2014-03-07

Owned by Tom Zeller
Last updated: Mar 13, 2014
2 min read

Shibboleth Developer's Meeting, March 07, 2014

Call Details

Toll / Intl #: +1 (201) 479-4595
Toll-Free #: N/A
Meeting Number: 23587231

Attendees: Brent, Daniel, Ian, Rod, Scott, Tom, U Toronto

 

 

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Dial-in attendee identification.

Next call is next Friday. Any reason not to meet ?

60 to 90 minute call window.

 

Brent

  • OSJ-64: Completed support for algorithm whitelist and blacklist eval in signature validation and decryption ops.
  • Next up: working on realizing concrete ideas for security config stuff, i.e. -Configuration interfaces and related -Resolvers and related issues.

 

Daniel

 

Ian

  • Fuze free toll dial-in coming to an end
  • Scott can provide Lync, even with toll free dial-in; do we want to try that?
  • Note: next week UK time of call will change, because of US time change
  • Logging dependencies

Rod

  • Relying party and Profile configuration parsers
  • Hunting for a side channel for spring parsing so we tease RP&profile config away from metadata.

Scott

  • Built "new" style transient NameID generators sharing code with old attribute defns
  • Refactored subject-config beans to reduce user-space visibility into the guts
  • We still need to do Persistent/Stored ID work, generation and consumption

 

  • Completing refactored SAML building actions, moving a lot of code into OpenSAML, creating lookup functions to access IdP config/state
  • Started reviewing security parameter positioning
  • Started updating SAML 1 SSO profile flow documentation to find the missing bits and fill them in
  • Looking for places to de-emphasize BasicMessageMetadataContext

Noting we need to enhance the metadata lookup action to be able to support at least two, maybe N, roles during lookup (e.g. attribute query requester lookup case, allow either custom role extension or SPSSODescriptor, which we lost in V2).

Tom

  • IDP-380 Spring Tool Suite ? Add Spring nature to .project(s). Only use the required and Web Flow plugins ?
  • Would like to avoid system properties.
    • JNDI ?
  • Running IdPv2 in Eclipse.
    • Would we ever change the compiler version from 1.6 in v2 parent POM ?
    • Educating myself regarding client cert authn, i.e. the DTA plugins
      • Supposed to send my DTA test scripts to Unicon
  • IDP-369 Prototype checking : move to spring-extensions
  • JSPT-43 IdentifiableBeanPostProcessor : move to spring-extensions
    • Need to identify Spring context "boundaries" so that post processors are configured in XML properly
      • Abstract flow definitions files to make context creation "boundaries" clear
  • Maybe talk about Component, Identifiable/Identified/Initialized/Destructable Component stuff.
  • Eclipse 4.3.2
    • Subversion 1.8

Other