In January 2017, InCommon began to plan for a series of much-needed updates to this application, in partnership with talented business analysts, software developers, engineers and project managers at several firms. The work has resulted in the following roadmap.
Table of Contents
Initial Rework
Release V2.0.0
Federation Manager v2.0.0 - initial release to introduce lightweight UI changes to the part of the interface that InCommon staff uses, improve performance and integrate with our new continuous integration and staging environment.
Complexity (1-10, 10 is highest): 2
Effort (Person-weeks): 10
Status : Completed/delivered in production May 2017
Release V2.1.0
Federation Manager v2.1.0 - introduce similar lightweight UI changes to the Site Administrator and Delegated Administrator Interfaces. This will improve the superficial look and feel of the UI, and introduce newer technology to facilitate future changes.
Complexity (1-10, 10 is highest): 3
Effort (Person-weeks): 17
Status : Completed/delivered in production August 2017
Release V3.0.0
Federation Manager v3.0.0 - Develop and deploy the initial version of the dashboard for the Site Administrator. This will provide access to Identity Providers and Service Providers directly from the dashboard without the necessity to select a link first from the left navigation.
Complexity (1-10, 10 is highest): 4
Effort (Person-weeks): 5.5 (42-45 story points + catch-up time - 4 weeks clock time)
Resources 25 hrs/week of dev time from AJ; QA/technical assistance from Analyst 4-7 hrs/week; Developer management 5-10 hrs/week; UI/UX designer look/feel iterative support, final review of site, tweaks 5-10 hrs/week; I2 project sponsorship, miscellaneous tasks 4 hrs/week; I2 PM support 1-2 hrs/week; I2 DevOps support 2 hrs/week
Status: Completed/delivered in production September 2017
Release V3.0.1 + 3.0.2
Federation Manager v3.0.1 and v3.0.2 - Develop and deploy identified bug fix IFMC-420. This will provide the bug fix for the inability to add notes to entities in the approval queue.
Complexity (1-10, 10 is highest): 1
Effort (Person-weeks): 1 Day
Resources Minor development team effort.
Status: Completed/delivered in production October 5, 2017
Release V3.1.0
Federation Manager v3.1.0 - Develop and deploy an updated view page for the Identity Provider and Service Provider metadata. This will provide an improved view of the metadata by providing more distinction between sections. Update Rails minor version to latest pre-5 release.
Complexity (1-10, 10 is highest): 2
Effort (Person-weeks): 4 (~3 weeks clock time)
Resources 25 hrs/week of dev time from AJ; QA/technical assistance from Analyst 4-7 hrs/week; Developer management 5-10 hrs/week; UI/UX designer look/feel iterative support, final review of site, tweaks 5-10 hrs/week; I2 project sponsorship, miscellaneous tasks 4 hrs/week; I2 PM support 1-2 hrs/week; I2 DevOps support 2 hrs/week
Status: Completed/delivered in production November 2017
Release V3.2.0
Federation Manager v3.2.0 - Develop and deploy Implement the ability for System Administrators to select the SIRTFI entity attribute when adding an Identity Provider.
Complexity (1-10, 10 is highest): 4
Effort (Person-weeks): 2 weeks (~2 weeks clock time) / Need to be verified / Estimated as of 10/5
Resources TBD / 25 hrs/week of dev time from AJ; QA/technical assistance from Analyst 4-7 hrs/week; Developer management 5-10 hrs/week; UI/UX designer look/feel iterative support, final review of site, tweaks 5-10 hrs/week; I2 project sponsorship, miscellaneous tasks 4 hrs/week; I2 PM support 1-2 hrs/week; I2 DevOps support 2 hrs/week
Status: Completed/delivered in production November 20, 2017
Release V3.2.1
Federation Manager v3.2.0 - Refactor Model, Routes, and Manage Controller code and create the baseline refactored code that FM will use moving forward. In addition, automated testing processes and tests will be developed to ensure code coverage and (over time) improving the velocity for the development of new features / subsequent release.
