...
Miscellaneous notes that do not fit in the other categories.
Sample Grouper Response
DRAFT - Project Summary - Grouper - DRAFT
Project Name
Grouper Access Management System
Contacts
Tom Barton
Overview / Mission
Grouper is an open source toolkit for managing access using groups, roles, and permissions. It is designed to function as the core element of a common infrastructure for managing access information across integrated applications and repositories. Grouper combines multiple sources of group information, both automated and manual, in managing memberships and other group information in a Group Registry, a central information asset complementary to a site's Person Registry.
The Grouper project started in 2003 to address group management needs in higher education. In this context, higher education is distinguished from most other enterprises in the following ways:
It is very decentralized. Distributed management and delegation are very important.
Large numbers of identity sources must be accommodated.
Privilege is not tied closely to job titles.
Goals / Roadmap
Privilege management was added to Grouper in release 2. The next release is 2.2 in about six months. Highlights for that release include:
An administrative user interface to address the needs of beginning and intermediate users.
Support for any sized screen, down to mobile devices.
Greater orientation to a service catalog paradigm, including service tags and the concept of service administrators.
Integration for popular software like uPortal
Approach to Work
Grouper maintains two electronic mail lists, grouper-users and grouper-devs for communication. "Those who show up make the decisions," and they try hard to get people to show up. Decisions to move forward with new functionality require at least one adopter/partner who will use the functionality to assure the development is grounded in real needs.
Strategies for Sustainability
Grouper is an open source project with financial support from Internet2 for about 1.5 FTE spread over about 4 developers. Internet2 also supports conference calls and a scribe.
The sustainability proposition is the value Grouper brings; it's not necessarily financial. Grouper addresses a problem that people agree is good to work on.
Observed Gaps
Better capabilities to work with AD. Grouper can provision AD, but nothing more. Nobody's speaking up about this, but Gartner observed this in an evaluation of group management tools that otherwise rated Grouper well.
Closer work with CIFER. The sustainability and governance models don't always mesh well, making collaboration a challenge.
Relationships with Other Projects
Grouper has touched many other projects. For example,
Release 2 of Grouper inherited much of its functionality needs from the now defunct Signet project.
uPortal
Apereo / Jasig
Shibboleth
Kuali Rice
CIFER
Some engagement with Globus, although the fit wasn't very good.
Universities
University of West Bohemia contributed a POSIX UID/GID manager for Grouper
A consortium of 180 universities in central France with a shared instance of uPortal, managed by Grouper
SURFnet
Challenges
Organizational gaps, such as observed above for CIFER.
More Information
Grouper web site:http://www.internet2.edu/grouper/
Grouper Product Roadmap (https://spaces.internet2.edu/pages/viewpage.action?pageId=14517754)
Notes