Child pages
  • 26 June-2019
Skip to end of metadata
Go to start of metadata



  • Chris Hyzer, Penn, Chair
  • Chad Redman, UNC
  • Bert Bee-Lindgren, GA Tech
  • Carey Black, the Ohio State University
  • Vivek Sachdiva, independent 
  • Emily Eisbruch, Internet2

Grouper Action Items are here 


New Action Items

  • AI Chad and Chris help on  Bert’s issue re maven / pom
  • AI Chris handle Grouper client jar be configured to debug json message]
  • AI Chris, handle issue from Jeffrey Crawford: Get warning in logs: “but the attribute for that identifier is not configured in the subject source.”


Grouper Training in Madison June 18-19, 2019

  •   - went well
  • First 2 day Grouper training , about 21 participants
  • Most were new to Grouper
  • Had some sessions on newer Grouper features and modules, 
  • New features worked well
  • Got good feedback
  • Bill Thompson, ChrisHyzer and James Babb  were trainings
  • Used 15 minute modules with hands on exercises and  a verbal quiz
  • This is in preparation for Internet2 implementing an LMS
  • Next training will tentatively be this winter.
  • Erin working on specifics


Current work tasks, and next tasks

Vivek   Grouper Forms  Workflows and Approvals

  • Validation is in place
  • Daemon runs , needs testing
  • Suggestion: needs to say electronic form name and description
  • Nested UI can potentially be confusing, lots done with more tab
  • Want to be sure to start in  a generic way
  • Button to show for people who can submit the form (not just for admins)
  • List all the electronic forms on a group?
  • Good to have it in the page so you can link to the forms for your group
  • Balance between long list of options versus going to a new page
  • Question: Do I have to go to right group to find the workflow or is there a way to globally see all workflows I can start?  
    • Answer: must know the group
  • Later, there may be a misc electronic forms feature 
  • After someone submits a workflow, have a confirmation message
  • Notes for approvers was intended to be approvers can add , but not submitters. Should be read only (greyed out) on submitter page
  • Should save metadata about the form, report of audit data
  • Summary of Chris’s feedback on Forms, Workflow and Approvals
    •   electronic form button should show for people who can run it

    •   clear form after sending

    •  notes for approvers is readonly for submitter
html form should be standalone

Chris –  Training, patches

     Grouper Deployment Guide , published in 2017

  • Hope to start Grouper Deployment Guide  v2 soon
  • convert Grouper Deployment Guide to wiki pages
  • Review   and make comments and leave edits
  • Update it for current patches
  • Grouper types, visualization, attestation
  • Hoping to do LMS modules on all the modules of Grouper
  • Should Grouper Deployment Guide focus on setting up groups and access policy standards only? 
  • Grouper Deployment Guide has Intro to access management that is very helpful.
  • Suggestion to Rename the Grouper Deployment Guide to Centralized Authorization Guide with Grouper
  • Docker approach needs to be reflected  in the GDG v2, 
  • Standardizing on Docker for installation has some advantages
  • But not every campus is ready to use Docker
  • Would be helpful to simplify installation 
  • V1 GDG was developed via a contract with Unicon
  • In next phase of GDG, the Grouper team will be more closely involved
  • Currently the installer goes from zero to a patched version of Grouper
  • With Docker, there is no chance to mess up people who have manually added JARS
  • Recent campus upgrade became complex when Docker was not used
  • Installer versus Docker …   if you add your own Grouper customizations, and run the installer for patches, this can be more complex, than using the Docker image
  • Use a revalidate mode?
  • This conversation  to be continued. Hope to get more Grouper packaging decisions for better consistency 

Bert – PSPNG patches

  • [ERROR] 'dependencies.dependency.version' for com.amazonaws:aws-java-sdk:jar is missing. @ edu.internet2.middleware.grouper:grouper:[unknown-version], /home/mchyzer/2.4.pspng-patches/m2/edu/internet2/middleware/grouper/grouper/2.4.0-SNAPSHOT/grouper-2.4.0-SNAPSHOT.pom, line 81, column 21

  • AI Chad and Chris will help on  Bert’s issue re maven / pom
  • Grouper pom should use variables to specify a version. Instead of dependency management technique
  • Chris, Chad and Bert will discuss this offline
  • Possibly parent pom is bad