Complexity (1-10, 10 is highest): 8
Effort (Person-weeks): 8 weeks (~11 weeks clock time, including vacation time and holiday)
Resources: 25 hrs/week of dev time from AJ; QA/technical assistance from Analyst 4-7 hrs/week; Developer management 5-10 hrs/week; I2 project sponsorship, miscellaneous tasks 4 hrs/week; I2 PM support 1-2 hrs/week; I2 DevOps support 5-10 hrs/week
Status: Completed/delivered in production January 30, 2018
Release V3.2.2
Federation Manager v3.2.2 - Emergency Bug Fix Release:
- IFMC-582 - Published IdP does not appear in Site Admin's list
- IFMC-587 - Unhandled exception: "NoMethodError (undefined method `contact_person' for nil:NilClass): app/controllers/manage_controller.rb:1119:in `delete_idp_contact_person'"
- IFMC-538 - Gems not installed in staging
Complexity (1-10, 10 is highest): 5
Effort (Person-weeks): 1 week (~2 weeks clock time, including vacation time and holiday; Goal is to launch during middle of January 2018)
Resources: 8 hrs of dev time from AJ; QA/technical assistance from Analyst 1-2 hrs/week; Developer management 1 hour; I2 project sponsorship, miscellaneous tasks 0.5 hr; I2 PM support 0 hrs/week; I2 DevOps support 0.5 hrs/week
Status: Completed /delivered in production January 31, 2018
Release V3.2.3
Federation Manager v3.2.3 - Emergency Bug Fix Release:
- IFMC-645 - Organization roles export doesn't identify inactive roles
Complexity (1-10, 10 is highest): 2
Effort (Person-weeks): 2 hours (~1 day clock time, including vacation time and holiday; Goal is to launch immediately)
Resources: 3 hrs of dev time from AJ; QA/technical assistance from Analyst 0.5 - 1.0 hours hrs; Developer management 0 hour; I2 project sponsorship, miscellaneous tasks 0.5 hr; I2 PM support 0 hrs/week; I2 DevOps support 0.5 hrs/week
Status: Completed /delivered in production February 13, 2018
Release V3.2.4
Federation Manager v3.2.4 - Emergency Bug Fix Release:
- [IFMC-646] - Attempting to delete an SP returns the error "cannot be deleted, please ask your Site Admin to remove"
- [IFMC-685] - Rake db:setup fails to create development user with a blank phone number
Priority: Critical priority
Status: Completed /delivered in production March 29, 2018
Release V3.3.0 / Certificates (IFMC-362) (aka Sequence_UH8 / Theme: Certificates)
Federation Manager Sequence_UH8 - Change certificate handling to include:
- Change link from the dashboard to only show a certificate list
- Change the Identity Provider certificate process to mirror the Service Provider certificate process
- Remove certificate processing manual processes from the RA - replace with an automated function to notify SAs of expiring certificates
- Provide an expiring certificate section on the Site Administrator dashboard
- Add functionality for both Identity Provider and Service Provider to have certificates assigned with types of Signing and/or Encryption
Complexity (1-10, 10 is highest): 5
Effort (Person-weeks): 4 weeks (~7 weeks clock time, including vacation time and holiday)
Resources: 6 weeks development / 25 hrs/week of dev time from AJ; QA/technical assistance from Analyst 4-7 hrs/week; Developer management 5-10 hrs/week; I2 project sponsorship, miscellaneous tasks 4 hrs/week; I2 PM support 1-2 hrs/week; I2 DevOps support 5-10 hrs/week
Status: Completed /delivered in production April 11, 2018
Release V3.3.1
Federation Manager v3.3.1 - Emergency Bug Fix Release:
- [IFMC-698] - ActionView::Template::Error (Asset was not declared to be precompiled in production.)
- [IFMC-672] - Refactor User methods site_administrator? and tech_contact?
