...
| No Format |
|---|
edu.internet2.middleware.psp.structure=flat edu.internet2.middleware.psp.cnSourceAttributeID=name # edu.internet2.middleware.psp.structure=bushy # edu.internet2.middleware.psp.cnSourceAttributeID=extension |
Tune Subject API Cache
Tune Subject API caching in grouper.ehcache.xml.
Tune maxElementsInMemory to be greater than or equal to the number of subjects.
Tune timeToIdleSeconds and timeToLiveSeconds ...
As of Grouper version 2.1.0, which uses Ehcache 2.4, statistics needs to be "true".
Configure Grouper Change Log
To enable change log provisioning :
| No Format |
|---|
changeLog.consumer.psp.class = edu.internet2.middleware.psp.grouper.PspChangeLogConsumer
|
To schedule when the change log is processed :
| No Format |
|---|
changeLog.consumer.psp.quartzCron = 0 * * * * ?
|
To run full synchronizations periodically (by default every day at 5am) :
| No Format |
|---|
changeLog.psp.fullSync.class = edu.internet2.middleware.psp.grouper.PspChangeLogConsumer
changeLog.psp.fullSync.quartzCron = 0 0 5 * * ?
|
To run a full synchronization job at loader startup :
| No Format |
|---|
changeLog.psp.fullSync.runAtStartup = true
|
The Quartz cron string documentation is here.
Tune Subject API Cache
Tune Subject API caching in grouper.ehcache.xml.
Tune maxElementsInMemory to be greater than or equal to the number of subjects.
Tune timeToIdleSeconds and timeToLiveSeconds ...
As of Grouper version 2.1.0, which uses Ehcache 2.4, statistics needs to be "true".
| Code Block | ||||
|---|---|---|---|---|
| ||||
<!-- Subject resolving caching -->
<!-- @see CachingResolver#find(...) -->
<cache name="edu.internet2.middleware.grouper.subj.CachingResolver.Find"
maxElementsInMemory=" | ||||
| Code Block | ||||
| xml | xml | <!-- Subject resolving caching --> <!-- @see CachingResolver#find(...) --> <cache name="edu.internet2.middleware.grouper.subj.CachingResolver.Find" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="30" timeToLiveSeconds="120" overflowToDisk="false" statistics="true" /> <!-- @see CachingResolver#findAll(...) --> <cache name="edu.internet2.middleware.grouper.subj.CachingResolver.FindAll" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="30" timeToLiveSeconds="120" overflowToDisk="false" statistics="true" /> <!-- @see CachingResolver#findByIdentifierCachingResolver#findAll(...) --> <cache name="edu.internet2.middleware.grouper.subj.CachingResolver.FindByIdentifierFindAll" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="30" timeToLiveSeconds="120" overflowToDisk="false" statistics="true" /> <!-- @see CachingResolver#findByIdOrIdentifierCachingResolver#findByIdentifier(...) --> <cache name="edu.internet2.middleware.grouper.subj.CachingResolver.FindByIdOrIdentifierFindByIdentifier" maxElementsInMemory="5000" eternal="false" timeToIdleSeconds="30" timeToLiveSeconds="120" overflowToDisk="false" statistics="true" /> |
Configure Grouper Logging
You may want to change the Grouper log file appenders in grouper.apiBinary-2.1.0/conf/log4j.properties.
<!-- @see CachingResolver#findByIdOrIdentifier(...) -->
<cache name="edu.internet2.middleware.grouper.subj.CachingResolver.FindByIdOrIdentifier"
maxElementsInMemory="5000"
eternal="false"
timeToIdleSeconds="30"
timeToLiveSeconds="120"
overflowToDisk="false"
statistics="true"
/>
|
Configure Grouper Logging
You may want to change the Grouper log file appenders in grouper.apiBinary-2.1.0/conf/log4j.properties.
