Shibboleth Developer's Meeting, May 3, 2013
...
60 to 90 minute call window.
Brent
Refactoring message handlers. Porting v2 messaging layer components, decoders and encoders, security policy rules, to v3.
Harmonizing security policy rules, probably will turn into message handlers. Lower them in the stack.
Daniel
RDBMSParser committed last night. RDBMS/LDAPDC Parsers are probably 80% done. Next, look at StoredId database.
AI : Tom should send note regarding next steps for security configuration.
Scott : support for multiple symmetric keys in data sealer ?
Summing up LDAP and DB stuff, they are about in the same place. Still need Velocity templates and caching.
Ian
Anyone aware of a deployment using xmlsectool or aware of a federation doing metadata signing, wondering if they have plans to move to SHA256.
- Wrap up documentation regarding scope extension, semi-formalize as a specification.
- Triage aggregator issues.
Marvin
Working on converting CAS protocol actions to Scott's new opensaml AbstractProfileAction.
Will probably be busy with upcoming CAS release.
Rod
- Retrofitting Coding guidlines (ongoing)
- Attribute Encoders
- Next : attribute filters
- Then: ???
Rod : Signed attribute filters ?
Scott : Not in the IdP, not high priority.
EntityAttributeFilters will probably take up some time.
Scott
- ECP GSSAPI spec finished for NCSA, needs another round.
- Storage. Fully implemented changed API, including pulling out Optional. Added custom serialization of data capability. Unit tests, refactoring. Background cleanup thread now in base case, as generic to storage impls.
- Redid ReplayCache abstraction on top of StorageService API. Changed ReplayCache API to match SP. TTL was hardcoded and global, now TTL is passed in on entry creation.
Next : Artifact map ?
Confluence upgrade, some issues. Reached out to Gary Weaver.
Tom
Committed a first pass at idp-distribution. Our Maven release profile is not exactly compatible with what I did, AI. Also, want to give a go at Marvin's monolithic Jetty XML configuration file style, since the default jetty-ssl.xml is somewhat incompatible with absolute paths. And I would like to see if it is possible to replace the need for jetty9-dta-ssl using the Jetty DSL.
Anyway, in idp-distribution run 'mvn package', then 'java -jar start.jar' in target/idp-distribution/jetty, and browse to the IdP StatusServlet URL.
...