Shilen – Report attestation 

ChadVisualization improvements

  • Wondering how the patches are working
  • Used during Grouper Training in Madison
  • Things worked well
  • More intuitive now
  • Can now see the ref group, policy group, basis group,
  • Legend looks good
  • Chad hope to make one fix (download svg or png from webpage, there is jsfiddle with example) 
  • If composite , make sure you have both children
  • Chris opened some JIRAS related to Chad’s work , such as trace a membership in Grouper, would be interesting to visualize that, see all the paths and privileges 
    • GRP 2221 add visualization to trace membership

Matt create JIRA around  UI should have a way to report the current version/patch level (DONE)

Issue Roundup for June 26, 2019

 Emails since  June 12, 2019

Reasons simple loader job is not populating a group? (Josh ODowd)

Restart Grouper without running installer again (Adam Chang, UC Irvine)

UI Audit Log Timeout (Jared, Kenyon)

  • When Shilen returns

PSP AD - 2 Domains (Ryan R , U Nebraska)

Math in Visualizer (Princeton)

Advanced Grouper Usage (  Richard Frovarp

  • Chris will reply to this

Topics on TIER-Grouper Slack

  • Grouper and Amazon's Corretto JDK?  The Shibb team announced official support for it (and not Zulu Java), so we'll be moving the Shib containers to Corretto. (Caskey)
    • Competitor to Open JDK?
    • Look at this, compare it to Zulu, for Grouper 2.5
  • grouper (web ui?) capability to control who (using a group) could search a grouper subject attribute.  Subject decorator (Gettes)
  • TIER Grouper Deployment Guide, section 5.2.1 that describes the recommended “etc:” stem/folder. Is etc:grouper_admin supposed to correspond to the default etc:sysadmingroup found in If so, should evolve so that the default is etc:grouper_admin instead of etc:sysadmingroup? (Koranda)
  • upgrade docs --- doesn't mention anything about tomcat , also other upgrade issues and questions ( Michael Bearfoot, U Minnesota)
  • PSP-NG... every so often we are getting this exception when trying to pull subjects to put into a group syncing to AD/LDAP.   (Erik Coleman)
  • Can Grouper client jar be configured to debug json messages (Jeffrey Crawford)
  •  [AI Chris handle Grouper client jar be configured to debug json message]
  • Get warning in logs: “but the attribute for that identifier is not configured in the subject source.  “ (Jeffrey Crawford)
    • [AI Chris, handle issue from Jeffrey Crawford: Get warning in logs: “but the attribute for that identifier is not configured in the subject source.]

New JIRAs since  June 12, 2019 , since JIRA 2205

  • 2234 conflicting jar makes mistake on aws

  • 2233 upgrade tomcat installer due to security issues, document process

  • 2232 add text file (or json) tomcat version list so the installer doesnt need to be edited to add tomcat versions

  • 2231 sql table provisioner: different behaviors for similar Config

  • 2230 sql table provisoner: error for last_updated

  • 2229 sql table provisioner: incremental ability needed

  • 2228 sql table provisioner: errors showing as success

  • 2227 wherever cron is used (e.g. reports), trim the string before validating and saving

  • 2226 pspng no grouperSession error

  • 2224 allow grouper client to debug messages in json

  • 2223 my groups should have a groups I can leave tab (from Grouper Training)

  • 2222 allow enabled / disabled when memberships are added so there is not churn
  • 2221 add visualization to trace membership
  • 2220 members tab doesn't work when editing types
  • 2219 Attribute Value assignment screen sends user home on enter key
  • 2218 UI fails to refresh group membership when users "Joins" the group.
  • 2217 changelog temp processor status
  • 2216 PSPNG - Full- and Incremental-Sync coordination and conflicts
  • 2215 PSPNG - Frequent warnings about existing attribute values
  • 2214 PSPNG - FullSyncing group not selected for provisioning
  • 2213 PSPNG - Grouper-Loader Log
  • 2212 PSPNG and Unresolvable Subject
  • 2211 PSPNG - CacheSize=0: Should not enable unlimited caching
  • 2210 PSPNG - Caching: Share more information between Full & Incremental Sync
  • 2209 PSPNG - More configuration options for Caching
  •  2208 Issues addressed by PSPNG 2.4 Patch 8

  • 2207 grouper template screens should have a title
  • 2206 reports incorrectly detect S3 urls

Recent Grouper Wiki Updates

Next Grouper Call: Wed. July 10, 2019



  • No labels