grouproles at ruc

Grouproles at RUC

• Course enrollment based on composite• grouproles in external groups

Overview

•How do we integrate?

•Why using groups and roles?

•Overview of slides:

•Use Cases presentation

•Technical infrastructure

•Group-roles and Portalino

•Sakai and Providers

- Step Two: Ask for groups for

group

- Step One: Ask for groups for user

Access

AccessMaintain- Step Three: Find intersection

AccessMaintain

Using LDAP as middle ground

for expressing memberships.

Using Group-Roles

•Group-Roles pairs

•expresses membership of a given group

•real-world binding to a specific role

•Role Mapping

•depends on context of group-role

Scenario:Use Cases and Setting

•Uses Cases are diverse

•For teachers:

•Sakai is voluntarily

•Support is face2face

•For students:

•Teacher chooses Sakai

•Support is by mail

Other uses of Sakai

•Research teams

•Special Interest Groups

•Commitees

•Organizational Units

•Student Project Groups

Group Management

•User Directory implemented 10y ago

•Fully implemented as primary directory

•New Group-Role database in roll-out

•Designed and coded 2y ago

•Continuously pushed as primary directory

•Still in redesign process

Infrastructure

•LDAP as directory protocol

•User Directory as regular LDAP

•Group Directory as meta-LDAP

•Yale CAS as SingleSignOn (SSO)

•Zero-Effort Cassification

LDAP Development

•Custom LDAP Schema

•Strands organize information

•Highly Agile presentation layer

CAS Development

•Rewritten Yale CAS 2.10

•Integrated in all Internet Services

•campus wireless (Blue Socket)

•Redirects login

No CAS (OOTB LDAP provider)

Yale CAS 2.0 unmodified

Zero-Effort Cassification

GroupRole Database

•Memberships in groups

• formal, informal, and ad hoc

• for mail-lists,courses, ACLs

• informative, no business logic

•nested membership in development

DK.RUC.ALFAdisplayName: Sample at Alpha Faculty

DK.RUC.ALFA-FACULTYMs. Andrews, Ms. Brown

DK.RUC.ALFA.SMPL-STUDENTCindy

DK.RUC.ALFA.SMPL.FALL2006.101displayName: “SAMPLE 101, FALL 2006”

DK.RUC.ALFA.SMPL.FALL2006.101-TEACHERMs. Andrews

DK.RUC.ALFA.SMPL.FALL2006.101-ENROLLEDCindy

Diana, enlisted: “Beta Faculty”

Resembles reverse DNS

<dot> separated

Role appended for users

<slash><role> suffix

Attributes:

on groups, e.g.. display name

on users, e.g.. guest status

Portalino

•Light-weight Portal

•Online bookmarks

•Some links are pushed to users

•Everything else is user-land

Portalino, Screenshot

Integration

•Wireless defaults to Portalino

•Links to all services from Portalino

•Current courses linked directly

•Archived courses can be hidden

Sakai atRoskilde University

Roadmap

November 2004,Sakai 1.0 in Pilot

Manual group administration

September 2005,Sakai 2.0 in Production

Webservice synching

July, 2006Sakai 2.2 in Production

Webservice synching with Group Providers

User base and staffing

Potential user-base: 8.100 students

1324 staff (also part time)

Actual users: 1217 unique session_user

Staffing:1 project leader, 3 admin/devs

approx. 1-2 man years

The Group Provider

•How it should work

•How it works

•What we wanted

Standard provided groups

String getRole(id, user)Map getUserRolesForGroup(id)Map getGroupRolesForUser(userId)String[] unpackId(id)

getGroupRolesForUserwhen generating sites

getRoleat entry in site

getUserRolesForGroupat emails, list of participants

unpackId - ?

String getRole(id, user)Map getUserRolesForGroup(id)Map getGroupRolesForUser(userId)String[] unpackId(id)

getGroupRolesForUserat login, data cached

getRolenever! (worksite setup)

getUserRolesForGroupat emails, list of participants

unpackId - not necessary