Project index

Planning index

Project planning meeting - 2 October 2006

(Start of meeting deferred to 12:00, to allow Christian Fernau to be present.)

Present: Stuart Yeates (SY), Graham Klyne (GK), Christian Fernau (CF)

Last report: SakaiVre/PlanningProgress/20060918

This report: SakaiVre/PlanningProgress/20061002

Next meeting: 9 Oct 2006, 09:00 SakaiVre/PlanningProgress/20061009 (GK will be absent)

1. Agenda

2. Activity since last report

GK has been working on documentation, SY thinking about Sakai customization and search requirements. SY on holiday for 1 of these 2 weeks.

In the week 25-29 September, a Sakai developer training course was held in Oxford, which was attended by CF. GK also sat in on a couple of sessions, and engaged some of the developers in discussion about the Shibboleth /Sakai access control problem, leading to some new knowledge about how this might be tackled; also had some discussions with Alistair Young, developer of Guanxi, about these findings.

The problems with the Xen system have been fixed very promptly on CF's return from USA/AHM. The way is now clear to complete the Sakai/Shibboleth reinstallation (20060807.2).

2.1. Actions closed or completed

20060918.1

[GK] Notify Nicky Tomlin of my planned leaving date. Done. (End of October, with 2 weeks leave planned).

20060619.1

[GK] Obtain and use SDSS federation credentials. Closed: This strand of activity continues as new action 20061002.2, owned by CF (see below).

2.2. Actions progressed

20060619.4
[GK] Create Shibboleth configuration document, in particular showing how the various configuration elements and system functions are inter-related. GK has created a first draft of a Shibboleth configuration chart. SY and CF have made comments that will lead to some substantial revisions and, it is anticipated, improvement in clarity of the detail presented.

2.3. New activities and notes

20061002.1
[SY] Provide a wiki page or some words on an existing page about the origin of the search requirements leading to the ideas for people-search facilities would be helpful. (See also action 20060301.5 below.)
20061002.2

[CF] Take over SDSS federation credentials, previously handled by GK as action 20060619.1. An SDSS CA certificate has been obtained, but have not yet joined the SDSS federation. See http://maillist.ox.ac.uk/ezmlm-cgi?3855:mss:84:200606:hbmpafckdeclpnjmmgmb. The current plan is to enroll the new machine as an SDSS SP (using the new certificate obtained), and use the SPIE IdP, which is already enrolled with SDSS. Further progress dependent on action 20060807.2.

20061002.3
[SY] Create note about relationship between Shibboleth and Eduperson attribute schema, noting in particular Shibboleth's treatment of attributes as a flat namespace, coupled with their more structured interpretation by Shibboleth-using applications. This has been recorded as a new action, but was previously part of 20060619.4, to clarify a separation of responsibilities.
20061002.4

[SY] Review document SakaiVre/ShibbolethIntegration and forward any comments to GK. (Please don't edit the actual source text in the wiki, other than to add comments - I may be working on it offline - #g.)

20061002.5

[CF] Review document SakaiVre/ShibbolethIntegration and forward any comments to GK. (Please don't edit the actual source text in the wiki, other than to add comments - I may be working on it offline - #g.)

20061002.6

[CF] Set up Sakai development environment and load up Sakai "cafe" branch code. Consider options for implementing "level 2" authorization (cf. //wiki.oss-watch.ac.uk/SakaiVre/ShibbolethWebAuthIntegration#Levels); see also discussion below "More on Shibboleth-based access control".

2.4. Summary of ongoing actions carried forward

20060301.5

[SY] Analysis of search requirements. Looking at options for discovery of people and research interests based in part on directory data and personal FOAF information. See discussion section, SakaiVre/LDAPToFOAFIdea, and SakaiVre/AvailableToolReview.

20060619.4
[GK] Create Shibboleth configuration document, in particular showing how the various configuration elements and system functions are inter-related. GK has created a first draft of a Shibboleth configuration chart. SY and CF have made comments that will lead to some substantial revisions and, it is anticipated, improvement in clarity of the detail presented. A new revision to be created by the end of October.
20060807.1

[GK] Write up things learned about Sakai authentication and authorization structure and the consequent options for integration with Shibboleth. Substantial progress made: see SakaiVre/ShibbolethIntegration. Conclusions and executive summary remain to be added, and incorporation of any comments from SY/CF.

