2024-03-01
Shibboleth Developer's Meeting, 2024-03-01
Call Administrivia
09:00 Central US / 10:00Â Eastern US /Â 15:00Â UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2024-03-15. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Release schedule - give it another week for final testing?
Firm freeze next Monday, March 4th. Week for testing and bug fixing, release the week of March 11th.
Jetty 12
Checkstyle – any changes warranted after the release? Move to remote config perhaps?
WebAuthn alpha announcement
Add SHIBBOLETH_SNAPSHOT_PGP_KEYSÂ download example to the Plugin testing page
Board update
Attendees:
Brent
Fun with the Eclipse Checkstyle plugin
Santuario 3.0.4 issue
Daniel
Â
Henri
https://shibboleth.atlassian.net/browse/JOIDC-13
Conformance suite tests passing with IdP 5.0 (with two Velocity template changes) and with 5.1 (no changes)
Initial documentation drafted at https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/3466559581
https://shibboleth.atlassian.net/browse/JOIDC-182
Changed the wiring to exploit ConditionalResource
Ian
Dependencies for v5.1 in decent shape:
Santuario 3.0.4 breaks our tests (https://shibboleth.atlassian.net/browse/OSJ-400 )
Looking into bumping logback and Jackson to their next minors (have updated to latest patch)
Skipping test and build dependencies for now.
commons-dbcp2 is two minors behind, but updating to the very latest brings in new keys.
John
No updates. Still up to my eyeballs in competing demands for my attention.
Marvin
Â
Phil
Commons:
https://shibboleth.atlassian.net/browse/JCOMOIDC-101 - Scott found an issue with the IdP which needed fixing in commons
ODIC RP
https://shibboleth.atlassian.net/browse/JOIDCRP-56 - Same as IDP-2251 but for the RP.
https://shibboleth.atlassian.net/browse/JOIDCRP-54 - Added a hook to allow arbitrary claims to be added to the request object
DuoOIDC
Duo passwordless videos
WebAuthn
https://shibboleth.atlassian.net/browse/JWEBAUTHN-2 - Thanks Tom (Jenkins work) and the Yubico guys (Signature work), this is now running and deploying to Nexus.
Fixes, ready for alpha on agenda
Maybe we should target 5.1 to enable the username caching support.
Â
Rod
Nothing of note
Â
Scott
5.1 cleanup and testing
https://shibboleth.atlassian.net/browse/IDP-2251
This does break something that was accidentally working but not strictly intended to, I don’t see an alternative at this point.
Duo Passwordless bug fixing
Support time ramping up with people finally moving to 5.0
https://shibboleth.atlassian.net/browse/JTHYMELEAF-2
No response from the developer
SP – reviewing state of my POC code and reconfiguring to explore the idea of an IdP plugin model
Santuario – as expected, mostly a couple of people suggesting it’s better to fork it than keep it at Apache
Tom
https://shibboleth.atlassian.net/browse/IDP-2243 not enabled yet, but basic SSO test working via Jenkins
assert keyword ? needs to be enabled at runtime with -ea ? (Ian: I think when we looked at this last time the conclusion was that assertions weren’t enabled by default at runtime, so shouldn’t be relied on for functionality. I believe we determined that they are enabled during tests, so they can be used instead of
Assert
when appropriate.)
Other
Â