sml -- I reformatted Catherine's notes into concrete requirements and tasks for the team. Some of these will copy to the Product backlog or into specific Sprint documentation.
Important Dates
June 15: Clearspace environment setup, tentative experiments connecting to an existing LDAP directory operated by NIST, determination of "least amount of work" path, recommendations
Clearspace to QA: July 15
Clearspace production date: August 1.
Questions to Answer for ISDA Lead Architects
- Carter and Dave Tanner (at least) to schedule discussion with Jive on LDAP vs. web services based integration
- Do all or some of our target products insist on using LDAP for authentication if they are configured to use LDAP for access control?
- The MIT Way is that we cannot use LDAP for authentication.
- If we can decouple access control from authentication, is that really less work than customizing the product to work with our ID web services?
- Since we have to customize to integrate with Touchstone, are we really saving any work?
- Paul will schedule further LDAP discussions with OIS, to include members of the Teamspaces team.
New Requirements
- Target products cannot use LDAP for authentication and they must use Touchstone.
- The LDAP connector cannot front for another authentication mechanism, it cannot receive passwords from an end user.
- ISDA Mgmt makes the assumption that we should use ldap.mit.edu
- We must test using ldap.mit.edu or the Active Directory LDAP before we attempt to use the penrose facade.
- We likely will not be allowed to use any new ldap service/protocol, even if it is a facade or abstacted interface like penrose
- The two key requirements to which this project must play are:
- real time updates of users and ACL
- Incorporation of external users (touchstone)
Impediments: Product Owner Tasks (Steve Landry and Possibly Derek Jaeger)
- Delta the LDAP requirements for Clearspace, Confluence, AlFresco, and Stellar
- Hand these off to Michael Gettes and Paul Hill to negotiate with NIST
- Work with Qing Dong to collect AlFresco documentation on LDAP connectivity.
- See if other higher-ed is using Clearspace and put forth some queries