Integrating Sakai OAE with Grouper

Erik Froese, Hallway TechnologiesZach Thomas, Aeroplane Software

12th Sakai Conference – Los Angeles, California – June 14-16 2

About This Talk

• Problem statement• Grouper overview• Grouper integration strategies• Integrating OAE with Grouper• Similar strategies with other applications• Discussion

12th Sakai Conference – Los Angeles, California – June 14-16 3

Identity in Higher Ed

• Higher ed use cases are unique• We model many roles• We must have flexibility• In contexts• In timeframes

• Our systems must be both open and closed

12th Sakai Conference – Los Angeles, California – June 14-16 4

Sakai 2: Groups Management?

• Sakai 2 has become an informal system of record for enrollments

• It succeeds by empowering the right people to get the work done

• On the other hand, it’s hard to use this information other places

12th Sakai Conference – Los Angeles, California – June 14-16 5

OAE: Please Delegate

• We don’t want to rewrite enterprise services in OAE

• Can we delegate?• Calendars• Messaging• User provisioning• Course and Group provisioning

12th Sakai Conference – Los Angeles, California – June 14-16 6

What is Grouper?

• Centralized group info and management• Internet2• Indirect membership• Web Services for integration• Components for importing and exporting

data• Apache license

12th Sakai Conference – Los Angeles, California – June 14-16 7

The IdM Picture

12th Sakai Conference – Los Angeles, California – June 14-16 8

Integrating with Grouper

• Web services• Grouper client• Populate LDAP with Grouper info• XMPP• The change log

12th Sakai Conference – Los Angeles, California – June 14-16 9

Integration Goals

• Provision groups and courses in Sakai OAE with Grouper.

• Two-way sync• Store contacts• Batch import• ACLs (future)

12th Sakai Conference – Los Angeles, California – June 14-16 10

Integrating Grouper and OAE

• Event-based synchronization• Both systems provide hooks where you can

listen for events• Add, Delete, Update, Member add,

remove• Processing events reliably

12th Sakai Conference – Los Angeles, California – June 14-16 11

Grouper to Sakai OAE

• Some action occurs in Grouper• An event is written to the change log• Change log consumer is notified• Info pushed to Sakai via HTTP POST

12th Sakai Conference – Los Angeles, California – June 14-16 12

Grouper to Sakai OAE

12th Sakai Conference – Los Angeles, California – June 14-16 13

Sakai OAE to Grouper

• Events are posted to the OSGi EventAdmin

• Converted to JMS Messages and placed on a queue

• Info pushed to Grouper via HTTP POST to Grouper WS

12th Sakai Conference – Los Angeles, California – June 14-16 14

Sakai OAE to Grouper

12th Sakai Conference – Los Angeles, California – June 14-16 15

Event Processing

• OAE uses async OSGi events• Sync events would block• JMS messaging is more configurable and

can be made reliable and async• Grouper change log will retry events if the

consumer is written correctly

12th Sakai Conference – Los Angeles, California – June 14-16 16

Course Data vs Ad Hoc

• Two sets of data: Institutional data (SIS) vs what happens in Sakai OAE

• Sakai is not the system of record• Indirect group memberships• Include and exclude groups

12th Sakai Conference – Los Angeles, California – June 14-16 17

Provisioning Courses

12th Sakai Conference – Los Angeles, California – June 14-16 18

Other Applicationshttps://spaces.internet2.edu/display/Grouper/Grouper+Atlassian+

connectorhttps://spaces.internet2.edu/display/Grouper/Grouper+integration+with+Kuali+

Ricehttps://spaces.internet2.edu/display/Grouper/ESB+Integration+-+Rob+

Hebronhttps://spaces.internet2.edu/display/Grouper/Grouper+XMPP+notifications+

v1.6.0

Both Duke and Oxford are working on CLE integration