Child pages
  • Grouper Call 6-May-2015
Skip to end of metadata
Go to start of metadata


Notes: Grouper Call of  Wed. 6-May-2015 at noon ET


Tom Barton, U. Chicago, Chair

Chris Hyzer, U. Penn  

Jim Fox, U. Washington

Shilen Patel, Duke   

Misagh Moayyed, Unicon

David Langenberg, U. Chicago

Mike Grady, Unicon

New Action Item

  [AI] (Tom) Schedule discussion on the “job ad” to replace DaveL for next Grouper-dev call.

Carry Over Action Items

[AI] (Tom) invite Chris Phillips to an upcoming Grouper-Dev call

[AI] (DaveL) record ideas about handling categories on the Post PSP Provisioning page (Brown’s case) based on the Feb. 11 Grouper call discussion (TODO)

[AI] (Misagh and Chris) tested the unmappable character  issue using Unicode. Then created wiki page to document the approach.   Misagh created a JIRA for a new issue he found. Non-english chars don’t seem to render correctly

Chris suggested to try this on installed version, not on Dev.

Misagh tried with the installed version. No difference.

Next step: Chris take a look at the middle of page where problem shows itself

[AI] (DaveL) follow up on provisioning empty groups to LDAP to be sure the solution is documented (Still TODO)

[AI] (Tom) to bring pen testing need into TIER process (remains long term)


 Grouper Team Items

  • DaveL – Promotion at UChicago leads to Dave needing to leave the dev team :-(
    Dave will try to stay on through new person joining the Grouper-dev team.

 [AI] (Tom) Schedule discussion on the “job ad” for next Grouper-dev call.
Consider adding qualification as a Grouper deployer, in addition to java developer.
  • packaging & config management

  • cloud service form factor

Need for on-going operational support in ecosystem. Unicon has history of doing so in related areas, might do so for Grouper too in response to need.

Hosting provider potential challenge: access to Grouper shell needed. A config editor UI might make that problem go away. Might incorporate a web console for complicated things. 3rd party tools might be incorporated.

Installer change to produce Docker container, perhaps. Docker imposes no constraint on using an external database, it doesn’t need to be in the same container. You can even link two Docker images together, eg, an API and a DB one.

 Provisioning - ICF type connectors framework perhaps. How does ICF work with messaging??

 Intake manifold APIs/integration  - use a standard API for different systems

Relationship with CIFER API

IAM-specific integrations like multifactor authentication, self-serve UI, stateful de/provisioning

Deprovisioning is often an issue, needing best practices as well as better-suited technology. Config UI challenge: transition rules, states, approvals,

 Issue roundup -Skipped

Default for loader failsafe limit

Add decoration to loader group to make failsafe a per-group setting. Best to do as grouper attribute rather than loader config element. Or maybe config UI magic that can accomplish the same. Chris is communicating with Carl W @ Layfayette about what’s needed exactly.

New section on Guidelines for Contribs (click to view)  


  • Java is necessary for Grouper itself, but client contribs can be in other languages.
  • Supportability is a key need to be addressed by the team.

 Next Grouper Call: Wed., May 20, 2015 at noon ET



  • No labels