Within this task we will evaluate the introduction of Grouper for a cross/inter organizational use.
Grouper will be used to manage in a centralized way (yet eventually permitting delegation):
- Groups of users
- Authorization attributes for users
The main activities for this subtask will be:
- Better definition of the possibilities for an authorization process within different services and communities.
- Realization of a PoC to prove possible integrations of existing services with Grouper.
- Documentation and dissemination of results achieved.
Planning:
- Study (started 03/2014): finalized at gaining knowledge on the tools and processes to be implemented.
- Feasibility (end 05/2014): will produce the first deliverable and introduce the context of authorization processes.
- Design (end 09/2014): will produce the architectural design and describe the technical choices that will be tested in the PoC.
- Build (end 12/2014): will realize the PoC with the integration of the three SPs.
- Finalize (end 05/2015): will produce dissemination material.
The project activities, so far, produced the following relevant documentation:
Project planning: JRA3-T1 WI 1.2 - Activity plan.mpp
Presentation to the face-2-face meeting in Stockholm: F-2-F Meeting Stockholm.pptx
Feasibility report (still under revision): JRA3-T1 321 Feasibility Report.docx
Other relevant information and additional documentation can be found here:
- Grouper wiki page: Grouper Wiki on Internet2 site
- Documentation about how to configure an Attribute Authority with Shibboleth software: saml-aa-shibboleth.pdf
Information page for the Grouper VOOT Connector: Grouper Voot Connector from Internet2 site