Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Questions

  1. How are subjects namespaced?
  2. How is a subject represented?  What attributes are built in? (e.g. Grouper has built in name, description, id, source, and can be searched by identifier or id or either).  Or does the group service communicate with an id, and subject information is retrieved from another system.
  3. Can you get netId's back from the service or just opaque id's?

COmanage responses

  1. For COmanage Gears, subjects are namespaced within a CO (by association with CO ID) but are not further partitioned.
  2. TBD, but for COmanage Gears subjects will be associated with a CO Person ID, which can then be used to translate across other identifiers as needed.
  3. For COmanage Gears, Opaque IDs are preferred. For domesticated applications, either, but probably NetID more typically.

Grouper responses

  1. How are subjects namespaced: We use the Internet2 Subject API where each subject has a label of a namespace (source ID).  This seems to work fine...
  2. How is a subject represented?  What attributes are built in: Grouper has built in name, description, id, source, and can be searched by identifier or id or either.  Also the Subject API has a list of multi-valued attributes, though the WS only transmits them as single valued (and we have never had a request to change this).
  3. Can you get netId's back from the service or just opaque id's: Grouper allows the caller to specify which attributes are sent back, so the netId can be sent back to the caller on any operation

Rice responses

NAU responses

  1. The Grouper implementation works well for us.
  2. The Grouper implementation works well for us.
  3. ?

uPortal Responses

  1. Groups are namespaced per group service source with an identifier associate with the group service that provided the group. Subjects representing individual users have an identifier that's globally unique.
  2. User and group attributes may be locally recorded in uPortal for uPortal-managed entities, or supplied by an outside service. While the person or group must be provided with a unique ID, all other attributes are provided by the relevant service, or a combination of services. uPortal does not copy any externally-provided attributes into its database.
  3. Typically in uPortal a netID serves as the unique identifier for users.

Etc

  • No labels