Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Date

  

Attendees

Steven Maglio

(tick)


Ian Lessing (Unlicensed)

(error)


Vince Nievares

(tick)


Kevin Wu

(error)


Diana Antova

(tick)


Reinard Dolleschel

(error)


christian.montecino (Unlicensed)

(error)


Goals

  • Updates on continuing development

  • Review, organize and add to work items


Focus points for this meeting

General update

Discussion items

Time

Item

Who

Notes

Welcome

  • Greetings and salutations


Vacations


Site issues

Steven Maglio

  • On Steven's local version most issues are solved.

    • error that was preventing new API access request to be prevented

  • pending

    • email issue

    • configuration management


Splunk reports


  • Need to recreate reports in the new splunk tenant

Misc

  • Events API

    • there is a private campus M events API that Reg maintains, which was the issue.

    • Need to publish it in the portal for visibility.


API Security

Kevin Wu / Steven Maglio / christian.montecino (Unlicensed)

  • The team wants to come up with a unified solution for API security

  • Kevin is experimenting options without using CAS

  • 2 options

    • using access token, using custom attributes in the gateway

    • JWT token, using key value maps, can be encrypted

  • Christian researched 3rd party oath - OKTA

  • Apigee cannot communicate with CAS because of a firewall issue

  • Meet with Noah Baker on

    • Noah was a little hesitant about putting non-Person objects in CAS

    • But, he was okay with Services (ie. Applications) in CAS (which allows for OAuth)

    • By the end of the conversation, he was thinking about seeing if there might be a way to provide the management of CAS Services/Applications through automated means (web apis)

    • He was also on board with the API Gateway Team moving forward with doing an OAuth Proof-Of-Concept using Apigee as the OAuth provider.

      • Noah was also questioning if there is a value add in using CAS, if Apigee already provides OAuth services

      • I sounds like the API Gateway team believes the value add is that the application will be registered in the Campus Identity Systems, and it provides a Campus Provided system for validation/verification on the application servers.

    • Currently, the API Gateway team can get into the Test CAS Management Portal. This had been setup over a year ago, and Noah was a little surprised by the level of access that was available. Kevin is currently using a Service/Application that was setup for Steven (but really, for the API Gateway team) and is using it to continue Proof-of-Concept work in the future. Potentially, we would explore if the OAuth calls that would go to Apigee could flow through to CAS for authentication.

  • (See GraphQL section above for notes on Target Dates)


Student Developed Applications


 Steven and Seth met with the students. They are continuing to grow the sites. Two new members of the team are taking over. Henry is graduating, Jimmy is staying.


Meeting and group focus year 2021


  • Project focus

    • Resolve site issues after Drupal 8 migration

    • Transition the site to Elda’s team for maintenance

    • Drupal 9 migration

    • Front page redesign

    • AWS - migrate the Heroku code and the sql server database

    • Account cleanup automation

    • Identity integration and automation 

  • Apigee Support

    • 1 FTE on the apigee team to help with student development oversight and support

    • Now the students have to contact so many groups to have their accounts setup, an FTE can really help with that. Adding the functionality to developer.ucsb.edu to create accounts.

      • Drupal - OK to work with a student

      • For other projects like identity account creation and others it will be difficult to work with a student

Action items

  •  















  • No labels