Priority : Critical priority
Status: Completed /delivered in production April 12, 2018
Release V3.3.2
Federation Manager v3.3.2 - Emergency Bug Fix Release:
- [IFMC-580] - Unhandled exception: "An ActiveRecord::StaleObjectError occurred in login#login"
- [IFMC-700] - ActionView::Template::Error: No route matches {:action=>"create_inc_registration", :controller=>"admin"}
- [IFMC-706] - RA unable to reset user password
- [IFMC-710] - ActionView::Template::Error: undefined method `organization_id' for nil:NilClass
Priority : Critical priority
Status: Completed /delivered in production April 24, 2018
Release V3.4.0
Federation Manager v3.4.0 - Emergency Bug Fix Release. This release contains significant improvements for Delegated Administrators, in addition to other minor improvements and bug fixes. A Delegated Administrator may now create a Service Provider for later approval and submission by the Site Administrator.
Bug Fixes
[IFMC-694] - Registration Authority unable to create InCommon registration link if the contact doesn't have a phone number defined
- [IFMC-696] - Delegated Administrator unable to create new SP
- [IFMC-697] - Delegated Administrator unable to edit SP
- [IFMC-711] - Authorization? the method breaks when org is not present
- [IFMC-712] - Unable to access registration link
- [IFMC-714] - Unable to join via the registration link
- [IFMC-716] - Unable to update SP
Enhancements
- [IFMC-368] - Implement an Expiring Certificates Section on the SA Dashboard
Priority: Critical priority
Status: Completed /delivered in production April 30, 2018
Release V3.4.1
Federation Manager v3.4.1 - Emergency Bug Fix Release:
Priority: Critical priority
Status: Completed /delivered in production May 1, 2018
Release V3.4.2
Federation Manager v3.4.2 - Emergency Bug Fix Release.
- [IFMC-743] - ActionView::Template::Error: undefined method `attr_consuming_services' for nil:NilClass
- [IFMC-744] - ActionView::Template::Error: undefined method `inc_execs' for nil:NilClass
Priority: High priority
Status: Completed /delivered in production May 21, 2018
Release V3.5.1
Implement the processing required for the individual fields included in Baseline Expectations as defined in Implementing Baseline Expectations in InCommon Metadata. Any errors identified will be provided as a warning only at this time.
Technical Debt Targeted:
Complexity: (1-10, 10 is highest): 6
Effort: (Person-weeks): 4 weeks (~3 weeks clock time, including vacation time and holiday)
Resources: 20 hours BA, 10 hours business process owner, 10 hours designer, 2 weeks development, 1-week testing
Status: Completed/delivered in production May 30, 2018
Supports Project: Baseline Expectations
Bug Fixes
- IFMC-765 - NoMethodError: undefined method `password=' for nil:NilClass
Enhancements
- IFMC-552 - Refactor Model Specs - AttrConsumingServices Specs
- IFMC-782 - Modify Override for Baseline Expectations
- IFMC-677 -Implement Display-Processing of Baseline Expectations for IdP Update User Interface Elements
- IFMC-681 - Implement Display-Processing of Baseline Expectations for SP Update User Interface Elements
- IFMC-689 - Implement Display-Processing of Baseline Expectations for IdP Update Contacts
- IFMC-690 - Implement Display-Processing of Baseline Expectations for SP Update Contacts
- IFMC-673 - Implement Display of Baseline Expectations for SP User Interface Elements
- IFMC-675 - Implement Display of Baseline Expectations for SP Contacts
- IFMC-660 - Implement Display of Baseline Expectations for IdP User Interface Elements
- IFMC-674 - Implement Display of Baseline Expectations for IdP Contacts
- IFMC-684 - Implement Baseline Expectations for Add SP User Interface Elements
- IFMC-687 - Implement Baseline Expectations for Add SP Contacts
- IFMC-683 - Implement Baseline Expectations for Add IdP User Interface Elements
- IFMC-686 - Implement Baseline Expectations for Add IdP Contacts
- IFMC-781 - Fix Jenkins FM memory allocation error
- IFMC-740 - Create current-state API specification
- IFMC-762 - Baseline UI updates for an Sp without a Display Name
Priority: High priority
Status: Completed /delivered in production May 29, 2018
Release V3.6.0
Federation Manager v3.6.0 - This is a standard deployment of the Federation Manager application. This release primarily addressed UI feedback from Site Administrators.
