Grouper Call 10-Jan-2018
- Chris Hyzer, Penn, Chair
- Chad Redman, UNC
- Carey Black, (Matt), tOhio State Univ.
- Vivek Sachdiva, independent
- Emily Eisbruch, Internet2
Grouper Action Items are here https://docs.google.com/document/d/1jQCt1nICmVVZsU8iprjbDw0WbmnpUt87NsS7rdKmfMo/edit
- Internet2 Intellectual Property Framework:
- Review AIs : https://docs.google.com/document/d/1jQCt1nICmVVZsU8iprjbDw0WbmnpUt87NsS7rdKmfMo/edit
Current work tasks
Vivek –Attributes in UI
Screens for attributes names, add, edit and delete.
Permission screen is more challenging . It is in LITE UI. To move to new UI, assigning is one part and viewing is another part. The LITE UI has resources and actions (delete, edit) at the column level. Need to design this in the new UI. Each value will have its own action.
DECISION: for the new UI, use the design approach used in the LITE UI
There are accessibility issues in the LITE UI, so Vivek will add those for the new UI
Matt: the New UI looks less cluttered which is a good thing.
• move columns to the left.
• Remove Icons and use dropdown menus.
• See Attribute names in the folders, display name, folder, description, attribute definition and folder, can click the MORE button.
Bert – PSPN
Shilen – patches, vacation
Chad – Library updates
• wiki page https://spaces.at.internet2.edu/pages/viewpage.action?pageId=122716457
• Did one commit , replacing things identical from Maven
• Now updating libraries, it’s harder to test, takes 5 hours to do each test, could be hsql, may try w MYSQL
• So create new branch? No, just do it and we will work through it.
• JQuery version is old and this work will help.
• Chad can look at jQuery and at Bootstrap
• Working on UI and web services
• For UNC - Chad working on Office 365 Group
• Chad, will update this page https://spaces.at.internet2.edu/display/Grouper/University+of+North+Carolina+Grouper+Project+Page
- 3 step proces
- Chris has done 1st step
- Step 1, when you assign an inherited priv, it will assign to sub objects before Daemon runs. It creates a message saying it’s running. See Grouper Release notes, last UI patch has this change
- Steps 2 and Step 3 are more controversial:
- Step 2: re removing an inherited privileged… we don’t know which are assigned because of the inheritance . but Chris says if inherited priv is removed, it should be removed from the sub objects
- Step 3 - if you create an object in a folder and reason you had create priv is because of inheritance , than you should not have that individual priv.
Grouper Deployment Guide v2
Grouper security model (other people with input?)
[AI for Chris] Colons in display name in loader causing issues
[AI for Chris] control on a framework attribute in AdminUI (Brigitte)
I2midev6 down, need to ssh through login.internet2.edu[AI for Chris] subjectId not properly encoded in UI
[reminder of AI for Chris] groupsFromAttributes customizer
Loader job dependency (there’s a jira) GRP-1657
[AI for Shilen] deleting a group deletes the composite membership?
[AI for Chris] test subject emails from subject diagnostics
hasPriv vs canPriv
edit attribute names on new UI
view/assign attributes on stem screen - Chris working on this, once done the screen design can be used for other purposes
[AI for Shilen] matt’s request about vtldap setting pooling properties
[AI for Chris] Scott Koranda installer enhancements
[AI for Bert] Yoann Delattre delete group with member error
[AI for Chris] Patching and JSP files -- an issue on the list from Tufts
- Suggestion: Use packaged WAR instead of exploded file system
- If Docker is used to install Grouper, this issue becomes less relevant
- Chris will start by updating the date on files copied over.
Global Summit presentation submission on deprovisioning
- (Chris, BillT, and Bert) was accepted and merged with Virginia Tech proposal Grouper and Access Control
Global Summit Tutorial on Grouper in Action, Sunday, May 6, 2018
- Registration open , desciription is:
Grouper in Action: Access Management Strategies for Higher Education and Research Tutorial - $25
Sunday, May 6 (1:00 pm–5:00pm)
For registration information, see the 2018 Global Summit Registration page.
Grouper is an enterprise access management system built by and for higher education, and is a key component of Internet2’s Trust and Identity in Education and Research (TIER) initiative. Designed for highly distributed and heterogeneous information technology environments, Grouper is uniquely suited to address the complexity and flexibility required by the modern institution.
This tutorial will explore the latest Grouper release, demonstrate a variety of real world use cases, and review the recently released TIER Grouper Deployment Guide. The deployment guide aims to distill diverse community examples into specific TIER guidance and recommendation for achieving a variety of identity and access management capabilities.
Come learn and see what Grouper can do for your campus and join the growing community of practice!
Next Call: Wed Jan. 24, 2018