Shibboleth Developer's Meeting, 2021-09-17
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-10-01. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Oracle JDK 17 Free Java License: do we think deployers will use this? Do we need to support Oracle JDK again? (see Java Distributions)
Server move
Attendees:
Brent
Java socket server: Working PoC using Scott’s remoted HTTP Request/Response. Next will flesh out more with more real-world config and (maybe) with some basic SAML processing to illustrate the end-goal.
Daniel
Henri
https://shibboleth.atlassian.net/browse/JOIDC-57
Root-cause is that Jetty includes brackets in the response for HttpServletRequest.getLocalAddr()
https://shibboleth.atlassian.net/browse/JOIDC-21
Managed to get full sequence PoC flow working with the access tokens
Realized that the “metadata policy” (see /wiki/spaces/DEV/pages/1213038673 ) included in the access token is probably useful as a profile configuration option too
Ian
Java 17 is GA. No change since early RC1 in early August.
New LTS cadence? Moving the JDK to a Two Year LTS Cadence
This is still proposed by Oracle, not definitely happening.
LTS old scheme: 17 (2021), 23 (2024), 29 (2027)
LTS new scheme: 17 (2021), 21 (2023), 25 (2025), 29 (2027)
No change in length of LTS support (from Oracle, anyway)
New Oracle JDK license for 17: Introducing the Free Java License.
Includes redistribution if not for a fee.
See agenda topic.
Corretto 17 expected next week.
John
Working on adding EDS to cpp-linbuild.
No more progress on Jenkins/Fargate to report yet
Marvin
Phil
Still this https://shibboleth.atlassian.net/browse/JCOMOIDC-23
Decoupled caching into a caching type implementation, build using a factory.
Pushed lots of variable (between OIDC and SAML) functionality into strategies to allow OIDC things to be slightly different.
e.g. how to fetch metadata when not in cache is now in a strategy.
Is tricky, almost have a PoC of something. Might not even be good, will need a review later on.
Rod
https://shibboleth.atlassian.net/browse/JPAR-182(see separate mail)
Scott
Server rebuild and docs
Drafted up some servlet facades for Brent to play with