Bug Fixes
- IFMC-794 - ActiveRecord::StaleObjectError: Attempted to update a stale object: Sp
- IFMC-736 - ActionView::Template::Error: No route matches {:action=>"edit_certs", :attr_authority_id=>nil, :controller=>"idps/attr_authori...
- IFMC-760 - Unable to create new user
- IFMC-783 - ActiveRecord::RecordInvalid: Validation failed: Username can't be blank
- IFMC-791 - api certificate verify failure not rescued
- IFMC-794 - ActiveRecord::StaleObjectError: Attempted to update a stale object: Sp
Enhancements
- IFMC-543 - Refactor Model Specs - Organization Specs
- IFMC-793 - Implement API key authentication for admin API routesPriority: Normal Priority
- IFMC-766 - Modify SIRTFI Comment
- IFMC-770 - Add Cancel Buttons to All Update Pages
- IFMC-771 - Validate Breadcrumbs for SA Admin
- IFMC-784 - Remove Request Attribute Confirmation
- IFMC-787 - 500 error page should include Internet2 branding and help links
Priority: Normal Priority
Status: Completed / delivered in production June 27, 2018
Release V3.7.0
Federation Manager v3.7.0 - This is a standard deployment of the Federation Manager application.
Enhancements
- [IFMC-434] - Implement RA Page Framework
- [IFMC-435] - Implement Standard Page Header Section for RA Admin Pages
- [IFMC-438] - Implement Submitted Metadata List on RA Home Page
- [IFMC-439] - Implement Approved Metadata List on RA Home Page
- [IFMC-745] - Make it easier to add multiple ACS endpoints
- [IFMC-763] - remove Update IdP SP session dependency
- [IFMC-786] - Require a valid URL for the entity name when creating a new SP or IdP
- [IFMC-833] - Add person contact information to API output
Bug Fixes
Priority: Normal Priority
Status: Completed /delivered in production July 24, 2018
Release V3.8.0
Federation Manager v3.8.0 - This is a standard deployment of the Federation Manager application.
Enhancements
Bug Fixes
[IFMC-857] - ActionView::Template::Error: No route matches {:action=>"add_admin", :controller=>"registration"}
- [IFMC-926] - NameError: undefined local variable or method `admin_path' for #<LoginController:0x007fa24131dfb8>
- [IFMC-995] - Changing SP Key Use does not cause a change in the key use in metadata
- [IFMC-996] - Make created registration URL view page text further indented
Improvements
Priority: Normal Priority
Status: Completed /delivered in production August 7, 2018
Release V3.9.0
Federation Manager v3.9.0 - This is a standard deployment of the Federation Manager application.
