On 10/01/2017 23:56, Chris Lambertus wrote:
Yes, I am available. I will provide you an export of our existing LDAP
repository and pointers to our schemas.
Thanks Chris, looks good!
In answer to your questions below regarding id.a.o:
1) Yes, the current id.a.o app exclusively manages data in LDAP as a
self-service tool.
2a) OpenLDAP
2b) A variety including some custom schemas which I will make
available you along with the ldif.
2c) There are MANY processes and tools which read and write from LDAP.
The initial scope of the PoC should be to provision Syncope as an
admin and end-user UI for maintaining attributes related to LDAP
accounts (committers, staff) as a potential replacement for the
id.apache.org <http://id.apache.org> service. Once we’ve explored the
key functionality of a test/demo implementation, we can look at what
it would take to replace the service in production, along with
integrating other tools related to account creation.
I completely agree.
AFAICT, the identified tasks are:
1. setup an OpenLDAP instance with the content and configuration provided
2. configure the Syncope entities: schemas, realms, resource, tasks, ...
3. configure / customize the Enduser UI
I will start with task (1), manual installation; not sure if it makes
sense to puppet-ize that: if so, Pierre could possibly help.
Any other volunteer?
Regards.
On Jan 9, 2017, at 3:59 AM, Francesco Chicchiriccò
<ilgro...@apache.org <mailto:ilgro...@apache.org>> wrote:
Hi all,
semi-formal "ping" for Infra guys: is there anyone available for
supporting this PoC? As said from the beginning, a fundamental
requirement is to have someone playing the customer role, otherwise
any effort is pointless.
Regards.
On 19/12/2016 09:09, Francesco Chicchiriccò wrote:
Quick update:
1. Pierre has submitted the first PR for puppet at
https://github.com/apache/infrastructure-puppet/pull/156
2. I have just updated the PoC code to Syncope 2.0.1 (that's the
second commit, exactly 1 year after fist one: time flies):
https://github.com/apache/iampoc/commit/a155f59362e6f553356e7e52116834837dbda984
However, without someone from Infra providing info + specifications,
there is no much more we can do.
Infra, please if you're there, knock once.
Regards.
On 16/12/2016 11:13, Francesco Chicchiriccò wrote:
HI all,
I am happy to report that the VM for the PoC was made available
(syncope-vm2.apache.org) - see INFRA-10931.
I have been able to successfully access via SSH (sudo does not seem
to work, but nothing problematic about this ATM).
I know from IRC that Pierre is at work to try to define a first
Puppet setup including JDK 1.8, Maven, Tomcat 8.5 and PostgreSQL.
Besides such components, the setup process will also need to fetch
and build the Maven project from the dedicated GIT repository (see
below).
Now in fist place I think we should re-attempt to start discussing
the actual requirements of this PoC, and then the planning.
This means, essentially, to gather some information from the infra
team.
I propose again to concentrate, from the list shown by Tony in [1],
on the first item, e.g. "https://id.apache.org (The end-user part
of it)", which triggers these first questions:
1. does the current app exclusively manage data from LDAP?
2. if so, could you provide some details:
a. which LDAP server implementation? OpenLDAP?
b. which object classes are in use? baseDN(s)?
c. which processes / tools are reading from LDAP? which are writing?
In INFRA-10931, Greg proposed to provide an LDIF export of the
production LDAP servers so that we can setup a local detached copy
which we could use for tests.
Looking forward to your reply.
Regards.
On 21/12/2015 17:16, Francesco Chicchiriccò wrote:
Hi all,
we now have our GIT repository at
https://git-wip-us.apache.org/repos/asf/iampoc.git
which is also mirrored, as usual, to GitHub.
As you can see, I have made an initial commit featuring an empty
default Syncope 2.0.0-SNAPSHOT setup.
Now, waiting for the VM to be available (see INFRA-10931), we can
start defining what is actually going to be part of this PoC, and
how we are going to implement the related features.
From the list showed by Tony in [1], I'd start with first item,
e.g. "https://id.apache.org (The end-user part of it)".
Here are some questions:
1. does the current app exclusively manage data from LDAP?
2. if so, could you provide some details:
a. LDAP architecture (replicas, load-balancing, ..)
b. which LDAP server implementation? OpenLDAP?
c. which object classes are in use? baseDN(s)?
d. which processes / tools are reading from LDAP? which are
writing?
e. is there any test LDAP instance available? if not, is it
possible to pre-load some data from the production instances in
order to build a test instance in our development VM?
Please add questions if you see something missing.
Regards.
[1] http://markmail.org/message/utlcjkanilz4qztz
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
