- Chris Hyzer, Penn, Chair
- Shilen Patel, Duke
- Bert Bee Lindgren, Georgia Tech
- Chad Redman, UNC
- Vivek Sachdiva, independent
- Emily Eisbruch, Internet2
Training and documentation plans
There are plans to potentially change doc and training structure for TIER components, including Grouper.
Move to learning management system with small 5 minutes modules/chunks
Mix between our training videos and hands on training such as a TechEx
Plan is to use commercial partners to help create the training
For documentation, still use Confluence, but cut a version for each release
There will not be full day Grouper training at Internet2 Global Summit in March 2019
There will be a Trust and Identity meeting in July or Aug, details TBD
Current work tasks, and next tasks
Vivek – Object types
Looks good, should we tie into the loader?
String attached to each group based on queries
Use JXL? templatized?
For list of groups.
Go to folder…
On that folder you can put basis or ref markers that will be inherited.
Could be on loader config screen too.
Or on the SQL
Nice to get variable substitution
Would be useful , had not thought about it for 1st pass
Shilen: could do this without loader integration.
Don’t want to have loader job as only source
Could maintain thru web service or could be a composite group
For web service, you could set attributes
Service and folders approach is good
App is a base level of an application
Service could be multiple applications
Apps don’t have to live inside a service folder
Service could be inheritable?
Right now you can only have one assigned
Do we want multi select dropdown? Yes
Don’t want more than one type for a single thing
But could have both apps and services
See the model used for deprovisioning
First you assign and then you can select
Show different types …
For example, select employees, then can come and configure under students umbrella
Use same order as in Grouper deprovisioning https://spaces.at.internet2.edu/x/dAS6Bw
First ask type name
Then ask Direct/indirect
List is same as for folders?
Chris will get back to Vivek on that
Is hierarchy set when click on save?
Or it’s in real time?
Chris: don’t recompute
Vivek: When click on save, go thru the hierarchy
Chris: use same approach as in deprovisioning https://spaces.at.internet2.edu/x/dAS6Bw
Q: can you put direct inside inherited folder?
A: yes it will overwrite
Bert: can you use these as a structured search ? use these as ways to define groups and folders?
When a group is displayed we should bring these to be more visible so you don’t have to go to menu to look at type.
Display the type more prominently.
The type is important human readable info on the group.
Right now it’s in the “more” section
Chris will email the list to share this Object Types work
Summary of next steps on Grouper Types
To do now
Put type name first, then direct/indirect
When settings changed, it should use logic like deprovisioning where it updates the hierarchy tree
Types and metadata should be displayed on object page under the description (not in "more")
To do later
Source basis and ref metadata from loader
Clarify the difference between app and service
If there is a blank attribute, it should be unassigned
Use this as a means to search for things
- Working on Database configs
- Put comment above a string
- Chris can share this work with Bert
- Morph More? string needs to be changed?
- It should see if file exists if there is slash
- Will do patch
- Patching for Regex relevant characters
- Password login for connection password
- Encryptable properties
- Other string encryptable or ldaptive properties?
- Option for certif , Property would be a filename , so not in scope
- Morph? string is done magically
- Metadata in property file is good idea
- Masking is 99% solution
- Config Property metadata could be added later
- Will release patch this week
Logging and how loader breaks into sub-jobs
For full syncs
Perhaps separate log file for each provisioning target or each group in each provisioning target
For PSP NG, Defined stack of properties
Designed log4J appender? If you don’t have the properties in your call stack
Works for syncing
Helps make logs more searchable
Messages can be relatively simple
Still log context of the message
JSON logging is awesome, searchable
Bert will provide output sample
Set values to have separators
They show up as distinct fields.
Pattern helps to understand logs better
Chris: Full sync should have an entry in Grouper loader log
Bert thinking about sub-jobs
Chris doing work with logs https://spaces.at.internet2.edu/display/Grouper/Grouper+web+services+log
Should PSPNG log be in its own log file?
Bert: They should be searchable
Talk about this on next Grouper call
Nice to have a consistent way to log
Loader improvements, GSH, performance
released patch for LDAP loader, complex values
Started looking at Daemon jobs screen https://spaces.at.internet2.edu/display/Grouper/Grouper+Daemon
Filter by a job name?
Only shows most recent run.
Show all loader log data?
Good to get this patch out.
Work on history for next pass
When you create loader job, have option asking if you want to schedule it
Make is so run loader process schedules it thru the daemon
This could be separate JIRA and patches
Shilen will release patch and create jiras for additional work
– Jar versions
GSH, ldaptive, and dom4j patches are released.
Added a change log in root directory
Chad sent email to core list on Oct. 22, 2018 about JIRAs not complete.
Next project for Chad perhaps:
Around startup and hibernate
Chad and Chris will talk about items on roadmap
WS find members performance opportunities?
Query table directly is better than web services?
Wait to hear again about this
How would USDU work with a delay?
Configure USDU to set attribute on member objects
If not unresolvable, then clear the date
ScottK also had an USDU issue
Anyone interested in an integration with business objects?
Penn looking at this
GSH patch with new installer
Non zero return code for gsh
Loader job starting and disappearing (Bert)
Upgrading to Grouper 2.4 helped with this
Refactor GSH patch
JDBC2 subject config example
Grouper-loader base url
Grouper UI and reverse proxy and tomcat config (Ill)
Maybe the installer should setup the client?
grouperClient and forked versions of third party libraries
Grouper container openshift (Chad)
All test patches released
Maven build fail SubjectTestHelper
Next Grouper Call: Wed Nov. 28, 2018