Grouper Training Admin Subject API Part 1 Shilen
Grouper Training – Admin – Subject API – Part 1 Shilen Patel Duke University This work licensed under a Creative Commons Attribution-Non. Commercial 3. 0 Unported License.
Contents • Introduction • Source adapters • • • Group Source Adapter Entity Source Adapter JDBC Source Adapter Alternate JDBC Source Adapter JNDI Source Adapter 2
Introduction • Used by Grouper to integrate with source systems. • Avoids replicating all of your subject data into Grouper. 3
Introduction (continued) • Subjects have the following properties: • • • id type (person, group, application) source. Id name description Other attributes including other identifiers. 4
Introduction (continued) 5
Source Adapters: Group Source Adapter • Source adapter to resolve Grouper groups as subjects. • Configured by default in the sources. xml file and usually does not require changes. 6
Source Adapters: Entity Source Adapter • Source adapter to resolve Grouper entities as subjects. • Configured by default in the sources. xml file and usually does not require changes. 7
Source Adapters: JDBC Source Adapter • Adapter class: edu. internet 2. middleware. grouper. subj. Grouper. Jdbc. Source. Adapter • Source adapter to resolve subjects (usually people) in relational databases. 8
Source Adapters: JDBC Source Adapter (continued) • Database connection settings • Two connection providers: • edu. internet 2. middleware. subject. provider. C 3 p 0 Jdbc. Connection. Provider • edu. internet 2. middleware. grouper. subj. Grouper. Jdbc. Connection. Provider • Example configuration <init-param> <param-name>jdbc. Connection. Provider</param-name> <param-value>edu. internet 2. middleware. grouper. subj. Grouper. Jdbc. Connection. Provider </param-value> </init-param> 9
Source Adapters: JDBC Source Adapter (continued) • Specify queries based on SQL statements: • search. Subject. By. Identifier • search 10
Source Adapters: JDBC Source Adapter (continued) • Specify subject id, name, and description <init-param> <param-name>Subject. ID_Attribute. Type</param-name> <param-value>id</param-value> </init-param> <param-name>Name_Attribute. Type</param-name> <param-value>name</param-value> </init-param> <param-name>Description_Attribute. Type</param-name> <param-value>description</param-value> </init-param> 11
Source Adapters: JDBC Source Adapter (continued) • Additional identifiers (comma separated) <init-param> <param-name>identifier. Attributes</param-name> <param-value>LOGINID</param-value> </init-param> 12
Source Adapters: Alternate JDBC Source Adapter • Adapter class: edu. internet 2. middleware. grouper. subj. Grouper. Jdbc. Source. Adapter 2 • Assumes that one table or view contains all the subject data. • Performs more intelligent searching. • Database connection settings • Same as previous JDBC source adapter. 13
Source Adapters: Alternate JDBC Source Adapter (continued) • Specify table/view, subject id, name, and description <init-param> <param-name>db. Table. Or. View</param-name> <param-value>person_source_v</param-value> </init-param> <param-name>subject. Id. Col</param-name> <param-value>some_id</param-value> </init-param> <param-name>name. Col</param-name> <param-value>name</param-value> </init-param> <param-name>description. Col</param-name> <param-value>description</param-value> </init-param> 14
Source Adapters: Alternate JDBC Source Adapter (continued) • Searches (not by id or identifier) <init-param> <param-name>lower. Search. Col</param-name> <param-value>description_lower</param-value> </init-param> • Sorting (optional) <init-param> <param-name>default. Sort. Col</param-name> <param-value>description</param-value> </init-param> 15
Source Adapters: Alternate JDBC Source Adapter (continued) • Additional identifiers <init-param> <!-- col which identifies the row, perhaps not subject. Id, add multiple by incrementing the 0 index -- > <param-name>subject. Identifier. Col 0</param-name> <param-value>pennname</param-value> </init-param> • Additional attributes <!-- now you can count up from 0 to N of attributes for various cols. The name is how to reference in subject. get. Attribute() -- > <init-param> <param-name>subject. Attribute. Col 0</param-name> <param-value>pennname</param-value> </init-param> <param-name>subject. Attribute. Name 0</param-name> <param-value>PENNNAME</param-value> </init-param> 16
Source Adapters: JNDI Source Adapter • Adapter class: edu. internet 2. middleware. grouper. subj. Grouper. Jndi. Source. Adapter • Source adapter to resolve subjects (usually people) in an LDAP or AD. 17
Source Adapters: JNDI Source Adapter (continued) • LDAP connection settings • Specify within sources. xml file. • Use an external file <init-param> <param-name>ldap. Properties_file</param-name> <param-value>ldap. properties</param-value> </init-param> 18
Source Adapters: JNDI Source Adapter (continued) • Specify queries based on filters with a search base and scope: • search. Subject. By. Identifier • search 19
Source Adapters: JNDI Source Adapter (continued) • Specify subject id, name, and description <init-param> <param-name>Subject. ID_Attribute. Type</param-name> <param-value>example. Edu. Reg. ID</param-value> </init-param> <param-name>Name_Attribute. Type</param-name> <param-value>cn</param-value> </init-param> <param-name>Description_Attribute. Type</param-name> <param-value>description</param-value> </init-param> 20
Source Adapters: JNDI Source Adapter (continued) • Additional attributes <attribute>cn</attribute> <attribute>sn</attribute> <attribute>uid</attribute> <attribute>department</attribute> <attribute>example. Edu. Reg. Id</attribute> 21
Quiz Click on the quiz link in the video description to reinforce your knowledge of this topic. 22
Thanks! Further information: • Infosheets, mailing lists, wiki, downloads, etc. : www. internet 2. edu/grouper • Grouper demo server: grouperdemo. internet 2. edu/ • Grouper Online Training Home: spaces. internet 2. edu/x/IIGf. AQ This work licensed under a Creative Commons Attribution-Non. Commercial 3. 0 Unported License. 23
- Slides: 23
