/
Enterprise Authorization Working Group Meeting Minutes 2008-01-11

Enterprise Authorization Working Group Meeting Minutes 2008-01-11

Owned by Joshua Drummond
Last updated: Mar 11, 2008Version comment

 Enterprise Authorization Working Group - 2008/01/11 Meeting


 Attendees

  • John R - Engineering
  • Isaac S - NACS
  • Josh D - AdCom
  • Neil M - AdCom
  • Erik O - Student Affairs
  • Beth H - Communications
  • Jim K - Communications

Discussion

  • Josh gave a demo walk-through of the Grouper demo server he created, including the integration with AdCom LDAP server for identity and user lookups, as well as WebAuth integration for authentication to the Grouper web application
  • Discussion of initial gaps found in bringing up the demo server
    • No web service API, each client application would need to be Java-based, import the Grouper libraries, and have direct connections to the central Grouper database using Hibernate/JDBC
    • No hooks for event-based pluggable actions from what we could tell
  • Discussion of issues with automatically populating groups, many of the same issues as discussed in the LDAP group, i.e. getting the proper data feeds from the proper data sources
    • Possibly need to create access controls on viewing certain groups, similar to some sensitive attributes in LDAP?
  • Discussion of how one could delegate administration of sub groups

Action Items

  • Each group come up with initial API their applications would require of such an enterprise service, look into implementing our own web service API on top of Grouper to meet just those needs
  • Bring up Signet demo server, and integrate with Grouper demo server
  • Play with modeling sample groups/members in Grouper