COmanage Call 21-Jan-2011Attending Heather Flanagan, Internet2 (chair)
Ken Klingenstein, Internet2
Chris Hyzer, U. Penn
Keith Hazelton, U. Wisc
R.L. "Bob" Morgan, U. Washington
Steven Carmody, Brown U.
Jim Leous, Pennsylvania State U.
Benn Oshrin, Internet2
Steve Olshansky, Internet2
New Action Items
[AI] Heather will track on a wiki page approaches to sharing metadata between collab platforms.
Carry Over Action Items
[AI] (Ken) will develop a one-page writeup on the differences between a VO IdMS versus an enterprise IdMS [AI] (Benn and Keith) will talk about Bamboo's requirements for person registry. [AI] (Ken) will email Bob B. regarding the possibility of speaking at ACAMP [AI] (Heather) will schedule an Internet Identity webinar for iPlant IT staff. [AI] (Ken) will contact David Groep about VOMS GUMS.
[AI] (Steven) will develop a one-page write-up on attribute aggregation.
[AI] (Jim) will check on whether there has been discussion on the CIC list concerning LIGO and the domesticated apps list.
[AI] (Heather) will ask U. Chicago people to contribute an academic (intra-institutional) use case to the COmanage use case library. [AI] (Jim) will share ESWN call notes with the COmanage-dev list.
DISCUSSION Development Report Benn is working towards a February goal of having some core
functionality running on the demo servers. This is not expected to be a
full demo; it will be similar to what was shown on the laptop at 2010
FMM. After meetings and discussions with the VOs in February, the plan is to commit more firmly to a technical direction and
technical road map, with details on what features / deliverables should
be included for which COs. Q: Is the registry - the interface to enter people into the population of interest -- in scope? A: Benn; yes that is what I'm getting ready for the demo servers...
mostly it's the person registry part. The plan is to establish a basic
service that understands an organizational identity versus a VO identity
and has basic roles built into it. This will serve as a talking point
with the VOs Q: COmanage starts without a system of record. Is there something that corresponds to a person registry, where people get added? A: Benn: in the current version, you can add someone as an
organizational person (you can imagine they came in some other way, to
demonstrate the point of external subjects) or provide basic support for
doing an LDAP query to populate the organizational directory. Summary: Benn wants people working with VOs to know that there is a
call for requirements coming in early Feb. That should come out of LIGO,
iPlant and maybe Bamboo. VOs Report - Project Bamboo Heather and Keith had a recent call with Project Bamboo folks, including Steve Masover.
- Project Bamboo is focused on the apps their scholars will need to use and has just starting to think about identity issues.
- They seemed pleased to have the chance to work together.
- SteveM was concerned about timelines and he wondered if COmaange
will be ready for their demonstration project that must be done in their
Phase I. Project Bamboo may create their own identity mechanism and
later they might migrate to COmanage
- Project Bamboo will most likely have use cases about adding poeple
to the registry and giving them roles. So what Project Bamboo needs
most is what LIGO needs most, which is a person registry. Keith thinks
it wil all come together.
- Keith plans to interview Bruce Barton, at U-Wisc about Project Bamboo.
Benn: Regarding timing issues, we say we need a real customer to
ensure we are developing for real requirements, but maybe we need to
approximate what a real customer needs and create it, have running code,
so that our timing will align with some real customer. Keith: The capability that organizations need early is a way to get
people in and make them appear available to the outside world via
interfaces, such as Grouper. So having the people registry would get us
ahead of our customers Benn: Yes that is the path we are on now. - ESWN
- JimL said that ChrisH demoed the ESWN COmanage instance on a recent OpenID call. It's coming along.
- ESWN had a recent board meeting and Rose (of Brown U and ESWN) did a demo there also. StevenC reported that demo went well.
- LIGO
- After the December 2010 LIGO meeting, LIGO was going to decide if they would create something on their own in short term.
- They have decided to work on their own to get back the
functionality they lost in the MYLIGO platform when they transferred to a
new homegrown system
- LIGO wants Heather and Benn to return in early Feb. to continue going over needs/requirements
- IPlant
- iPlant meeting (duration 2.5 days) will take place in Tucson in early February, to discuss design questions
- Scott K from LIGO will attend along with Ken, Heather and Benn.
- US Govt
- Ken will have more to report after an upcoming call w KevinT.
- There may some interest at NIH in using COmanage type services.
- We are engaging w Dept. of Energy via Mike Helm and his role w ESnet
JimL reported that Penn State is involved with two DOE funded projects.
- Project One:
- CLSF (Center for Lignocellulose Structure and Formation) is a DOE
Energy Frontiers Research Center focused on developing a detailed
understanding of lignocellulose, the main structural material in plants.
http://www.lignocellulose.org/
- Penn State is the PI.
- Also involved are NC State and VA Tech, NC A&M, and College of Rhode Island.
- Jim has worked with the manager of CLSF in relation to "Shibbing"
the wiki. CLSF uses the wiki heavily, including wroting their grant with
it.
- Jim has been encouraging people to use the wiki with their own
institutional IDs. There may be a role for Grouper there, integrating
Grouper into the way they use Confluence.
- Jim had email discussion w Shib folks at NC State and VA tech and they are passing the EPPN.
- CLSF is starting 2nd year of 5 years of funding. Funding is ~$21 million
- There may be the chance to introduce CLSF to COmaange.
It was noted that a way to introduce COs to COmanage may be to expose
them to Shib, Grouper, and/or Confluence first. Then COmanage can help
solve access issues for COs. Sharing Between Collab Management Platforms Ken noted that collab management platforms will be a topic at the TF-EMC2 Meeting in Lyon in February. http://www.terena.org/activities/tf-emc2/meetings/17/ Q: When there are instances of collab management platforms in diverse
countries, what metadata needs to be shared between those for
collaborations to work together? Chris discussed the Grouper Group Sync capability, which is described here: https://spaces.internet2.edu/display/Grouper/Syncing+groups+between+group+management+systems
Bullets provided by Chris on the Grouper Syncing: - You can link up one group from one Grouper with a group in another Grouper. This uses Grouper Web Services.
- This can be push (cron), pull (cron), or incremental (means push cron and real time diffs)
- One Grouper needs WS credentials and privileges to read or update a group in another grouper.
- You need to configure how subject sources in one grouper
“map” to subject sources in another grouper. i.e. in one grouper, you
have an identifier attribute in the subject source (e.g. eppn, but could
be anything), which maps to the subject API id or identifier in the
other Grouper
- If the subject does not exist in the other Grouper, you can
optionally configure “addSubjectIfNotExist”, so that a call is triggered
to the Grouper External Subject interface to create that external
subject. This is either built-in in the Grouper DB, or a customization
to however external subjects are managed at the institution. Note that
customization could be a notification for someone or something to
process the new user.
- If there are other attributes required to use the service
(e.g. email address), that needs to be self-managed by the user (e.g. in
the case of Grouper External Subjects module), or however that is
managed at the institution. If it is a pull type sync, then that
attribute might be available via Grouper WS (depending on security).
[AI] Heather will track on a wiki page approaches to sharing metadata between collab platforms.
Next COmanage-Dev Call: Friday, 18-Feb-2011, 2 pm ET
4-Feb-2011 COmanage-dev call cancelled due to travel schedules
Emily Eisbruch, Technology Transfer Analyst
Internet2
office: +1-734-352-4996 | mobile +1-734-730-5749
|