• Like
Development of IMPROV: A Provisioning Solution at UNC-Chapel Hill
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Development of IMPROV: A Provisioning Solution at UNC-Chapel Hill

  • 262 views
Published

When implementing a Provisioning solution for UNC-Chapel Hill, we found there was very little available in the Open Source ecosystem that addressed this Identity Management problem space. Thus we set …

When implementing a Provisioning solution for UNC-Chapel Hill, we found there was very little available in the Open Source ecosystem that addressed this Identity Management problem space. Thus we set about writing our own solution, in the hopes that we would then be able to contribute it back to the community.

We have nearly completed the first phase of the outcome, a system we call IMPROV (Identity Management Provisioning.) It consists of a SPML-based router mechanism that interacts with individual Services that provide our login identifiers, the Onyen and the UNC Guest ID. We intend future phases to include De-provisioning for these identifiers, and Provisioning/De-provisioning for other services such as Heelmail (our Microsoft Live@EDU implementation) and Exchange.

In this session, we plan to communicate the status of the project, discuss the architecture of IMPROV, and find others who would like to contribute to making this an Open Source project.

Published in Technology , Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
262
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
4
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Celeste Copeland, UNC-Chapel Hill June 10-15, 2012Growing Community;Growing Possibilities
  • 2.   Several years ago, did an RFP for a Provisioning solution ◦  Already have a home-grown Person Store  UNC, like many others, bought Sun IDM ◦  Then Oracle came along…  Left us with a few options ◦  Re-do RFP – seemed like a waste ◦  Go ahead and implement Sun IDM without knowing the future of the product ◦  Wait and see what Oracle would choose to do ◦  Grow our own ◦  Grow our own AND try to make it Open Source 2012 Jasig Sakai Conference 2
  • 3.   OASIS Standard, currently v2.0  OASIS Provisioning Services TC ◦  Karsten Huneycutt  XML-based  Core: listTargets, add, lookup, modify, delete  Others: batch, bulk, search, suspend, update  Custom: better error codes, Challenge- Response 2012 Jasig Sakai Conference 3
  • 4.   Onyen service  UNC Guest ID service  Resource correlation service  SPML router service ◦  Not actually a service, but a single join point around the "create" method of all services that calls a set of scripts to check eligibility for services ◦  Eligibility is determined by consulting with the resource correlation service before routing any request to the backend services ◦  After any successful add/delete/modify, the service will update the correlation service with any necessary changes ◦  This is an initial implementation for our phase one project; may switch to Grouper for eligibility 2012 Jasig Sakai Conference 4
  • 5. 2012 Jasig Sakai Conference 5
  • 6. 2012 Jasig Sakai Conference 6
  • 7.   Available under LGPL license  http://code.google.com/p/spml-toolkit/ downloads/list  SPML Router 1.0.0  Resource Correlation Service 1.0.0  UNC Prop Service 1.0.0 ◦  Simple example service ◦  Shows how the focus on the service implementation side is almost exclusively on the business logic rather than the SPML plumbing  SPML Toolkit 2.0.0 ◦  Java library that contains everything needed to write an SPML service or client 2012 Jasig Sakai Conference 7
  • 8.   De-provisioning of Onyens, Guest IDs, etc.  More services: Exchange, Live@EDU/MS 365  Workflow  Grouper 2012 Jasig Sakai Conference 8
  • 9.   Contact: idman@listserv.unc.edu  Contact: celeste_copeland@unc.edu 2012 Jasig Sakai Conference 9