Child pages
  • Grouper Call 2-Dec-2015
Skip to end of metadata
Go to start of metadata

 

Notes: Grouper Call of  Dec 2, 2015

 

ATTENDING: Chris, Shilen, Jim, Dave, Emily

 

Action Items

[AI] (Jim)  Draft a more detailed process for security concern handling  

[AI] (Bert) follow up on bulk sync email.  

[AI] (Emily) Schedule IAM Online webinar on Grouper for June 2016 or later  

[AI] (Chris) add to agenda for next call: renaming packages of external jars in client (and installer?)  - discussed on the Nov 25 call with Misagh. Decided to look into this later. Misagh mentioned a new way to make a jar, packaging multiple jars

 

Discussion of Old Action Items 

[AI] (Jim) investigate how many messages Azure can handle DONE

-one at a time on REST API

-there is also persistent style of message communication - on older version

[AI] (Shilen or Chris) need to refactor hibernate customizations so they can be built/deployed in grouper namespace.

Go with new version and don’t worry about patching

[AI] (Shilen) copy source of hibernate patch and classname info  into the JIRA and let Chris know when ready to discuss

-Several Jars will need to be upgraded

-not sure the impact on caching

 

[AI] (Chris) add to agenda for next call: renaming packages of external jars in client (and installer?)  - discussed on the Nov 25 call with Misagh. Decided to look into this later. Misagh mentioned a new way to make a jar, packaging multiple jars

[AI] (Jim)  Draft a more detailed process for security concern handling  

Good opportunity to combine how Grouper and Shib do Security advisories.

Shib is more advanced on this than Grouper, so we could copy how they do it.

 

Grouper should make a wiki that is just like the Shib wiki page on this, or just link to Shib’s

 

[AI] (Jim) handle taking info on security advisories from the Shib wiki for the Grouper wiki

Grouper Security Issues

 

[AI] (Chris) email the TIER component architects list to inform them that Grouper is using the same approach as Shib to Security Advisories (DONE)

 

Security issue 

 

·         https://bugs.internet2.edu/jira/browse/GRP-1227


JIm will update the security page in the Grouper wiki

 

Current work tasks

 

·         Chris: Messaging changelog consumer- working on it

 

1.       https://spaces.at.internet2.edu/display/Grouper/Grouper+messaging+built+in

 

·         Shilen: Loader - working on it

 

·         Bert: PSPNG

 

·         Misagh: Building and packaging

 

Will replace ant w Gradle


[AI] Shilen email Misagh re we will use unpatched hibernate

 

1.       https://spaces.at.internet2.edu/pages/viewpage.action?pageId=87755940

 

·         Vivek: WS

 

 

TIER update


The TIER Packaging WG is developing a survey to ask about pain points etc.


 Issue roundup

 

·        Security vulnerability wiki (Jim?)

 

·        Hibernate jar status (if not already discussed)

 

·        Diagnostic servlet show patch level and version? https://bugs.internet2.edu/jira/browse/GRP-1225

 

  • make this feature optional

  • authenticate or use IP address

  • Dave: it’s up to deployer to protect this info

  • [AI] Dave add to the  GRP 1225 to include startup of GSH -- DONE


·        Query for groups with attributes

 

·        Delete / add attribute values and change log processors and point in time

 

·        Subject search problem in UI on 2.2.2 with ldap source (dupe subject returned?)

 

AI Chris is handling this
-

 

·        Permissions performance

 

[AI] Shilen will respond to this inquiry on Permissions performance)


·        Security form (for reporting security issues, do we need security list?)

 

There are about 15 people on Grouper Core email list.  Is this too many people to get notice of a Security issue?


[AI] Jim will verify how Shib handles  security issue reporting


·        Subject and WS local entity example - this was resolved


·        Auto removal group in folder (AI Chris will handle)


[AI] (Emily) Schedule IAM Online webinar on Grouper for June 2016 or later  

Next Call: Wed. Dec. 16, 2015

 

 


 


 

  • No labels