Skip to Content.
Sympa Menu

grouper-dev - Re: [grouper-dev] 2.3 roadmap items

Subject: Grouper Developers Forum

List archive

Re: [grouper-dev] 2.3 roadmap items

Chronological Thread 
  • From: Jim Fox <>
  • To: David Langenberg <>
  • Cc: Chris Hyzer <>, "" <>
  • Subject: Re: [grouper-dev] 2.3 roadmap items
  • Date: Thu, 17 Jul 2014 13:31:34 -0700 (PDT)

I couldn't think of a reason either.


When I see standard AuthZ API, I wonder about that.  Why would CIFER want to
try to shoe-horn a provisioning API like SCIM into the space when
there already exists an AuthZ API in wide use -- OAuth2?

On Wed, Jul 16, 2014 at 11:20 PM, Chris Hyzer

I know we are working on 2.2 documentation and support, but I am also
thinking about 2.3, I added some tentative items to the roadmap
of things I am interested in.  If you have thoughts or other
suggestions let us know.  Note, this is preliminary and will likely be
prioritized and changed.  Other Grouper team members will be adding
their items as well.










2.3 (tentative)

Improve folder privileges

Change folder privileges so that instead of the STEM privilege, there
is an ADMIN privilege on folders.  The ADMIN privilege would
mean you have all rights to the folder, you can rename it, delete it,
change privileges, and effectively every other privilege.  The
CREATE privilege would be changed to also include creating folders (in
addition to groups and attributes).  And the STEM_ATTR_READ and
STEM_ATTR_UPDATE would remain the same.  Note, so the name doesnt
conflict with the group ADMIN privilege, the stem privilege will be
called STEM_ADMIN.

2.3 (tentative)

Improve loader

Add the ability for the loader to run on multiple nodes to it has
better availability.  Also add the option for unresolvable subjects
to not cause loader jobs to fail (note, if the source is unavailable it
should fail and not remove all members, and it should only
allow unresolvables up to a certain configurable threshold)

2.3 (tentative)

Finish the new UI, replace admin and lite UI

Add features into the new UI (from 2.2) so that everything from the
admin UI and the lite UI can be performed in the new UI.  Remove
the admin UI and lite UI (redirect old links).  Add user based auditing
and overall auditing.  Add new features like the ability to
easily configure "rules" in the UI

2.3 (tentative)

Add remaining attribute/permission operations to WS

Add ability to manage attribute and permission definitions 100% via the
WS.  Currently many things can be done via the WS but not
all.  Currently the missing operations can be performed by the UI/API

2.3 (tentative)

Standard authorization API

Define and implement a standard API for authorization.  This is a CIFER
effort and might be based on SCIM and might be readonly for
2.3.  This would be a web service and might also include messaging.



David LangenbergIdentity & Access Management
The University of Chicago

Archive powered by MHonArc 2.6.16.

Top of Page