| No Format |
|---|
log4j.appender.grouper_error |
| No Format |
log4j.appender.grouper_error = org.apache.log4j.DailyRollingFileAppender log4j.appender.grouper_error.File = ${grouper.home}logs/grouper_error.log log4j.appender.grouper_error.DatePattern = '.'yyyy-MM-dd log4j.appender.grouper_event = org.apache.log4j.DailyRollingFileAppender log4j.appender.grouper_event.File = ${grouper.home}logs/grouper_event.log log4j.appender.grouper_event.DatePattern = '.'yyyy-MM-dd |
Grouper Versions Prior to 2.1.0
| Note |
|---|
The following changes are necessary to support provisioning Grouper API versions prior to 2.1.0 with the psp. |
1. For versions prior to 2.1.0, there is a bug which will throw a NullPointerException if the following is not present in sources.xml :
org.apache.log4j.DailyRollingFileAppender
log4j.appender.grouper_error.File = ${grouper.home}logs/grouper_error.log
log4j.appender.grouper_error.DatePattern = '.'yyyy-MM-dd
log4j.appender.grouper_event = org.apache.log4j.DailyRollingFileAppender
log4j.appender.grouper_event.File = ${grouper.home}logs/grouper_event.log
log4j.appender.grouper_event.DatePattern = '.'yyyy-MM-dd
|
Grouper Versions Prior to 2.1.0
| Note |
|---|
The following changes are necessary to support provisioning Grouper API versions prior to 2.1.0 with the psp. |
1. For versions prior to 2.1.0, there is a bug which will throw a NullPointerException if the following is not present in sources.xml :
| No Format |
|---|
<search>
<searchType>searchSubjectByIdentifierAttributes</searchType>
<param>
<param-name>filter< |
| No Format |
<search> <searchType>searchSubjectByIdentifierAttributes</searchType> <param> <param-name>filter</param-name> <param-value> (&(uid=%TERM%)(objectclass=person)) </param-value> </param> <param> <param-name>scope</param-name> <param-value>SUBTREE_SCOPE<value> (&(uid=%TERM%)(objectclass=person)) </param-value> </param> <param> <param-name>base<name>scope</param-name> <param-value>ou=people,dc=-value>SUBTREE_SCOPE</param-value> </param> <param> <param-name>base</param-name> <param-value>ou=people,dc=example,dc=edu</param-value> </param> </search> |
...
Before you can provision anything from Grouper to ldap or anywhere else, you will need to create the corresponding objects in Grouper using the UI, API, GSH, WS, loader, import, etc.
Provision Grouper : GSH
To calculate how a group should be provisioned :
| No Format |
|---|
bin/gsh.sh -psp -calc edu:group
|
To diff the current and correct provisioning of a group :
| No Format |
|---|
bin/gsh.sh -psp -diff edu:group
|
To provision or synchronize a group :
| No Format |
|---|
bin/gsh.sh -psp -sync edu:group
|
Provision Grouper : Grouper Change Log
To provision in real-time triggered by the Grouper change log, enable the psp consumer in grouper-loader.properties and run the loader via
| No Format |
|---|
bin/gsh.sh -loader
|
To enable change log provisioning :
| No Format |
|---|
changeLog.consumer.psp.class = edu.internet2.middleware.psp.grouper.PspChangeLogConsumer
|
To schedule when the change log is processed :
| No Format |
|---|
changeLog.consumer.psp.quartzCron = 0 * * * * ?
|
To run full synchronizations periodically (by default every day at 5am) :
| No Format |
|---|
changeLog.psp.fullSync.class = edu.internet2.middleware.psp.grouper.PspChangeLogConsumer
changeLog.psp.fullSync.quartzCron = 0 0 5 * * ?
|
To run a full synchronization job at loader startup :
| No Format |
|---|
changeLog.psp.fullSync.runAtStartup = true
|
...
GSH, WS, loader, import, etc.
Provision Grouper : GSH
To calculate how a group should be provisioned :
| No Format |
|---|
bin/gsh.sh -psp -calc edu:group
|
To diff the current and correct provisioning of a group :
| No Format |
|---|
bin/gsh.sh -psp -diff edu:group
|
To provision or synchronize a group :
| No Format |
|---|
bin/gsh.sh -psp -sync edu:group
|
Provision Grouper : Grouper Change Log
To provision in real-time triggered by the Grouper change log, enable the psp consumer in grouper-loader.properties and run the loader via
| No Format |
|---|
bin/gsh.sh -loader
|
Real-Time Provisioning Beta-Testing
...