Child pages
  • Grouper Call 12-Oct-2011
Skip to end of metadata
Go to start of metadata

Minutes: Grouper-dev Call 12-Oct-2011

Attending

Tom Barton, University of Chicago (chair)  
Gary Brown, Bristol
Shilen Patel, Duke
Lynn Garrison, PSU
Tom Zeller, Unicon
Steve Olshansky, Internet2
Emily Eisbruch, Internet2 (scribe)

New Action Items

[AI] (Shilen) will email the Grouper-users list regarding 1) cache issue (GRP 669),  2) recommendation to change the default cache setting from "unlimited,"  and 3) change log issue (JIRA 667)

[AI] (Gary) follow up w Rob U. at Simon Fraser University on Admin UI issue (see 7-Oct-2011 email)

[AI] (Emily) start -- and work with Shilen on -- a wiki documentation page with descriptions/recommendations on ongoing operational tasks, including those related to periodic database pruning. Then possibly send a pointer to the Grouper-users list asking for additions.

[AI] (Emily) review documentation on how to configure a group to send email notification re a membership change

[AI] (Emily) remind TomB to include on the Grouper-dev call agenda for  26-Oct-2011:
      1) Decision on  a date for the Grouper 2.0.1 release
      2)  Decision on whether hibernate changes should be included in the 2.0.1 release

Carry Over Action Items

[AI] (TomZ) will review the Grouper LDAP Loader doc and provide feedback to Chris, possibly with lessons learned from LDAPPC work.https://spaces.at.internet2.edu/display/Grouper/Grouper+-+Loader+LDAP

[AI] (TomZ) will update JIRA to reflect the priorities  

[AI] (Gary) will email the Grouper-Dev list with specifics on UI accessibility issues  

[AI] (Rob) will follow up with Danno on obtaining the server for the Continuous Integration Environment.  

[AI] (Everyone) review Rob's chapters and give him feedback on the Grouper Users List.

DISCUSSION

Grouper v2.0.1 and Latest Issues

- Shilen fixed the "Point in time sync fails" cache issue:https://bugs.internet2.edu/jira/browse/GRP-669

- Another caching issue: the default caching setting in the XML files is set to "unlimited" (can lead to caching forever).  
It should be set to a low value (like 1 second) instead.

- For Grouper 2.01, the default cache settings will be revised. Shilen will email the Grouper-users list to advise folks to make this change in 2.0.

- Shilen resolved Change Log issue (JIRA 667) https://bugs.internet2.edu/jira/browse/GRP-667

[AI] (Shilen) will email the Grouper-users list regarding 1) cache issue (GRP 669),  2) recommendation to change the default cache setting from "unlimited,"  and 3) change log issue (JIRA 667)

- Shilen is working on the issue that Julio found. Might involve using Grouper 1.6 and Grouper 2.0 together.

- Gary is working on the Admin UI issue raised in this email:
 https://lists.internet2.edu/sympa/arc/grouper-users/2011-10/msg00011.html

[AI] (Gary) follow up w Rob U. at Simon Fraser University on Admin UI issue (see 7-Oct-2011 email)

Q : Should we let Grouper 2.0 settle longer before releasing Grouper 2.01?
Decision: Yes.  At next Grouper-dev call on 26-Oct-2011, set a time for release of Grouper 2.0

Potential FAQ items and Take-Away Bullets from 2011 Fall Member Meeting Face-to-Face Grouper WG session

These were suggestions from the group at the 2011 FMM Grouper WG session:

- OAuth - voot on github
- Workflow integration in Grouper?
- Enhancements to Rules?  XMPP messages
- Interest from CMU and COManage for earlier 2.2 release for UI capability.
- Federated Groupers for permissions
- Outreach to science community, training, commercial support.
- Easier installation process

Sending notification of membership & other changes: email, xmpp
- what can Grouper do to send notification on a membership change?
- Use rules to send an email? Use XMPP?  
- Can use ESB connector rather than a rule.
- How can we inform users better about how to do notification?
- Does the ESB convey changes to role or permissions or attribute changes (beyond membership changes)  ?
- Probably not, since some of these were not finished with RobH worked on the ESB\
- ESB connector reads off the generic change log consumer, but it might filter out any kind of event besides a membership change
- need to double check with ChrisH, who is not on today's call.

[AI] (Emily) review documentation on how to configure a group to send email notification re a membership change

Developing Standards for Groups

- TomB: For XMPP,  there is a need for a group, and updates to it, to be maintained in a single standard schema, in one service.
- Use cases are important to Virtual Organizations. One of the use cases is for  Foodle (a federated Doodle)  ... SURFContext (with Grouper) is being used for this.
- Recent MACE call focused on VOOT as a possible solution.
- How should we encode the kind of changes we want to notify over various protocols?
- Use OpenSocial schema? Use SCIM schema? SPML?
- Hope TomZ can do some comparisons between these options.

Estimating Grouper DB Size
- Many factors involved --- Audit, change log, loader jobs.
- How often those get cleared affects size of database
- Do we have a page in one place talking about how to prune/maintain those tables?

[AI] (Emily) start -- and work with Shilen on -- a wiki documentation page with descriptions/recommendations on ongoing operational tasks, including those related to periodic database pruning.
Then possibly send a pointer to the Grouper-users list asking for additions.

Grouper. v2.1 Planning
Real-time incremental LDAPPCNG
   - TomZ is working on it.
  - Lynn noted that PSU is currently focusing on central person registry, so there be a bit more time than previously thought
  - U Chicago is also interested in real time incremental provisioning
LDAP Grouper loader
  - Chris has been working on this
   - may be basically done
Grouper entities in namespace
  - Both Penn and PSU may have requirements here
Hibernate upgrade
  - We think Chris has done this, but need to double check with him
  - TomZ: There may be work to do to verify this work beyond updating the jar, each developer deals w some portions of the API
  - TomZ suggested that we should keep all the code the same but upgrade jar versions, so if there are issues w 3rd party libraries we can pin them down
  -  Save Hibernate Upgrade for 2.1 release, since it could be a major change? Decide on next call...
Grouper WS/client group/stem finder sorting/paging
     - not sure status, come back to this on next call

Grouper v2.1, Potential Features: In or Out?

Subject attribute WS security
     - is there a PSU use case?
 Always available readonly client
    -  is this about replicating databases, so you can use alternative Grouper clients or servers?
    - about high availability (load balancing) web services for READ (as alternative to getting access via LDAP directory service)
Grouper web services attribute/permission expansion
   - role and resource hierarchies can lead to large amount of flattened changes
   - what goes in change log is somewhat broken and must be looked at for Grouper 2.1
   - We will need to have discussions around flattening / replicating permission and role info.
   - Maybe an application specific connector will need to deal with permission info.  
    - Lynn: PSU does NOT need Grouper to push out  roles and permissions. They will use web services . They need group info only to be pushed out.
   - Should we let that part of LDAPPCNG (pushing out flattened permission changes) pend for a bit longer?
   - We may not have a use case, so TomZ should do what works best for him in terms of the coding work
uPortal integration update
    - Shilen is communicating with Brigitte, who is interested in some upgrade capabilities in the connector.

Next Grouper call: Wed. Oct. 26 at noon ET.

  • No labels