Grouper is an enterprise access management system designed for the highly distributed management environment and heterogeneous information technology environment common to Universities. Operating a central access management system that supports both central and distributed IT reduces risk.
Why Use Grouper?
- Coordinated Collaboration Grouper helps collaboration happen. You can set up groups, roles, and permissions for many purposes, such as populating and administering standing committees, ad hoc research teams, departments, or classes. Key collaborative applications -- mailing lists, wikis, calendars, etc. -- can use this group, role, and permission information to make authorization decisions.
- Single Point of Control When using Grouper, once a person is added or removed from a group, the group-related privileges are automatically updated in all of your collaborative applications. Grouper allows efficient management of the membership roster at a single point.
- Who Can Use Grouper? Anyone needing to manage group access to resources can use Grouper -- from accountants to zoologists. A researcher might create a group and enable members to participate on an email list or view a web site. Students might use Grouper to set up and manage groups for similar applications as they work together on shared projects and class work. Your IT staff can delegate group management and enable those leading collaborations to set up and manage their own groups.
Partnering with thesince 1998, consists of a group of U.S. and international higher-education IT architects. The group was formed to investigate the creation of a national interoperable identity and access management infrastructure for the U.S. research and education community that would fit into a global context. To do this, MACE developed an interoperable identity and access management architecture model and worked to provide functionality important to higher education but missing from the marketplace or open source offerings. Grouper was developed from this effort.
The Grouper Project has received funding and development resources from
- National Science Foundation (NSF) Grant No. OCI-0330626, OCI-0721896, and OCI-1032468
- Joint Information Systems Committee (JISC) (UK)
- University of Chicago, University of Pennsylvania, Duke University, University of Washington, University of Memphis, University of Bristol (UK)
- Lower cost & time to deliver new services
- Simplify management by using the same group or role in many places and automating changes to access privileges as a person’s roles change
- Empower the right people to manage access, taking central IT out of the loop
- Increase transparency and auditability - see who can access what with a report rather than a fire drill
- Grouper integrates with almost any existing access management infrastructure
- Supportive community of Grouper users worldwide See deployment stories and resources shared on the Grouper wiki.
- Online Library of Grouper Training Videos available on the wiki.
Grouper is open-source software licensed under the Apache 2.0 license. See http://www.apache.org/licenses/LICENSE-2.0.html for a copy of this license.
Where can I find Grouper Training?
Why should I use groups in my IAM infrastructure?
What problems does Grouper solve?
Who manages all of these groups?
Where can I find the answer to technical questions?
Who are the Grouper developers?
How do I get on the Grouper-Users email list?
How does Grouper enhance collaboration?
How does Grouper help the IT staff?
What do I need to have in place?
To implement Grouper, you need to have:
- an institutional identity management system and a model for how privilege management fits in.
- a good relationship with key stakeholders across campus to develop the policy and business rules associated with groups and related authority issues.
- the resources to implement and support the model.
Where can I find more information about identity management?
Report Grouper Security Concerns here.
Software release v2.1.5 [20-May-2013]
Grouper v2.1.5 includes 11 fixes and improvements over v2.1.4
Grouper v2.1.4 includes 19 fixes and improvements over v2.1.3
Grouper v2.1.3 includes 20 fixes and improvements over v2.1.2
Grouper v2.1.2 includes 10 fixes and improvements over v2.1.1
Grouper v2.1.1 includes 31 fixes and improvements over v2.1.0
Grouper v2.1.0 includes 55 fixes and improvements over v2.0.3
For more information, as well as downloads of prior releases, visit the.
- Grouper Installer v2.1.5 (.tar.gz) (jar only) - Designed to get a working demo up and running quickly. Contains the Grouper API, UI, WS, loader (daemons), a demo database, a database engine, tomcat, and ant. All you need is Java 6+ JDK. Note: this is new and experimental.
- v2.1 Release Notes - Highlights of the v2.1 release, upgrade instructions, and detailed log of changes.
- Grouper API Binary v2.1.5 (.tar.gz) - Binary release of the Grouper Application Program Interface and associated utilities. Cf. Getting started with the Grouper API Binary Distribution
- Grouper API Source v2.1.5 (.tar.gz) - Contains the full source for the Grouper Application Program Interface, Grouper Shell, and other associated utilities.
- Provisioning Service Provider v2.1.5 (.tar.gz) - Binary provisioning plugin for Grouper. More provisioning software for Grouper is available in Maven
- Grouper UI v2.1.5 (.tar.gz) - Contains the full source for the Grouper Administrative and Lite User Interfaces.
- Grouper WS v2.1.5 (.tar.gz) - Contains the full source for the Grouper Web Services Interface.
- Grouper Client v2.1.5 (.tar.gz) - Client for Grouper LDAP and Web Services, in binary form. Grouper Client v2.1.5 source is also available.
- Contributed Software
- Provided by the Grouper community, in addition to the above core Grouper products.
- Grouper Voot Connector - NOTE: This has NOT been fully tested. Please confirm to your satisfaction that it meets your needs before deploying in a production environment.
As an open source project, support is provided by means of the Grouper documentation wiki and open mailing lists. Grouper implementers are urged and welcome to subscribe to the following list names:
- Grouper-Announce mailing list, for important annoucements around security and releases.
- Grouper-Users mailing list, which is an open support forum for deployment issues.
- Grouper-Developers mailing list, for those interested in discussion of development issues.
To subscribe, send an e-mail to pubsympa at internet2 dot edu with the following message in the subject:
"subscribe ListName FirstName LastName"
Grouper is licensed under the Apache 2.0 license. See http://www.apache.org/licenses/LICENSE-2.0.html for a copy of this license.
Development of this software was supported with funding from Internet2, the University of Chicago, University of Pennsylvania, Duke University, University of Washington, University of Memphis, University of Bristol (UK), the NSF Middleware Initiative (NSF 02-028, Grant No. OCI-0330626, Grant No. OCI-0330626, OCI-0721896, and OCI-1032468), and JISC. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).