Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Current »

Shibboleth Developer's Meeting, 2020-06-05

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2020-06-19. Any reason to deviate from this?

60 to 90 minute call window.


Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.


AGENDA

  1. PKIX root behavior
  2. IDP-1583 - Getting issue details... STATUS
  3. Opening up master branches
  4. Ian Young's thread safety thing, see below

Attendees:


Brent


Daniel


Henri

  • JOIDC-5 - Getting issue details... STATUS
    • MDDriven profile configurations working as expected
      • Will check with  IDP-1608 - Getting issue details... STATUS  next week
    • Added ClientSecretReferenceKey -element to the schema
      • Simple resolver interface extending Resolver<String, CriteriaSet>
      • Initial implementation for Properties resource
        • How to make it refreshing whenever metadata provider is refreshed?
      • Other implementations? Perhaps HTTP (using the approach from HTTP data connector)?


Ian

  • (Maybe an agenda item) Thread safety is hard:
    • Arises through  MDA-242 - Getting issue details... STATUS ; full discussion there.
    • A lot of things we say are @ThreadSafe really aren't, although they are mostly @ThreadSafeAfterInit and other things probably conspire to mean we're probably OK in practice. This makes me uncomfortable.
    • It's not possible even in principle to make most things truly @ThreadSafe because of  JSPT-97 - Getting issue details... STATUS .
    • We could fix that (and I think we should, see this commit) but that wouldn't address all the issues, just make it possible to do so for cases we care most about.
    • Beyond that, I don't think really nailing this down is going to be felt to be worthwhile, but we might want to document some assumptions and change some annotations anyway.
  • Building from Docker containers: iay/shibboleth-build-docker seems to work

Marvin


Phil

  • IdP release using two docker images worked well. The second image was used for building site under JDK14 to fix the search apidocs bug.
    • Modified Javadoc plugin seemed to do its job - drawing a line under that for now, and I did not need to swear. 
    • It can be a bit slow when generating site (Javadoc), just make sure to build inside the container.
    • Detailed instructions on Ian's Github page for all these things.
  • Duo 2FA OIDC plugin
    • I have not provided too much input to Rod's plugin work the past few weeks as just trying to get the flow together.
      • Would hope to reengage later on when I actually need it to work as a plugin.
    • Using a Spring Controller to handle the external call and callback - a bit like the SAML proxy controller. 
      • Was debating whether to actually encode the webflow execution key in the State parameter alongside a CSRF type nonce? 
        • Otherwise stored outside the webflow conversation and inside the HttpSession - assuming the redirect_uri does not become an option i.e. Duo not being strict on dynamic query params.


Rod

  • Mdolue instalation stalled for want of hours in a day
  • Built VM soley to do windows installer builds
  • What to do about Java7/8 on Windows and the multi tests?
  • Am about to have to install Visual Studio 2019.  Do we want to think about this for SP 3.2 (given we that it may impact on our dependencies)


Scott

  • Documentation
  • Minor 4.1 work
  • Web site, moving community content into WEB wiki space
  • EC2 instance running PrivacyIdea
  • Would like to start steering "roadmap" content into Jira

Tom


Other




  • No labels