Enhancements
- [IFMC-820] - Allow RA staff to update usernames
- [IFMC-1061] - Update Link Formatting in Left Nav
- [IFMC-856] - Remove POP Link from RA View and SA View
- [IFMC-846] - Update Sps Controller Spec Coverage for SAs
- [IFMC-1022] - RA pages -- collapsable sections for People and Orgs
- [IFMC-1031] - Update email that goes to new Site Admins
Bug Fixes
Priority: Normal Priority
Status: Completed /delivered in production September 18, 2018
Release V3.10.0
Federation Manager v3.10.0 - Rework RA functions - Metadata Approval (Does not include Auto-Approval of Metadata)
Provide the base format for the new RA Homepage including:
- Standard header
- Standard left navigation
- The body of the page providing for the definition of different sections to provide items of interest for RAs
- Provide new metadata approval process:
- New RA Dashboard Sections
- Submitted Metadata (Pending)
- Approved Metadata
- Updated metadata approval page to provide a better view of data reviewed by RAs
Enhancements
Enhancements
[IFMC-573] - Implement Metadata Actions
[IFMC-601] - Define Metadata Approval
[IFMC-656] - Define RA Home Page for Metadata Approval
[IFMC-709] - Implement Updated Left Navigation for RA Admin
[IFMC-734] - Refactor user attr_accessor on Sp
[IFMC-821] - Refactor Entity Status
[IFMC-1020] - Align display of IdP and SP status for SA and RA
[IFMC-1047] - Add a DELETED status to state machine for an entity where Idp/SP has been deleted
[IFMC-1121] - Test CRUD actions with new metadata process
[IFMC-1122] - Refine "Pipeline States" for entities
[IFMC-1125] - Remove unused /entities routes
[IFMC-1127] - keep entity export status page
[IFMC-1133] - Drop Md model
[IFMC-1138] - Refactor/Update methods for local metadata
[IFMC-1149] - Update Shibboleth 2.x to Shibboleth in list of SP Server Software options in new SP view
Bug Fixes
[IFMC-1059] - ActiveRecord::StatementInvalid: PG::InvalidTextRepresentation: ERROR: invalid input syntax for integer: "review"
[IFMC-1129] - Prevent duplicate discovery response endpoint indexes from being created / fix one that has dupes
[IFMC-1139] - Bypassing SIRTFI security contact control
Priority: Normal Priority
Status: Completed /delivered in production October 29, 2018
Release V3.11.0
Federation Manager v3.11.0 - Reassignment of Metadata to A Different Org
Enhancements
Status: Completed /delivered in production November 5, 2018
Sequence_Z8N / Theme: Adding to_saml method to models
Phase I
Currently the metadata is constructed through class methods on the Idp/Sp and then completed in a new Entity. This does not allow for previewing metadata until the is is submitted for approval.
To add this functionality, a to_saml method should be added to each model that represents a piece of the metadata. This method will puts the ownership of metadata construction on the model that represents that part of the metadata. Models will also collect the metadata nodes from their nested models (key_info will nest the cert, idp_sso will nest the key_info, etc.)
The following modules with need to be build in a models/concerns/saml/ directory:
- artifact_resolution_service assertion_consumer_service attribute_authority_descriptor attribute_consuming_service attribute_service certificate contact_person discovery_response entity_attribute idp idp_sso_descriptor key_info organization requested_attribute single_logout_service single_sign_on_service sp sp_sso_descriptor ui_info
- Each module will supply an insert_saml_nodes! method that can inject the model’s metadata nodes into an xml tree that is passed down through the models. They will share a common method that also allows .to_saml to be called on each model directly, to inspect that portion of the metadata.
- Each module will have an accompanying spec file that tests that portion of metadata creation. The Idp and Sp files will have additional tests to verify complete metadata creation.
Once complete, these methods will need to be compared against the current method of metadata creation. This will require:
- A rake task that compares published metadata against the results of calling to_saml on an Idp/Sp
- An (temporary) RA route that shows the diff between any IdP/Sp metadata generated vs. that on the current entity
- Documentation on any historical changes that we encounter that we won’t fix
- Iterative fixes to the metadata construction until we are satisfied with the result
Phase II
Once we are satisfied with the methods, integration can be accomplished in parallel with other features, and the pacing of the roll out can remain flexible. This would include but not be limited to:
- Using the new method within the “Metadata to Publish” section to shows changes while an Idp/Sp is in editing status.
