2022-05-20

Shibboleth Developer's Meeting, 2022-05-20

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-06-03. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

  • OP 3.2 scope/schedule

  • Time to branch for v5?

Add items for discussion here

Attendees:

Brent

Daniel

 

Henri

Ian

  • IDP-1892: Investigate forking Spring Web Flow for IdP 5Closed

    • I have a functional SWF snapshot for the Java 17 / Spring 6 / EE 9 environment.

    • Do we need a Jira project for this?

    • Response from Spring team that they will support SWF in this environment, and that they welcome our collaboration. Hopefully this means we don’t need to maintain a fork of our own long term.

  • JPAR-186: Create Java 17 + Spring Framework 6 + Jakarta EE 9 platformClosed

    • I have a functional 5.0.0-SNAPSHOT (without plugins).

    • Working on build infrastructure.

  • Not all RHEL rebuilds are the same.

  • Also, RHEL 9 is now a thing (Rocky 9 soon). Implications?

  • Also, RHEL 7 is not long for this world (GA: 10 June 2014, end of full support: 6 August 2019, end of maintenance 1: 6 August 2020, end of maintenance 2: 30 June 2024, “extended life” ends 30 June 2026, see here). Implications? (Part proposal: never support IdP v5 on RHEL 7)

John

  • AWS-based SP build goo

    • Got script working to build builder images under Jenkins. Doesn’t handle Fargate task re-definition, among other things.

    • Started working on script to use builder images to build RPMs. This one may be a bit gnarly.

    • Work-in-progress on aws branch in git.shibboleth.net:obrienjw/cpp-linbuild, occasionally rebased on main

  • Chasing Docker images du jour. Today: Rocky 8.6.

Marvin

 

Phil

 

Rod

  • OSJ-342: Investigate Strategies to end of life our use of Hibernate in V5Closed

    • Issues with HSQLDB and Transactional (ho ho) ‘Isolation’

      • Setting osolation level down to READ_COMMITTED (or READ_UNCOMITTED) makes things better (in terms of tests passing) but not perfect

      • Turning transactional retries up blows HSQLDB

      • Note that hibernate doesn’t set isolation - it appears to install its own TM.

      • Do we want to add Isolation level as a parameter to the Storage Service

    • Testing with SQLServer looking hopeful

      • Looks like I'm finding real bugs

      • But we are still occasionally retrying transactions more than 6 times.

      • Bumping retries to 12 works.

      • Sometimes

    • Do we want to add optional explicit locking (poor man's TM)?

Scott

  • SP prototyping

    • Process shutdown management still uncertain

    • A few outstanding Spring Integration questions but it’s working pretty cleanly minus TLS support

    • Messages are dispatched via a reloadable service to auto-wired Endpoint objects (e.g. an Echo service) that will make up the “business logic”

    • Exceptions raised anywhere once messages are sent to the main service method are turned into output objects for the agents to consume as errors, more or less how shibd works today

      • Probably need to throttle down the detailed stack traces by default

    • We’ll need at least the attribute and metadata services pulled out of the IdP and configured similarly here, and they’ll be injectable into the “business” objects as needed

Tom

  • Jetty 10 integration test weirdness

    • Classpath issues and odd behavior of Surefire plugin

Other