2022-07-15
Shibboleth Developer's Meeting, 2022-07-15
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-Aug-05. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Add items for discussion here
Attendees:
Brent
JCOMOIDC-45: Add a Decrypter for JWE tokens similar to the opensaml DecrypterClosed
Reviewed and gave Phil some feedback. Sounds like he’s in the midst of incorporating some of it.
Daniel
https://shibboleth.atlassian.net/browse/MCINECA-9
patch in progress on the ldaptive v2 code base
IDP-1963: Update ldaptive to version 2 for IDP version 5Closed
Henri
Ian
Two weeks later, definitely mostly recovered now. Running a week or so behind, though. Spoke a little soon, back in for more tests today so won’t make this meeting after all.
IDP-1892: Investigate forking Spring Web Flow for IdP 5Closed
Our initial Spring Web Flow pull request has been merged, expect 3.0.0-M1 to be available later this month, probably around 2022-07-20. For now at least, I continue to maintain our fork.Scott’s initial patch has also been merged, and incorporated in their codebase and into our fork.
Spring Framework 6.0.0-M5 has been released. Integrated into our SWF fork, not yet into theirs or into our software stack (working on that).
Spring Framework 5.3.20, 5.3.21 and 5.3.22 have been released since we last bumped it for the v4 stack. Do we want to unlock to allow continuous testing, or leave it until we need to make a release? (I didn’t see anything significant reviewing those releases, but…)
Scott: spotted this: `GenericApplicationContext` does not honor `ProtocolResolver` when a resource loader is set via `setResourceLoader()` · Issue #28703 · spring-projects/spring-framework
That’s high risk for us, so suggest we bump to latest.
Rocky Linux 9 final RC/GA has been built; release expected RSN.
John
Rocky Linux 9 was released yesterday. Starting work to add support for it in cpp-linbuild.
SSPCPP-950 cpp-linbuild doesn't build under aarch64 for rockylinux8
Add support for cross-building or not?
Marvin
Phil
JCOMOIDC-45: Add a Decrypter for JWE tokens similar to the opensaml DecrypterClosed
Thanks to Brent for the detailed feedback
Added more criterion for the credential resolvers to filter on (via the AbstractCriteriaFilteringCredentialResolver)
Key Agreement stuff needs work. I am not entirely sure I understand how that works in this context.
Needs more checking and work
Is there a natural way to add things to the
credential-criteria-registry.properties
.LocalCredentialResolver type next
JOIDCRP-15: Support Request Object by ValueClosed
JOIDCRP-17: Add JWT Encryption Parameter Resolver SupportClosed
To encrypt the RequestObject if configured. WIP
Defaults to signed by not encrypted.
JOIDCRP-16: Add a relying party signing parameters resolverClosed
Supports Request Object signing. Is defaulted to always signing.
Rod
JDBC Storage plugin - multiple bugs & releases
Windows installer - 4.2.1.1 released to fix a logging issue and a Jetty issue.
JSPT-98: Integrate lifecycle checking methods in base classesResolved
First pass complete.
Need closure on names:
throwSetterPreconditionExceptions
→doSetterPrecondition
throwComponentStateExcpeptions
→doComponentExceptions
(my preference:checkComponentActive
?)
JSPT-118: Make Component Initialization & destruction non-idempotentClosed
Note that this is about
initialize
/destroy
(dodoinitialize
/doDestroy
)Let's discuss in the case.
Next up - more tidy (probably IDP-1959: IdPAttributes to stop carrying Display InformationClosed)
Scott
IDP-1960: Refactor SP-relevant components into separate projectsClosed
Will start looking at admin logout for V5
Tom
nothing to report
Other
`