Grouper Call of Feb. 28, 2024

Attending 

  • Chris Hyzer, Penn, Chair
  • Chad Redmond, Unicon
  • Vivek Sachdiva, independent
  • Shilen Patel, Duke
  • Carey Black, Purdue
    • Bert Bee Lindgren, GA Tec
    • Liam Hoekenga, UMich

    • Gail Lift, UMich
    • Kellen Murphy, Univ of Virginia

    • Ioannis Igoumenos, Athens Greece
    • Drew Aschenbrener, Internet2

    • Emily Eisbruch, Internet2


Administrivia

New Action Item from this call 


Grouper Doc


Grouper Training

Grouper Releases 

      • Two new Grouper releases are out. 
      • There’s a lot in these releases
      • Found memory issue with the provisioner, Thread local issue, there will be new standards for using thread locals
      • Ldaptive issues should be addressed in v5 latest release
      • Re-did how memberships and composites work
      •   Changelog temp runs continuously
      •    Adds sub job records so you can see the progress
      • SCIM changes
      • Unscheduling Daemon jobs has been improved Stopping daemon jobs
      • Restriction of deleting built in objects
      • AI - Chris - document provisioning group roles       https://todos.internet2.edu/browse/GRP-5305


      • AI - Shilen -  update wikis to include stop daemon info
    • Moving forward, we try to only change bugs in Grouper v4
    •   Chad and Chris discussed  issue around release updates,  Maven, Authentication plug-in does not push to the release, need to do snap shot builds. 

Grouper Release v5.8.1

We are proud to announce the release of Grouper v5.8.1.  There are two upgrade instructions from v5.7.1.  See the release notes: https://spaces.at.internet2.edu/display/Grouper/v5+Release+Notes

30 Jiras

Current Work

Vivek

    • Rules UI
    •  Shared demo on how to set up Grouper rules
    • Most users will pick a pattern
    • Patterns based on rules listed on the wiki
    • Can add more patterns later
    • You need to run GSH currently
    • Inherited privileges have their own UI
    •    Should that even be a pattern?
    • Everything that’s a rule can be shown as a pattern on the UI
    • Not everything is applicable for folders
    • Multiple type of firing for a rule
    •   Fires immediately
    •   Not fires immediately:
    •        change log consumer or 
    •        daemon
    •   Discussion of Start with versus Pattern terminology
    • For privileges on rules, we had to make decisions.. 
    • Must have create or admin on a folder to see rules
    • To edit rules you need admin on the folder, suggestion to change this to sysadmin
    • Chris will poll on the Grouper slack channel to get community preferences on default privileges
    • Question: could rules have bad consequences, such as the “remove” rule clearing out everything under a folder?
    •    AI Chris - add Rules UI to Grouper roadmap  https://spaces.at.internet2.edu/display/Grouper/Grouper+Product+Roadmap

Shilen 

Chris 

    • For each rule pattern, going through the wiki and making updates
    • Need to update screenshots in the doc
    • Will be working on prep for upcoming Grouper Training
    • Daniel has a non snapshot ldaptive
    • Postgress was updated
    • Chris worked on various Jiras

Chad

    • Customer using legacy JDBC subject source
    • No value in JDBC1 versus JDBC2
    • Materialized view is a good idea
    • Starting with Grouper v7 or v8, hope to get the data in Grouper
    • Chad working on JIRAs
    •   https://todos.internet2.edu/browse/GRP-5307 (case sensitivity) Chris will look at this
    •    GRP-5308 - Getting issue details... STATUS     Provisioning entities not filtering objectClass when Select All Entities is false


Matt: question re integration with Midpoint so Midpoint could deliver a data source like in infrastructure instead of subject source?

Chris: yes we will work on that.

 

Issue Round up


JIRAs in past 2 weeks


GRP-5327

show better provisioning group counts

GRP-5326

fix external auth build in v4 and v5

GRP-5325

update postgres driver to 42.7.2


GRP-5324

jwt does not work with ws.security.prependToUserIdForSubjectLookup

GRP-5323

allow updating of group names in scim


GRP-5322

Convert rules MAINTENANCE job to OTHER_JOB

GRP-5321

Remove job MAINTENANCE_externalSubjCalcFields

GRP-5320

if delete groups in provisioning is true (not default), and an option selected, then a validation occurs but shouldnt

GRP-5319

look at performance of readonly queries

GRP-5318

warning message for disabled dates too soon to work

GRP-5317

table names for quartz should be adjusted for case sensitive mysql

GRP-5316

Convert builtinMessagingDaemon MAINTENANCE job to OTHER_JOB

GRP-5315

Convert cleanLogs MAINTENANCE job to OTHER_JOB

GRP-5314

Convert enabledDisabled MAINTENANCE job to OTHER_JOB


GRP-5313

error going to daemon screen

GRP-5312

fix memory issue with provisioner


GRP-5311

ablity to clone an existing GSH template into a new GSH template. ( copy template A into new template B)|

GRP-5310

fix container certs for openshift



Wiki Updates in past 2 weeks

Grouper Users email list (none)


Next Grouper Call: Wed. March  13. 2024

  • No labels