2022-01-07

Owned by Ian Young
Last updated: Aug 04, 2022 by Rod Widdowson
3 min read

Shibboleth Developer's Meeting, 2022-01-07

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-01-21. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

Attendees:

Brent

  • Out for last 2.5 weeks, nothing to report

  • Will look at OSJ-346. Perhaps there isn’t normative guidance in spec on IssueInstant in Assertions.

Daniel

  • Nothing to report

Henri

Ian

  • JPAR-186: Create Java 17 + Spring Framework 6 + Jakarta EE 9 platformClosed

    • java-support, spring-extensions, java-opensaml relatively easy

    • IdP harder, requires Spring Web Flow, leading to:

  • IDP-1892: Investigate forking Spring Web Flow for IdP 5Closed

    • We have a ticket Spring Framework's Migration from Jira to GitHub Issues upstream asking whether this will be ported (no response yet, assuming this isn’t going to happen).

    • I have a fork at GitHub - iay/spring-webflow: Spring Web Flow which is 90% of the way (remains: POM generation) to building the current SWF under Java 17 and (required for that) Gradle 7.0. This is (probably) the hard part, just using the EE9 APIs should be straightforward at that point… unless there are other dependencies I don’t know about yet.

  • Aim here is not to build a production stack, but to find out what would block us from doing so. I’d hope most of the actual code I’m writing would be useable long term, but it’s not the primary goal.

  • Random asides:

    • This is the first thing I’ve had to do with Gradle. I find myself hating it less than Maven just now. This may just be the optimism of unfamiliarity, but its basic model is better in several ways.

    • SWF was very out of touch with its build system. If they do update it themselves, they might well not go the same way I did to fix the issues.

John

  • Mostly maintenance chores: spinning up a new Rocky 8 test instance and dealing with Docker/Podman silliness, SELinux silliness, AWS silliness, etc to re-test cpp-linbuild; updated Amazon Linux 2 image. Still need to re-constitute my rudimentary Jenkins instance on which to hack, and then recall where I was with Fargate-based builders before the holidays.

Marvin

 

Phil

 

Rod

  • Enforcer

    • Now (using the 3.1-SNAPSHOT) running with up to date and XMLSec friendly data

    • This includes the ~/.m2/respository thing for the idp Nightlight (but see JMVN-13: Pom Parser cannot read the mvn-enforcer-data pomClosed for why this is fragile)

    • Need to do a release of 3.1 for the enforcer and 1.0 of the data soon (preferably before the next release of a distributable)

  • Logback - prepared the windows jetty-base to ship logback latest logback.

 

Scott

  • Worked on Jetty 10 set up in late December

  • JOIDC-11: Support for client_credentials grantClosed and dependent work

    • Extending client authentication done, working through token flow changes

    • Will need additional changes to introspection/revocation flows to add access control (use existing AccessControl layer I hope?)

    • Leaning to relying on Attribute Resolver somehow to produce scope and audience claims for tokens

Tom

Other