Attending
- Chris Hyzer, Penn, Chair
- Shilen Patel, Duke
- Chad Redmon, UNC
- Carey Black, Purdue
- Jonathan Johnson (JJ) , Unicon
- Chris Hubing, Internet2
- Emily Eisbruch, Internet2
DISCUSSION
- Agenda bash
Current Work
Vivek
- SQL - "Start with scaffolding" is done
- Grouper SQL provisioner startWith scaffolding
- Will move on to working on another provisioner type
- Will pre-populate the scaffolding
- If you make a SQL provisioner, you have option to start with scaffold with patterns
- More overview:
- There is a scaffold, Java class implements an interface, provides via config metadata what questions to ask and what the available drop downs are.
- When you submit it, config for that provisioner get populated. Screen gets displayed
- If every pattern is its own scaffold, too much repetition
- So inside each scaffold are patterns
- There is a start with of the start with
- You can use “other” to customize
- Question: is adding another pattern just configuration?
- Answer: a pattern is partly config and partly Java code
- You can code APIs
- Midpoint
- Might make a MidPoint provisioner, like the SQL provisioner
- Question: why subclass the provisioner versus using the SQL provisioner
- Answer: it will be easier for user to just pick MidPoint , for example
- Being able to click MidPoint makes the suite of Internet2 products more cohesive
- Question: is the schema on midpoint stable?
- Could have Midpoint provisioner, or can mark it as provisionable and have it go to MidPoint
- Choice is where do you want to mark things as provisionable
- Have service Admins, make a new group for target, mark another folder
- Need to make a provisioner for each service that MidPoint is provisioning
- If Midpoint provisions Box and Azure, then make a MidPoint Box Provisioner
- And another for MidPoint Azure
- Trying to get things into the provisioning mindset
Shilen
- Trace Membership
- Looking at membership trace using point in time data
- Will implement Is a member and was a member
- New page could replace other, older trace page
- Matt: If a user is added and removed multiple times, problem of a very long page?
- Propose showing most recent one or two
Chris
- Provisioning config work
- Hope to release Grouper 2.69
Chad
- Grouper Training is coming up
- May 17 - May 20
- Will upgrade to using new Grouper version
JJ
- OSGI and authentication
- Need to Make a wiki on this
- Authentication for UI has an interface
- One authentication bundle with 100 jars
- Built with Maven
- Jar goes in directory in container
- Configure Grouper to use SAML or CAS, gets invoked via OSGI
- There may be a redirect and it just works
- Should we have one for SAML and CAS?
- Ease of use
- But what about Jar Hell?
- Packaging it up
- To switch, you pull another bundle down
- Could have all the bundles there
- Concerns about image size?
- No it’s not huge
- With Groupert 2.7 get rid of apache, tomEE ,
- Go to Tomcat
- Harder to run things in same container if we get rid of apache?
- Clarification: just because Grouper does not ship w Apache, user can still use Apache
- Can do reverse proxy
Grouper Version 3 Brainstorming
- What is an Ideal database layout?
- Auditing
- Large tables
- Slowness issue
- Attribute assigned value
- How to represent a value efficiently?
- Keep in one place and have a look up table
- Value strings, and more, in dictionary table
- Still need some items in search table
- Do examples , if 100 million dictionary items, set up a load test
- Team, please think about potential issues
Grouper wiki updates in past two weeks
- Grouper container documentation for v2.5
- Grouper SQL provisioner startWith scaffolding
- Grouper LDAP provisioner startWith scaffolding
- Grouper data structure improvements v3.0
- Grouper - Loader LDAP
Next Grouper Call: Wed April 27, 2022