Release Notes for Grouper v2.0

Grouper v2.0.1 fixes https://bugs.internet2.edu/jira/secure/IssueNavigator.jspa?reset=true&jqlQuery=project+%3D+GRP+AND+fixVersion+%3D+%221.6.3%22+AND+status+%3D+Resolvedseveral issues

Grouper v2.0.0 includes 47 fixes and improvements over v1.6.3. See the full list.

New Features

Rules

Similar to Grouper Hooks, but instead of Java logic, built in actions or expression language scripts can be executed

External subjects

If your Identity Management System does not support external users (e.g. via EPPN), then Grouper can manage that with self registration and or invitations which will can provision memberships

Syncing groupers

A group in one Grouper can be sync'ed with a group in another Grouper.  For instance if two institutions want to share a group of subjects but store them in their own Grouper

Attribute and Permissions UI

User interface to define, view, and assign attributes and permissions in Grouper.  The attributes can be assigned to many types of Grouper objects including Groups, Folders, Members, Memberships, etc.  The permissions are used as a central permissions management system for other applications at your institution

Grouper-Atlassian connector

If you cannot connect Atlassian applications (e.g Jira, Confluence) to your Grouper managed LDAP, then you can use this connector which used Grouper Web Services to manage your Atlassian groups and person information

Permissions Allow/disallow

A permission assignment can be an allow or disallow (to filter out allows inherited from another assignment)

Permission limits

A run-time decision can be applied to immediate permission allows so that context environment variables can change an allow to a disallow.  e.g. permissions are only allowed at a certain time of day or from a certain IP address.  Grouper can calculate this on the server or the client can get the limits and calculate them.

Web service versioning

Grouper 2.0 web servers will accept clients coded against the 1.6 or previous WS API's

Point in Time Audit

This allows you to query the state of Grouper at a point in time in the past or a date range in the past.  You can query for memberships, privileges and permissions.

For more information about upcoming plans, see the Grouper+Product+Roadmap.

Improvements & Fixes

Member Search and Sort

Additional data is now stored about subjects in Grouper.  This allows you to sort a list of members and search a list of members without having to go to the subject source to query attributes for each subject in the list that you would then use for the sort or search operation.

ldappcng caching (performance)

The SPMLDataConnector supports caching similar to other Shibboleth DataConnectors

Notification improvements

Additional notifications are available now for permissions and the attribute framework.

Many other fixes and improvements were also made to all components of the Grouper Toolkit: Grouper API, Administrative & Lite UIs, Grouper Web Services, Grouper Client, Grouper Shell, Grouper Loader, Ldappc, Ldappc-ng, and the Subject API.