Bamboo Administrator's Guide to Maintaining the Application Catalog

When a Bamboo researcher contact you about registering a new project/application, take the following administrative steps:

If you have not done so already, update the Bamboo Federation metadata to include the "Entity Descriptor" for the new application. For details on this step, see Bamboo Federation processes for onboarding a new Relying Party or IdP
Use the Bamboo Grouper UI to create a folder for the project/application.

Browse to the root:bamboo:projects folder
Create a new folder under projects
Create a UUID identifier for the folder id value. One online UUID generator is at http://www.famkruithof.net/uuid/uuidgen. We have been using type 4 (random) UUIDs.
Pick a short name (a few words at most) for the project/application in cooperation with the researcher/owner. Enter that in the folder "name" field.

Within that new project/application folder,
- Create a group to represent the actual application.
- Assign attributes to the group (DN, Start Date and End Date)
  - The DN value should match the value in the client certficate provided to you by the researcher as a step in the process defined in Shibboleth and Client Authentication Installation and Configuration Guide for Bamboo Researchers
  - In cooperation with the researcher, set appropriate values for the start and end dates, enter them as a string of the form yyyy/mm/dd

Assign attributes to an application

Select the Lite UI menu

Choose Manage attributes and permissions from the Lite UI menu

Select View or assign attributes

Find the application group, filter the results and add the attribute values
- Type "dn" in the Attribute name field and a pick list will appear, select the ...appDn attribute
- Type "bsp" (if the Application name includes that string) in the Owner group field and a pick list will appear of groups with bsp in their name. Select the desired app (bspTestApp in this example)
- Click the "Assign" button to associate the appDn attribute with the chosen application

Click the down-pointing triangle symbol by the application name and click "Add value"

Enter the attribute value in the text box and click "Submit". The attribute and its value are now associated with the application

Make the new application group a member of the root:bamboo:admin:apps:bambooTrustFederation group or the innovationLicensed group depending on the category appropriate to the researcher's project.

Browse to the the appropriate group
Add the application as a member by querying for and selecting the application group name

If the application comes under the innovation license, and the developer wants to assert BPIDs for test users (not real Bamboo persons) then add the researcher-specified test users as members of the associated application group.
- To be able to add subjects via the Grouper UI, those subjects have to be in the subject database (per the interim solution until there is a custom Grouper subject adapter that can make RESTful calls to the Bamboo Person Service). Here is a console log showing the addition of "test user 1" to the Bamboo subject database (user input in bold):

[root@arche userx]# su postgres

bash-4.1$ psql
psql (8.4.13)
Type "help" for help.

postgres=# \c bbsubjectdb;
psql (8.4.13)
You are now connected to database "bbsubjectdb".
bbsubjectdb=# select * from bbsubject;
                     bpid                      |            name            |                       description                 
      
-----------------------------------------------+----------------------------+---------------------------------------------------
------
 BSP_GROUP_SERVICE_USER                        | BSP_GROUP_SERVICE_USER     | BSP_GROUP_SERVICE_USER
 GROUPER_UI_ADMIN_USER1                        | GROUPER_UI_ADMIN_USER1     | GROUPER_UI_ADMIN_USER1
 urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3 | earnest adams              | Ernie Adams from the Voronoi Project
 urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418 | fred farkle                | Freddie Farkle from the Voronoi Project
 BSP_READ_ONLY_SERVICE_USER                    | BSP_READ_ONLY_SERVICE_USER | BSP_READ_ONLY_SERVICE_USER
 GROUPER_UI_SUPER_USER                         | GROUPER_UI_SUPER_USER      | GROUPER_UI_SUPER_USER
 urn:uuid:e1a6b81d-3c33-472b-95d6-34bce9a9fb80 | gwyneth peebles            | Gwyneth Peebles from the Roman Pleiades Project
 urn:uuid:41c8f60f-7287-4ac2-bec1-cd9fd3b85b69 | harriet smith              | Professor Harriet Smith from the Roman Pleiades Project
(8 rows)


bbsubjectdb=# insert
 into bbsubject(BPId, name, description) values 
('urn:uuid:985e5460-acf5-11e2-9e96-0800200c9a66', 'test user 1', 'Test 
User #1');

INSERT 0 1

bbsubjectdb=# select * from bbsubject;
                     bpid                      |            name            |                       description                 
      
-----------------------------------------------+----------------------------+---------------------------------------------------
------
 BSP_GROUP_SERVICE_USER                        | BSP_GROUP_SERVICE_USER     | BSP_GROUP_SERVICE_USER
 GROUPER_UI_ADMIN_USER1                        | GROUPER_UI_ADMIN_USER1     | GROUPER_UI_ADMIN_USER1
 urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3 | earnest adams              | Ernie Adams from the Voronoi Project
 urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418 | fred farkle                | Freddie Farkle from the Voronoi Project
 BSP_READ_ONLY_SERVICE_USER                    | BSP_READ_ONLY_SERVICE_USER | BSP_READ_ONLY_SERVICE_USER
 GROUPER_UI_SUPER_USER                         | GROUPER_UI_SUPER_USER      | GROUPER_UI_SUPER_USER
 urn:uuid:e1a6b81d-3c33-472b-95d6-34bce9a9fb80 | gwyneth peebles            | Gwyneth Peebles from the Roman Pleiades Project
 urn:uuid:41c8f60f-7287-4ac2-bec1-cd9fd3b85b69 | harriet smith              | Professor Harriet Smith from the Roman Pleiades Project
 urn:uuid:985e5460-acf5-11e2-9e96-0800200c9a66 | test user 1                | Test User #1
(9 rows)

bbsubjectdb=# \q
bash-4.1$ exit
exit
[root@arche userx]#