Attending 

  • Chris Hyzer, Penn, Chair
  • Shilen Patel, Duke
  • Chad Redmon, UNC
  • Carey Black, Purdue
  • Jonathan Johnson (JJ) , Unicon
  • Chris Hubing, Internet2
  • Emily Eisbruch, Internet2

DISCUSSION

  • Agenda bash

 

Current Work

 

Vivek

  • SQL -  "Start with scaffolding" is done
  • Grouper SQL provisioner startWith scaffolding
  • Will move on to working on another provisioner type
  • Will pre-populate the scaffolding
  • If you make a SQL provisioner, you have option to start with scaffold with patterns
  •  More overview:
  • There is a scaffold, Java class implements an interface, provides via config metadata what questions  to ask and what the available drop downs are.
  • When you submit it, config for that provisioner get populated. Screen gets displayed
  • If every pattern is its own scaffold, too much repetition
  • So inside each scaffold are patterns
  • There is a start with of the start with
  • You can use “other” to customize
  • Question: is adding another pattern just configuration?
  • Answer: a pattern is partly config and partly Java code
  • You can code APIs

  • Midpoint
  • Might make a MidPoint provisioner, like the SQL provisioner
  • Question: why subclass the  provisioner versus using the SQL provisioner
  • Answer: it will be easier for user to just pick MidPoint , for example
  • Being able to click MidPoint makes the suite of Internet2 products more cohesive 
  • Question: is the schema on midpoint stable?
  • Could have Midpoint provisioner, or can mark it as provisionable and have it go to MidPoint
  • Choice is where do you want to mark things as provisionable
  • Have service Admins, make a new group for target, mark another folder
  • Need to make a provisioner for each service that MidPoint is provisioning
  • If Midpoint provisions Box and Azure, then make a MidPoint Box Provisioner 
  • And another for MidPoint Azure

  • Trying to get things into the provisioning mindset

 

Shilen 

  • Trace Membership 
  • Looking at membership trace using point in time data
  • Will implement Is a member and was a member
  • New page could replace other, older trace page
  • Matt: If a user is added and removed multiple times, problem of a very long page?
  • Propose showing most recent one or two 

 

 

Chris 

  • Provisioning config work
  • Hope to release Grouper 2.69

Chad

  • Grouper Training is coming up
  • May 17 - May 20
  • Will upgrade to using new Grouper version

 

JJ

  •  OSGI and authentication
  • Need to Make a wiki on this
  • Authentication for UI has an interface
  • One authentication  bundle with 100 jars
  • Built with Maven
  • Jar goes in directory in container
  • Configure Grouper to use SAML or CAS, gets invoked via OSGI
  • There may be a redirect and it just works
  • Should we have one for SAML and CAS?
  • Ease of use
  • But what about Jar Hell?
  • Packaging it up
  • To switch, you pull another bundle down
  • Could have all the bundles there
  • Concerns about image size?
  • No it’s not huge
  • With Groupert 2.7 get rid of apache, tomEE ,
  • Go to Tomcat
  • Harder to run things in same container if we get rid of apache?
  • Clarification: just because Grouper  does not ship w Apache, user can still use Apache
  • Can do reverse proxy

 

 

Grouper Version 3 Brainstorming

  • What is an Ideal database layout?
  • Auditing
  • Large tables
  • Slowness issue
  • Attribute assigned value
  • How to represent a value efficiently?
  • Keep in one place and have a look up table
  • Value strings, and more, in dictionary table
  • Still need some items in search table
  • Do examples , if 100 million dictionary items, set up a load test
  • Team, please think about potential issues

 


Grouper wiki updates in past two weeks

 

Next Grouper Call: Wed April 27, 2022

 

  • No labels