Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Shibboleth Developer's Meeting, August 2, 2013

Attendees: Brent, Ian, Rod, Tom, Scott, Nate, Marvin, Daniel

Call Administrivia

Next call is next Friday.

60 to 90 minute call window.


Brent

Just back from OSCON, so not a lot to report on recent work.

Released IdP v2 custom security config extension on Friday 7/19.

Will next work on refactoring metadata resolver implementations.

 

Daniel

  • added Velocity template support to the LDAP configuration
  • resolutionContext and recipientContext are currently injected for v3
  • V2SAMLProfileRequestContext is injected for v2
  • VelocityEngine class in java-support should be moved to test

 

Ian

Parent POM: Checkstyle now works.

...

  • Attribute Mapper configuration, done the Spring config. More to do (auto-sensing)
  • Watching and appreciating the authn work
  • Starting to look at next up.
  • Question:
    1. Schema validation in Spring parsers
      • Was always on in V2
      • I believe that it needs to be on in V3 to make users' lives easier
      • It has always been off in V3 (a single code line in idp-core:net.shibboleth.idp.spring.SchemaTypeAwareXMLBeanDefinitionReader)
      • Changing this breaks a few gazillion tests, but they are easy to fix.  Should we?
    2. CheckStyleRules.  
      • Many of us hate checking in non check style clean code
      • Others (particularly much less recently less so).
      • There are cases where the rule is just plane silly in that instance, there are cases where it makes the code less readable in that instance.  Three options, each have their proponents, we need to discuss
        1. Relax the rule
        2. Leave the checkin with a warning
        3. Some middle ground.  

Scott 

Spent last couple of weeks working on authentication design, APIs, and individual actions, updating the code already written and adding unit tests. Code for IP Address and REMOTE_USER authentication is done, one last bit left on JAAS password validation.

Daniel probably should take on the LDAP authentication action, and we should do a Kerberos action just so we have one that supports service ticket validation.

Will be building web flow files for these cases and then testing them with Brent's web testbed, probably next week.

Tom

Taking a week off was good, I was aiming for off-line but read-only was great.

...

Next F2F : November Identity Week ? Columbus ? Just curious.

Other

 

 Discussed possibility of dropping SP support for EOL Apache versions. Scott will ask about this on one of the lists to get feedback, but the main issue is the lack of testing on those releases, so we might just formalize that. Actual code time savings is minimal unless we dropped 2.2, which we won't.