syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Lambertus <...@apache.org>
Subject Re: [IAM PoC] Starting with implementation
Date Tue, 10 Jan 2017 22:56:58 GMT
Yes, I am available. I will provide you an export of our existing LDAP repository and pointers
to our schemas. In answer to your questions below regarding id.a.o:

1) Yes, the current id.a.o app exclusively manages data in LDAP as a self-service tool.

2a) OpenLDAP
2b) A variety including some custom schemas which I will make available you along with the
ldif.
2c) There are MANY processes and tools which read and write from LDAP.

The initial scope of the PoC should be to provision Syncope as an admin and end-user UI for
maintaining attributes related to LDAP accounts (committers, staff) as a potential replacement
for the id.apache.org <http://id.apache.org/> service. Once we’ve explored the key
functionality of a test/demo implementation, we can look at what it would take to replace
the service in production, along with integrating other tools related to account creation.

-Chris





> On Jan 9, 2017, at 3:59 AM, Francesco Chicchiriccò <ilgrosso@apache.org> wrote:
> 
> Hi all,
> semi-formal "ping" for Infra guys: is there anyone available for supporting this PoC?
As said from the beginning, a fundamental requirement is to have someone playing the customer
role, otherwise any effort is pointless.
> 
> Regards.
> 
> On 19/12/2016 09:09, Francesco Chicchiriccò wrote:
>> Quick update:
>> 
>> 1. Pierre has submitted the first PR for puppet at
>> https://github.com/apache/infrastructure-puppet/pull/156
>> 
>> 2. I have just updated the PoC code to Syncope 2.0.1 (that's the second commit, exactly
1 year after fist one: time flies):
>> https://github.com/apache/iampoc/commit/a155f59362e6f553356e7e52116834837dbda984
>> 
>> However, without someone from Infra providing info + specifications, there is no
much more we can do.
>> Infra, please if you're there, knock once.
>> 
>> Regards.
>> 
>> On 16/12/2016 11:13, Francesco Chicchiriccò wrote:
>>> HI all,
>>> I am happy to report that the VM for the PoC was made available (syncope-vm2.apache.org)
- see INFRA-10931.
>>> I have been able to successfully access via SSH (sudo does not seem to work,
but nothing problematic about this ATM).
>>> 
>>> I know from IRC that Pierre is at work to try to define a first Puppet setup
including JDK 1.8, Maven, Tomcat 8.5 and PostgreSQL.
>>> Besides such components, the setup process will also need to fetch and build
the Maven project from the dedicated GIT repository (see below).
>>> 
>>> Now in fist place I think we should re-attempt to start discussing the actual
requirements of this PoC, and then the planning.
>>> 
>>> This means, essentially, to gather some information from the infra team.
>>> 
>>> I propose again to concentrate, from the list shown by Tony in [1], on the first
item, e.g. "https://id.apache.org (The end-user part of it)", which triggers these first questions:
>>> 
>>> 1. does the current app exclusively manage data from LDAP?
>>> 2. if so, could you provide some details:
>>>    a. which LDAP server implementation? OpenLDAP?
>>>    b. which object classes are in use? baseDN(s)?
>>>    c. which processes / tools are reading from LDAP? which are writing?
>>> 
>>> In INFRA-10931, Greg proposed to provide an LDIF export of the production LDAP
servers so that we can setup a local detached copy which we could use for tests.
>>> 
>>> Looking forward to your reply.
>>> Regards.
>>> 
>>> On 21/12/2015 17:16, Francesco Chicchiriccò wrote:
>>>> Hi all,
>>>> we now have our GIT repository at
>>>> 
>>>> https://git-wip-us.apache.org/repos/asf/iampoc.git
>>>> 
>>>> which is also mirrored, as usual, to GitHub.
>>>> 
>>>> As you can see, I have made an initial commit featuring an empty default
Syncope 2.0.0-SNAPSHOT setup.
>>>> 
>>>> Now, waiting for the VM to be available (see INFRA-10931), we can start defining
what is actually going to be part of this PoC, and how we are going to implement the related
features.
>>>> 
>>>> From the list showed by Tony in [1], I'd start with first item, e.g. "https://id.apache.org
(The end-user part of it)".
>>>> 
>>>> Here are some questions:
>>>> 
>>>> 1. does the current app exclusively manage data from LDAP?
>>>> 2. if so, could you provide some details:
>>>>    a. LDAP architecture (replicas, load-balancing, ..)
>>>>    b. which LDAP server implementation? OpenLDAP?
>>>>    c. which object classes are in use? baseDN(s)?
>>>>    d. which processes / tools are reading from LDAP? which are writing?
>>>>    e. is there any test LDAP instance available? if not, is it possible to
pre-load some data from the production instances in order to build a test instance in our
development VM?
>>>> 
>>>> Please add questions if you see something missing.
>>>> 
>>>> Regards.
>>>> 
>>>> [1] http://markmail.org/message/utlcjkanilz4qztz
> 
> --
> Francesco Chicchiriccò
> 
> Tirasa - Open Source Excellence
> http://www.tirasa.net/
> 
> Member at The Apache Software Foundation
> Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
> http://home.apache.org/~ilgrosso/
> 


Mime
View raw message