Shibboleth Developer's Meeting, 2022-08-05
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-08-19. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Rod Widdowson - IDP-1793Getting issue details... STATUS (Why, What, User configuration, plugins)
State of branches across the projects and release plan(s)
Plugin compatibility when we unlock the parent – additional testing requirements or do we just wing it?
Third party cookie API proposal
Attendees:
Brent
- JCOMOIDC-41Getting issue details... STATUS
Reviewed some code for Phil.
- IDP-1793Getting issue details... STATUS
Reviewed some changes for Rod.
Daniel
Henri
Back online next week
Ian
As yet, no upstream Spring Webflow milestone release.
Spring Framework 6.0.0-M5 integrated everywhere, M6 is due 2022-09-15 along with 5.3.23.
Commit jobs now running on
CentOS7-commits
instances, mostly.Please review my mail to
committers@
so that I don’t have to talk through this!
John
SSPCPP-953
Marvin
Phil
On leave for the meeting. Been in and out of leave for a few weeks, ending end of next week.
- JCOMOIDC-45Getting issue details... STATUS
Small improvements to the credential resolver. I think I now need to hook up the local credential resolver to also use any public key info from ‘jwk’s inside the JOSE headers to locate corresponding private keys, in addition to the ‘kid’ (keyID) it currently uses (algorithm info is also currently used).
Brent might want to put me straight on that if not.
- JOIDCRP-17Getting issue details... STATUS
See the issue for the current logic (which needs reviewing).
Tricky to test ECDHE-ES as the runtime does not support
EC/ECB/PKCS1Padding
. Also not easy to get something downstream to test it e.g. OIDC cert tests. Will try with our OP.
Rod
Scott
xml-security-c buffer overrun
No exposure in library itself or SP so low priority, will get a patch released at some point
- IDP-995Getting issue details... STATUS
Approaching this as a revocation problem due to client-side storage, with two back-ends, storage service or attribute resolver
Tom
Working on updating/fixing integration tests for Sauce Labs :
removing Sauce Labs dependency (use environment variables + Jenkins Sauce Labs OnDemand plugin for credentials instead)
bump to Selenium 4
bump to Java 17 parent
workaround deprecated Spring Framework method to find available ports