idm umu se
play

IDM@UMU.SE Presentation by Roland Hedberg at EuroCamp@Cork 2009 - PowerPoint PPT Presentation

IDM@UMU.SE Presentation by Roland Hedberg at EuroCamp@Cork 2009 Tuesday, May 19, 2009 SOME FACTS ABOUT UMU Founded in 1965 ~30.000 students (of which 10.000 on distance) ~4.000 employees ~2.000 courses ~50 departments ~50 other units


  1. IDM@UMU.SE Presentation by Roland Hedberg at EuroCamp@Cork 2009 Tuesday, May 19, 2009

  2. SOME FACTS ABOUT UMU Founded in 1965 ~30.000 students (of which 10.000 on distance) ~4.000 employees ~2.000 courses ~50 departments ~50 other units Tuesday, May 19, 2009

  3. GOAL OF THE IDM SYSTEM We assume that in the future all our systems will be accessable to all our users ★ We have to know who our users are What they can do with the systems are then based on what they are. ★ The information about our users MUST be accurate Tuesday, May 19, 2009

  4. REQUIREMENTS Must support initial population of ~40,000 users, and support growth. Must allow for fluid population, including fluctuating numbers of traditional classifications such as faculty and student, and non- traditional such as guests, affiliates, and federated partners. Must support end-to-end propagation of identity changes in real- time, or near real-time, to ensure consistent and correct access at all times. Must support long-term retention of identity history. Should support zero-downtime configurations to support dependent services. Tuesday, May 19, 2009

  5. HISTORY OF OUR IDM 2002 Q3 Started working on the first version 2004 Q1 Put into production 2006 Started working on version 2 together with two other Swedish universities. We will start the transition from OM to OM2 Q3 2009 Tuesday, May 19, 2009

  6. PRESENT IMPLEMENTATION Student Information System (LADOK) HR-system IDdB (PRIMULA) LDAP KdB Adminstrative Interface (Dirigenten) WS MAIL Tuesday, May 19, 2009

  7. NEXT VERSION Based on the OpenMetadir project http://www.openmetadir.org/ Tuesday, May 19, 2009

  8. WHAT IT’S ALL ABOUT Event Event Sender Receiver message message Tuesday, May 19, 2009

  9. IMPEDANCE MATCHING Event Event Sender Receiver message message Tuesday, May 19, 2009

  10. WE WHERE ALL IN THE SAME BOAT LADOK LDAP Personal System AD Administrativt gränssnitt Tuesday, May 19, 2009

  11. PICK AND CHOSE Student Func1 RDF / information XML system Func2 LDAP Func3 RDF HR- / XML System Func4 AD Func5 RDF Administrative / XML interface Func6 RDF Y / Repo X XML Tuesday, May 19, 2009

  12. BASIC ARCHITECTURE Message syntax - RDF/XML Message description language - OWL Model based architecture Transport agnostic DNS/NAPTR/HTTP for dynamic resolving Tuesday, May 19, 2009

  13. IMPLEMENTATION In Python Some in Perl by Stockholm University Perl - The only language that looks the same before and after RSA encryption. - Keith Bostic PHP is a minor evil perpetrated and created by incompetent amateurs, whereas Perl is a great and insidious evil, perpetrated by skilled but perverted professionals. - Jon Ribbens Uses RDF/XML as transport syntax XML is like violence - if it doesn’t solve your problems, you are not using enough of it. - Unknown HTTP/HTTPS as transport protocol Tuesday, May 19, 2009

  14. NECESSERY STEPS FOR ADDING A NEW PRODUCER/CONSUMER 1. If there is nothing appropriate available, you have to create an ontology. 2. ‘Compile’ Python modules from the ontology definition. 3. Use those modules to do data marshalling Tuesday, May 19, 2009

  15. SPECIFYING THE ONTOLOGY Protége => Any UML tool Tuesday, May 19, 2009

  16. ADD EVENT >>> import om2api >>> import pyom.ontology.prim_4 as prim >>> nexthop = “http://localhost:2003/” >>> sender = “test@liu.se” >>> receiver = [“recv@liu.se”] >>> om = om2api.OM2(nexthop=nexthop,sender=sender,receiver=receiver,) >>> p = prim.UserPerson() >>> p.about = “urn:mace:liu.se:om2:metadir:employee-id#rical37” >>> p[“surName”] = “Callerberg” >>> p[“givenName”] = “Ricke” >>> p[“uid”] = “rical37” >>> om.addObject(p): Tuesday, May 19, 2009

  17. READ OBJECT >>> import om2api >>> neorepo = "http://localhost:8084/neorepo/" >>> ontology = ["pyom.ontology.prim_4"] >>> om = om2api.OM2(neorepo=neorepo,ontology=ontology) >>> o = om.getObject(“urn:mac:umu.se:ed:uid#rohe0002”) >>> print o.type rdflib.URIRef('http://www.openmetadir.org/om2/ prim-4.owl#UserPerson') >>> print o[“surName”] “Hedberg” Tuesday, May 19, 2009

  18. IDM@UMU (KK3) LADOK AD PRIMULA OidSrv LDAP GroupGUI Neo INFOGLUE Srv adminGUI orgGUI WS Tuesday, May 19, 2009

  19. PYOM NODE LDAPMT RELP Transformer Logger DISPATCHER Receiver Router Resolver Sender Spocp DNS HTTP HTTP SOAP Simple Static XMPP LINE Pattern LINE Retry SMTP LDAP SPOCP Tuesday, May 19, 2009

  20. Listener synch@umu.se Router Resolver port=8082 Synchronizer SYSTEM Sender Sender path=/Users/roland/incoming/err GRAPH Listener neorepo@umu.se port=8084 Repo Sender Listener distributor@umu.se Router Resolver port=8086 Forwarder Sender Sender path=/Users/rolandh/incoming Listener igtransf@umu.se Router Resolver port=8087 Transformer umupyom.transform.ig Sender Sender path=/Users/rolandh/incoming REST url=https://server-utv1.cms.info.umu.se/infoglueCMS/services/Om2Servlet Tuesday, May 19, 2009

  21. LESSONS LEARNED (1) Search all the parks in all your cities; you'll find no statues of committees. -David Ogilvy We reject: kings, presidents, and voting. We believe in: rough consensus and running code - David Clark Tuesday, May 19, 2009

  22. LESSONS LEARNED (2) First learn computer science and all the theory. Next develop a programming style. Then forget all that and just hack. - George Carrette Tuesday, May 19, 2009

  23. LESSONS LEARNED (3) It always takes longer than you expect, even when you take into account Hofstadter’s Law. - Hofstadter’s Law Tuesday, May 19, 2009

  24. LESSONS LEARNED (4) If you don't know where you are going, any road will get you there. - Lewis Carrol Tuesday, May 19, 2009

  25. LESSONS LEARNED (5) We should forget about small efficiencies, say about 97% of the time: premature optimization is the root of all evil - C. A. R. Hoare Tuesday, May 19, 2009

  26. LESSONS LEARNED (6) Those who dare to fail miserably can achieve greatly. - John Fitzgerald Kennedy Tuesday, May 19, 2009

  27. LESSONS LEARNED (7) If history repeats itself, and the unexpected always happens, how incapable must Man be of learning from experience. - George Bernard Shaw Tuesday, May 19, 2009

  28. MY FAVOURITE Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. - Brian W. Kernighan Tuesday, May 19, 2009

Recommend


More recommend