Shibboleth Developer's Meeting, 2024-01-19
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2024-02-02. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Plan to submit grant proposal to GEANT for OpenID Fed work
Release schedule
Board updates
Attendees:
Brent
- OSJ-391Getting issue details... STATUS
I obviously overlooked issues with the custom schemas in the IdP. I’ll take a look at those and see if there is a viable solution, such as merging the <TrustEngine> etc type of stuff with an injected HttpClientSecurityParameters, using some order of precedence.
- OSJ-392Getting issue details... STATUS
Will investigate doing something rational on the interface collections. I think having them throw on mutation attempts would be consistent with the other setter methods.
Daniel
Henri
- JCOMOIDC-95Getting issue details... STATUS
Realized that those could not be customized with the JSON security configuration
Should we inherit clockSkew setting from security configuration?
- JOIDC-191Getting issue details... STATUS
xml-safe flag enabled by default → _ -prefixes in identifiers
- JOIDC-186Getting issue details... STATUS
JWT-format committed and tested
- JCOMOIDC-96Getting issue details... STATUS
TODO: wiring and tests for OP
Work on the GEANT proposal
Ian
John
Amazon Linux (2, 2023) and RHEL (7, 8, 9) image bumps
Starting to get oriented to the IdP with an eye toward SP testing
Marvin
Phil
plexus-io-3.4.2 released with a key from a known individual.
Although no new release of maven-javadoc-plugin that uses that yet. And overriding versions non-trivial.
- JDUO-82Getting issue details... STATUS - Some amendments to that.
Strategy to release commons 3.0.1. Happy to do this if the email makes sense. Release stuff already on the agenda.
- JOIDCRP-53Getting issue details... STATUS
My fault, but I should have put those two user-controlled files into oidc-config.
Need to think about versions, compatibility, updates etc.
- JWEBAUTHN-1Getting issue details... STATUS
2FA flow working. Off logic that needs review
Usernameless flow working.
Passwordless flow in progress
Working on username input
Then, integration into Storage API.
Rod
Starting to kick the wheels on non web use of Thymeleaf
Hope to restart the discussions about WiX v4 in the next 2 weeks
Scott
Keeping up with minor 5.1 backlog
Tom
Safari tests