kuali technology mark norton – nolaria consulting zachary naiman – member liaison, kuali...
Post on 15-Dec-2015
224 Views
Preview:
TRANSCRIPT
What is Kuali Rice?Kuali: a humble kitchen wok (Malaysian origins)Rice: a food staple
Sits on the bottom of a dishNot a very tasty meal by itselfBetter with some cuisine on top
KFS (Kuali Financial System) - BeefKC (Kuali Coeus, Research Administration) - Chicken
KS (Kuali Student) - SeafoodRice is the foundation to hearty meals (aka
enterprise software products)
Historic OriginsRice was originally a set of
foundation services in Kuali Financial System (KFS).
These were broken out and made generic.
After more than a year of work, the 1.0 release is being made available.
Rice is now a full Kuali project with it’s own board and community.
Rice GovernanceRice Board of Directors in chargeCommittees formed by Kuali project
leadersApplication Roadmap Committee
high-level application architecture for integration of Kuali application projects
Technical Roadmap Committeehigh-level technical architecture and
tools
Kuali Rice VisionSupport the needs of the Kuali Application
ProjectsFoundational middleware components and services
Enhanced software development frameworkLeverage middleware and development
frameworks for building custom applicationsAchieve sustainability through community
source development and adoptionIterate Rice architecture towards a Service
Oriented Architecture
Kuali Rice ObjectivesCreate standard component API’sDesign modular, re-usable componentsProvide a reference implementation
based on industry standardsEnsure intellectual property and license
compliance is maintained Promote adoption by a wide variety of
institutionsBuild a large, sustainable community of
interest
Kuali Rice Components – Version 1.0
KNSKuali Nervous SystemKENKuali Enterprise NotificationKSBKuali Service BusKEW Kuali Enterprise WorkflowKIM Kuali Identity
Management
KNS Overview
The Kuali Nervous System is a collection of kernel services that support other Rice modules and Kuali applications.
• Authentication• Authorization• Batch Management• Business Rules• Document Management• Custom Attributes• Data Dictionary
• Help Framework• Inquiries• Lookups• Notes and Attachments• Question and Dialogs• Security and Encryption• System Parameters
KNS OverviewThese services provide reusable code,
shared services, an integration layer, and a development strategy
Provides a common look and feel through screen drawing framework
Uses a document (business process) centric model with workflow as a core concept
KNS Chart Architecture
CHART_TChart
(POJO)ORMMap
Data Dictionary
Lookups and
Inquiries
MaintenanceDocuments
TransactionalDocuments
Workflow(KEW)
Transactional DocumentsThese are data-entry centric documents
or “transactions” that model the business processes
Examples include: Proposal Development, Journal Entry, Payment Reimbursement
Built on a case by case basis using the Kuali Rice tag libraries (encompass snippets of UI behavior):Notes and attachmentsWorkflow route log (audit log)
Integrated with workflow
Maintenance Documents
No GUI programming required, user interface is rendered by framework
These are used for maintaining dataAn easy way to maintain support tables in a
databaseSupports creation of new records and editing
of existing recordsExamples include:
Budget ratesProject codes
KEN OverviewA secure notification system that works
with an action list to provide a single place for all university related communicationsWorkflow items come from KEWNon-workflow items from KEN
Non-workflow example itemsNotification of an overdue library bookAnnouncing a concert event on campusSending graduation checklists for seniors
KEN Overview - ContinuedSimplifies email using subject tagsProvides a communication broker which
handles any combination of action list, email, or custom notifiersControlled by user preferences
Audit trail for all messages just as in KEW
KSB OverviewAn enterprise service bus that:
Lists all services on the bus and how they can be connected
Uses a simple Spring configuration, to export Java based services from a Rice enabled application as SOAP or Java Serialization over HTTP services
Common service locator paradigm - access services remotely or locally
Other “Rice Clients” can consume services published on the KSB
KSB SecurityBus level : option to digitally sign, WS-Security
used for SOAP servicesService level security through Acegi
Service level, method levelUser proxying through standard security models
(i.e. CAS, Kerberos)Security context passed along (user, authn token,
roles)Services can call authn/authz authority to validate
context
KEW OverviewEnterprise workflow using a content-based
routing engine.Documents created from process definitions (Document
Types) and submitted to the workflow engine for routingRouting decisions made based on the XML content of the
DocumentTraditionally used for business transactions in
the form of electronic documents that require approval from multiple parties. For example:Transfer of FundsHire/Terminate EmployeeTimesheetDrop Course
Includes services, APIs, and GUIs
KEW – Core Features
Action List (User’s Work List)Document SearchingDocument Audit Trail (Route Log)Flexible process definition (Document
Type)Splits, Joins, Parallel branches, Sub processesDynamic process generation
Rules EngineEmail Notification
KEW – Core Features, cont.
Notes and attachmentsWide array of pluggable components to
customize routing and other pieces of the system
eDoc LiteFramework for creating simple documents quickly
Plug-in ArchitecturePackaging and deployment of routing components
to the Rice Standalone Server at runtime
KIM - Overview
The Kuali Identity Management module will be included in version 1.0 of Rice
Provides identity and access management services to Rice and other applications
Includes a service layer as well as a set of maintenance screens
Supported Concepts include:Entities and PrincipalsGroupsRoles and PermissionsAuthentication
KIM - Why?As more projects began to use the Kuali
Rice framework, we identified a need for a common API for Identity and Access Management
Wanted to introduce the concept of Roles into Kuali, previously groups were used for authz
Ease the implementation overhead for implementers working with multiple Kuali projects
Results in one-time institutional customization of identity services for all Kuali projects
KIM – Design GoalsShared identity and access
management services that all Kuali projects can use
Generic enough to be used by non-Kuali projects
Provide a rich and customizable permission-based authorization system
All services available on the service bus with both SOAP and Java serialization endpoints
Provide a set of GUIs that can be used to maintain the data
KIM – Design GoalsProvide a reference implementation of
the services but allow for customization/replacement to facilitate integration with institutional services or other 3rd party IDM solutions
Allow for the core KIM services to be overridden piecemealFor example: override the Identity Service
but not the Role Service
KIM – ServicesKIM consists of the following services
which encompass it’s APIIdentityServiceGroupServicePermissionServiceRoleServiceResponsibilityServiceAuthenticationService
These are read-only, there are also “update” services which allow for write operations
KIM – Internal Usage
Many permissions exist that are used by KNS, examples:Edit DocumentLook Up RecordsUse ScreenCreate / Maintain Records
KEW uses KIM permissions as well:Administer Routing for DocumentBlanket Approve DocumentRoute Document
Even KIM uses permissions internallyAssign RoleGrant Permission
What’s Next for Kuali Rice?
Release 1.0 coming very soon!Enhanced DocumentationStandards
JPA for data persistenceEasier configuration and turnkey upgradesBetter compatibility between different Rice
versionsKOM – Kuali Organization ManagementAnd much more!
Further Information about Rice
The main Rice web sitehttp://rice.kuali.orgSign up for our public mailing listAccess to our wiki: roadmap, project plans,
documentation, etc
Thank You!
Any Questions?
Contacts:
Zach Naiman – zach@kuali.orgEric Wesfall – ewestfal@indiana.edu
Special thanks to Eric Westfall and Bill Yock for contributing slides
top related