Grouper Product Roadmap
This roadmap sketches substantial and signal functional enhancements to Grouper, and to align at least some of them with future releases. It is (always!) a work in progress, subject to the considerations and requirements of participants in the Grouper Working Group. It is also a proposition: it represents the default plan that the Grouper core developers will attempt to implement.
Items that have fallen off of the roadmap appear further below with some explanation as to why.
Release |
Tentative date or time frame |
1.6 |
Released June 2010 |
2.0 |
|
2.1 |
2011Q4 |
2.2 |
2012Q2 |
Release |
Item |
Description |
---|---|---|
2.0 |
Lite UI enhancement |
Support easier to use end-user UI components in addition to the existing administrative UI. Initial component, for managing membership of a single group, is in v1.5. |
1.6+ |
Grouper Web Services enhancement |
Continue adding capabilities to meet requirements from the field. |
1.6-2.0+ |
Notification of changes |
In v1.6, build on the initial implementation of incremental group, membership, and folder (or namespace) change notifications in v1.5 to provide notification based on flattened group membership to more efficiently enable relying parties to maintain membership lists. Also in v1.6, partner with a deployment using an asynchronous messaging infrastructure (perhaps an ESB) to drive enhancement of the toolkit for that style of data integration. |
1.6-2.1 |
Ldappc NG |
Complete work on the new Ldappc, built from the Shibboleth Attribute Resolver and SPML components. Integrate with Grouper notifications for asynchronous, incremental updating in addition to periodic batch style updating. Includes specific support for Active Directory. Produce a packaging of Ldappc NG as a Shibboleth DataConnector for Grouper. |
2.0 |
Point in Time Audit |
Query the state of the groups registry at a prior point in time. |
2.0 |
Rules |
Declarative triggers that perform changes to the Grouper Registry. |
2.0 |
Federated group membership and privileges |
Built-in support for memberships and Grouper privileges to be assigned to federated identities. |
2.0 |
Federated group management |
Enable groups from autonomous Grouper instances to be referenced by and incorporated into another Grouper instance. |
2.0 |
PDP |
The Grouper permissions web service takes into account allow/disallow and limits to give the decision of access back to the requestor |
post-2.0 |
uPortal-grouper integration |
Complete Phase II deliverables. Time frame for Phase III deliverables still to be determined in concert with uPortal team. |
Not yet assigned |
Dynamic group membership |
Dynamically maintain groups and memberships based on conditions external to Grouper. The Loader does this for RDBMS sources using a combination of SQL and Loader-specific configuration. New capabilities to be developed will include linking groups and memberships to LDAP-resident attributes. |
Not yet assigned |
GrouperWS high availability |
In-built load-balancing to enable highly available read-only access to the Groups Registry via web services. |
2.2 |
New Grouper UI |
Grouper has its administrative UI, the Lite UI, and as of v2.0, additional Lite-like UIs for attribute, role, and permission management. Further, several substantial UIs have been created by Grouper users, usually designed to meet needs in a specifically identified context. This roadmap item is aimed at addressing how Grouper should engage, support, or borrow from these efforts to provide UI capabilities that are closer to contextual needs more often than at present. |
Not yet assigned |
Unix GID management |
Built-in support for managing unix GIDs. Probably by building on community contributions. |
Not yet assigned |
COmanage freshener |
Incorporate Grouper Lite UI, Ldappc-ng, and other capabilities into COmanage. |
On-going |
Community contributions |
Solicit and publicize community contributions of extensions and complements to Grouper. |
Whatever happened to ... ?
A brief explanation of why some things seem to have disappeared from earlier versions of this roadmap.
What Happened? |
Item |
Description |
---|---|---|
Completed in v1.6 |
Attribute framework |
Complement the existing ad hoc attribute on groups with the ability to define and associate attributes of various types to groups, memberships, and folders. Initial release was in v1.5, comprising marker attributes. Additional attribute types in v1.6. Expose attribute framework suitably through web services interfaces in v1.6. |
Completed in v1.6 |
Kuali Identity Management integration |
A connector that enables Kuali Rice to delegate group management to Grouper. |
Completed in v 1.6 |
Subject Web Service |
Expose Subject API methods suitably via Grouper Web Services so that clients don't have to build their own way to reference Subjects. |
Completed in v 1.6 |
External workflow integration |
Integrate Grouper with Kuali Enterprise Workflow (v1.6), and maybe other implementations. |
Completed in v1.5 |
Namespace Transition Support |
The hierarchy of folders (or naming stems) in a deployment will change over time. This supports the ability to logically move or copy a group, a selection of groups, or a folder from one folder to another. This complements the capability of the XML Import/Export tool for prune & graft operations for large scale changes. |
Completed in v1.5 |
User Audit |
Report on who took which administrative action when. |
Completed in v1.4 |
Extension hooks |
Implement infrastructure within the Grouper API to enable independent extension of key internal events. Pre- and post-processing hooks will be provided for each "primitive API operation". This would make certain other tasks more feasible, notably "Notification of changes" in this roadmap and incorporation of a site's business rules. |
Completed in v1.4 |
Enhance Web Services |
Solidify the experimental Web Services support released in 1.3.0 based on field experience. |
The issue has been resolved with improved Grouper configuration and the cessation of the Signet project. |
Configuration and binding framework for I2MI |
Identify and implement a framework in which combinations of I2MI components (currently Grouper API, Grouper UI, Grouper Web Services, Signet API, Signet UI, Ldappc, and Subject source adapters) can be easily integrated (not just in a single JVM). This is largely an issue of managing configuration and 3rd party libraries. The Spring application framework is an example of what might be used to address this need. |
This was overtaken by the "Enhance Web Services" item in the roadmap. |
Web service interface facades |
Determine which subsets of native API capabilities should be exposed through more focused end points to facilitate access by applications to Grouper- and Signet-provided access management capabilities. Also investigate how facades may be used to manage access to underlying group and privilege management and query capabilities. |