/
2020-09-18

2020-09-18

Jul 29, 2021

Shibboleth Developer's Meeting, 2020-09-18

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2002-10-02. Any reason to deviate from this?

60 to 90 minute call window.



Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.



AGENDA

Add items for discussion here

Attendees:



Brent

  • OSJ-319 - Getting issue details... STATUS


    • Easy fix.

  • OSJ-323 - Getting issue details... STATUS

    • Haven't found any info on the JSSE → OpenSSL lack of session resumption issue.  Will likely just close this out.

  • OSJ-321 - Getting issue details... STATUS

    • Think we should at least implement the cloning fix to eliminate the side-effect on the cloned object.



Daniel



Henri

  • JOIDC-5 - Getting issue details... STATUS

    • Updated schema to the 'choice' -approach

    • Getting ready to merge to the main branch

      • Initial thought was to use idp-saml-api and -impl for schema and XMLObjects

      • Could a new "common OIDC" -module be more logical destination?

Ian

  • Java 15 is GA: no more Nashorn.

  • Spring Framework 5.3 in October, EOL will be 2024.

  • XMLSecTool can't do the most common kind of PKCS#11 operation under Java 9+; time for V3:

    XSTJ-82 - Getting issue details... STATUS

    (Similar issue in a spring-extensions bean)
    JSE-42 - Getting issue details... STATUS



John



Marvin



Phil

  • JDUO-15 - Getting issue details... STATUS
    Trying out a feature branch to switch some of my custom JWT handling to Nimbus.

    • Pretty much done - will push the branch when I can. As with Henri's idea above, probably a bit of common Nimbus JWT code we could be sharing - not flow, but JWT verifier setup etc.

    • Wanted to test a DuoClient using only Nimbus, not Duo's SDK. This eventually led to secret key issues 

      JDUO-16 - Getting issue details... STATUS
       and an email to Duo.



Rod

  • Misc bug fixes.

  • Is anything gained by making our installation code API? (potential agenda topic)

  • Potentially strip a bunch of config stuff from the plugins.



Scott

    • Modules

    • Authentication and admin modules mostly done, major redesign of authn config approach into properties

    • Interceptors are the main area of work left

  • Work left to do in places to allow plugins to dynamically add components, will need OIDC review for that

    • Package sealing done up to the IdP layer pending full testing

    • Lots of split packages due to test-jar classes, virtually none elsewhere

    • Resource loading does not appear subject to sealing

    • Plugins and new work should seal by default