2013-04-26
Shibboleth Developer's Meeting, April 26, 2013
Attendees: Brent, Tom, Rod, Scott, Daniel, Ian, Marvin
Call Administrivia
Next call is next Friday.
60 to 90 minute call window.
Brent
Daniel
Ian
Marvin
Paul
Rod
- Parser for mapped attribute definition. The semantics of the implementation of the definition were subtly different and also it would have been difficult to parse into it. I just reworked the definition to look more like V2.
- Wrote up some stuff of coding guidance. This has been discussed and I'll retrofit this next week.
- Abortive attempt to simplify Namespace handling.
Scott
- Met with Brent for a few hours over two days
- Reviewed proposal on authentication subcontexts and the current code, identifying some general directions to go. Wiki page has been updated with latest thoughts.
- Did an end to end design walkthrough of the SAML SSO profiles, need to write up a summary in the form of design material
- Hand off to and from message handler pipelines and how the IdP config will drive them
- Action breakdown
- Context object requirements and design
- Moving between protocol specific contexts and generic contexts needed by services like the resolver and authentication
- How error handling might work, in particular how does an action know what event caused it?
- In/out contract for authentication subflow
- Propose use of simple custom javadoc tags for action and handler documentation
- Ported a profile action into a message handler, wondering about error handling there
- Revised error handling in abstract classes to favor unchecked errors
- Handling javadoc links in wiki?
Next steps:
- Port some more IdP actions down to get additional experience with the model
- Move MessageContext into a MessageHandler bean property (can be injected by action wrapper for now, maybe by Spring later)
- Work on documenting notes on flows in some permanent form
Tom
Spent most of my time reviewing code. Otherwise, I have been working with Jetty, trying to understand runtime options, as well as differences between Jetty version 7, 8, and 9. I have been considering jetty-spring, as well as embedding, and am wondering how much container customization is common. With embedded Jetty, care would need to be taken to ensure that the distribution could still be run in a custom container.
Topics
Decisions
Guava Optional vs @null
Tom AI : look at second Storage API try.
Scott: Leaning to @null. Didn't see lots of support for Optional. Consider multiple methods vs Optional parameters.
Coding convention : getLdapUrl or getLDAPURL
Tabled for further discussion.
FooAttributeDefinitionBeanDefinitionParser vs FooAttributeDefinitionParser