Versions Compared

Old Version 56

changes.mady.by.user Chad Redman (unc.edu)

Saved on

compared with

New Version Current

changes.mady.by.user ben.rappleyea.2@at.internet2.edu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Include Page
spaceKeyGrouper
pageTitleNavigation

Panel
borderColor#ccc
bgColor#FcFEFF
titleColorwhite
titleBGColor#00a400

Image Removed  These topics are discussed in the "Grouper API" training series.

Table of Contents

Building the Grouper API

...

Section

Configuration File

Purpose

Database-Related Settings and Procedures

grouper.hibernate.properties

integrating the Grouper API with the database that will house your Groups Registry

Configuration of Source Adapters

sources.xml

integrating the Grouper API with chosen identity sources

Grouper properties

grouper.properties

defaults for Grouper privileges, enabling identified external users to act with elevated root-like privilege, changing the display name for internal subjects

Logging

log4jlog4j2.properties

logging

Daemon

grouper-loader.properties

auto-load memberships from external sql sources, register notification consumers, validate Grouper Rules, update enabled/disabled flags, etc

...

For those running MariaDB you should read this knowledge base article about OPTIMIZE and defragmenting.  Some have found MariaDB 10.3+ to be a good, fast variant of MySQL for use by Grouper.

Database

...

Allow changes and

...

Deny

Some database operations (such as dropping tables or recreating data during tests) require confirmation of a prompt asking whether or not to continue. It is possible to automatically allow or deny these database operations in conf/grouper.properties :

No Format
# whitelist (allow) and blacklist (deny) for db data or object deletes.
# if a listing is in the whitelist (allow), it will be allowed to delete db
# if a listing is in the blacklist (deny), it will be denied from deleting db
# multiple inputs can be entered with .0, .1, .2, etc. These numbers must be sequential, starting with 0
db.change.allow.user.0=grouper3
db.change.allow.url.0=jdbc:mysql://localhost:3306/grouper3?useSSL=false
db.change.allow.user.1=grouper1
db.change.allow.url.1=jdbc:mysql://localhost:3306/grouper1?useSSL=false

db.change.deny.user.0=grouper2
db.change.deny.url.0=jdbc:mysql://localhost:3306/grouper2?useSSL=false

...

If you don't want to be prompted for DDL changes in certain databases (e.g. dev), list them here:
Whitelist (allow) and blacklist (deny) Allow and deny for db data or object deletes, without prompting the user to confirm
If a listing is in the whitelist ( allow), it will be allowed to delete db
If a listing is in the blacklist ( deny), it will be denied from deleting db
Multiple inputs can be entered with .0, .1, .2, etc.  These numbers must be sequential, starting with 0

...

No Format
###################################
## Rules config
###################################

# when the rules validations and daemons run.  Leave blank to not run
rules.quartz.cron = 0 0 7 * * ?

ESB Integration

No Format
#####################################
## ESB integration
#####################################

#changeLog.consumer.xmppTest.quartzCron =
#changeLog.consumer.xmppTest.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbConsumer
#changeLog.consumer.xmppTest.elfilter = event.eventType eq 'GROUP_DELETE' || event.eventType eq 'GROUP_ADD' || event.eventType eq 'MEMBERSHIP_DELETE' || event.eventType eq 'MEMBERSHIP_ADD'
#changeLog.consumer.xmppTest.publisher.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbXmppPublisher
#changeLog.consumer.xmppTest.publisher.server = jabber.school.edu
#changeLog.consumer.xmppTest.publisher.port = 5222
#changeLog.consumer.xmppTest.publisher.username = jabberuser
#changeLog.consumer.xmppTest.publisher.password = /home/whatever/pass/jabberuserEncrypted.pass
#changeLog.consumer.xmppTest.publisher.recipient = system1@school.edu
#changeLog.consumer.xmppTest.publisher.addSubjectAttributes = NETID

...