This document summarizes a presentation about implementing Confluence at Harvard University to enable enterprise collaboration across its various schools, departments, and organizations. The implementation would need to support over 30,000 users across 600 buildings. Key requirements included security, user privacy, external collaborator access, and permissioning. The solution was to simplify integration by mapping users to a table and creating services for Confluence to consume for user and group information, rather than overhauling Confluence's native user and permissioning systems. This would allow Confluence to handle its core functions while integrating with Harvard's centralized authentication and user directory.
AWS Community Day CPH - Three problems of Terraform
Implementing Confluence at Harvard
1.
2. Implementing
Confluence at Harvard"
Enabling enterprise collaboration for "
..about 8,000 courses, 15 schools, 98 libraries, 21,000 students, 12,000 faculty, 98 libraries, who knows how many labs, 11 museums, a
police department, 600 buildings, and an arboretum"
Carter Snowden!
iCommons Group"
Harvard University Information and Technology"
carter.snowden@harvard.edu"
11. Requirements - basic"
• Security"
• User privacy"
• Easy access for external collaborators"
• Simple, real-time permissioning"
• Support and provisioning"
"
12. Requirements - extra"
• iSites integration"
• Terms-of use acceptance agreement"
• One-step addition and permissioning of users
and groups for Confluence space admins"
13. Why Confluence?"
• Evolving iSites tool concept"
• build/maintain/enhance à integration of proven open source and
commercial products"
• Tight integration à loose(r) integration"
• Confluence.."
• Is proven to integrate well with different SSO solutions"
• Has a rich permissioning scheme"
• Plugin architecture, templating, source availability provide flexibility"
18. Solution: Simplify"
• Map users in our own table"
• At the iSites end, create a REST group service"
• At the Confluence end, create the necessary utilities to
consume the service"
• Use native Confluence user and group stores"
""
19. Solution" Confluence
"" SSO
Via Space Permissions page
Unique id (private)
Utility plugin
Authenticator plugin
Can view/administer
Check Privacy settings;
Member-of
Get safe id
Get updated name and email if changed
Group service
iSites Group Service
LDAP
Mapping table