...
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key IDP-1892 I have a functional SWF snapshot for the Java 17 / Spring 6 / EE 9 environment.
Do we need a Jira project for this?
Response from Spring team that they will support SWF in this environment, and that they welcome our collaboration. Hopefully this means we don’t need to maintain a fork of our own long term.
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JPAR-186 I have a functional 5.0.0-SNAPSHOT (without plugins).
Working on build infrastructure.
Not all RHEL rebuilds are the same.
Also, RHEL 9 is now a thing (Rocky 9 soon). Implications?
Also, RHEL 7 is not long for this world (GA: 10 June 2014, end of full support: 6 August 2019, end of maintenance 1: 6 August 2020, end of maintenance 2: 30 June 2024, “extended life” ends 30 June 2026, see here). Implications? (Part proposal: never support IdP v5 on RHEL 7)
John
AWS-based SP build goo
Got script working to build builder images under Jenkins. Doesn’t handle Fargate task re-definition, among other things.
Started working on script to use builder images to build RPMs. This one may be a bit gnarly.
Work-in-progress on aws branch in git.
shibboleth.net:obrienjw/cpp-linbuild, occasionally rebased on main
Chasing Docker images du jour. Today: Rocky 8.6 update.
Marvin
Phil
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-41 Changed how the client authentication and client secret are weird up. The client_secret is now a general JWK credential i.e. a shared secret or a public/private key
This is used to generate the correct client authentication, although the action that does that still only supports client_secret_basic and client_secret_post. It should now be possible to support client_secret_jwt and private_key_jwt.
The credential can then be fed into a new CriterionCredentialResolver via a new static credential criterion: to support MAC verification using the HS* algorithms (in addition to the existing public key signatures). Not sure if this is the best approach, but can be revisited.
working through decryption. Starting with ‘Dir’ (Direct Encryption) to see if I can harvest some of the existing decrypted work in the OP.Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-45 https://issues.apache.org/jira/browse/MJAVADOC-652 - Progress is slow. As Ian and I briefly discussed, I can not see a reason to place a third-party library on the patch-module path, and either we need a parameter to turn it off (I submitted a PR) or they need to change its behavior for projects where not all dependencies declare support for the module system.
...