Skip to Content.
Sympa Menu

grouper-dev - Re: [grouper-dev] some questions regarding ldap on grouperdemo

Subject: Grouper Developers Forum

List archive

Re: [grouper-dev] some questions regarding ldap on grouperdemo

Chronological Thread 
  • From: Tom Barton <>
  • To: Chris Hyzer <>
  • Cc: "" <>
  • Subject: Re: [grouper-dev] some questions regarding ldap on grouperdemo
  • Date: Fri, 02 Dec 2011 11:18:12 -0600

Isn't a subject ref in grouper the couple (sourceId, subjectId)? Ie,
grouper doesn't require a single namespace across all Subjects that are
presented to it, right?


On 12/2/2011 10:59 AM, Chris Hyzer wrote:
> I don't think the demo server needs to be all that realistic, but I do
> think it needs to show Grouper capabilities, and in my case, allow us to
> develop and test our software. If we aren't going to phase out the non
> vt-ldap source, lets add some people to a vtldap source, and some people to
> a non-vt-ldap source... :)
> I think we should have them have prefixes or something so we don't have the
> same subjectId in multiple sources
> Thanks,
> Chris
> -----Original Message-----
> From:
> [mailto:]
> On Behalf Of Tom Barton
> Sent: Friday, December 02, 2011 10:19 AM
> To:
> Subject: Re: [grouper-dev] some questions regarding ldap on grouperdemo
> Good questions. It'd be best to have both source technologies in the
> demo. But then we also need to think about what circumstance they model.
> I can think of two possibilities.
> 1. Multi-campus. Each source represents the people from a different
> organization, but they share an access management instance. We might
> also have a root stem for each org plus a root stem for activities
> common among them.
> 2. Accounts != people. Source 1 is people and Source 2 is the accounts
> people use. Each person might have more than one account, and access
> privs for some apps are assigned to accounts. Might want a
> loader-maintained stem in which each person is modeled as a group whose
> members are the person's accounts, to enable a person's roles to be
> inherited by their accounts when that's appropriate.
> Yes, allow demo users to browse ldap, if that's easy enough to do.
> Other thoughts?
> Tom
> On 12/1/2011 5:02 PM, Tom Zeller wrote:
>> Do we want to use an ldap subject source instead of jdbc ?
>> Do we want to add an ldap subject source in addition to jdbc ?
>> Do we want to allow authenticated users to browse the ldap directory ?
>> Thats all for now. I have openldap and phpldapadmin almost configured.
>> TomZ

Archive powered by MHonArc 2.6.16.

Top of Page