20060807.2

[GK+SY] Transfer Sakai installation to a Xen virtual machine on the SPIE system hardware. The new virtual machine is running Debian Linux (a supported kernel is necessary for reliable operation under Xen). The change to Debian is throwing up a few issues of system configuration that we need to work through. We'll keep the old machine running for a while as a Shibboleth test machine. See //wiki.oss-watch.ac.uk/DebianNotes and 20060721.2. We have started this migration. Tasks still be be completed include:

  • Install IPTables configuration. Done. See DebianNotes

  • Install SSSHBlack. Done. (Description of installation on debian still needed.)

  • Install and configure HFS backups. Done. Manual backups working, need to check whether weekly backups work.

  • Install Postfix Done

  • Install Logwatch Done

  • Configure Logwatch messages Done

  • Configure auto-updater Done

  • Install and configure Apache Done

  • Install and configure Tomcat Done

  • Install and configure JK connector Done

  • Install and configure basic Sakai portal. Done.

  • Install and configure Shibboleth SP Installed but not yet configured. (Note action 20060721.3.)

20060918.2
[SY] Provide MF with a couple of paragraphs of information about FOAF based federated search work, for presentation to Rob Crouchley, to confirm this is in line with the overall project plan.
20060918.3

[SY] Draw up plans for customization of the Oxford portal demonstrator. (This activity was actually started in the last period, but wasn't formally raised as an action in the previous report. See SakaiVre/VreCustomisations.)

3. Discussion

3.1. Future plans

Christian Fernau has joined, and Graham Klyne leaving the project at the end of October.

The future focus of attention will be SY on search and customization, CF on security (and host issues?), and GK on documentation.

I note that the action to create multiple Sakai instances in a Shibboleth federation seems to have been lost from the action list. Most recently, we decided to focus on creating such a federation with CCLRC, but that does not seem to appear in the ongoing actions. This is mentioned in SakaiVre/PlanningProgress/20060904, but apparently has not been scheduled.

3.2. Project planning handover

This project planning meeting will be the last that is led by GK.

SY and CF have tentatively agreed to continue with weekly progress meetings, and may adapt the tracking mechanisms to suit their working practices (but do expect to continue using the wiki for recording). It's not clear at this time who will "own" the planning processes.

3.3. More on Shibboleth-based access control

In the week 25-29 September, a Sakai developer training course was held in Oxford, which was attended by CF. GK also sat in on a couple of sessions, and engaged some of the developers in discussion about the Shibboleth /Sakai access control problem, leading to some new knowledge about how this might be tackled; also had some discussions with Alistair Young, developer of Guanxi, about these findings.

An outline of these recent findings can be found in GK's work-in-progress document about Sakai/Shibboleth integration (SakaiVre/ShibbolethIntegration, section "3.4.2. Other possibilities for using Shibboleth attributes").

3.4. Sakai customization

SY noted that customization falls into two main areas:

3.5. Search requirements

We briefly discussed JAFER (maintained by Chris Awre at Hull), and the fact that someone ???link??? has deployed Jafer as a Sakai tool. (As I write these notes, I'm still unable to identify a source for this tool. Does anyone have a link?)

It apears that JAFER might be usable a a general purpose interface to a large number of library systems and repositories, something that will be a valuable resource for this and other projects. (Has anyone implemented an SRU-accessed deployment of JAFER?)

JAFER link: http://www.ariadne.ac.uk/issue41/awre-cree/.

3.6. Documentation

GK is currently working on two documents:

* a diagram of key Shibboleth configuration files and components * a synthesis of the work conducted to date on Shibboleth/Sakai integration SakaiVre/ShibbolethIntegration.

The plan is for these will be finalized before GK leaves the project at the end of October.

4. Notes for next meeting

(Matters arising following the planning meeting.)


-- GrahamKlyne 2006-10-02 09:45:07

OSSWatchWiki: SakaiVre/PlanningProgress/20061002 (last edited 2013-04-15 13:56:24 by localhost)

Creative Commons License
The content of this wiki is licensed under the Creative Commons Attribution-ShareAlike 2.0 England & Wales Licence.

OSS Watch is funded by the Joint Information Systems Committee (JISC) and is situated within the Research Technologies Service (RTS) of the University of Oxford.