Page tree
Skip to end of metadata
Go to start of metadata

Shibboleth Developer's Meeting, 2015-02-06

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2015-02-20. Any reason to deviate from this?

60 to 90 minute call window.


Call Details

This week's call will use the Lync system at OSU. To participate, call:

  • +1 (614) 688-1800 (please use if possible)
  • +1 (800) 678-6114 (use only if you're charged for the 614 number)

The Conference ID is: 738127#

International participants should be able to access the 800 number without charge through Skype.




  •  V2 Release
  • Open Issues
    • OSJ-83 -  HttpClient + TrustEngines
    • OSJ-104 - bug in metadata encryption params resolver
    • SSPCPP-642 and IDP-574 - general "algorithms in metadata" topic - anything to discsus?
  • Research on OpenSAML 2.x + xmlsec 2.x - bug report from CXF/WSS4J/Santuario
  • I have been learning Git - whoohoo!
    • state of Eclipse support? Any gotchas, need-to-knows?
  • Starting to re-familiarize myself with the delegation code.



  • vt-ldap 3.3.9
    • no longer supports referral chasing with credentials using startTLS
  • ldaptive 1.0.6
    • would like this to make v3.1
  • OSJ-101
    • Incorrect API implementation, working on unit tests
  • OSJ-103
    • Documentation needed for JPAStorage schema, users should not use auto generated




  • Nothing to report.


  • Agenda item: IDP-592
  • Have been working on Documentation and EDS
  • EDS V1.1.  
    • ARIA (screen reader) proceeding very well.  Big thanks to the two Keiths @ Illinois.
    • Final adjustments pending,
    • Peter (Vienna) ran out of time so I need to double test his fixes
    • Would like to run the RC2 on our SPs onces its done. (next week?)




  • log4shib update to fix remote syslog support
  • xml-security update to hopefully fix ECDSA signature support
    • Tried against IdP but had trouble with Java parsing the certificate
  • A couple more bugs to try and reproduce and then it's done


  • IDP-585, 586 - Resolver bugs around caching while testing the null value fix last weekend
    • Spring parser for ResultCache was getting very hairy so I disabled support for cacheResults, don't know how far back we formally deprecated it
  • IDP-564 - Prevented override of storage plugin for replay and artifact caches
  • IDP-578 - Regression where attribute resolver failure aborted flows, now an option people can control
  • IDP-595 - Forgot to implement WantAssertionsSigned
    • Decided to leave this as a "special" override rather than handle through predicates directly

Would like to look at releasing 3.1 within a couple of weeks if we can get the storage bugs fixed.


Would like advice regarding the consent related JPA storage service issues OSJ-101 (masking I/O errors) and OSJ-103 (storage record value size).

Started looking deeper at Web/HTML5/Local Storage, doesn't seem to fit our server-side storage service model. Would be good to bounce ideas of off someone.






  • No labels