2024-11-15
Shibboleth Developer's Meeting, 2024-11-15
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2024-12-06. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Update on contracting proposals
Attendees:
Brent
https://shibboleth.atlassian.net/browse/JSSH-56
Confirm thread pool behavior, per Scott.
Assuming looks OK, will do Spring parsers, etc.
https://shibboleth.atlassian.net/browse/JSATTR-6
Some progress made, still hoping to be functionally complete in a couple of weeks.
Daniel
Henri
Absent today
https://shibboleth.atlassian.net/browse/JOIDC-222
First more or less functional implementation for automatic registration in the authorize-flow
The RP metadata is fetched via oidfed trust chains and metadata gets stored via ClientInformationManager
Same method is used in the dynamic client registration flow - the RP records are stored server-side via configurable storage service
With automatic registration we should also provide means to avoid this server-side state (client secrets are never involved)
Test deployment plugged to the GEANT testbed - successful automatic registration of a test RP
Other upcoming work items:
Revisit our metadata policy implementation (in oidc-common)
It was done against much older oidfed-spec draft - the section in the spec has been reworked
Trust Marks
Explicit registration flow (i.e. oidfed-aware dynamic client registration flow)
Ian
RHEL 10 beta is out. I have set up an instance in the usual way (
r10a
via the jump host, accepts anyiay.org.uk
users) for investigation.GA expected some time in the first half of 2025.
x86-64-v3
!Wayland, if you care.
“modules” no longer used in the packaging system. Good.
GCC 14.2.
Default version of Java is OpenJDK 21.
See https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10-beta/
Spring Framework 6.1.15 and 6.2.0 are out. Just jump to the latter?
John
Bumped AL2/2023, RHEL8/9 images
https://shibboleth.atlassian.net/browse/SSPCPP-999
Planning to focus mainly on RHEL 7
Rocky 9.4 aarch64 EC2 instance bricked after updating kernel to 5.14.0-427.40.1
Somebody was able to reproduce and extract console info
Looks like it might be region-dependent
Marvin
Phil
https://shibboleth.atlassian.net/browse/IDP-2339
Added a per-flow session version to a dev branch
dev/IDP-2339
.Old (per-view) or new (per-flow) configurable by a new property. Defaulting to per-flow for now.
Finished feature tweaking to the WebAuth plugin, RC3 will be announced next week. Version 1 the week after.
Hasn’t been a very stable RC so far. But more feedback which I wanted to address before version 1.
Was asked by Judith to help present the (now usual) FedCM update at TechEx.
Rod
Jetty 12.1.0 and 12.0.15
Windows build and test environment for new SP agents
Scott
Continued tear down on SP code base
Review of Boost unit testing framework
Work on some small unit tests for Boost property tree XML feature
UTF-8 appears to parse even on Windows where the default locale probably isn’t that.
Prepping slides for TechEx
Tom
FYI “Sonatype will officially sunset its Nexus Repository 2 product on June 30, 2025”
Not really interested in upgrading to Nexus 3 because it is database-backed
Plan on looking at other file-based hopefully simple alternatives
Still working on Jetty Plugin support in the integration tests
TODO : Improve handling of invalid consent records
TODO : OP Conformance suite logout tests
Other