- Any other UI changes that allow SAs or RAs to take advantage of a more accurate metadata picture during editing
- Using the metadata diff to assist with determining if metadata can be auto-approved
- Replacing the current metadata construction with the new process on Entity submission
- Removing the Idp/Sp and Entity models metadata methods
- Reducing the Entity model until it bears no responsibility for metadata construction
Technical Debt Targeted:
Complexity (1-10, 10 is highest): 5
Effort (Person-weeks): 6 weeks Dev
Extra Resources Needed: RA training ( NOTE : This phase should drive down RA staff time managing roles over time, but has some up-front overhead)
Status: Start early-November 2018 / targeted completion middle of December 2018
Sequence_2GZ / Theme: Rework RA functions - Auto-Approve Metadata
Federation Manager Sequence_1KJ - Rework RA functions - Auto-Approve Metadata:
- Provide new metadata approval process:
- Automatic Approval for Metadata
- Metadata changes not needing review
- Metadata changes for Steward
- Provide new metadata approval process:
Technical Debt Targeted:
Complexity (1-10, 10 is highest): 5
Effort (Person-weeks): 5 / 8 weeks Dev
Extra Resources Needed: RA training ( NOTE : This phase should drive down RA staff time managing roles over time, but has some up-front overhead)
Status: Start end of December 2018 / targeted completion end of February 2019
************************************
Sequence_7OC / Theme: Entity Attribute Handling Overhaul Implementation Requirements: Entity Attributes
Federation Manager Sequence_7OC - Entity Attribute Handling Overhaul (SA self-service, RA assert any RA-controlled value without asking SA to resubmit metadata)
Technical Debt Targeted:
- Update Rails to v5.x and resolve any resulting dependency issues.
- Update Rails to v5.x and resolve any resulting dependency issues.
Complexity: (1-10, 10 is highest): 6
Effort: (Person-weeks): 9 weeks (~11 weeks clock time, including vacation time and holiday)
Resources: 80 hours BA, 20 hours business process owner, 4-9 weeks development, 1-week testing
Status: Start beginning of March 2019 / targeted completion middle of May 2019
Supports Project: Baseline Expectations, general community requests, and improved customer service
Note: THIS FEATURE REQUIRES that we have automated metadata approval and hard edits for baseline expectations in place.
Note: JG / Would like more information / Refactoring the state-machine needed for some of these requirements
************************
Notes on current state:
Have done quite a bit of work across these sets of deliverables
Have CI, but not CD. Reason: Issues with Shibboleth SP in containers. Most expedient thing would be to go with a vanilla approach - vanilla Ruby on Rails app. There were enough integration issues with the app that focusing on that helped us do CI. Now we need to integrate Shibboleth or something - some kind of SP. Nothing really right fit out there. So Shibboleth is as good a foundation as anything else. MDQ makes this a lot easier - then we don't have to worry about the memory footprint and startup time for the SP. Need prod MDQ. Enhancements in SP 3 also gives us more options that will likely help.
Guesstimate: 2 solid weeks of uninterrupted time for test. Production move would be less. Two weeks for prod. One complication with production is moving the signing process along with the prod FM, or decoupling those things and transporting metadata back to on-prem to sign, as well as all the subsidiary process such as production of the JSON feed that feeds the all-entities / all-orgs beta pages, and the eduGAIN export.
Next step: We will want to change the hostname for the Federation Manager as part of the production move: fm.incommon.org, no /siteadmin. Could make that change any time and point it at the current on-premises service. Can ask TSG to put a long-lived redirect on service1.internet2.edu as well.
