Versions Compared

Old Version 16

changes.mady.by.user Brent Putman

Saved on

compared with

New Version Current

changes.mady.by.user John W. O'Brien

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-1892

    • I have a functional SWF snapshot for the Java 17 / Spring 6 / EE 9 environment.

    • Do we need a Jira project for this?

    • Response from Spring team that they will support SWF in this environment, and that they welcome our collaboration. Hopefully this means we don’t need to maintain a fork of our own long term.

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJPAR-186

    • I have a functional 5.0.0-SNAPSHOT (without plugins).

    • Working on build infrastructure.

  • Not all RHEL rebuilds are the same.

  • Also, RHEL 9 is now a thing (Rocky 9 soon). Implications?

  • Also, RHEL 7 is not long for this world (GA: 10 June 2014, end of full support: 6 August 2019, end of maintenance 1: 6 August 2020, end of maintenance 2: 30 June 2024, “extended life” ends 30 June 2026, see here). Implications? (Part proposal: never support IdP v5 on RHEL 7)

John

  • AWS-based SP build goo

    • Got script working to build builder images under Jenkins. Doesn’t handle Fargate task re-definition, among other things.

    • Started working on script to use builder images to build RPMs. This one may be a bit gnarly.

    • Work-in-progress on aws branch in git.

    Looking into

    • shibboleth.net:obrienjw/cpp-linbuild, occasionally rebased on main

  • Chasing Docker images du jour. Today: Rocky 8.6 update.

Marvin

Phil

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJCOMOIDC-41

    • Changed how the client authentication and client secret are weird up. The client_secret is now a general JWK credential i.e. a shared secret or a public/private key

      • This is used to generate the correct client authentication, although the action that does that still only supports client_secret_basic and client_secret_post. It should now be possible to support client_secret_jwt and private_key_jwt.

      • The credential can then be fed into a new CriterionCredentialResolver via a new static credential criterion: to support MAC verification using the HS* algorithms (in addition to the existing public key signatures). Not sure if this is the best approach, but can be revisited.

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJCOMOIDC-45
      working through decryption. Starting with ‘Dir’ (Direct Encryption) to see if I can harvest some of the existing decrypted work in the OP.

    • https://issues.apache.org/jira/browse/MJAVADOC-652 - Progress is slow. As Ian and I briefly discussed, I can not see a reason to place a third-party library on the patch-module path, and either we need a parameter to turn it off (I submitted a PR) or they need to change its behavior for projects where not all dependencies declare support for the module system.

...