Child pages
  • Grouper Call 27-Oct-2010
Skip to end of metadata
Go to start of metadata

Grouper Call 27-Oct-2010

*Attending*

Chris Hyzer, U. Penn  (stand-in chair)
Shilen Patel, Duke  
Tom Zeller, U. Memphis 
Rob Hebron, Cardiff 
Michael Pelikan, Penn State  
Ann Kitalong-Will, Internet2, 
Steve Olshansky, Internet2 
Emily Eisbruch, Internet2 (scribe) 
  
New Action Items

[AI] (SteveO) will investigate redirecting Grouper wiki references so previously established links and bookmarks will still work after the new wiki goes live.

[AI] (Chris and Shilen) will discuss whether the UI or web service for Point in Time Audit is most important.

[AI] (TomZ and Chris) will discuss/work on LDAP Grouper Loader for importing groups. 
JIRA 442

[AI] (Rob) will document Cardiff's public access to library services use case on Grouper External Users wikihttps://spaces.internet2.edu/display/GrouperWG/Grouper+external+users

Carry Over Action Items

AI (Everyone) review Rob's chapters and give him feedback on the Grouper Users List.https://spaces.internet2.edu/display/GrouperWG/GrouperBook  

AI (TomB) will explore new international participation for work on the Grouper UI. 

AI (Rob) will look at issues relating to testing the ESB Connector and contact Chris about moving the ESB work to the web services project. 

DISCUSSION

Documentation

AnnKW announced that the new Grouper wiki will be going live within a few days. The focus of work so far has been on reorganizing the wiki landing page, and the new structure (based on the Shibboleth wiki structure) is seen at 

https://spaces.internet2.edu/display/Grouper/Grouper+Wiki+Home

If there are comments on the reorganization of material, please email Ann Kitalong-Will  at amkitalong@gmail.com.

SteveO noted that after there is a cutover to the new wiki, the old wiki will be preserved in case some of the content is needed. However, at this point no content has been removed in the new wiki, things have just been reorganized. 

The Grouper wiki URL will change after the cut-over: the key will change from GrouperWG to Grouper.  SteveO will attempt to ensure that links to wiki pages created in the past will work via a redirect. 

[AI] (SteveO) will investigate redirecting Grouper wiki references so previously established links and bookmarks will still work after the new wiki goes live.

Rob's "Getting Started with Grouper" ebook is a different ongoing effort from the wiki reorganization. Rob's welcomes feedback.

https://spaces.internet2.edu/display/Grouper/Getting+Started+with+Grouper

Grouper Roadmap

At the recent Jasig Unconference in Joliet, Illinois, TomB and Chris updated the Grouper roadmap:

https://spaces.internet2.edu/pages/viewpage.action?pageId=14517754

Important Roadmap Items:

  • Lite UI Enhancement  - adding in attributes, roles, and persmissions
  • Grouper web services enhancement - these improvements are ongoing
  • Notification of changes  — Rob will work on notifications in ESB)
  • Ldappc NG  - there was a question about reflecting permissions into LDAP. Can we get an example of that on the demo server? TomZ will work on reflecting the attribute framework model (JIRA 508). Rob noted how permissions are handled in directories is implementation specific, so we can just give an example in the demo server. 
  • Point in Time Audit - using GSH interface and possibly web services and UI, depending on timing of the Grouper 2.0 release. 

A question was raised of whether UI or web service for point in time audit should come first. It was noted that LIGO has a requirement to query point in time in real time.  
[AI] (Chris and Shilen) will discuss whether the UI or web service for Point in Time Audit is most important.

  • uPortal Grouper integration
  • Rules  - done
  • Federated Grouper Membership and Privileges - Chris working on

What about importing groups into Grouper from an existing source using the LDAP Grouper Loader ?
[AI] (TomZ and Chris) will discuss/work on LDAP Grouper Loader for importing groups.. JIRA 442

Chris has an idea for using web services to enable applications to outboard evaluation of privileges at run time (PDP). This item is unassigned to a version.

Reflecting External Subjects in Grouper 

Chris created a wiki on reflecting external subject data into Grouperhttps://spaces.internet2.edu/display/GrouperWG/Grouper+external+users

Q: Should self-registry of subjects into Grouper be allowed?

A: Yes, it would probably be good to have that option available. In addition it would be good if someone could enter info for one of his/her collaborators and specify which groups that collaborator should be added to. The collaborator would then receive an email, log in and register, and then be added to the specified group(s). 

Anyone who can get registered with Protect Network can get registered to the group

[AI] (Rob) will document Cardiff's public access to library services use case on Grouper External Users wikihttps://spaces.internet2.edu/display/GrouperWG/Grouper+external+users

For the demo server Chris is planning on implementing a hook with logic to facilitate registration. 

Chris: Should it be stated on the WAYF that "if your institution is not listed on the WAYF dropdown, then go to Protect Network" ?

Shilen: The standard InCommon WAYF could be used.

Chris: Should there be an expiration date for external group members?

Possibly, if the membership has been unresolvable for a few weeks, then the membership should be disabled or removed.  An email could optionally be sent out prior to this disabling or removal.

Adding Privileges to Groups and Stems

There has been a suggestion that these new privileges be added on groups and stems. 

  • attribute read
  • attribute update 

Shilen noted that this is a good idea, but it will add a lot of rows to the group set table.  A script would be needed for upgrade.  Some other coding adjustments might be necessary in places where there's an assumption that only the current privileges exist.

Quickstart

Rob may fix the Quickstart when he finds minor issues that are out of date. For more major issues Rob will create a Jira.

Next Meeting: Face to Face Grouper WG at FMM in Atlanta on Monday, Nov 1http://events.internet2.edu/2010/fall-mm/agenda.cfm?go=session&id=10001464&event=1159

Next call is Wed. Nov. 10 at noon ET 

Note: Add to the agenda for a future call : Discuss a stem set table to reflect the structural relationships among stems.

  • No labels