Grouper Call Wed. Jan. 11, 2017
Attending: Chris Hyzer, Shilen Patel, Jim Fox, Emily Eisbruch, Bert Bee-Lindgren
Intellectual Property Reminder:
http://www.internet2.edu/membership/ip.html
New Action Items
[AI] (Jim) provide info on University of Washington provisioning to Office 365
[AI] (Bert) email the list about Office365 versus Dropbox and next PSP project
[AI] (All) review the TIER Grouper deployment guide work
[AI] (Chris) put example in properties file for sources.xml patch
Carry Over Action Items
[AI] (Chris) GRP-1418: removeMembers redirect to main page for non-wheel user with Admin priv
[AI] (Chris) Attribute framework documentation DONE , see new diagrams!
[AI] (Chris) GRP-1420: Member removal from group shows recent activity as GrouperSystem
[AI] (Bert) follow up and reply to email on Hibernate Connection Pool issue
[AI] (Chris) follow up on Diagnostic servlet needs patch
[AI] (Bert) document how to build PSP NG and patch it [Bert needs to finish last couple steps] (AI for Chris to try it afterwards)
[AI] (Chris) put “make_patch” command in github
[AI] (Bert) Put these in jira: Grace Periods, Membership Rules, People/Account subjects
[AI] (Bert) document the solution to “turn off old psp issue” that was raised on the list
[AI] (Bert) create PSP-NG Training Video (after necessary patches) using Camtasia
[AI] (Chris) see if UI authn pulls from source. I.e. if someone authenticated as GrouperSystem
Completed Action Items
[AI] (Chris) Handle issue of paging in some web service calls DONE
[AI] (Chris) records not deleted from change log table from columbia DONE
[AI] (Chris) work on Attribute framework documentation DONE
[AI] (Chris) work on Get Groups lite WS paging DONE
[AI] Chris find out more about PSP at Penn and how it’s going (apply latest pspng patches) DONE
[AI] (Bert and Chris) discuss the best approach to groups requiring full sync [Done]
[AI] (Bert) email the Grouper users list on how to handle the “LDAP must have member in group” issue [Done]
[AI] (Bert) l ook into Compile issue: Bert to look into it. Is Bert’s work area in sync? [Done]
[AI] (Bert) Follow up on Erik Coleman issue of bushy groups in AD [Done
[AI] (Chris) Configure sources.xml as properties file, (DONE)
[AI] (Bert) Start discussion about how to handle empty groups (not allowed in some LDAPs) and see if community can decide on a single approach [Done]
Discussion
Current work tasks
Vivek –
Accessibility, Wrapping this up
https://spaces.at.internet2.edu/display/Grouper/Grouper+accessibility
TIER API in installer
Working to get this up and running
Misagh – gradle
Chris –working on patches
- Done with sources.xml
- https://spaces.at.internet2.edu/display/Grouper/Grouper+sources.xml+conversion+to+subject.properties
Bert – PSPNG
- Working to get membership implemented the way the community wants it implemented
- Work on non-LDAP provisioner, another supported endpoint, see 2016 TechEx slides
- Office365?
- Dropbox (GA Tech is interested in Dropbox)
- Q: Would Dropbox involve a lot of groups being synced?
- A: Bert: there are many funding-related groups in Dropbox
- End-user created groups with external people in them
- Issues around naming end-user created groups, need to enforce prefixes, such as the dept. name
- Or Google?
- Suggestion: focus on Office365
- Office365 has different set of rules from LDAP
- University of Washington provisions to Office 365 via AD in cloud?, it’s not simple
- [AI] (Jim) provide info on University of Washington provisioning to Office 365
- Note: Office365 can have unusual restrictions on groups
- [AI] (Bert) email the list about Office365 versus Dropbox and next PSP project
Shilen – real time loader
- Grouper Loader real time updates
- https://spaces.at.internet2.edu/display/Grouper/Grouper+loader+real+time+updates
- Triggers to loader table to populate an incremental table
- Will work for SQL lists
- Has committed code, this may become a patch to Grouper 2.3
- Writing test cases
Shilen hopes to finish writing and doing test cases between now and next Grouper call
Bill – TIER Grouper deployment guide
[AI] (All) review the Grouper Deployment Guide work
Issue roundup
- Loader memory issues
- -Xloggc:/srv/logs/udacity-provider-buzzapi-provider.1.gc
- Example output:
- CommandLine flags: -XX:-BytecodeVerificationLocal -XX:-BytecodeVerificationRemote -XX:InitialHeapSize=262908480 -XX:MaxHeapSize=536870912 -XX:+PrintGC -XX:+PrintGCTimeStamps -XX:+UseCompressedOops -XX:+UseParallelGC
- 1720.047: [Full GC 98211K->34767K(172544K), 0.0902460 secs]
- (Memory Leak → growth in that Full GC result)
- Grouper install on postgres (AI for Chris)
- Multiple LDAP sources in pspng (AI for Bert)
- Global Summit http://meetings.internet2.edu/2017-global-summit/
- Global Summit Grouper BoF (thanks Emily for organizing)
- Sources.xml to properties (patch done)
- ([AI] Chris put example in properties file for sources.xml patch
- UI audits truncated (patch done)
- Jira will be upgraded January 14, 2017
- PSP bushy vs flat email
- GRP-1455: Grouper versions done match (patch done)
- GRP-1451: if the subject id attribute does not exist for a record in an ldap loader job, give descriptive exception
- GRP-1452: regex replace in subject source can cause issues if subject id has dollar sign
- Penn AD patch seems to work
- Cherry pick TIER
- AD range attribute support (done right Bert?) (Yes)
- Diagrams on attribute framework
- Remove group performance (AI for Chris)
- GRP-1439: old records delete from table performance (patch done)
- GRP-1449: paging in WS (patch done)
- GRP-1440: usability of combo (patch done)
- GRP-1446: performance of trace privileges (patch done)
- Modeling NIS groups
- Unit tests in hsql (issues)
- GRP-1447: mysql driver in WS (patch done)
Grouper Roadmap:
https://spaces.at.internet2.edu/display/Grouper/Grouper+Product+Roadmap
Goal : Grouper 2.4 Release by 2017 Global Summit (end of April), so wrap up development work by mid-March
Add new messaging strategies:
- AWS- Chris
- Rabbit MQ - Bert
Bert has question on Grouper Instrumentation for PSP
Will review more roadmap items on next Grouper call
Next Grouper Call: Wed. Jan. 25, 2017 at noon ET