Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.




Project Overhead and Infrastructure

This is "keeping the lights on" for the Shibboleth projects. This includes attending teleconferences, face-to-face meetings, core list emails, etc. Also includes ongoing management of project infrastructure, and basic coordination among the team.

Standards Development

Participation in, and keeping track of, specifications from standards bodies such as OASIS, W3C, IETF, Kantara, etc., as well as activities focused on the REFEDS community. We have substantially scaled back our efforts on standards to focus on development work but continue to participate and inform REFEDS work.

Technical Support

Supporting deployers of the Shibboleth software through the Member-only support mechanisms or in response to mailing list questions from members. Non-member support is not subsidized and thus not accounted for as project time.

Native SP Maintenance

Maintaining the supported Service Provider product version(s). It includes bug fixes, testing, and release preparation and distribution, and also includes the maintenance of a half dozen dependent libraries. It does not include significant feature work at present.

Embedded Discovery Service Maintenance

Maintaining the EDS, including bug fixes, testing, and release preparation and distribution. It does not include significant feature work at present.

OpenSAML-Java Maintenance

Maintaining the Java OpenSAML library and supporting libraries. This includes bug fixes, testing, release preparation and distribution.

IdP and IdP Plugin Maintenance

Maintaining the Identity Provider product core and released plugins. It includes bug fixes, testing, and release preparation and distribution. New Major new feature work has largely moved out to plugin development. This notably includes basic maintenance and simple enhancements to the OIDC/OAuth support as well.


September 2023


Expected Completion



IdP V5

Java 17, Spring 6

Migration of the IdP platform and dependencies (including OpenSAML) to Java 17 and Spring Framework 6 to keep the platform appropriately current. This will remove some deprecated function but is not (principally) focused on new features.

The main disruptive goal of this release is to refactor much of the code into new shared modules that will be usable by the SP V4 Redesign work if it happens. Minimizing impact on IdP deployers is a primary consideration but some API and thus small configuration changes will be required.

Smaller OIDC/OAuth Enhancements


Additional features for the OIDC OP plugin, initially focused on use cases adjacent to OIDC specs, or adding optional OIDC material, and some enhancements to provide some additional OAuth functionality. See JOIDC project in Jira. Specific Some enhancements will largely may depend on member interest/demand.

SP Packaging Automation


AWS-based process for automating SP packaging, at least encompassing RPM platforms. This will conincide with changes to the packages we produce. The initial work is completed but work is ongoing to allow for CI in AWS.