Blog from September, 2018

UH Groupings v2.0 is now live
mhodges posted on Sept 28, 2018

Announcing

As of 8:00 PM last night UH Groupings v2.0 is live.  It has all of the functionality of v1.0, but with an entirely reconceived user interface.

What next?

Work on v2.1 is already underway.  Included in the planned work:

  • improvements to the user interface so that it is easier to use on phones (responsive) and 
  • providing additional information so that it is easier to understand what each grouping is for.

We hope you use the feedback form to help our team understand how you use UH Groupings and how we can make it even better.

To learn more


Replacing mfa-enrolled in uhReleasedGrouping
Julio Polo posted on Sept 19, 2018

If your application checks for mfa-enrolled to be returned by CAS or LDAP in the uhReleasedGrouping attribute, you should now change it to check for this value instead:

hawaii.edu:store:uhims:general:mfa-enabled

This new value is more accurate for surmising that a person went through Duo MFA.  That's because it won't include people who are in Duo bypass mode.  Note however that departmental accounts are currently not supported for this value (it wasn't supported under the old value either).

You can go ahead and make the change now. The new value has been deployed as of 9:00 AM, Wednesday, September 19, 2018. The old value of mfa-enrolled will be removed on January 15, 2019.

Notice how the new value is longer and embedded in colon-delimited folders.  This is the format we will use for all of our curated groupings.

1 Comment
UH Groupings patch v2.0.12 applied to the QA front-end
mhodges posted on Sept 18, 2018

Summary

This patch addresses an important issue and updates some of the supporting libraries.

If interested, please test the QA environment at <https://www.qa.hawaii.edu/uhgroupings> and report any issues to <its-iam-web-app-dev-help-l@lists.hawaii.edu>.

The QA front-end accesses "production". Any changes you make are for real.

Details

This patch includes the following:

  • Correction for important bug that impacts LISTSERV integration.
  • Code cleanup.
  • Security enhancements.

  • Additional unit testing. 

     Click here to see the changelog...
    1. Update spring-boot version to 1.5.12 (detail / githubweb)
    2. Add a code quality badge (detail / githubweb)
    3. Fix broken tests (detail / githubweb)
    4. Update last-modified attribute after change in ownership, ldap or (detail / githubweb)
    5. Test updating last-modified for change in owners and fix missing test (detail / githubweb)
    6. Add owner first, then update last-modified (detail / githubweb)
CAS test environment updated 2018-09-13
Baron Fujimoto posted on Sept 13, 2018

The CAS test environment (cas-test.its.hawaii.edu) has been updated.

As always, we encourage you to test your applications against the updated environment.

  •  Tomcat has been updated from 8.5.31 to 8.5.34
  • Java has been updated from 1.8.0_172 to 1.8.0_181

Barring unforeseen problems, these updates will be promoted to our production environment on the morning of 2018-10-21.

UH Groupings patch v2.0.11 applied to the QA environment
mhodges posted on Sept 11, 2018

Summary

This patch addresses a number of minor issues and adds some small user-interface improvements.

If interested, please test the QA environment at <https://www.qa.hawaii.edu/uhgroupings> and report any issues to <its-iam-web-app-dev-help-l@lists.hawaii.edu>.

Details

This patch includes the following:

