1 / 13

Grouper Training Developers and Architects How to Design Groups

Grouper Training Developers and Architects How to Design Groups. Shilen Patel Duke University. This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License. Contents. Group and folder structure Privileges Composite groups Integrating with applications.

keegan-avila
Download Presentation

Grouper Training Developers and Architects How to Design Groups

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Grouper TrainingDevelopers and ArchitectsHow to Design Groups Shilen Patel Duke University This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.

  2. Contents Group and folder structure Privileges Composite groups Integrating with applications

  3. Group and folder structure Folders in hierarchies Group Direct members Subgroup Indirect members = Composite groups U

  4. Group and folder structure (continued) • Example structure • You are delegated a folder such as: school:engineering • Admins group: school:engineering:etc:admins • Applications folder: school:engineering:apps • “app1” folder: school:engineering:apps:app1

  5. Privileges • Create groups • Create subfolders • Admin • Update membership • Read membership • View group • Opt-in • Opt-out Delegation

  6. Privileges (continued) • Should the group be public? • You can assign privileges to “EveryEntity” • How are group and folder privileges maintained? • Give privileges to a group and update that group’s memberships. • Use Grouper Rules to apply privileges automatically on new groups and folders.

  7. Composite Groups • addIncludeExcludegroupType • Automatically creates groups to allow for a system of record group, an include group, and an exclude group. • System of record group may be populated automatically by the institution. • Your applications may manage the include and exclude groups.

  8. Composite Groups (continued) • requireInGroupsgroupType • Automatically creates groups to set up group math so that memberships in other groups are required. • Other groups may be populated automatically by the institution (e.g. allStaff) • Example: finalGroup = ad-hoc group ∩ allStaff • May instead consider using Grouper Rules to automatically delete memberships when other memberships are deleted.

  9. Integration with applications • Grouper Web services • REST-like and SOAP • Language independent • Covers most Grouper operations but not all • Lightweight deployment

  10. Integration with applications (continued) • Grouper API • Java only • Covers all operations • Has full read/write access to Grouper data • Heavyweight deployment

  11. Integration with applications (continued) • Database views • Read-only SQL interface • Permissions would be handled by the database. • LDAP (if applicable for your institution) • Read-only • Often performs better than other options. • Easier to make highly available.

  12. Quiz Click on the quiz link in the video description to reinforce your knowledge of this topic.

  13. Thanks! • Further information: • Infosheets, mailing lists, wiki, downloads, etc.:www.internet2.edu/grouper • Grouper demo server:grouperdemo.internet2.edu/ • Grouper Online Training Home:spaces.internet2.edu/x/IIGfAQ This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.

More Related