Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Shibboleth Developer's Meeting, August 2, 2013

Attendees:  Brent, Ian, Rod, Tom, Scott, Nate, Marvin, Daniel

Call Administrivia

Next call is next Friday.

60 to 90 minute call window.


Brent

Just back from OSCON, so not a lot to report on recent work.

Released IdP v2 custom security config extension on Friday 7/19.

Will next work on refactoring metadata resolver implementations.

 

Daniel

  • added Velocity template support to the LDAP configuration
  • resolutionContext and recipientContext are currently injected for v3
  • V2SAMLProfileRequestContext is injected for v2
  • VelocityEngine class in java-support should be moved to test

 

Ian

Parent POM: Checkstyle now works.

Jenkins TLC: Checkstyle trend charts and other Checkstyle reports, more or less.  Also reduced space requirements by 6GB.

Next up: stabilise nightly Jenkins builds.  We may need to discuss exactly what the nightly builds are for.  I've documented what I think the current intent of each class of job is, along with some guidelines describing how various things are achieved, partly for this discussion and partly as guidelines for use when creating new jobs.

 

Marvin

 

Rod

Scott

...

  • Attribute Mapper configuration, done the Spring config. More to do (auto-sensing)
  • Watching and appreciating the authn work
  • Starting to look at next up.
  • Question:
    1. Schema validation in Spring parsers
      • Was always on in V2
      • I believe that it needs to be on in V3 to make users' lives easier
      • It has always been off in V3 (a single code line in idp-core:net.shibboleth.idp.spring.SchemaTypeAwareXMLBeanDefinitionReader)
      • Changing this breaks a few gazillion tests, but they are easy to fix.  Should we?
    2. CheckStyleRules.  
      • Many of us hate checking in non check style clean code
      • Others (particularly much less recently less so).
      • There are cases where the rule is just plane silly in that instance, there are cases where it makes the code less readable in that instance.  Three options, each have their proponents, we need to discuss
        1. Relax the rule
        2. Leave the checkin with a warning
        3. Some middle ground.  

Scott

Spent last couple of weeks working on authentication design, APIs, and individual actions, updating the code already written and adding unit tests. Code for IP Address and REMOTE_USER authentication is done, one last bit left on JAAS password validation.

Daniel probably should take on the LDAP authentication action, and we should do a Kerberos action just so we have one that supports service ticket validation.

Will be building web flow files for these cases and then testing them with Brent's web testbed, probably next week.

Tom

Taking a week off was good, I was aiming for off-line but read-only was great.

...

  1. Attribute Filter. How done is it ? RuleReference.
  2. Velocity as a configuration filter.
  3. Timeline to AACLI with resolver and filter. Would like to do some performance comparison with v2.
  4. Formatter. Apologies, but is everyone using the same Eclipse formatter before committing ?

java-support :

  1. Port ResourceFilter from v2 to v3.
  2. Rewrite HttpResource and FileBackedHttpResource, and port SVNResource or use Spring's ?

Next F2F : November Identity Week ? Columbus ? Just curious.

Other

 

 Discussed possibility of dropping SP support for EOL Apache versions. Scott will ask about this on one of the lists to get feedback, but the main issue is the lack of testing on those releases, so we might just formalize that. Actual code time savings is minimal unless we dropped 2.2, which we won't.