5-Sept-2018

Grouper Call 5-Sep 2018  

Attending: 

• Chris Hyzer, Penn, Chair
• Shilen Patel, Duke
• Carey Black, The Ohio State  University
• Chad Redman, UNC
• Bert Bee Lindgren, GA Tech
• Vivek Sachdiva, independent
• Bill Thompson, Lafayette College
• Jim Fox, University of Washington
• Emily Eisbruch, Internet2
  
  

Action Items: Grouper Project Action Items (Google Doc) 

 DISCUSSION

New Action Items from this call

• [ AI] Bert will ask the question on the Grouper List about PSPNG and PSP
  
• [AI] (All) Review new template wizard wiki  https://spaces.at.internet2.edu/display/Grouper/Grouper+new+template+wizard and share ideas on the templates and email your ideas to Grouper-core list.
  
  

Grouper 2.4 release  https://spaces.at.internet2.edu/x/VhftBw

• Congratulations on the release
  
• Lots of overhead to put out a release
  
• If we do releases more often they might go more easily
  
• Plan is Grouper 2.5 for Spring 2019
  
• Let’s work on things that are patchable for Grouper 2.4 for the time being
  
• In Nov or Dec we’ll make a new branch 

• Start  testing for Grouper 2.5 release in March 2019
  

Items for 2.4 Release

• Demo Server Help page does not work
  
• AI Chris will research this and also do some updates, Chris has opened JIRA for this
  

Error: Problem converting JSP to string: /WEB-INF/grouperUi2/index/help.jsp, Problem calling method help on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Main

Please start plan for upgrading to Grouper 2.4 at your own institution.

Chad: UNC is using Maven, Grouper 2.4 is in development environment.  

Jim: U Washington also using Maven. Also will be looking to upgrade to Grouper 2.4

Maven

• Issue in Maven re making snapshots…
  
• Not for production applications
  
• What does the Maven world look like for the Grouper project?
  
• We had thought Maven deployments could use a patch
  
• But in fact patches don’t work well in Maven environment
  
• Need to get library versions to match whatever is supplied with Grouper.
  
• Can put a patch in the class path
  
• In Maven, it’s not an easy process to keep current w patches
  
• Grouper uses binary overlay patch approach
  
• Chris: don’t want build from source, prefer building from jar
  
• Comment: Building from jars could be limiting for some with custom extensions
  
• Building own source that relies on Grouper Jars
  
• For Grouper 2.3, to handle patches, UNC unpacked everything then applied the patches.
  
• https://spaces.at.internet2.edu/x/mglhBg
  
• Solution could be for Grouper Project to provide a patched version snapshot
  
• If releases are more frequent this will help the Maven users
  
• Can discuss this more in future if needed
  

 Current work tasks, and next tasks

 Vivek – New service template https://spaces.at.internet2.edu/display/Grouper/Grouper+new+template+wizard

• New service template wizard
  
• Please review Vivek’s work
  
• This responds to Campus Success Program request for a wizard
  
• On a folder you can choose new template, then new service template will be established, you can customize a few items and the wizard will create for you.
  
• This wizard will be for UI, not exposed via Web Services.
  
• Too much overhead for web service.
  
• However, People may want to trigger a template thru a web service.
  
• Matt: would like to see a space where you define a template with attribute attached, but this current approach is more insert a new hook
  
• Flexibility of building a pattern to replicate is good, but some concern about references within the folder
  
• JSON objects could be an input to a template
  
• Current wizard approach is what was discussed with the Campus Success Program
  
• [AI] (All) Review new template wizard wiki  https://spaces.at.internet2.edu/display/Grouper/Grouper+new+template+wizard and share ideas on the templates and email your ideas to Grouper-core list.
  

• Matt: start with just folder structure, get to other issues incrementally (attestation, deprovisioning)

 Chris – Database configs

• Keeping config in database
  
• Every properties file will have a new location
  
• Look at base and overlay,
  
• In database there is a file   
  
• Can edit in UI for non sensitive properties
  
• Can define types perhaps (integer, decimal)
  
• Then can export config that’s in the database
  
• Chris will create a wiki for this Database config work
  
• Will be able to edit configs and overlays
  
• First step is to be able to store configs in database
  
• Then handle more advanced issues
  
• Two steps , installer action that looks at overlay properties and puts those in the database for everything except hibernate properties,
  
• Then once in database you can edit it
  
• Will there be a UI page to view the database table?
  
• Yes, to display things and let you edit them
  
• TIER and Docker may help solve some issues around configs
  

 Bert 

• Patching Grouper 2.3
  
• See patches 17 to 20 here https://spaces.at.internet2.edu/x/bgfSBQ
  
• Bert will announce these on the Grouper Users list.
  
• Four patches, three need to be re-patched on Grouper 2.4
  
• Will create only one patch for Grouper 2.4
  
• Chris is only patching Grouper 2.4 unless it’s a security patch
  
• Bert is keeping 2.3 up to date with patches for a while since some problems have gone unaddressed too long (ihho, in his humble opinion)

 Shilen – LDAP real time loader

• Started to address the U. Michigan requests
  
• Shilen emailed U. Mich about their use case
  
• Hope to have real time loader support groups from attributes from LDAP loader
  
• LDAP change log to see what users are being modified , then send message to Grouper to do a synch for that user
  

 Chad 

• Successful MAVEN work to SONIFY in release steps
  
• https://spaces.at.internet2.edu/x/nobd
  
• https://spaces.at.internet2.edu/display/Grouper/Release+steps#Releasesteps-PublishingMavenjarstoSonatype(MavenCentral)
  
  
  
• Working on various patches
  
• Patch around using extra attributes
  
• Configure a property  to writeable
  
• PSPNG and PSP …
  
• [ AI] Bert will ask the question on the Grouper List about PSPNG and PSP
  

 Issue roundup

·         Grouper IAM Online Wed Sept 12, 2018  https://www.incommon.org/iamonline/

·         Grouper training

·         GSH non zero code

·         Bad membership finder.  Should we look for exception and fix?

·         Role inheritance in UI

·         Grouper loader quiesce

·         Michael Gettes loader question

·         Status monitoring

·         Struts vulnerability

·         Jim Fox cache question

·         PSPNG issues

·         Maven dep error grouper-ws

·         SQL run question

·         Grouper ui documentation

·         Gettes Grouper different view

·         LDAP groups from attributes issue with name

·         Koranda PSPNG issue

Draft Blog on Grouper - Chris and Vivek please review: https://docs.google.com/document/d/1ty_BBgW7Kg6_grA-lN0gbVeMYJZcHJ-FcwQhCTbbMwY/edit

Grouper Sessions at TechEx 2018 in Orlando

• TIER Access and Governance with Grouper and Friends,  on Monday Oct 15, 2018 8am-5pm https://meetings.internet2.edu/2018-technology-exchange/program-guide/tutorials-workshops/#TIER
  

• Grouper BOF - Tues OCT 16 lunch https://meetings.internet2.edu/2018-technology-exchange/detail/10005240/
  

• Latest recipes  you've done with Grouper session -  Wed Oct 17 at 2:40pm ET
  

• We hope that Campus Success Program people and others will present   https://meetings.internet2.edu/2018-technology-exchange/detail/10005183/
  

• Containerized Grouper Deployment BOF -  Wed. Oct 17 lunch  https://meetings.internet2.edu/2018-technology-exchange/detail/10005286/
  
• Grouper discussions at Advance CAMP too

 ·          

 Sept 12, 2018 IAM Online on Grouper:  https://www.incommon.org/iamonline/

Next Grouper call Wed Sept 19, 2018