  • Grammar corrections and wording changes.
  • Code cleanup.
  • Security enhancements.
  • Confirmation message enhancements.
  • Additional unit testing.
 Click here to see the changelog...
  1. Improve clarity in controllers (detail / githubweb)
  2. Update preferences functions (detail / githubweb)
  3. Rename change to displayAdmins (detail / githubweb)
  4. Rewrite userCheck function (detail / githubweb)
  5. Replace pagination disable logic (detail / githubweb)
  6. Rework adding users to a grouping (detail / githubweb)
  7. Rework remove user modals (detail / githubweb)
  8. Replace endpoint base with injected constant (detail / githubweb)
  9. Clean up init function (detail / githubweb)
  10. Added a way to override css and seal image using an external files (detail / githubweb)
  11. Create general controller initialization test (detail / githubweb)
  12. Fix variable name (detail / githubweb)
  13. Add tests for optIn and optOut (detail / githubweb)
  14. Update controller headers (detail / githubweb)
  15. Remove border from nav-tabs in small screen widths (detail / githubweb)
  16. Reformat mock data (detail / githubweb)
  17. Add tests for addInBasis and addWhereListed (detail / githubweb)
  18. Fix checkModal body to output correct listName (detail / githubweb)
  19. Increase width to 416px for tab border removal (detail / githubweb)
  20. replace message in check modal with message from message.properties (detail / githubweb)
  21. Add tests for addMember and isInAnotherList (detail / githubweb)
  22. Add tests for resetting table data on view change (detail / githubweb)
  23. Remove stack trace from feedback if no exception (detail / githubweb)
  24. Add test for convertListToCsv (detail / githubweb)
  25. Update error modal for adding users to groupings (detail / githubweb)
  26. Fix updateData argument order (detail / githubweb)
  27. Add admin and owner controller tests (detail / githubweb)
  28. Rename variable in general controller (detail / githubweb)
  29. Reformat general controller test code (detail / githubweb)
  30. Fix non-activating refresh after add and removal (detail / githubweb)
  31. Fix updateData error handler (detail / githubweb)
  32. Re-add handler for null responses (detail / githubweb)
  33. Fix variable names (detail / githubweb)
  34. Remove leftover code from when the project was first born (detail / githubweb)
  35. replace all text with message.properties text (detail / githubweb)
  36. Fix tickets 129, 132, 143 (detail / githubweb)
  37. Update showWarningRemovingSelf (detail / githubweb)
  38. Merge branch 'dev-joseph' (attempt 2) (detail / githubweb)
  39. Add space between buttons in panels at small widths (detail / githubweb)
  40. Move add-user textbox to the same line as the pagination controls in (detail / githubweb)
  41. Add EmailService tests (detail / githubweb)
  42. Revert handling of no exception in feedbacks (detail / githubweb)
  43. Remove campus and holiday references (detail / githubweb)
  44. Remove unused dependencies and files (detail / githubweb)
  45. Implement getUserAttributes functionality (detail / githubweb)
  46. change text to use message.properties (detail / githubweb)
  47. Implement getUserAttributes functionality (detail / githubweb)
  48. Delete campus and holiday javascripts (detail / githubweb)
  49. Add space between headers and filters when stacked (detail / githubweb)
  50. Adjust width of inputs for adding users to a list (detail / githubweb)
  51. Fix formatting in main.css (detail / githubweb)
  52. Temporarily change the base URL for testing. (detail / githubweb)
  53. Add prod profile to configuration. (detail / githubweb)
  54. Update the base.url the planned prod url (detail / githubweb)
  55. Update the base url to specify https (detail / githubweb)
  56. Remove unused script in header.html (detail / githubweb)
  57. Update add user placeholders (detail / githubweb)
  58. Remove unused html files (detail / githubweb)
  59. Readjust add user input at sm breakpoint (detail / githubweb)
  60. start of adding LDAP to grouping API (detail / githubweb)
  61. Update LDAP call to grouper (detail / githubweb)
  62. Remove campus reference from Java controllers (detail / githubweb)
  63. Remove /its from the CAS mainUrl (detail / githubweb)
  64. Expand HomeController tests (detail / githubweb)
  65. working on confirmAddModal (detail / githubweb)
  66. Add confirmation modal that pops up when adding admins (detail / githubweb)
  67. relabelled the 3 sections on the home page (detail / githubweb)
  68. Remove .swp files (detail / githubweb)
  69. Finalize url.base to include /its (detail / githubweb)
  70. Add confirmAddModal to HomeController test (detail / githubweb)
  71. Refresh tables to reflect filter after opt in/out (detail / githubweb)
  72. implement the ability for owners to sync with LDAP in preferences (detail / githubweb)
  73. Update Jasmine test to include LDAP implementation (detail / githubweb)
  74. Replace groupToPages with filter (detail / githubweb)
  75. Update api file and add test file for coverage (detail / githubweb)
  76. Replace groupToPages with filter on admin page (detail / githubweb)
  77. Update groupings list after calling displayAdmins (detail / githubweb)
  78. Add test for displayAdmins (detail / githubweb)
  79. replace bootstrap icons with font awesome icons (detail / githubweb)
  80. Rework confirmation modal for adding users (detail / githubweb)
  81. Fix formatting errors (detail / githubweb)
  82. Replace Promise with $q (detail / githubweb)
  83. Fixed typo, uhReleasedGrouping is correct (detail / githubweb)
  84. Remove left-over dead code. (detail / githubweb)
  85. Add functionality so getUserAttributes (along with any other "user not (detail / githubweb)
  86. Add confirm modal for adding to include/exclude (detail / githubweb)
  87. Update handler for adding nonexistent users (detail / githubweb)
  88. Add more tests for adding members to lists (detail / githubweb)
  89. Remove unneeded catch handler (detail / githubweb)
  90. Add member information in remove modal (detail / githubweb)
  91. Update parameter types (detail / githubweb)
  92. Fix grouping selection via keyboard only (detail / githubweb)
  93. Clear add user inputs on success (detail / githubweb)
  94. Remove console.log in grouping retrieval (detail / githubweb)
  95. Add CAS/LDAP and Email list confimation modals to preferences page (detail / githubweb)
  96. Update the modal confirmation text messages. (detail / githubweb)
  97. Updated modal confirmation text. (detail / githubweb)
  98. testing https (detail / githubweb)
  99. Change requestLoginViaUh to check for 200 OK instead of 3xx Redirection (detail / githubweb)
  100. update 'Sync Destinations' confirmation modals (detail / githubweb)
  101. Update for clarity the confirmation messages (detail / githubweb)
  102. A few security experiments. (detail / githubweb)
  103. Another security tweak. (detail / githubweb)
  104. Update the confirmation message (detail / githubweb)
  105. Remove update to confirmation message (detail / githubweb)
  106. Deleted JsonData and JsonDataTest, both not used in project. (detail / githubweb)
  107. Suppress members with blank usernames (detail / githubweb)
  108. Remove empty username checks in convert to CSV (detail / githubweb)
  109. Move filter and sort members into one function (detail / githubweb)



