2021-05-07
Shibboleth Developer's Meeting, 2021-05-07
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-05-21; any reason to deviate from this?
60 to 90 minute call window.
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
- Release plans
Attendees:
Brent
Daniel
Henri
-
-
JOIDC-44Getting issue details...
STATUS
- Deep dive into the attribute registry & transcoders
-
-
JCOMOIDC-19Getting issue details...
STATUS
- In practise the Nimbus release-cycle means that if we need a bug-fix, it's always a minor update for us
-
-
JOIDC-42Getting issue details...
STATUS
- About half is done with the latest Nimbus dependencies, I don't foresee issues
Ian
John
- cpp-linbuild
- Can generate manifests of RPM/SRPM products
- Working on signaling first-level dependencies from Makefile to build script
- Planning to use local repos to resolve second+ level dependencies
- Overarching goal is to shift from per-component/per-platform build script to generic build script
- Updated Amazon Linux 2 Docker image to latest (20210326)
Marvin
Phil
- Minor plugin changes.
- Jar sealing
- DuoOIDC plugin updates to support the latest Duo WebSDKv4
- Removed retrofit and okhttp from the IdP (java-parent) and added them to the DuoOIDC plugin package. Looking at releasing this as 1.1.0, but only after the next version of the IdP is released.
- Any security issues for v 1.0.0 can go into a 1.0.x release.
- Some plugin download location and version testing
- Started looking at PrivacyIdea
- Pretty cool, most auth token mechanisms sit behind a three 'mode' API facade (as Scott previously mentioned).
- Have it set up and enrolling various security keys. Interested in the webauthn function - but there are plenty of auth token options.
- Even with the facade, there are still some differences (client-side) for some of the methods.
Rod
Lots of minor changes for the next minor/major release. Two open questions
-
-
IDP-1811Getting issue details...
STATUS
- Do we have the right to change the default behavior of the Attribute Resolver wrt Display Information(especially given that no-one will notice)?
- This would allow us to actively deprecate & log as deprecated a lot of old methods which are there solely to support IdPAttributes carrying DIsplay Information.
-
-
IDP-1813Getting issue details...
STATUS
- There is an impedance mismatch between the CLIs (which use System.out.println) and much of the installers (which need to have the ability to log verbosely).
- How to square the circle?
Scott
- Atlassian Adventures – worst Disney ride ever
- Jira hung during last update attempt
- We do have an offer from Internet2 to migrate to a Data Center instance with SSO support
- Made some progress spelunking the database and managing to rename accounts via SQL – my thought was to do this for all accounts with email addresses to rename them to the email address before a conversion to Cloud, but we'd have to orphan or dummy-associate all other issues and comments
- Going to start with some trial Confluence migrations since the account issue is less acute
-
-
SSPCPP-926Getting issue details...
STATUS
- Successful experiment to replace XML serialization of IPC with a text-based record-oriented syntax
- Working all week on understanding the character encoding implications of using Java on the other end, extremely convoluted
- Next steps:
- Implement some form of this in Java
- Built a prototype socket server on top of a Spring ApplicationContext
- Start sketching out the service APIs needed for some of the functionality, particularly configuration file processing
- Board requests for a skills matrix and an updated roadmap
Tom
- - GEN-286Getting issue details... STATUS Status update, Scott ?
- - IDP-1632Getting issue details... STATUS Tests pass
- Are we ok with the Sauce Labs Terms of Service ?
https://saucelabs.com/terms-of-service
We have Open Sauce, which is free for open-source projects and allows us to test browsers.
Other