Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 7 Current »

Shibboleth Developer's Meeting, 2023-11-03

Call Administrivia

09:00 Central US / 10:00 Eastern US / 14:00 UK / 16:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2023-11-17. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

  1. Move mains up to 5.1?

  2. Javadoc publication plans

    1. Keep as part of release for consistent results?

    2. Build afterward

      1. Deploy or not deploy? With deploy-file? All or just aggregate? Do we care about them being in Nexus and available for Eclipse?

Attendees:

Brent

  • OSJ-392 - Getting issue details... STATUS

    • Have a provisional solution; not yet tested out.

Daniel

Henri

Ian

John

Marvin

Phil

  • Following Scott’s lead on CSP in the RP and commons. Both should be done in branches.

  • Some follow-up to Scott’s null cleanup on oidc-commons

    • Thanks for all that work, plenty of null issues in commons sadly.

  • Work on WebAuthn authentication plugin

    • Basic structure in place for an admin flow for registration and an authentication flow for err. authenticating.

    • Operating inside the MFA flow.

      • Longer term can be the first and only factor, or 2nd-factor

      • Shorter term it allows authentication flow selection, useful for the admin flow when you first need to register a key — but ‘password’ fallback is pointless long term, so this is just for testing.

    • Battling with Yubico’s JavaScript libraries to convert JSON credential creation/authentication requests that come from the server into something compatible with the webauthn apis.

Rod

  • Releases for jetty x.0.17 (IdP 4.3.1.4, JettyBase 11.0.18, plus supporting jetty-base jars)

  • Enforcer releases

  • Moving towards closure (one way or another) on GEN-330 - Getting issue details... STATUS

  • SSPCPP-982 - Getting issue details... STATUS (installers are weird)

Scott

  • Incidental: upgraded OSU to V5 last week, no issues thus far

  • Starting on work estimates and budget planning

  • Ongoing work around javadoc, experimenting with TOTP corrected release

  • OSJ-393 - Getting issue details... STATUS

    • Testbed classpath issues → BOMpocalypse

  • IDP-2195 - Getting issue details... STATUS

    • Propose we eliminate use of BOMs as they have a deliberately odd precedence that reverses the usual rule of “child overrides parent”.

  • IDP-2191 - Getting issue details... STATUS

    • Notable change to Spring we can’t override but I don’t think it’s a significant issue.

  • JSSH-41 - Getting issue details... STATUS

    • I hit some of this in OpenSAML without realizing that factory beans could actually return null.

Tom

  • IDP-2175 - Getting issue details... STATUS
    having trouble unsetting cookies - should be much easier to debug now that the POMs have been changed

Other

  • No labels