Shibboleth Developer's Meeting, Aug 01, 2014

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Next call is next Friday. Any reason not to meet ?

60 to 90 minute call window.

Brent

Daniel

Ian

Rod

Mostly cleanup and closing off cases:

• JRE 1.8 progress as discussed (IdP-394).  Will complete this week
• Scripted Data Connector (IdP 447) .  This required a side swipe through the other scriptedXXX parsers to fix some issues with property replacement and parsing (IdP 354)
• Finished revert of legacy RP syntax (IdP 401)
• FileBackedHttpResource (IdP 443).  Note that this 'punts' on configuring the HttpClient.
• Implemented Actions to refresh (a) Metadata and (b) Services (IdP 72).  Still needs a web pages to be designed around it
• Continued on populating a context with information about the RP harvested from its metadata.

Scott

Checked in new DataSealer and KeyStrategy classes along with new command line tool to roll AES keys

Reviewed and fixed some authentication flow behavior

Added two major new authentication features:

• • Ability for one flow to signal that another should run
    • MCB includes options allowing it to list methods user can choose. I don't want to build that into the core code, I'd rather that be a pseudo-flow that can be used to signal the next flow to attempt to bypass normal selection behavior
  • Option for "initial" authn flows that run when no session exists, independent of SP request context
    • Similar, but not the same as, an MCB feature that mostly forces password logins so user can be looked up to find out what higher assurance methods he/she is approved for
  • Will be handing this off to Paul to look at

Probably will look at logging next

Tom

Other