grouper-dev - [grouper-dev] RE: proof of concept for syncing group across groupers incrementally
Subject: Grouper Developers Forum
List archive
[grouper-dev] RE: proof of concept for syncing group across groupers incrementally
Chronological Thread
- From: Chris Hyzer <>
- To: "" <>
- Subject: [grouper-dev] RE: proof of concept for syncing group across groupers incrementally
- Date: Wed, 19 Jan 2011 00:05:10 -0500
- Accept-language: en-US
- Acceptlanguage: en-US
Im done with group membership syncing to/from other groupers in Grouper 2.0 trunk. Here is the doc: https://spaces.internet2.edu/display/Grouper/Syncing+groups+between+group+management+systems I verified that you can sync to/from a grouper pre 2.0, though it might not be all that useful unless the grouper manages external subjects (or maybe a subject source is shared among the groupers). Anyways, the WS protocols talk to each other, so that isn’t the barrier. I have a unit test for this which tests the three sync types. Also, I setup 3 groups on the demo server which sync to a different 2.0 grouper on the demo server. If you have access to the demo server you can try it out. https://spaces.internet2.edu/display/Grouper/Syncing+groups+on+demo+server To get access to the demo server, you can look at these instructions to register: https://spaces.internet2.edu/display/Grouper/Grouper+external+users+on+demo+server If you want to register for the 2nd grouper on the demo server, just put an “a” in the URL, e.g. FROM: TO: Regards, Chris From: Chris Hyzer Hey, Ive got a proof of concept in Grouper 2.0 of syncing groups across groupers incrementally: https://spaces.internet2.edu/display/Grouper/Syncing+groups+between+group+management+systems TODOs: 1. Do the push and pull batch modes (cron) 2. Make sure the grouperClient can communicate with past versions of grouper 3. Implement this on the demo server Here is the POC: Add a group to grouper1 gsh 0% grouperSession = GrouperSession.startRootSession(); gsh 1% new GroupSave(grouperSession).assignName("aStem:anotherGroup").assignCreateParentStemsIfNotExist(true).save(); Add group to grouper 2 gsh 0% grouperSession = GrouperSession.startRootSession(); gsh 1% new GroupSave(grouperSession).assignName("aStem2:anotherGroup2").assignCreateParentStemsIfNotExist(true).save(); Test grouper1 with grouper client C:\temp\grouperClient_v2_0>java -jar grouperClient.jar --operation=addMemberWs --groupName=aStem:anotherGroup --subjectIds=GrouperSystem C:\temp\grouperClient_v2_0>java -jar grouperClient.jar --operation=getMembersWs --groupNames=aStem:anotherGroup Test grouper2 with grouper client C:\temp\grouperClient_v2_0>java -jar grouperClient.jar --operation=groupSaveWs --name=aStem2:anotherGroup2 --createParentStemsIfNotExist=true C:\temp\grouperClient_v2_0>java -jar grouperClient.jar --operation=addMemberWs --groupName=aStem2:anotherGroup2 --subjectIds=GrouperSystem C:\temp\grouperClient_v2_0>java -jar grouperClient.jar --operation=getMembersWs --groupNames=aStem2:anotherGroup2 Save this file into subjects.sql and run it to load test subjects Create a connection from grouper1 to grouper2 in the grouper.properties ###################################### ## Grouper client connections ## if this grouper needs to talk to another grouper, this is the client connection information ###################################### # id of the source, should match the part in the property name grouperClient.localhostGrouper2.id = localhostGrouper2 # url of web service, should include everything up to the first resource to access # e.g. https://groups.school.edu/grouperWs/servicesRest grouperClient.localhostGrouper2.properties.grouperClient.webService.url = "http://localhost:8091/grouperWs2/servicesRest # login ID grouperClient.localhostGrouper2.properties.grouperClient.webService.login = GrouperSystem # password for shared secret authentication to web service # or you can put a filename with an encrypted password grouperClient.localhostGrouper2.properties.grouperClient.webService.password = ********** # client version should match or be related to the server on the other end... grouperClient.localhostGrouper2.properties.grouperClient.webService.client.version = v2_0_000 # the id of this source, generally the same as the name in the property name. This is mandatory grouperClient.localhostGrouper2.source.jdbc.id = jdbc # the part between "grouperClient.someOtherSchool.source." and ".id" links up the configs, # in this case, "jdbc", make sure it has no special chars. sourceId can be blank if you dont want to specify grouperClient.localhostGrouper2.source.jdbc.local.sourceId = jdbc # this is the identifier that goes between them, it is "id" or an attribute name. subjects without this attribute will not be processed grouperClient.localhostGrouper2.source.jdbc.local.read.subjectId = id # this is the identifier to lookup to add a subject, should be "id" or "identifier" or "idOrIdentifier" grouperClient.localhostGrouper2.source.jdbc.remote.write.subjectId = idOrIdentifier # if subjects are external and should be created if not exist #grouperClient.someOtherSchool.source.jdbc.addExternalSubjectIfNotFound = true ###################################### ## Sync to/from another grouper ###################################### # we need to know where our # connection name in grouper client connections above syncAnotherGrouper.anotherGroup.connectionName = localhostGrouper2 # incremental or push or pull or incremental_push. Note, incremental push is cron'ed and incremental (to make sure no discrepancies arise) syncAnotherGrouper.anotherGroup.syncType = incremental_push # quartz cron to schedule the pull or push (incremental is automatic as events happen) (e.g. 5am daily) #syncAnotherGrouper.testGroup0.cron = 0 0 5 * * ? # local group which is being synced syncAnotherGrouper.anotherGroup.local.groupName = aStem:anotherGroup # remote group at another grouper which is being synced syncAnotherGrouper.anotherGroup.remote.groupName = aStem2:anotherGroup2 Make sure the new default change log consumer is in the grouper-loader.properties changeLog.consumer.syncGroups.class = edu.internet2.middleware.grouper.client.GroupSyncConsumer changeLog.consumer.syncGroups.quartzCron = Add a member to grouper1 in the group configured: gsh 12% addMember("aStem:anotherGroup", "bawi"); true See the web service call go to grouper2: <WsRestAddMemberRequest> <wsGroupLookup> <groupName>aStem2:anotherGroup2</groupName> </wsGroupLookup> <subjectLookups> <WsSubjectLookup> <subjectId>bawi</subjectId> <subjectIdentifier>bawi</subjectIdentifier> </WsSubjectLookup> </subjectLookups> </WsRestAddMemberRequest> Check grouper2 for the member in the remote group name gsh 2% hasMember("aStem2:anotherGroup2", "bawi") true Delete it from the original gsh 13% delMember("aStem:anotherGroup", "bawi"); See the XML <WsRestDeleteMemberRequest> <wsGroupLookup> <groupName>aStem2:anotherGroup2</groupName> </wsGroupLookup> <subjectLookups> <WsSubjectLookup> <subjectId>bawi</subjectId> <subjectIdentifier>bawi</subjectIdentifier> </WsSubjectLookup> </subjectLookups> </WsRestDeleteMemberRequest> Check grouper2 for the member in the remote group name gsh 3% hasMember("aStem2:anotherGroup2", "bawi") false Regards, Chris |
- [grouper-dev] RE: proof of concept for syncing group across groupers incrementally, Chris Hyzer, 01/19/2011
Archive powered by MHonArc 2.6.16.