There could be policy issues involved in referring data from one system to another (from Duke's Grouper to the GENI CO). Possibly there could be a federated solution? Possibly the system administrators for the Duke Grouper and for the GENI COmanage instance could work out the details.
[AI] Steven will send out a script of the demo
Ken and Steven will work on getting more details of the GENI/Duke use cases.
TomB will facilitate an introduction between Benn and Shilen.
*Misc*
If anyone has documents articulating requirements for a service instance of COmanage, please forward those to Benn.
Steven: Q: Did we imagine a single COmanage instance as being able to keep multiple projects separate? Does current code base support that?
Heather: A: Projects can be kept separate, though users may be able to see the existence of a project other than the one they belong to.
*International Collab Call*
Heather proposed combining the June 2010 international collaboration calls into a single call on Thursday, June 17 at 7:00 am PT, 10:00 am ET
Let Heather know if there are objections to this.
*Advance CAMP Reminder*
Advance CAMP: The Second Identity Services Summit is June 23-25 in Raleigh
https://spaces.at.internet2.edu/display/ACAMPIdSummit2010/Home