2011-06-30
Shibboleth Developer's Meeting, June 30, 2011
Attendees: Scott Cantor, Daniel Fisher (Virgina Tech), Jim Fox (InCommon), Chad La Joie, Rod Widdowson, Ian Young, Tom Zeller
Coding Conventions (Chad/Rod)
- In order to reduce the potential for concurrency issues and unintentional (due to bugs) changes of state to something unusable (e.g., null values that then lead to NullPointerExceptions) objects should strive to be immutable
- If there are a 5 of fewer parameters for the object, this information should be passed in via an constructor, otherwise use setters
- Information should be checked as soon as its passed in. Use the opensaml-util Assert and *Support classes for this.
- If at all possible, not getter should ever return null, instead at a minimum some default value should be available
- SLF4J loggers should be declared final and should never be declared static
IdPv3 Update (Chad)
- Attribute resolver plugin's usage of Spring Expression and Attribute filter policy's special
PolicyRequirementRule
interface have both been replaced with EvaluableCritieria - Relying party configuration APIs have been checked in. The APIs are very similar to the v2 APIs with the exception of how they are looked up. A description of this was sent to the dev list.
RHEL/CentOS 6 curl Solution (Scott)
- Steve Traylin contributed patch to address this issue, beta package is out and available
- Library installed in /opt/shibboleth/lib64
- Patch also allows for overriding the install dir. This means items get installed in to /lib or /lib64 as appropriate
- Shib prepared libcurl package will track the latest version of the library
- Scott needs to make sure the transition from old hack to new lib package works properly; may require a few manual steps (e.g., uninstall old package, then yum install the normal Redhat package)
RPM packaging (Chad/Scott)
- There is some confusion regarding the name of SP packages; people aren't sure what they'll get with a package simply called 'shibboleth'.
- SP package name will be changed in v2.5 to remove this confusion; Chad will file a JIRA issue for this
- The /opt/shibboleth directory will:
- contain standard bin, lib64, etc, etc. directory layout
- contain per-product directories for those Java components packaged as RPMs; these products may install scripts in the ../bin directory so that they are where people might expect to find them
Firefox 5 Redirect Caching
- Scott has a patch for the Apache mod_shib to explicitly expire redirects; IIS already has this support
SP v2.4.X update
- xmlsec has a security vulnerability, should do an advisory for the SP release
- probably next week for next 2.4 release
Face-To-Face Dev Meeting
- current plan is to meet at I2MM meeting 1-5 on Sunday and 9-1 on Thursday
- Emily indicates this shouldn't be any problem
- these meetings will be closed/invite-only meetings
Next Meeting: July 14, 1500UTC