Grouper Shell (GSH)
advertisement
Grouper API - Part 2 Chris Hyzer Internet2 University of Pennsylvania This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License. Contents • Grouper Shell (GSH) • Configuring the Grouper API • Import / Export 2 Grouper Shell (GSH) - Introduction • Grouper Shell (GSH) is command line interface to Grouper • Based on BeanShell • Start with a shell script (unix/mac) or batch file (win) 3 Grouper Shell (GSH) - Intro (continued) • Can run from the unzipped API tarball, or a UI or WS build from a webapp (WEB-INF/bin/gsh) • GSH is all powerful - anyone with access to GSH can act as an admin (unlike the UI or WS) • Document on wiki (google: Grouper GSH) 4 Grouper Shell (GSH) - Registry commands • Generally you need to start with root session gsh 0% grouperSession = GrouperSession.startRootSession(); • Can run Java command: gsh 1% new GroupSave(grouperSession) .assignName("stem1:a") .assignCreateParentStemsIfNotExist(true) .save(); • Can run built-in GSH command gsh 2% addGroup("stem1", "b", "Group b"); • Note: commands must be on one line 5 Grouper Shell (GSH) - utilities • Can get a list of commands gsh 3% help(); • History of recent commands gsh 4% history() • Grouper utilities, e.g. fix missing metadata gsh 5% new edu.internet2.middleware .grouper.misc.AddMissingGroupSets() .addAllMissingGroupSets(); gsh 6% exit 6 Grouper Shell (GSH) - run from file • Non-interactive mode, put commands in file e.g. gshCommands.txt • Invoke by calling GSH with the argument of the filename c:\mchyzer\grouper\v2_1\ grouper\bin>gsh C:\mchyzer\ grouper\docs\201204\ gshCommands.txt 7 Configuring the Grouper API • Config files are read from the default package on classpath • In the API, this is the "conf" dir • In the UI/WS the dir is WEB-INF/classes 8 Grouper API config files • • • • • • grouper.properties - main config file grouper.hibernate.properties - DB config grouper-loader.properties - Loader config sources.xml - Subject API config log4j.properties - Logging config ehcache.xml - Cache config 9 Grouper API configuration information • Config changes require a restart of the JVM • Each config file has an example config file which lists documentation and all of the available config options • Read through the example files to see what is available 10 grouper.properties config example • Do not make groups publicly viewable and readable by default groups.create.grant.all.read = false groups.create.grant.all.view = false • Some properties are lists with indexes db.change.allow.user.1=grouper1 db.change.allow.url.1=jdbc:mysql://lo calhost:3306/grouper1 11 Grouper import/export • Grouper can export the registry to XML • Note: not 100% of the registry is exported as of April 2012 • e.g. point in time auditing, external subjects • Can export part of the registry by folder 12 Grouper import/export (continued) • UUIDs are exported and used if inserting into a new system • XML files are streamed in and out for efficient memory use • Can import to new or existing registry 13 Grouper import/export help • Get help with import or export, issue the command with no arguments c:\grouper\bin>gsh -xmlexport c:\grouper\bin>gsh -xmlimport 14 Grouper export/import example • Export gsh -xmlexport -includeComments c:/temp/grouperRegistry.xml • Import gsh -xmlimport -recordReport c:/temp/grouperRegistry.xml 15 Quiz • Click on the quiz link in the video description to reinforce your knowledge of this topic 16 Thanks! Further information: • Infosheets, mailing lists, wiki, downloads, etc.: www.internet2.edu/grouper • Grouper demo server: grouperdemo.internet2.edu/ • Grouper Online Training Home: spaces.internet2.edu/x/IIGfAQ This work licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License. 17
