Project Overhead and Infrastructure
This is "keeping the lights on" for the Shibboleth projects. This includes attending teleconferences, face-to-face meetings, core list emails, etc. Also includes ongoing management of project infrastructure, and basic coordination among the team.
Participation in, and keeping track of, specifications from standards bodies such as OASIS, W3C, IETF, Kantara, etc., as well as activities focused on the REFEDS community. We have substantially scaled back our efforts on standards to focus on development work but continue to participate and inform REFEDS work.
Supporting deployers of the Shibboleth software through the Member-only support mechanisms or in response to mailing list questions from members. Non-member support is not subsidized and thus not accounted for as project time.
Native SP Maintenance
Maintaining the supported Service Provider product version(s). It includes bug fixes, testing, and release preparation and distribution, and also includes the maintenance of a half dozen dependent libraries. It does not include significant feature work at present.
Embedded Discovery Service Maintenance
Maintaining the EDS, including bug fixes, testing, and release preparation and distribution. It does not include significant feature work at present.
Maintaining the Java OpenSAML library and supporting libraries. This includes bug fixes, testing, release preparation and distribution.
IdP and IdP Plugin Maintenance
Maintaining the Identity Provider product core and released plugins. It includes bug fixes, testing, and release preparation and distribution. New Major new feature work has largely moved out to plugin development. This notably includes basic maintenance and simple enhancements to the OIDC/OAuth support as well.
Java 17, Spring 6
Migration of the IdP platform and dependencies (including OpenSAML) to Java 17 and Spring Framework 6 to keep the platform appropriately current. This will remove some deprecated function but is not (principally) focused on new features.
The main disruptive goal of this release is to refactor much of the code into new shared modules that will be usable by the SP V4 Redesign work if it happens. Minimizing impact on IdP deployers is a primary consideration but some API and thus small configuration changes will be required.
Smaller OIDC/OAuth Enhancements
Additional features for the OIDC OP plugin, initially focused on use cases adjacent to OIDC specs, or adding optional OIDC material, and some enhancements to provide some additional OAuth functionality. See JOIDC project in Jira. Specific Some enhancements will largely may depend on member interest/demand.
SP Packaging Automation
AWS-based process for automating SP packaging, at least encompassing RPM platforms. This will conincide with changes to the packages we produce. The initial work is completed but work is ongoing to allow for CI in AWS.