You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Design

  • This is a pure SCIM API with extensions and new Resource Types
  • PennState implemented a generic SCIM server in their github.  Grouper is using that as a third party library.  None of our work (except perhaps pull requests) is stored there
  • The Grouper SCIM adapter is a grouper component in Grouper's Internet Github repo

Steps to run SCIM server locally. First four steps are to install docker on Mac. 

  1.  Download Docker Toolbox from https://www.docker.com/products/docker-toolbox and install it. It's a simple few steps wizard. By default, it will be installed in /usr/local/bin.
  2. Launch Docker Quick Start Terminal (First time when you open this application, it will create a "default" machine under ~/.docker)
  3. Towards the bottom of the terminal, there will be a message something like: docker is configured to use the default machine with IP 192.168.99.100
  4. Set the environment variables below. Chane the DOCKER_CERT_PATH value. DOCKER_HOST is the same as mentioned in step 3.
       export DOCKER_TLS_VERIFY="1"
       export DOCKER_HOST="tcp://192.168.99.100:2376"
       export DOCKER_CERT_PATH="/Users/vsachdeva/.docker/machine/machines/default"
       export DOCKER_MACHINE_NAME="default"
  5.  Run command: "docker run hello-world" from the terminal. I run it just to make sure that the installation was correct.
  6.  Checkout scim project by running: "git clone https://github.com/PennState/SCIMple-Identity.git"  (It should automatically be on develop branch. Switch if already not)
  7. Checkout tier project by running: "git clone https://github.com/PennState/tier.git" (It should automatically be on develop branch. Switch if already not)
  8. Checkout commons-jaxrsby running: "git clone https://github.com/PennState/commons-jaxrs.git" (It should automatically be on develop branch. Switch if already not)
  9. Run "mvn clean install" from common-jaxrs project
  10.  Run "mvn clean install" from SCIMple-Identity project
  11.  Run "mvn clean install -Pdocker" from tier project (It might take a few minutes the first time since it has to download the jboss/widlflyimage from internet). If it fails saying:  Failed to execute
    goal io.fabric8:docker-maven-plugin:0.14.2:build (build) on projecteduperson-scim-web: Unable to build image [eduperson-scim-server]: Unknown instruction: --SILENT. In the eduperson-scim-web/pom.xml, put --silent in the same line as the command. It's around line # 108.
  12. Run "docker run --rm -it  -p 8080:8080 -p 9990:9990 eduperson-scim-server"
  13.  Hit this URL http://192.168.99.100:8080/tier/v2/Schemas to verify that server is up and running (You might have to change the IP. It would be same as in step # 3 above)
  14. You can access the management console of wildfly server by going to http://192.168.99.100:9990/

Grouper TIER SCIM on demo server

  • Grouper TIER SCIM is on demo server
  • It runs in 2.3 under tomcat_h
  • The URL is on the demo server which is: https://grouperdemo.internet2.edu/grouper-ws-scim_v2_3/

  • tomcat_h has:

    [appadmin@i2midev1 grouper-ws-scim_v2_3]$ more /etc/init.d/tomcat_h
export CATALINA_BASE="/opt/tomcats/tomcat_h"
export JAVA_HOME="/opt/javas/java_h"
export TOMCAT_HOME="/opt/tomee7base"
[appadmin@i2midev1 grouper-ws-scim_v2_3]$ ls -latr /opt/tomee7base
lrwxrwxrwx 1 appadmin users 29 Jul 22 12:42 /opt/tomee7base -> apache-tomee-webprofile-7.0.1
[appadmin@i2midev1 grouper-ws-scim_v2_3]$ ls -latr /opt/javas/java_h
lrwxrwxrwx 1 appadmin users 8 Jul 22 18:35 /opt/javas/java_h -> ../java8
[appadmin@i2midev1 grouper-ws-scim_v2_3]$



    • Java8
    • TomEE  (7.0.1)

  • Warfile/webapp

    [appadmin@i2midev1 grouper-ws-scim_v2_3]$ ls /opt/tomcats/tomcat_h/webapps/
grouper-ws-scim_v2_3  grouper-ws-scim_v2_3.war

  • Control the server

    [appadmin@i2midev1 grouper-ws-scim_v2_3]$ /sbin/service tomcat_h status|stop|start|restart
  • Note: the demo server uses Apache basic auth, not tomcat tomcat-users.xml

 

Sample Group GET

     https://grouperdemo.internet2.edu/grouper-ws-scim_v2_3/v2/Groups/b32e826380ea42c69dbf59cc262584f8

or: https://grouperdemo.internet2.edu/grouper-ws-scim_v2_3/v2/Groups/systemName:chris:testGroup

or: https://grouperdemo.internet2.edu/grouper-ws-scim_v2_3/v2/Groups/idIndex:10342

{
  "meta": {
    "version": "vGTxTe/oj21b6+dweSG7Kbn1mZh394Tiv33IkJrOCcg="
  },
  "id": "b32e826380ea42c69dbf59cc262584f8",
  "displayName": "chris:testGroup",
  "members": [
    {
      "value": "87e53b36915c4fc9ac454a06ffa65da5",
      "$ref": "../Users/0b5949edd3bf4b65a0ab7e9ce97a4cf9",
      "type": "DIRECT"
    }
  ],
  "schemas": [
    "urn:ietf:params:scim:schemas:core:2.0:Group",
    "urn:grouper:params:scim:schemas:extension:TierGroupExtension",
    "urn:tier:params:scim:schemas:extension:TierMetaExtension"
  ],
  "urn:tier:params:scim:schemas:extension:TierMetaExtension": {
    "resultCode": "SUCCESS",
    "responseDurationMillis": 23659
  },
  "urn:grouper:params:scim:schemas:extension:TierGroupExtension": {
    "description": "description updated using grouper-ws-scim PUT request",
    "idIndex": 10342,
    "systemName": "chris:testGroup"
  }
}

 

 

 

  • No labels