2014-10-24

Owned by Ian Young
Last updated: Oct 24, 2014 by Scott Cantor
2 min read

Shibboleth Developer's Meeting, Oct 24, 2014

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Normal schedule is to skip next Friday as it's the last Friday of the month. Any reason to vary that? 

60 to 90 minute call window.

Call Details

This week's call will use the Lync system at OSU. To participate, call:

  • +1 (614) 688-1800 (please use if possible)
  • +1 (800) 678-6114 (use only if you're charged for the 614 number)

The Conference ID is: 738127#

International participants should be able to access the 800 number without charge through Skype.

Attendees:

 

Brent

 

Daniel

 

Ian

 

Marvin

Completed profile-based CAS component configuration. Working on relying party configuration selection ala SelectRelyingPartyConfiguration/RelyingPartyConfigurationResolver. Expect to finish by next Fri with population of cas modules in java-identity-provider project.

Rod

  • Code tidy.  Knock off a few old cases still hanging around
  • Installer.  Adding (optional) AD config to windows install
  • Input needed:
    • SAML2 Attribute query
    • Chris Phillips's question about multi config load/ multi attribute load.

 

Scott

  • V2 changes done, patch Monday after next?
  • Attribute resolver testing and fixes, mostly done except for LDAP change I caused.
  • Will start looking at V3 -> V3 installer issues next
  • Started on SOAP logout endpoint stub, should finish next week while traveling
  • Need to redo attr-checker as an intercept flow
  • Need to build a Scripted impl of subject c14n
  • Reconfig'd shibboleth.net SP with Dynamic metadata, need to research some of what it's logging, but no problems so far
  • Project planning...

 

Tom

  • Consent
    • Blank userspace flows
      • I don't really like what I did, but the terms-of-use and attribute-release consent flow definition files in userspace are blank, their parents are in system/. I was thinking that this would present a blank slate for customization, but webflow "inheritance" is actually merging and I'm not sure we want to even pretend to know how folks could manage to get confused with that, with mergeable and non-mergeable elements, etc. So, maybe we should not have blank flows in userspace, and leave the beans in system/.
    • Revoke terms of use consent ?
      • The uApprove toggle on the login page for consent revocation is only for attribute release, should that include revocation of terms of use as well ?
    • TODO :
      • revisit error handling
      • cookie size limits
      • non-browsers
  • Do we still need the IdPPropertiesApplicationContextInitializer now that we have an installer ? If we need it, I'll need to look at IDP-378 (Tomcat and ../).

 

Other