Grouper Call of Sept. 28, 2022
Attending
- Chris Hyzer, Penn, Chair
- Shilen Patel, Duke
- Vivek Sachdiva, independent
- Chad Redmon, UNC
- Drew Aschenbrener, Internet2
- Chris Hubing, Internet2
- Emily Eisbruch, Internet2
Administrivia
- Internet2 Intellectual Property Policy
- Review AIs Grouper Project Action Items (Google Doc)
- Agenda Bash
Grouper Training
- Grouper Training happening this week Sept 27-30, 2022 https://incommon.org/academy/grouper-school/
- Going well
Plan for Grouper 2.6 and 2.7
https://spaces.at.internet2.edu/display/Grouper/Grouper+provisioning+framework+remaining+items
- Plan: we should wrap up provisioning (over the next month) and call it a day on v2.6.
- Then go to v2.7 and do some of what we previously planned but not everything.
- Work on ABAC and data fields.
- Then 2.8 would be the true single process container. 2.6 is dragging on and we need a more recent stable version of Grouper than 2.5. Thoughts?
Current Work
Vivek
- MidPoint provisioner, it’s a subclass of SQL provisioner
- Configuration is simplified, can specify a table prefix
- Used to have a column for what target data going to,
- But that is one to many
- So target is now multivalued
- Vivek will make multivalued metadata option
- did provisioning unit tests
- OIDC, one external system does everything, you configure end points to OIDC or well known URL
- Can use redirect URI
- Ajax
- OIDC authentication to Grouper UI
- OIDC authentication to Grouper Web Service
Shilen
- Shilen will merge in Hibernate
- Shilen is working on adding groups and point in time. Change log might be more of a bottleneck, but group additional are not the biggest issue for change log
- Would be good in Grouper 3.0 to do everything batched
Chris
Grouper Training is going well.
Grouper 2.6.16 was released on Sept 22, 2022
v2.6 Release Notes
Some updates were madeto Grouper 2.5 also
Chad
- Grouper Training Training
- Updated the wiki page for Grouper UI configuration, it was 90% out of date
- Customising the Grouper UI
- Including changing banner and logo
- Working on the SCIM project
- Plan For 2.7, Rocky Linux, Tomcat, Single Process, Need to pick a java… Anything above Java 8. Suggestion for Java 11.
Chris Hubing
- The current grouper docker container uses centos7
- as an improvement, we are testing rocky8, which is newer and will have better support
- and also supporting arm64 processors
- right now, it only supports the x86/amd64 architectures
- so overall, these are some improvements the community is asking for
Issue Roundup
Jiras in past two weeks
GRP-4392
provision only applicable memberships
GRP-4391
put limits on group size for provisioning
GRP-4390
if query too long for loader, should give error on UI before saving
GRP-4389
abbreviate group display names on main page
GRP-4388
improve find command in container build script
GRP-4387
Refactor or remove GrouperUtil.fileCopyExampleResourceIfNotExist()
GRP-4386
add attestation where if not attested the group will be disabled
GRP-4385
the directory /home/tomcat in container should be group executable
GRP-4384
container should not change ownership or permissions on /opt/grouper/slashRoot
GRP-4383
grouper provisioning null pointer when incremental adding a user (not in target) to a group that requires users to exist
GRP-4382
fix this error message to mention caching on links
GRP-4381
handle unresolvables in provisioning
GRP-4380
provisioning membership value should get from cache? or make attributes work
GRP-4379
change audit log to add start/end dates
GRP-4378
audit log says someone added even if the start date is in the future
GRP-4377
enabled/disabled should update memberships if they exist
GRP-4376
upgrade jars
GRP-4375
show container version in UI
GRP-4374
default log level for grouper is info and not warn
GRP-4373
change pit group set sync'ing to use change log
GRP-4372
provisioning in readonly mode should not make changes
GRP-4371
Refactor session initializer to remove resources/init/*.properties
GRP-4370
Move banner and footer into jsp includes
GRP-4369
Page title only working for main page
GRP-4368
Creation of Local Entity Failing when not user in sysadmingroup
GRP-4367
do not provision memberships if user does not exist in target
GRP-4366
failsafe approvals not working for provisioning
GRP-4365
cannot edit provisioning daemon
GRP-4364
fix container ENV and USERTOKEN
GRP-4363
grouper container should be able to log to file or pipe or both
GRP-4362
Provisioning Framework is provisioning entities that exist in Grouper but not Target
GRP-4361
make findBadMemberships full daemon scale for missing composites
GRP-4360
migrate from oidc non external system to external system
GRP-4359
remove foreign keys from grouper_stem_view_privilege
GRP-4358
remove jsonlib and replace with jackson
GRP-4357
add start/end date to member export of group
GRP-4356
Bad membership finder daemon should catch throwable
GRP-4355
maven checkstyle shouldn't warn on missing javadoc on private fields/methods
GRP-4354
make sure provisioning readonly is readonly
GRP-4353
oidc well known and required fields
GRP-4352
loader should add before remove
GRP-4351
Fix testing errors in WS bearer token external system
GRP-4350
error creating stems
Grouper Emails in September 2022
- [grouper-users] Change delimiter for multivalued attributes returned by WS?, Baron Fujimoto, 09/06/2022
- Re: [grouper-users] Change delimiter for multivalued attributes returned by WS?, Baron Fujimoto, 09/09/2022
- [grouper-users] edu.internet2.middleware.grouperClient.ws.GcWebServiceError: Bad response from web service: resultCode: PROBLEM_GETTING_MEMBERS, Sahull, 09/14/2022
- [grouper-users] Azure Provisioner null pointer exception error, Sahull, 09/15/2022
- [grouper-users] fun with DDL upgrade, Jeff McCullough, 09/21/2022
- [grouper-users] using two instances of PSPNG, Ben Beecher, 09/21/2022
Grouper wiki updates in past two weeks
- Connecting to the AWS Training Environment
- GrouperShell (gsh) Composite insert / update / delete (CompositeSave)
- Grouper provisioning framework remaining items
- Connecting to the AWS Training Environment
- v2.5 Release Notes
- v2.6 Release Notes
- DDL in Grouper v2.5+
- Release steps for new container build
- v2.6 Upgrade Instructions from v2.6
- Container update process
- Customising the Grouper UI
- GrouperShell (gsh)
- OIDC authentication to Grouper UI
- OIDC authentication to Grouper Web Service
- Assign Attributes Batch
- Generated javadoc and site reports
Next Grouper call: Wed. Oct 12, 2022