Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Current »

Shibboleth Developer's Meeting, 2022-08-19

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-09-02. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

  • Artifact names and Maven co-ordinates for the performer previously known as Prince repository previously known as java-support and spring-extensions.

  • (rdw:) Windows core (headless) server support.

  • IDP-1955 - Getting issue details... STATUS

    • Propose we go ahead with this after all.

  • Eclipse project files

Attendees:

Brent

  • OSJ-354 - Getting issue details... STATUS

    • The category logging is actually farther down (about 3 layers deep) in the base class hierarchy. Trying to decide whether to change this and move this all the way to the top-level base class for encoders/decoders.

Daniel

Henri

  • Gson dependency should be removed from OP: it’s only used for parsing the contents from sector_identifier_uri during dynamic registration

  • Need to clarify the use of AttributeInOIDCRequestedClaims matcher

  • OAuth2Client authentication flow’s c14n step currently uses same c14n flows as end-user authentication flows

    • Perhaps a flag to disable c14n step or customisable set of c14n flows for this flow

Ian

  • V4 integration tests now nightly, not on CI chain.

    • Note: no V5 integration tests at present.

  • Old and busted: java-support and spring-extensions repositories. New hotness: java-shib-shared multi-project repository.

  • Spring Web Flow 3.0.0-M1 has been released, including our code.

    • I have rebased our fork, and we’re still using it at present.

    • Do we have anything else we want upstream to consider?

    • If not, it is probably time to switch over to the upstream milestones and retire ours.

    • I’d disable jobs and remove old snapshot artifacts to avoid confusion, but stand ready to re-enable them if we need to do more work. I would not delete the fork.

John

Marvin

Phil

  • JCOMOIDC-41 - Getting issue details... STATUS

    • As per Brent’s suggestion, converted the encryption classes to JWT specific ones without the KeyInfo etc. stuff

    • Lead to a bit of refactoring and some big changes to the ‘Basic’ encryption parameter resolver, which then needed to become more JWT focused given we actually use Nimbus encrypters.

      • Which lead to many changes in JOIDCRP-17 - Getting issue details... STATUS which needs review.

  • Suggestions for small improvements to the OP’s encryption JOIDC-122 - Getting issue details... STATUS . Not sure supporting direct encryption is all that useful given there is no algorithm descriptor for it and I am not sure how you share that secret with the OP (other than client_secret).

  • Usual RP cleanup work

  • Need to finish JCOMOIDC-45 - Getting issue details... STATUS

  • ‘Merging’ the dev commons branch into main is going to be messy, need to ensure the OP does not break.

Rod

  • IDP-1793 - Getting issue details... STATUS

  • Misc tidy

  • (yet) another JDBC Storage Service plugin release

  • Next up IDP-1927 - Getting issue details... STATUS

Scott

  • IDP-1992 - Getting issue details... STATUS

  • IDP-1994 - Getting issue details... STATUS

  • IDP-1973 - Getting issue details... STATUS

    • Needs extensive testing

Tom

  • testbed

    • need to change the idp-war dependency in the POM from JAR to WAR, i.e. from 

              <dependency>
            <groupId>${idp.groupId}</groupId>
            <artifactId>idp-war</artifactId>
            <version>${idp.version}</version>
            <scope>runtime</scope>
        </dependency>

      to

              <dependency>
            <groupId>${idp.groupId}</groupId>
            <artifactId>idp-war</artifactId>
            <version>${idp.version}</version>
            <scope>runtime</scope>
            <type>war</type>
        </dependency>

      to build from the CLI, but this breaks running the testbed in Eclipse.
      Maybe IDP-1955 - Getting issue details... STATUS would help, idk.

  • Added Jenkins jobs :

    • java-idp-testbed-v5

    • java-idp-integration-tests-v4.2.1

    • Working on java-idp-integration-tests-v5

  • Suggest changing default log level from debug to either warn or info in idp-conf/src/test/resources/logback-test.xml similar to idp-conf-impl because Logback picks this up when running the integration tests

  • Could use help with the AttendedRestart feature

    • example openssl command to password protect an existing private key ?

    • configured properties and beans, but flow/view does not appear, just get OpenSAML error message

Other

  • No labels