grouper-dev - What Georgia Tech is doing (missed call)
Subject: Grouper Developers Forum
List archive
- From: Bert Bee-Lindgren <>
- To: Grouper Dev <>
- Subject: What Georgia Tech is doing (missed call)
- Date: Wed, 25 Jun 2008 13:36:50 -0400
Unfortunately, I couldn't make today's call, but I saw the agenda topic "what people are doing." I thought I'd take the opportunity to summarize Georgia Tech's activities since the meeting in Washington.
We have completed development of, and are wrapping up alpha testing of, a GT Role System (GRS). We're expecting it to be in customer hands in July for testing and August for production for limited customers. At some level, you can equate Role == Group.
GRS's initial, accomplished design goals include the following major items:
-Loader: Rules to match against subject sources (LDAP initially) and automatically add & remove subjects from roles
-Loader: Grace periods associated with enabling rules
-Admin UI: Full role/role-hierarchy/rule/access-control management
-Admin UI: Manual overrides to add/remove subjects from roles... with (optional) automatic reversal of override at a future date or based on subject's data or roles
-Access control: what role-memberships enable viewing/changing/ overriding/etc which other roles or role-hierarchy points
-Audit: Permanent history of subjects' relationships with roles (permanent as long as role exists)
Relationship to Grouper:
Technical relationship today: none
Possible relationship:
Right now GRS roles are boolean memberships and map very well into publishing them into grouper groups.
If this were to change from boolean memberships to parameterized memberships (quota, scope, etc), then those details would not publish well into grouper
Medium-term plans (Now-Dec):
Go into initial production without integration with Grouper
See if early i2mi interest in GRS means that Open Sourcing GRS is valuable to community
If so, use Chris's loader as a template on how to tie GRS Role- memberships into grouper
Why tie GRS and Grouper together:
Unified operation (UI, auditing, membership life cycle) for both automatic and manual ways subjects are added to, or removed from, groups
Temporary manual actions
Leverage Grouper as initial place for group publishing (ldappc, group algebra(?), etc)
- What Georgia Tech is doing (missed call), Bert Bee-Lindgren, 06/25/2008
- Re: [grouper-dev] What Georgia Tech is doing (missed call), Tom Zeller, 06/25/2008
- Re: [grouper-dev] What Georgia Tech is doing (missed call), Tom Barton, 06/25/2008
- Re: [grouper-dev] What Georgia Tech is doing (missed call), Bert Bee-Lindgren, 06/25/2008
Archive powered by MHonArc 2.6.16.