Versions Compared

Version Old Version 8 New Version Current
Changes made by

Tom Zeller

John W. O'Brien

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Ian Young : With separate -testing modules, can we consider nuking the -test JARs and their Javadoc?

  • Scott Cantor : Ratify decision to make NonnullElements implied default and use NullableElements annotation for exceptions? Should we consider NonnullAfterPreInvoke and NonnnullAfterPreExecute to clean up actions and handlers?

  • Tom Zeller : Bump Maven to 3.9.1 and Surefire plugin to 3.0.0 – sound ok ?

  • External request for discussion of the challenges of supporting FIDO

Attendees:

Brent

Daniel

  • Nothing to report

Henri

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJCOMOIDC-41

    • The same complete JWT security tests are now used for testing request objects too - one more bug was found regarding the exclusion of decryption algorithms

    • The logic should be stable and well tested now

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-142

    • OP now exploits the new OIDC.SSO profile options: useRequestObject, signRequestObject and encryptRequestObject

    • TODO: document the combinations

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-147

  • For the next release:

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJOIDC-144

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJOIDC-149

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJOIDC-150

Ian

  • As expected, JEP 444 (virtual threads) is now proposed for Java 21. Main change from previous previews is that all threads may now use thread-local variables; there were previously some exceptions to this.

John

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keySSPCPP-972

    • If we enable an optional, build-time feature on one supported platform, should we enable it on all supported platforms, or only upon request?

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keySSPCPP-969

    • Slowly getting my head around the nuances of SPEC files

Marvin

Phil

Rod

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJSSH-25

    • AbstractIdPModule.BasicModuleResource returns an InputStream from a ClassicHttpResponse which is then left dangling. Does it need attention?

Scott

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-2069

    • Making way through more complex parts of OpenSAML, down to saml-impl now except for XACML modules

      • Should we excise the XACML code at some point?

    • Tightening “most” helper/support APIs to be nonnull at least on input

    • Tightening some inconsistent contracts with XMLObject layer:

      • All non-collections nullable

      • Typed and wildcard collections Nonnull Live (and NonnullElements)

      • The generic marshalling helper getOrderedChildren Nullable, NotLive (and NonnnullElements)

      • Not thrilled with Boolean approach (two layers of nullable objects) but not sure worth changing

        • Does have inconsistent “defaulting” behavior because a null XSBooleanValue leads to default but an empty XSBooleanValue leads to a null

...