Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Subjects

  1. How are subjects namespaced?
  2. How is a subject represented?  What attributes are built in? (e.g. Grouper has built in name, description, id, source, and can be searched by identifier or id or either).  Or does the group service communicate with an id, and subject information is retrieved from another system.
  3. Can you get netId's back from the service or just opaque id's?

Protocol

  1. Initial assumption is web service based with pluggable authentication
  2. Do we need a messaging design (xmpp)?
  3. REST? (if REST, then XML, JSON, and/or XHTML)?
  4. SOAP?
  5. Simple calls?
  6. Batched calls (e.g. replace all members of a group with the attached list)?  (if batched, can you pass a TX type)?
  7. Simple responses or complex responses (e.g. for groups a subject is in, return just the ID (KIM) or return group information(Grouper))?
  8. How are results communicated back?  Result code, description, warnings, errors, success_TF, etc?
  9. If you add a member to a group who is already a member, is that a success, and is there a result code that represents that? (same with delete)
  10. Paging and sorting for results?
  11. Is the client and server version transmitted in the request/response?

Security

  1. Act as another user?
  2. Do privileges on groups factor in?  Can you assign a privilege on a group to someone (e.g. someone can edit the memberships of the group)?
  3.  

Structure

  1. Simple API (like OpenSymphony), or complex
  2. More operations that are well defined (KIM), or fewer operations with options (Grouper)?
  3. Should we separate out the consumption vs the management of groups (i.e. read groups from subject vs add subject to group)

Group namespaces

  1. Is a Group a Subject?  i.e. can you add a group to a group with the same operation as add user to group?
  2. Deep namespace or one level namespace?
  3. Besides group namespace (folders), is there some sort of "source" for a group (e.g. group system, dynamic, group system B, etc)
  4. Can you filter operations by namespace (i.e. groups a subject is in that are in a certain namespace directly or indirectly)?
  5.  

Group structure

  1. Do groups have lists (e.g. add a member to list X of Group Y)?  i.e. this is a triple assignment, instead of a tuple, though there could be a default for simple things (e.g. "members" list)
  2. Do groups have an ID and name, or an ID / display name / system name? (or other)
  3. How are group searches done (e.g. boolean logic, e.g. group name is X and in folder Y)
  4. Can groups have types (labels)?
  5. Are composites in scope (e.g. someone is in this group if they are also in another group)?
  6. Do groups have enabled/disabled dates?
  7. Can you add a member to a group by ID or system name?  Or lookup the group first and use ID?
  8.  

Memberships

  1. Do memberships have enabled/disabled dates?
  2. Can you filter by immediate, nonimmediate, all memberships (i.e. immediate if it can be directly unassigned, non immediate if due to another membership)?
  • No labels