Versions Compared

Old Version 106

changes.mady.by.user Hyzer

Saved on

compared with

New Version 107

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Release

Item

Description

2.3TIER packagingDiscuss with TIER and decide on standard TIER packaging for quick start (VM vs Docker vs Installer). Link to TIER Packaging Working Group.
2.3  Revise build environment and dependency retrieval

Revising code environment to get rid of dependencies and the hybrid builds (Maven and ant builds, hard to keep everything in sync)

Possible options:

  1. Ivy: keep existing ant scripts and use Ivy for dependency retrieval
  2. Maven: Remove ant build script and let maven drive both the build and dependency retrieval. (create various profiles for each env)
  3. Gradle: Remove ant/maven build scripts. Use groovy scripts to retrieve dependencies and drive the build

Need to figure out versions for each dependency.

2.3 (tentative)upgrade vt-ldapto ldaptive (or unboundid?)

2.3 (done)

Improve folder privileges

Change folder privileges so that instead of the STEM privilege, there is an ADMIN privilege on folders.  The ADMIN privilege would mean you have all rights to the folder, you can rename it, delete it, change privileges, and effectively every other privilege.  The CREATE privilege would be changed to also include creating folders (in addition to groups and attributes).  And the STEM_ATTR_READ and STEM_ATTR_UPDATE would remain the same.  Note, so the name doesnt conflict with the group ADMIN privilege, the stem privilege will be called STEM_ADMIN.

2.3 (in progress)

Improve loader

  • A loader job where unresolvables should be an error should end in an error in GSH/UI GRP-1212 (for 2.2.2.patch, 2.2.3, 2.3)
  • Add the ability for the loader to run on multiple nodes to it has better availability by adding tables for quartz
  • Look at loader.thread.pool.size, is it used? Can it be added to quartz config? Should it be removed from the config file if not?
  • Add the option for unresolvable subjects to not cause loader jobs to fail (note, if the source is unavailable it should fail and not remove all members, and it should only allow unresolvables up to a certain configurable threshold, note that threshold is implemented for other reasons already. this might already be done ) (note, enable the unresolvable feature at a database connection level so some databases can take advantage of it and others dont have to).
  • Allow changes to loader configs to be read without having to bounce the loader. 
  • Allow the loader to have event based processing e.g. in messaging or a change log table.
2.3 (in progress)Add more features to new UIAdd features into the new Grouper 2.2 UI so that more things from the admin UI and the lite UI can be performed in the new UI.

2.3 (in progress)

Add remaining attribute/permission operations to WS

Add ability to manage attribute and permission definitions 100% via the WS.  Currently many things can be done via the WS but not all.  Currently the gaps can be addressed via the UI/API.

2.3

Standard authorization API

Define and implement a standard WS API.  This is a CIFER/TIER effort and might be based on SCIM or OAuth2 and might be readonly for 2.3.  This would be a web service and might also include messaging.

2.3 (in progress)

Successor to the PSP first pass. Include AD and LDAP connectors

Replacement of the PSP for LDAP/AD

2.3 (tentative)

Improve GSH

Improve gsh by adding readline like capabilities (line editing, tab completions, history, etc).  Explore incorporating Jline2 into the current beanshell approach or possibly adopting groovysh as the base.

2.3 (in progress)

Provisioning by message

Use a message bus to notify interested parties, including traditional provisioning agents, of group changes. TBD: supported message transports, format of messages, content of messages.  Possible transports include AWS, Azure, ActiveMQ. 

2.4

Finish the new UI, replace admin and lite UI

Add features into the new Grouper 2.2 UI so that everything from the admin UI and the lite UI can be performed in the new UI.  Remove the admin and lite UIs (redirect outdated links).  Add user based auditing and overall auditing.  Add new features like the ability to easily configure "rules" in the UI

On-going

Grouper Core enhancement

Continue adding capabilities to meet requirements from the field.

On-going

Community contributions

Solicit and publicize community contributions of extensions and complements to Grouper.

Not yet assigned

Register for notifications

Add ability for users to register to be notified of changes to specified objects. Note, there are rules to email users about changes to memberships

2.4

More provisioning connectors

Add further connectors to reflect specified group, membership, role, and permission information into external systems and services. Include Google provisioning (from the Unicon contribution to the PSPNG)

2.4 (tentative)

Scaling REST webservice

A page in the Administration guide, Grouper always available web services and client, demonstrates one way to provide always available services using a specialized client.  The CIFER REST web service will need the server-side capability to provide that always-available functionality.  In addition the REST API should be able to access multiple, read-only caches so it can efficiently handle any increase in query requests, most of which will not need to directly access the primary database. PSPNG should be able to provision to a database table, and WS should be able to read from that table (or tables) for simple operations.

...