You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 22 Next »

Items labeled (A) must be delivered by TechEx 2017

Items labeled (B) are all planned for TechEx 2017, but the schedule may slip on some of them


1) Deliver APIs

  1. (A) Definitive TIER API Guideline document
  2. (B) Grouper permission and policy management
  3. (A) SoR to Registry/ODS
  4. (A) Registry to Grouper: Registry is authoritative source of subjects
  5. Registry to manage Basis Groups and memberships in Grouper
  6. (A) Provisioning
  7. (A) Consent-informed Attribute Release (CAR)
    1. External API authored by Marlena
    2. Presentation to TIER-API prior to their review of the API
  8. (BCertificate API
    1. An API for server certificate management for use by InCommon
    2. JimJ will help with a Comodo proxy

2) Define and implement an event-driven messaging approach

  1. (A) Asynch architecture, to complement the more synchronous API-based approach

    1. Demo: Grouper changelog publishes  events onto an AMQP message transport. A provisioning/de-provisioning message consumer (perhaps via midPoint) adds/removes people to an external system based on changes in group membership.

    2. Demo: “Human Resource” system puts HR events on a subscribable message queue; Message subscriber reflecting changes into Person Registry

3) Publish Guidelines and Recommendations on Security Models for API Authentication and Authorization

  1. (A) Develop guidelines and recommendation in cooperation with InCommon TAC OIDC WG and REFEDs WG
  2. (B) Demonstration relying on a first version of Jim Fox's Client-Service Registry

4) Design, implement an Entity Registry

  1. (A) Refine data model (AI - Warren)
  2. (A) SCIM - user
  3. (A) Midpoint Install
    1. JimJ has packaged MidPoint and an integrated OpenLDAP into a container so we can implement Warren and Ben's work on the Thin Registry as a start
    2. Provisioning is a strength of Midpoint that we want to test out
    3. Perhaps use a Canvas connector for this.
    4. Implementation to support requirements for Provisioning in the WG
  4. (A) COmanage  Install - support for 3.a through 3.d

5) Implement simple identity matching and related features

  1. (BSingle package used by both midPoint and COmange

6) Define Person Registry and ODS connection

  1. (BTIER HAS to do the API for identity data a la ODS. Longer run we’ll need an implementation package for those APIs.

  2. (BDemonstrate Person data APIs (using the registry, ODS, group repository to populate the user SCIM schema.

7) Advance Grouper training and adoption

  1. (BBuilding a training course for Grouper, leveraging both the Grouper Deployment Guide and Bill Thompson and Chris Hyzer pre-conference Grouper training session at Apereo.

  2. (BDemonstrations of more advanced features at Tech Ex

8) Implement Provisioning tools and demos

  1. (A) Canvas API connector(s) for midPoint and/or COmanage
  2. (BSee above 4.3 and 4.4

9) Respond to Packaging Feedback from TIER Developer Meeting after Global Summit

  1. (BStarting now in Packaging WG
  2. (BPrepare to send to community and take remediation action

10) Take next steps in Documenting TIER Components

  1. (BBennO - Consideration for COmanage Deployment Guide

    1. Not sure that the GDG approach is possible

    2. More likely to take form of screen shares and web cases

  2. (BWould like to offer either Grouper or COmanage as general tools for SP integration

    1. enrich SAML-delivered attributes with COmanage identity information to make sure SP gets everything it needs.

  • No labels