Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Shibboleth Developer's Meeting, May 3, 2013

...

60 to 90 minute call window.

Brent

Refactoring message handlers. Porting v2 messaging layer components, decoders and encoders, security policy rules, to v3.

Harmonizing security policy rules, probably will turn into message handlers. Lower them in the stack.

Daniel

RDBMSParser committed last night. RDBMS/LDAPDC Parsers are probably 80% done. Next, look at StoredId database.

AI : Tom should send note regarding next steps for security configuration.

Scott : support for multiple symmetric keys in data sealer ?

Summing up LDAP and DB stuff, they are about in the same place. Still need Velocity templates and caching. 

Ian

...

Anyone aware of a deployment using xmlsectool or aware of a federation doing metadata signing, wondering if they have plans to move to SHA256.

  1. Wrap up documentation regarding scope extension, semi-formalize as a specification.
  2. Triage aggregator issues.
Marvin

Working on converting CAS protocol actions to Scott's new opensaml AbstractProfileAction.

 Will probably be busy with upcoming CAS release.

Rod

  • Retrofitting Coding guidlines (ongoing)
  • Attribute Encoders
  • Next : attribute filters
  • Then: ???

Rod : Signed attribute filters ?

Scott : Not in the IdP, not high priority.

EntityAttributeFilters will probably take up some time.

Scott

  1. ECP GSSAPI spec finished for NCSA, needs another round.
  2. Storage. Fully implemented changed API, including pulling out Optional. Added custom serialization of data capability. Unit tests, refactoring. Background cleanup thread now in base case, as generic to storage impls.
  3. Redid ReplayCache abstraction on top of StorageService API. Changed ReplayCache API to match SP. TTL was hardcoded and global, now TTL is passed in on entry creation. 

Next : Artifact map ?

Confluence upgrade, some issues. Reached out to Gary Weaver.

 

Tom

Committed a first pass at idp-distribution. Our Maven release profile is not exactly compatible with what I did, AI. Also, want to give a go at Marvin's monolithic Jetty XML configuration file style, since the default jetty-ssl.xml is somewhat incompatible with absolute paths. And I would like to see if it is possible to replace the need for jetty9-dta-ssl using the Jetty DSL.

...