Shibboleth Developer's Meeting, 2025-01-17
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2025-02-07. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
Post-TechEx catch-up
Board updates
(Brent) Zoom AI features?
Just before leaving on winter break ran into a (hopefully minor) problem with adding Assertion validation. Existing code is built on use of ProfileRequestContext. Hopefully can just widen that to InOutOperationContext, which should fit this new use case.
Nothing to report
Current status for automatic registration PoC in the authorization endpoint
Trust chain resolution via metadata caches
Selection of the shortest local policy -compliant trust chain (via customizable function)
Trust Mark requirements may be configured on per Trust Anchor basis (OIDFED.AutomaticRegistration profile)
Metadata is currently stored via similar StorageService-backed ClientInformationManager as in dynamic client registration
Currently finishing PoC on an alternative that avoids storage by basing on metadata caches on all endpoints
Authorization code and access/refresh token claims sets carry the selected trust chain
Other work items:
Metadata policy handling
Null handling, minor operator changes (add/value at least), order of custom operators
Explicit registration - especially if considered important by community
Federation policy constraints
Test automation - my local tests currently exploits GEANT testbed
Fixed up the interactive build container
Various image version bumps
WebAuthn wiki doc updates
Some minor WebAuthn bug fixes
Looking for a WebAuth 1.1.0 release within the next few weeks to address:
Once 1.1.0 is out. Come back to prioritise other work.
SP - Swapping in the java code
SP - Working on the windows build.
Do we want a CI job?
Use of WinHttp
SP ongoing
Substantial work on the configuration and reused legacy components done with tests (RequestMap, some of the AccessControl support)
Some renaming/refactoring done to migrate terminology to “Agent” from “SP”
Building on Mac, close to building on Windows without any runtime dependencies
Next major milestone is to get new agents loading on Apache, IIS (without doing anything yet)
Started work on curl-based RemotingService
troubleshooting failing tests