Sequence_3DQ / Theme: Docker container in AWS (test/acceptance)
Federation Manager Sequence_3DQ - Running in a Docker container in AWS (test/acceptance)
Technical Debt Targeted:
Complexity: (1-10, 10 is highest): 3
Effort: (Person-weeks): ~4-5 weeks clock time
Resources: 85 hours DevOps
Status: Start mid-November/end late-December 2018
Supports Project: InCommon DevOps Scaling
************************
************************
Sequence_ODC / Theme: Docker Container Production
Federation Manager Sequence_ODC - Running in a Docker container in AWS (production)
Technical Debt Targeted:
Complexity: (1-10, 10 is highest): 7
Effort: (Person-weeks): ~4-5 weeks clock time
Resources: 85 hours DevOps
Status: Start early-January/end mid-February 2019
Supports Project: InCommon DevOps Scaling
Note: This is more complex than the test containerized version(s) because we have to plumb metadata signing and distribution out from the new environment
************************
Sequence_7B3 / Theme: New Update Functions for Site Admins Implementation Requirements: Update IdP and SP
Federation Manager Sequence_7B3 - New Update Functions for Site Admins (Provides a new update process and associated update pages for IdP/SP to simplify the update process for SAs)
Technical Debt Targeted:
Complexity: (1-10, 10 is highest): 6
Effort: (Person-weeks): 8 weeks (~10 weeks clock time, including vacation time and holiday)
Resources: 80 hours BA, 20 hours business process owner, 5-7 weeks development, 1-week testing
Status: Start during the end of May 2019 / targeted completion end of July 2019
Supports Project: Improved and simplified SA functionality
Sequence_9DF / Theme: New Add Functions for Site Admins Implementation Requirements: Add Identity Provider Add Service Provider
Federation Manager Sequence_7DF - New Add Functions for Site Admins (Provides a new wireframe process for adding new IdP/SP information to provide a more directed add approach for the SAs)
Technical Debt Targeted:
Complexity: (1-10, 10 is highest): 6
Effort: (Person-weeks): 10 weeks (~12 weeks clock time, including vacation time and holiday)
Resources: 80 hours BA, 20 hours business process owner, 5-7 weeks development, 1-week testing
Status: Start during the beginning of August 2019 / targeted completion middle of October 2019
Supports Project: Improved and simplified SA functionality
Sequence_OKR / Theme: Baseline Expectations - SA Dashboard Implementation Requirements: Baseline Expectations - Dashboard
Federation Manager Sequence_OKR - Define and implement an additional tab on the SA Dashboard for Baseline Expectations to show current status for meeting the expectations as defined in: Implementing Baseline Expectations in InCommon Metadata
Technical Debt Targeted:
Complexity: (1-10, 10 is highest): 6
Effort: (Person-weeks): 4 weeks (~3 weeks clock time, including vacation time and holiday)
Resources: 20 hours BA, 10 hours business process owner, 10 hours designer, 2 weeks development, 1-week testing
Status: Start during the end of October 2019 / targeted completion end of November 2019
Supports Project: Baseline Expectations
Sequence_N9O / Theme: Executive Functions/SA/RAO Implementation Requirements: New Executive Functions
Federation Manager Sequence_N9O - Provide the following functions for Executive/SA/RAO modifications:
- Executive Portal providing the executive the ability to:
- Add, Update and Deactivate SAs and RAOs
- Modify Executive data including title, email, and phone
- Executive Update providing the RA the ability to:
- Replace a current Executive
- Modify email and/or phone for the Executive
- Deactivate an Executive
- Executive Portal providing the executive the ability to:
Technical Debt Targeted :
Complexity (1-10, 10 is highest): 7
Effort (Person-weeks): 16 / 8 Dev weeks (~11 weeks clock time, including vacation time and holiday)
Extra Resources Needed: A message delivery system for emails and SMS messages, set up by T&I DevOps, Community vetting, communications campaign/webinar, RA staff time to transition to new business processes and work with customers (NOTE: This phase should drive down RA staff time managing roles over time, but has some up-front overhead)
Status: Start during the beginning of December 2019 / targeted completion middle of February 2020
Supports Project: Baseline Expectations
Rework RA Functions
The development work for the redesign and development of the updated RA administration function will consist of the following 5 development phases:
- Phase 1 - Organization/People - Implements the search and display for the organization and people information
- Phase 2 - Intake - Implements simplification of the intake process for the RA.
- Phase 3 - Other Requestor Functions - Implements the addition of requests from external users in the Federation Manager. This will provide action item notification on the RA Dashboard and integrated web pages to replace the current smart forms.
