Grouper Training – Admin – Subject API – Part 1

Grouper Training – Admin – Subject API – Part 1 Shilen Patel Duke University This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.

Contents • Introduction • Source adapters • Group Source Adapter • Entity Source Adapter • JDBC Source Adapter • Alternate JDBC Source Adapter • JNDI Source Adapter

Introduction Used by Grouper to integrate with source systems. Avoids replicating all of your subject data into Grouper.

Introduction (continued) • Subjects have the following properties: • id • type (person, group, application) • sourceId • name • description • Other attributes including other identifiers.

Introduction (continued)

Source Adapters: Group Source Adapter Source adapter to resolve Grouper groups as subjects. Configured by default in the sources.xml file and usually does not require changes.

Source Adapters: Entity Source Adapter Source adapter to resolve Grouper entities as subjects. Configured by default in the sources.xml file and usually does not require changes.

Source Adapters: JDBC Source Adapter Adapter class: edu.internet2.middleware.grouper.subj.GrouperJdbcSourceAdapter Source adapter to resolve subjects (usually people) in relational databases.

Source Adapters: JDBC Source Adapter (continued) • Database connection settings • Two connection providers: • edu.internet2.middleware.subject.provider.C3p0JdbcConnectionProvider • edu.internet2.middleware.grouper.subj.GrouperJdbcConnectionProvider • Example configuration <init-param> <param-name>jdbcConnectionProvider</param-name> <param-value>edu.internet2.middleware.grouper.subj.GrouperJdbcConnectionProvider </param-value> </init-param>

Source Adapters: JDBC Source Adapter (continued) • Specify queries based on SQL statements: • searchSubject • searchSubjectByIdentifier • search

Source Adapters: JDBC Source Adapter (continued) • Specify subject id, name, and description <init-param> <param-name>SubjectID_AttributeType</param-name> <param-value>id</param-value> </init-param> <init-param> <param-name>Name_AttributeType</param-name> <param-value>name</param-value> </init-param> <init-param> <param-name>Description_AttributeType</param-name> <param-value>description</param-value> </init-param>

Source Adapters: JDBC Source Adapter (continued) • Additional identifiers (comma separated) <init-param> <param-name>identifierAttributes</param-name> <param-value>LOGINID</param-value> </init-param>

Source Adapters: Alternate JDBC Source Adapter • Adapter class: edu.internet2.middleware.grouper.subj.GrouperJdbcSourceAdapter2 • Assumes that one table or view contains all the subject data. • Performs more intelligent searching. • Database connection settings • Same as previous JDBC source adapter.

Source Adapters: Alternate JDBC Source Adapter (continued) • Specify table/view, subject id, name, and description <init-param> <param-name>dbTableOrView</param-name> <param-value>person_source_v</param-value> </init-param> <init-param> <param-name>subjectIdCol</param-name> <param-value>some_id</param-value> </init-param> <init-param> <param-name>nameCol</param-name> <param-value>name</param-value> </init-param> <init-param> <param-name>descriptionCol</param-name> <param-value>description</param-value> </init-param>

Source Adapters: Alternate JDBC Source Adapter (continued) • Searches (not by id or identifier) <init-param> <param-name>lowerSearchCol</param-name> <param-value>description_lower</param-value> </init-param> • Sorting (optional) <init-param> <param-name>defaultSortCol</param-name> <param-value>description</param-value> </init-param>

Source Adapters: Alternate JDBC Source Adapter (continued) • Additional identifiers <init-param> <!-- col which identifies the row, perhaps not subjectId, add multiple by incrementing the 0 index -- > <param-name>subjectIdentifierCol0</param-name> <param-value>pennname</param-value> </init-param> • Additional attributes <!-- now you can count up from 0 to N of attributes for various cols. The name is how to reference in subject.getAttribute() -- > <init-param> <param-name>subjectAttributeCol0</param-name> <param-value>pennname</param-value> </init-param> <init-param> <param-name>subjectAttributeName0</param-name> <param-value>PENNNAME</param-value> </init-param>

Source Adapters: JNDI Source Adapter Adapter class: edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter Source adapter to resolve subjects (usually people) in an LDAP or AD.

Source Adapters: JNDI Source Adapter (continued) • LDAP connection settings • Specify within sources.xml file. • Use an external file <init-param> <param-name>ldapProperties_file</param-name> <param-value>ldap.properties</param-value> </init-param>

Source Adapters: JNDI Source Adapter (continued) • Specify queries based on filters with a search base and scope: • searchSubject • searchSubjectByIdentifier • search

Source Adapters: JNDI Source Adapter (continued) • Specify subject id, name, and description <init-param> <param-name>SubjectID_AttributeType</param-name> <param-value>exampleEduRegID</param-value> </init-param> <init-param> <param-name>Name_AttributeType</param-name> <param-value>cn</param-value> </init-param> <init-param> <param-name>Description_AttributeType</param-name> <param-value>description</param-value> </init-param>

Source Adapters: JNDI Source Adapter (continued) • Additional attributes <attribute>cn</attribute> <attribute>sn</attribute> <attribute>uid</attribute> <attribute>department</attribute> <attribute>exampleEduRegId</attribute>

Quiz Click on the quiz link in the video description to reinforce your knowledge of this topic.

Thanks! • Further information: • Infosheets, mailing lists, wiki, downloads, etc.:www.internet2.edu/grouper • Grouper demo server:grouperdemo.internet2.edu/ • Grouper Online Training Home:spaces.internet2.edu/x/IIGfAQ This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.

Grouper Training – Admin – Subject API – Part 1

Grouper Training – Admin – Subject API – Part 1

Presentation Transcript

Hints and Tips Cognos Controller

Sponsored Programs Administration Pre- Award Training

Login to the ADSL Router using 192.168.1.1. Username and password are admin and admin .

FTA TRAINING SEMINARS ON PART 655

14th Flying Training Wing

IPv6 Training

Corrosion Training

Subject Revision Distributed Systems: Principles and Paradigms

Lab 2: Admin details

SHELTERED INSTRUCTION Part II

UNDP Training Module Subject Module Volume 1 - Training Manual Demand Assessment Planning

UNDP Training Module Subject Module Volume 1 - Training Manual Demand Assessment Planning

SMB TRAINING OPTIONS TRAINING PROGRAM Presents:

Subject Analysis LCSH

Part 4

Progress Database Admin

HKIN 303 Part II

Unified Threat Management

DHML FOURTH QUARTER TRAINING WEEK

Order and Contract 订单与合同

Training Modules: Monitoring and Evaluation of Population, Health and Environment (PHE) Programs