Skip to Content.
Sympa Menu

grouper-dev - RE: [grouper-dev] 2.3 roadmap items

Subject: Grouper Developers Forum

List archive

RE: [grouper-dev] 2.3 roadmap items

Chronological Thread 
  • From: Chris Hyzer <>
  • To: David Langenberg <>
  • Cc: "" <>
  • Subject: RE: [grouper-dev] 2.3 roadmap items
  • Date: Fri, 18 Jul 2014 01:38:46 +0000
  • Accept-language: en-US

I put it on there as something to look at, thanks!


From: David Langenberg [mailto:]
Sent: Thursday, July 17, 2014 4:21 PM
To: Chris Hyzer
Subject: Re: [grouper-dev] 2.3 roadmap items


When I see standard AuthZ API, I wonder about that.  Why would CIFER want to try to shoe-horn a provisioning API like SCIM into the space when there already exists an AuthZ API in wide use -- OAuth2?




On Wed, Jul 16, 2014 at 11:20 PM, Chris Hyzer <> wrote:

I know we are working on 2.2 documentation and support, but I am also thinking about 2.3, I added some tentative items to the roadmap of things I am interested in.  If you have thoughts or other suggestions let us know.  Note, this is preliminary and will likely be prioritized and changed.  Other Grouper team members will be adding their items as well.










2.3 (tentative)

Improve folder privileges

Change folder privileges so that instead of the STEM privilege, there is an ADMIN privilege on folders.  The ADMIN privilege would mean you have all rights to the folder, you can rename it, delete it, change privileges, and effectively every other privilege.  The CREATE privilege would be changed to also include creating folders (in addition to groups and attributes).  And the STEM_ATTR_READ and STEM_ATTR_UPDATE would remain the same.  Note, so the name doesnt conflict with the group ADMIN privilege, the stem privilege will be called STEM_ADMIN.

2.3 (tentative)

Improve loader

Add the ability for the loader to run on multiple nodes to it has better availability.  Also add the option for unresolvable subjects to not cause loader jobs to fail (note, if the source is unavailable it should fail and not remove all members, and it should only allow unresolvables up to a certain configurable threshold)

2.3 (tentative)

Finish the new UI, replace admin and lite UI

Add features into the new UI (from 2.2) so that everything from the admin UI and the lite UI can be performed in the new UI.  Remove the admin UI and lite UI (redirect old links).  Add user based auditing and overall auditing.  Add new features like the ability to easily configure "rules" in the UI

2.3 (tentative)

Add remaining attribute/permission operations to WS

Add ability to manage attribute and permission definitions 100% via the WS.  Currently many things can be done via the WS but not all.  Currently the missing operations can be performed by the UI/API

2.3 (tentative)

Standard authorization API

Define and implement a standard API for authorization.  This is a CIFER effort and might be based on SCIM and might be readonly for 2.3.  This would be a web service and might also include messaging.




David Langenberg

Identity & Access Management

The University of Chicago

Archive powered by MHonArc 2.6.16.

Top of Page