Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Shibboleth Developer's Meeting, 2024-10-04

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2024-10-18. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

Add items for discussion here

Attendees:

Brent

Daniel

Henri

  • JOIDC-227 - Getting issue details... STATUS

    • Very simple to fix but was time-consuming to find

  • JOIDC-200 - Getting issue details... STATUS

    • JOIDC-225 - Getting issue details... STATUS

      • New lookup functions serve PAR and JAR (request-object logic) in a thread-safe fashion

    • JOIDC-229 - Getting issue details... STATUS

      • Previously the invalid scopes have simply been filtered out

  • JOIDC-231 - Getting issue details... STATUS

    • Switched the workaround for the Nimbus' resource parameter handling

  • JOIDC-230 - Getting issue details... STATUS

Ian

John

Marvin

Phil

Rod

Its all about the Jetty plugin.

  • Bludgeoned (I used the verb advisedly) a bat file to configure jetty as a system service on windows

    • Much testing and fine tuning needed

  • Started the documentation.

    • Now is not the time to publish it (I believe)

    • I need someone else to write the unix bits

    • And review always welcome

Scott

  • SP patch getting closer to ready, Xerces 3.3.0 should be voted out next week or the week after.

    • Planning to move the build for Windows up to the latest everything, OpenSSL 3.3.2, etc., so needs more testing than usual.

    • OpenSSL 3.3 Windows debug build emits a ton of warnings about corrupt debugging info, not sure what it means.

  • Unit testing of the new SP’s SAML ACS flow ongoing

    • Most of the servlet request access challenges there seem to be solved, required some changes to OpenSAML to bypass some checks and assumptions

    • The SP Servlet object injection model is basically a try/finally around a call to set and clear the SP’s thread local servlet objects, so usually the model is to subclass an OpenSAML class, and call doExecute, doDecode, etc. in the try clause.

    • Not sure how much I can unit test the artifact binding, maybe something like what CAS tests do with Jetty, not sure.

Tom

Other

  • No labels