See GitHub for additional information

New values in uhReleasedGrouping
Julio Polo posted on Sept 10, 2018

Expect additional formats to begin showing up in uhReleasedGrouping as early as September 18, 2018. The new format includes 133-character long strings and colon-delimited group paths.

Format

There are three formats that are used in uhReleasedGrouping:

  • Typical grouping, e.g.
    • my-dept-app
  • Obfuscated grouping ( more on this below), e.g.
    • obf:a3423857510105ea892733792387392892349324bdf892a2775101cf105ea892733792857510105ea892733792387392892349324bdf892a2775927337928575
  • Curated grouping, e.g.
    • hawaii.edu:store:uhims:general:mfa-enabled ((warning) available Sep 19 2018, separate announcement will be made)

Privacy with obfuscated groupings

The name of your released grouping is visible to any applications that are also checking for their own groupings in the uhReleasedGrouping attribute from CAS/LDAP. 

If this is not acceptable, you can obfuscate the name of your grouping so that it shows up as a long hex string in uhReleasedGrouping.  For example:

  • Your grouping name is my-app-users
  • The obfuscated name for above could be something like obf:a3423857510105ea892733792387392892349324bdf892a2775101cf105ea892733792857510105ea892733792387392892349324bdf892a2775927337928575
  • You see your grouping as my-app-users everywhere except in uhReleasedGrouping, where your application should check for the long string above instead of my-app-users.

Each grouping would have its own unique obfuscated name.   This feature is currently available by request to its-iam-help@lists.hawaii.edu.  A future version of hawaii.edu/uhgroupings will allow you to set this yourself.

Length

The typical length of obfuscated grouping names is 133 characters, and that's the longest value so far.  This is still below the current maximum length of 256 that's been specified in the uhReleasedGrouping DED entry.

Allowed characters

Letters, numbers, hyphen, underscore, colon and asterisk.