2021-10-15
Shibboleth Developer's Meeting, 2021-10-15
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-11-05. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Add items for discussion here
Server - any other issues?
Maven Central : get to consensus on actionable plan (Tom)
Do we care to know/log who uses/downloads our artifacts ? no
only way we can really know is to host ourselves and not on Central
Plan is to migrate public repos from hosting with Nexus to Apache
Need Nexus to manage snapshot metadata (although we might be able to migrate away)
Do we want to continue to host a public snapshots repository ? yes
no way to control client lookups = lots of 404s
Do we want to continue to host a public (or private) cache of Central ? no
(automatically proxied by Nexus, we could validate sigs using Rod’s tool)
Attendees:
Brent
https://shibboleth.atlassian.net/browse/IDP-1870
Clarify Scott’s suggestion. Maybe on-use is good enough?
Daniel
Henri
The concept of metadata policy (related to RP registration) is getting more generic
First it was only related to registration access tokens, then also for restricting/filtering/defaulting incoming requested registration values in the dynamic registration configuration
Possibly also on the upcoming RP-feature for validating dynamic registration responses
OIDCfed spec draft also defines metadata policy (see 5.1): the same structure can be used
Phil’s metadata resolution work very useful, as metadata policies are JSON
Ian
Lots of stuff ancillary to the server move
Memory thing solved for now by addition of swap / trimming JDK heaps? Comparison with my machines:
SWAP OK - 100% free (2047 MB out of 2047 MB) | |
SWAP OK - 100% free (10174 MB out of 10237 MB) | |
SWAP OK - 100% free (10200 MB out of 10237 MB) | |
SWAP OK - 100% free (5074 MB out of 5117 MB) | |
SWAP OK - 96% free (4865 MB out of 5118 MB) | |
SWAP OK - 100% free (10163 MB out of 10238 MB) | |
SWAP OK - 90% free (3681 MB out of 4095 MB) | |
SWAP OK - 96% free (9797 MB out of 10238 MB) |
John
Up to my eyeballs in project work at $OTHERJOB. Nothing to report.
Marvin
Phil (absent)
still
Updated the metadata cache to support the batch mode of operation as opposed to just the dynamic mode.
As before, dynamic supports individual entity read-through semantics, and batch supports read-ahead semantics for the entire cache.
Merged dev branch to oidc-common mainline so Henri can have a look - will work off main from this point.
Slow progress over the last few weeks.
Rod
Wiki revisited
Scott
Server move
Bug fixing
Starting on SP refresh
OpenSSL 3 requires a one line Santuario fix and then hours of release work
Tom
Maven Central issues in order of priority :
Need to research options for distributionManagement repository URL when deploying artifacts, either SSH tunneling or SCP or ?
Other