View
218
Download
2
Category
Preview:
Citation preview
Grouper Training - Admin Loader - Part 1
Chris Hyzer
Internet2
University of Pennsylvania
This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.
2
Contents
• Introduction• Configure• Run the loader• Types of ad hoc jobs• Simple SQL job• Tables vs. views• SQL group of groups• Extra SQL features
5
Configure grouper-loader.properties
• Contains SQL and LDAP connection information
• Auto-add attributes• Other non-loader daemon information• XMPP• Change log consumers• Daily report• etc
6
Running the loader
• From command line, run all jobs:c:\temp> gsh -loader
• From GSH, run one job:gsh 0% grouperSession = GrouperSession.startRootSession();gsh 1% loaderGroup = GroupFinder.findByName(grouperSession, "stem:group");gsh 2% loaderRunOneJob(loaderGroup);
9
Ad hoc includes and excludes
• Note: there is performance overhead associated with this configuration
• Set group type to: addIncludeExclude to automatically configure this
10
Simple SQL job - database config
• Database can either be the Grouper registry database or another arbitrary database• If registry database, database is: "grouper", and connection
information is retrieved from grouper.hibernate.properties
• Any JDBC database can be used
11
Tables vs. views
• It might be preferable to keep the SQL query in a view and select from the view for the loader config
• Then you can change the view when editing the query• If you change the configuration (not view), you might need
to restart the loader process
13
Simple SQL job
• Configure the database in grouper-loader.properties (if not there already and if not the registry database/login)
14
Simple SQL job (continued)
• Make a view in the database which returns the subject_id and subject_source_id of users in the group
• Note: subjects must be resolvable from Grouper
15
Simple SQL job (continued)• Create a group in grouper, assign grouperLoader type• Assign attributes to configure loader• Restart loader
16
Simple SQL job (continued)• After job runs, you can see memberships• Change memberships in the DB and UI and run job and
see the results
18
Set of Groups SQL job (continued)
• Make a view in the database which returns the group_name, subject_id and subject_source_id of users in the group
• Note: subjects must be resolvable from Grouper
19
Simple SQL job (continued)• Create a group in grouper (not in provisioned folder),
assign grouperLoader type• Assign attributes to configure loader, and restart loader
20
Simple SQL job (continued)• After job runs, you can see memberships• Change memberships in the DB and UI and run job and
see the results
Thanks!
Further information:
•Infosheets, mailing lists, wiki, downloads, etc.:www.internet2.edu/grouper
•Grouper demo server:grouperdemo.internet2.edu/
•Grouper Online Training Home:spaces.internet2.edu/x/IIGfAQ
This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License. 22
Recommended