Sequence_2AK / Theme: Rework Phase 1 (RA functions - Organization Details) Implementation Requirements: Organization
Federation Manager Sequence_2AK - Rework Phase 1 (RA functions - Organization/People):
- Provide the new look and feel for the SA Admin application:
- Organization Details
- All sections included on the organization details page and any additional pages displayed on this page
- Provide the new look and feel for the SA Admin application:
Technical Debt Targeted :
Complexity (1-10, 10 is highest): 3
Effort (Person-weeks): 7 / 8-10 weeks Dev
Extra Resources Needed: RA training (NOTE: This phase should drive down RA staff time managing roles over time, but has some up-front overhead)
Status: Start during the end of February 2020 / targeted completion during the middle of May 2020
Sequence_IIY / Theme: Rework Phase 2 (RA functions - Intake) Implementation Requirements: Intake – NOTE: Nick to review with Ann West to see if this needs to get moved up
Federation Manager Sequence_IIY - Rework Phase 3 RA functions - Intake:
- Provide the functionality to support the newly defined intake process
- Organization creation
- New executive review
- Executive creation
- Implement the executive vetting list for the RA Homepage
- Implement the external request functionality for executive changes
- Provide the functionality to support the newly defined intake process
Technical Debt Targeted :
Complexity (1-10, 10 is highest): 4
Effort (Person-weeks): 5 / 8-12 Weeks Dev
Extra Resources Needed: RA training (NOTE: This phase should drive down RA staff time managing roles over time, but has some up-front overhead)
Status: Start during the end of May 2020 / targeted completion during the end of August 2020
Sequence_V9U / Theme: Rework Phase 3 (RA functions - Other Requestor Functions) Implementation Requirements: External Change Requests
Federation Manager Sequence_V9U - Rework Phase 2 RA functions - Other Requestor Functions:
- The following functions will be implemented to allow external requests to be made and have notification provided on the RA Dashboard
- Site Administrator Changes
- Registration Authority Officer Changes
- Organization Termination
- New web pages will be added for these functions
- Current smart sheet functions will be replaced with web pages
- Action Item List will be added to the RA Dashboard
- Notifications for each change requested will be provided in the Action Item Section
- The following functions will be implemented to allow external requests to be made and have notification provided on the RA Dashboard
Technical Debt Targeted :
Complexity (1-10, 10 is highest): 4
Effort (Person-weeks): 6-7 / 8-10 weeks Dev
Extra Resources Needed: RA training (NOTE: This phase should drive down RA staff time managing roles over time, but has some up-front overhead)
Status: Start during the beginning of September 2020 / targeted completion during the middle of November 2020
Follow-On Work
Sequence_45S / Theme: Delegated Metadata Administration Overhaul (Must wait until FM is behind I2 Collab Platform)
Federation Manager Sequence_45S - Delegated Metadata Administration Overhaul.
Change Delegated Admin to Include:
- Self-provisioning by delegated administrators
- The ability for delegated administrators to administer both Identity Provider and Service Provider metadata
- Remove delegated administrator provisioning/assignment by the SAs
- Provide a dashboard for delegated administrators displaying Identity Provider and Service Provider lists
Technical Debt Targeted:
Complexity (1-10, 10 is highest): 7
Effort (Person-weeks): 6-7 / 8 Weeks Dev (~10 weeks clock time, including vacation time and holiday)
Extra Resources Needed: Community vetting, communications campaign/webinar
Status: Start during the end of November 2020 / targeted completion during the end of January 2021
Supports Project: Baseline Expectations, Steward Program, general community requests and improved customer service
Sequence_59S / Theme: Automate Domain Control Validation
Federation Manager Sequence_59S - Automate Domain Control Validation (DCV) for entityIDs and scopes
Technical Debt Targeted:
Complexity: (1-10, 10 is highest): 5
Effort: (Person-weeks): 9 weeks (~11 weeks clock time, including vacation time and holiday)
Resources: 60 hours BA, 20 hours business process owner, 20 hours designer, 5 weeks DevOps, 4 weeks development, 1-week testing
Status: Start during the beginning of February 2021 / targeted completion during the middle of April 2021
Supports Project: general community requests and improved customer service
Note: need additional input from developers