Shibboleth Developer's Meeting, 2021-10-01

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-10-15. Any reason to deviate from this?

60 to 90 minute call window.

This week's call will use the Zoom system at GU, see ZoomGU for access info.

Add items for discussion here

Java socket server: PoC project in Git at putmanb/spring-socket-server. See README.txt for details on running.

https://shibboleth.atlassian.net/browse/JOIDC-21
- While working on the server-side metadata policy, realized that Phil’s work on metadata resolution can be exploited
https://shibboleth.atlassian.net/browse/JOIDC-57
- Nimbus fixed it for version 9.1.6 (see changelog) - we’ll take it (or the latest) into use in oidc-common 1.2.0
- Verified that it’s working on a test deployment with IPv6

https://shibboleth.atlassian.net/browse/JCOMOIDC-23
- Pushed more changes inc. filtering metadata once fetched from a source and filtering the list of resolved metadata via a pluggable strategy.
- Some code cleanup
- Looking to merge into main branch for oidc-commons next week. Henri can try and use it to resolve Metadata policies - I am sure many things will need changing once tested in a wider sense.
- Keep at it, a number of things to add back and test out.

Notably |
- All our distributions (except MDA whose packaging in in flux) have their dependency jars signature checked in the same project as the assembly.

Tied up with OSU mess, hopefully lightening up some in October.

Nexus - still working on :
- proxying (because of concern about the old version of Jetty it uses)
- containerizing
- deploying to Central (they closed the most recent issue due to lack of activity, ok with me)
- considering downgrading to OSS from Pro to avoid annual license renewal (in 27 days)
Tests - troubleshooting failures especially Sauce Labs browser tests