Skip to end of banner Go to start of banner

2025-01-17

Skip to end of metadata

Created by Ian Young , last modified by John W. O'Brien on Jan 17, 2025

Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Shibboleth Developer's Meeting, 2025-01-17

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2025-02-07. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

Post-TechEx catch-up
Board updates

Attendees:

Brent

JSATTR-6 - Getting issue details... STATUS
- Just before leaving on winter break ran into a (hopefully minor) problem with adding Assertion validation. Existing code is built on use of ProfileRequestContext. Hopefully can just widen that to InOutOperationContext, which should fit this new use case.

Daniel

Henri

JOIDC-222 - Getting issue details... STATUS
- Current status for automatic registration PoC in the authorization endpoint
  - Trust chain resolution via metadata caches
  - Selection of the shortest local policy -compliant trust chain (via customizable function)
    - Trust Mark requirements may be configured on per Trust Anchor basis (OIDFED.AutomaticRegistration profile)
  - Metadata is currently stored via similar StorageService-backed ClientInformationManager as in dynamic client registration
    - Currently finishing PoC on an alternative that avoids storage by basing on metadata caches on all endpoints
      - Authorization code and access/refresh token claims sets carry the selected trust chain
- Other work items:
  - Metadata policy handling
    - Null handling, minor operator changes (add/value at least), order of custom operators
  - Explicit registration - especially if considered important by community
  - Federation policy constraints
  - Test automation - my local tests currently exploits GEANT testbed

Ian

John

SSPCPP-995 - Getting issue details... STATUS
- Fixed up the interactive build container
SSPCPP-991 - Getting issue details... STATUS
SSPCPP-999 - Getting issue details... STATUS
SSPCPP-1002 - Getting issue details... STATUS
SSPCPP-1003 - Getting issue details... STATUS
SSPCPP-1004 - Getting issue details... STATUS
Various image version bumps

Marvin

Phil

WebAuthn wiki doc updates
Some minor WebAuthn bug fixes
Looking for a WebAuth 1.1.0 release within the next few weeks to address:
- JWEBAUTHN-32 - Getting issue details... STATUS
- JWEBAUTHN-33 - Getting issue details... STATUS
- JWEBAUTHN-36 - Getting issue details... STATUS
- JWEBAUTHN-38 - Getting issue details... STATUS
- JWEBAUTHN-40 - Getting issue details... STATUS
Once 1.1.0 is out. Come back to prioritise other work.

Rod

SP - Swapping in the java code
SP - Working on the windows build.
- Do we want a CI job?
JSATTR-41 - Getting issue details... STATUS

Scott

SP ongoing
- Substantial work on the configuration and reused legacy components done with tests (RequestMap, some of the AccessControl support)
- Some renaming/refactoring done to migrate terminology to “Agent” from “SP”
- Building on Mac, close to building on Windows without any runtime dependencies
- Next major milestone is to get new agents loading on Apache, IIS (without doing anything yet)
- Started work on curl-based RemotingService

Tom

troubleshooting failing tests

Other

No labels