grouper-users - Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file
Subject: Grouper Users - Open Discussion List
List archive
- From: Scott Koranda <>
- To: David Langenberg <>
- Cc: David Vezzani <>, "" <>, Brian Koehmstedt <>, John Kamminga <>
- Subject: Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file
- Date: Thu, 2 Oct 2014 12:29:05 -0500
Hi David,
Based on what I read on that wiki page, is this a fair statement:
The Grouper team may release a version of Grouper in the future that
will not provision to LDAP without a deployer having to take one of
these two actions: (1) Writing Java code, or (2) deploying a message
queue/broker.
Thanks,
Scott K for LIGO
On Thu, Oct 2, 2014 at 12:19 PM, David Langenberg
<>
wrote:
> Hi Dave,
>
> The plans for the post-PSP world are being written/discussed/firmed up here:
>
> https://spaces.internet2.edu/display/Grouper/Post+PSP+Provisioning
>
> I welcome any comments, criticisms, suggestions, etc.
>
> Dave
>
>
> On Thu, Oct 2, 2014 at 10:59 AM, David Vezzani
> <>
> wrote:
>>
>> Dave,
>>
>> Thanks for your response. I think it is important to know that there are
>> plans for retiring the PSP tool. In creating our group management
>> solution,
>> we are hoping to use as much code that is supported and is planned to be
>> supported in the future.
>>
>> Your suggestions for how to better understand PSP are much appreciated.
>>
>> That being said, what would take the place of PSP as the suggested tool
>> for provisioning groups to target LDAPs?
>>
>> Dave
>>
>> David Vezzani
>> (c) 209-756-9688
>> (o) 209-228-4516
>>
>>
>>
>>
>> On Oct 2, 2014, at 9:48 AM, David Langenberg
>> <>
>> wrote:
>>
>> Probably the best way to understand what that psp-resolver.xml is
>> controlling is to first understand Shibboleth and how its
>> attribute-resolver
>> works. The PSP is using the Shibboleth Attribute Resolver to handle looking
>> up the provisioned information, group source information and also perform
>> necessary transformations to make the two systems (grouper and target)
>> comparable.
>>
>> https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAddAttribute
>>
>> I really wouldn't try to generate SPML & feed it directly to the PSPs LDAP
>> Target class, though in theory it could work. As for the source for
>> OpenSPML, the OpenSPML library upon which the PSP relies is no longer
>> maintained. I managed to grab a copy of the source at one time and keep a
>> fork of it here:
>>
>> https://github.com/langedb/openspml
>>
>> This is yet another reason why the PSP is going to be retired soon.
>>
>> Dave
>>
>> On Thu, Oct 2, 2014 at 10:25 AM, David Vezzani
>> <>
>> wrote:
>>>
>>> I’m still trying to understand what the PSP does exactly. I’m running
>>> through the video tutorials and I’m not getting the same end result as
>>> Patel. I figure I would be able to resolve the issue with some slight
>>> modifications to the PSP configuration files. I admit that
>>> https://spaces.internet2.edu/display/Grouper/Grouper+Provisioning has
>>> definitely helped me get a better understanding of how PSP works, but I’m
>>> not finding the detail I need to understand with enough depth so that I
>>> actually know what I’m doing when I make changes to the PSP configuration.
>>>
>>> To start, I want to make sure I understand the big picture.
>>>
>>> PSP is used to provision groups with assigned members by generating SPML2
>>> xml packets that somehow get converted to LDIF which is presented to the
>>> target LDAP. Is this a fair statement?
>>>
>>> I am currently looking for a SPML2 client I can use to test SPML2 packets
>>> with my target LDAP. I see that Grouper comes packaged with a JAR that
>>> provides org.openspml.v2.client.Spml2Client , but I haven’t found the
>>> source
>>> or documentation yet on how to use it. I already verified it is different
>>> from a SpmlClient class I found on Oracle’s site. I am hoping that being
>>> somewhat familiar with SPML2 will increase my knowledge base so I can
>>> better
>>> understand the PSP configuration files, especially the psp-resolver.xml
>>> file.
>>>
>>> David Vezzani
>>> (c) 209-756-9688
>>> (o) 209-228-4516
>>>
>>>
>>>
>>>
>>
>>
>>
>> --
>> David Langenberg
>> Identity & Access Management
>> The University of Chicago
>>
>>
>
>
>
> --
> David Langenberg
> Identity & Access Management
> The University of Chicago
- [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Vezzani, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Langenberg, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Vezzani, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Langenberg, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, Scott Koranda, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Langenberg, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, Scott Koranda, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Langenberg, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, Scott Koranda, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Langenberg, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Vezzani, 10/02/2014
- Re: [grouper-users] SPML2 and understanding the psp-resolver.xml file, David Langenberg, 10/02/2014
Archive powered by MHonArc 2.6.16.