grouproles at ruc
Post on 31-Jan-2016
40 Views
Preview:
DESCRIPTION
TRANSCRIPT
Grouproles at RUC
• Course enrollment based on composite• grouproles in external groups
Overview
•How do we integrate?
•Why using groups and roles?
•Overview of slides:
•Use Cases presentation
•Technical infrastructure
•Group-roles and Portalino
•Sakai and Providers
- Step Two: Ask for groups for
group
- Step One: Ask for groups for user
Access
AccessMaintain- Step Three: Find intersection
AccessMaintain
Using LDAP as middle ground
for expressing memberships.
Using Group-Roles
•Group-Roles pairs
•expresses membership of a given group
•real-world binding to a specific role
•Role Mapping
•depends on context of group-role
Scenario:Use Cases and Setting
•Uses Cases are diverse
•For teachers:
•Sakai is voluntarily
•Support is face2face
•For students:
•Teacher chooses Sakai
•Support is by mail
Other uses of Sakai
•Research teams
•Special Interest Groups
•Commitees
•Organizational Units
•Student Project Groups
Group Management
•User Directory implemented 10y ago
•Fully implemented as primary directory
•New Group-Role database in roll-out
•Designed and coded 2y ago
•Continuously pushed as primary directory
•Still in redesign process
Infrastructure
•LDAP as directory protocol
•User Directory as regular LDAP
•Group Directory as meta-LDAP
•Yale CAS as SingleSignOn (SSO)
•Zero-Effort Cassification
LDAP Development
•Custom LDAP Schema
•Strands organize information
•Highly Agile presentation layer
CAS Development
•Rewritten Yale CAS 2.10
•Integrated in all Internet Services
•campus wireless (Blue Socket)
•Redirects login
No CAS (OOTB LDAP provider)
Yale CAS 2.0 unmodified
Zero-Effort Cassification
GroupRole Database
•Memberships in groups
• formal, informal, and ad hoc
• for mail-lists,courses, ACLs
• informative, no business logic
•nested membership in development
DK.RUC.ALFAdisplayName: Sample at Alpha Faculty
DK.RUC.ALFA-FACULTYMs. Andrews, Ms. Brown
DK.RUC.ALFA.SMPL-STUDENTCindy
DK.RUC.ALFA.SMPL.FALL2006.101displayName: “SAMPLE 101, FALL 2006”
DK.RUC.ALFA.SMPL.FALL2006.101-TEACHERMs. Andrews
DK.RUC.ALFA.SMPL.FALL2006.101-ENROLLEDCindy
Diana, enlisted: “Beta Faculty”
Resembles reverse DNS
<dot> separated
Role appended for users
<slash><role> suffix
Attributes:
on groups, e.g.. display name
on users, e.g.. guest status
Portalino
•Light-weight Portal
•Online bookmarks
•Some links are pushed to users
•Everything else is user-land
Portalino, Screenshot
Integration
•Wireless defaults to Portalino
•Links to all services from Portalino
•Current courses linked directly
•Archived courses can be hidden
Sakai atRoskilde University
Roadmap
November 2004,Sakai 1.0 in Pilot
Manual group administration
September 2005,Sakai 2.0 in Production
Webservice synching
July, 2006Sakai 2.2 in Production
Webservice synching with Group Providers
User base and staffing
Potential user-base: 8.100 students
1324 staff (also part time)
Actual users: 1217 unique session_user
Staffing:1 project leader, 3 admin/devs
approx. 1-2 man years
The Group Provider
•How it should work
•How it works
•What we wanted
Standard provided groups
String getRole(id, user)Map getUserRolesForGroup(id)Map getGroupRolesForUser(userId)String[] unpackId(id)
getGroupRolesForUserwhen generating sites
getRoleat entry in site
getUserRolesForGroupat emails, list of participants
unpackId - ?
String getRole(id, user)Map getUserRolesForGroup(id)Map getGroupRolesForUser(userId)String[] unpackId(id)
getGroupRolesForUserat login, data cached
getRolenever! (worksite setup)
getUserRolesForGroupat emails, list of participants
unpackId - not necessary
top related