/
2014-04-18

2014-04-18

Jul 29, 2021

Shibboleth Developer's Meeting, Apr 18, 2014

Call Details

 

Meeting URL: http://fuze.me/24048131

Meeting Number: 24048131

 

Toll / Intl #: N/A

Toll-Free #: N/A


Attendees: Brent, Daniel, Ian, Rod, Scott, Tom

 

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Next call is next Friday. Any reason not to meet ?

60 to 90 minute call window.

 

Brent

 

Daniel

 

Ian

 

Rod

  • Parsing Security.  Metadata parsing complete.  I'll see about building the RP service and Metadata service next

  • Issues - arising from offline discussions with Brent

    • Use of Cryptacular and EOL of support code

    • Centralized KeyInfoProviders

  • Documentation.  

    • A lot of this configuration has no documentation on the wiki.  

    • We are making changes

    • Now feels like a better time to get this documented than later?

Scott

  • Package renaming for impl-related code

    • one diff is OpenSAML uses "common" convention for cross-version code, IdP doesn't have as much of that so I didn't copy that

  • Refactored to remove ProfileException and sync up MessageHandler and ProfileAction

    • Would still advocate we look at removing ID requirement from these

  • Progress on general error handling

    • end-state maps to a view to end flows, can't populate data into view-scope, used request scope

    • catch-all error handling at the MVC layer also "works" at initial glance

    • raised MessageHandler issue on list, tentatively planning to convert profile-specific chains into subflows

  • Java 8 XML parser settings issue, semi-resolved by using LSResourceResolver as our maginot line

    • think we should move AuthnContext schemas to an add-on to default schema build, not used by metadata validation

Tom

  • OSJ-69 Remove OWASP ESAPI from stack

    • Request review of HTMLEncoder

  • INFRA-99 How to upload validated artifacts to Nexus

    • Request review of DRAFT instructions

    • Next : Commit simple Selenium tests in prep for uApprove v3

  • Outage

  • Infra upgrades ... Sunday night ?

  • Talk about Spring Boot co-ord with AMAAIS ?

  • Ian

    • Should I still add SVNKit dependency to Nexus once the procedure is acceptable ?

    • Did you have a chance to test SWF 2.4.0RC1 ? (assume not due to Heartbleed)

 

 

Other