2018-11-02

Shibboleth Developer's Meeting, 2018-11-02

Call Administrivia

10:00 Central US / 11:00 Eastern US / 16:00 UK

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2018-11-16. Any reason to deviate from this?

60 to 90 minute call window.


Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.


AGENDA

Add items for discussion here

  • (iay) Branching OpenSAML and IdP for V4.0; is it time?
    • Conclusion: yes, it's time. iay will branch over the weekend; iay/tz will look at Jenkins early next week
    • No structural changes yet until we have decided scope. To be raised by Scott with Board. So for now, no removal of deprecated stuff but things round the edges – and technical work for Java and Spring versions – are fair game post-branch.
    • Hard branch: no work to be done on maint branches unless associated with a planned patch release.
  • (rdw) Ditto the wiki,
    • Conclusion: not necessary yet
  • (iay) Proposal: use Java 8 parent project for now, with Spring 5.1.1 and other modern dependencies, as Maven Java 11 tooling is still flaky. Should be good in a few months.
    • Conclusion: OK
  • (Phil) If possible, quick update on MPASSid social auth implementation for the IdP.  

Attendees:


Brent


Daniel


Ian


Marvin

  • IDP-1354 fixes CAS proxy bug for 3.4.1.
  • Lesson learned: flow tests must exercise the context tree in the same way as "real" runtime processing.

Phil


Rod

  • Apologies for leaving early
  • Nothing much.  
  • Last lap of KeyInfo testing.
  • Some prep for 3.0.next
    • OpenSSL 1.1.1 (new build)
    • Curl 62.0 (but a patch may be coming)
  • Tom's issue below is classpath and URI - see this comment and following.
    • Don't use backslashes
    • Don't fork (because that will use backslashes)
    • This is probably best done as a JIRA case since it gives us findable history.


Scott

  • getWholeText postmortem, separate bug filed to review any remanining uses
  • xml-sec-c 2.0.2 will release today, I can publish Linux packages for that ahead of new SP release
  • xmltooling and SP 3.0.3 are about ready but could use more testing with OpenSSL 1.1 and curl apparently has bugs in their big bang release with TLS 1.3 support (shocker)
  • Experiences with null checking

Tom

  • IdP 3.4.1
  • Windows paths : 

    stack trace excerpt
    ERROR [org.springframework.web.context.ContextLoader:350] - Context initialization failed
    
    org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean definitions from relative location [general-admin-system.xml]
    
    Offending resource: file [C:\workspaces\shib\java-idp-integration-tests\test-distributions\20181029-14315280\system\conf\global-system.xml];
    
    
    nested exception is org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Failed to import bean definitions from relative location
    [conditional:C:\workspaces\shib\java-idp-integration-tests\test-distributions\20181029-14315280/conf/admin/unlock-keys.xml]
    
    
    IOException parsing XML document from URL
    
    
    [file:/C:/workspaces/shib/java-idp-integration-tests/test-distributions/20181029-14315280/system/conf/conditional:C:/workspaces/shib/java-idp-integration-tests/test-distributions/20181029-14315280/conf/admin/unlock-keys.xml];
    
    
    nested exception is java.io.FileNotFoundException:
    C:\workspaces\shib\java-idp-integration-tests\test-distributions\20181029-14315280\system\conf\conditional:C:\workspaces\shib\java-idp-integration-tests\test-distributions\20181029-14315280\conf\admin\unlock-keys.xml
    
    
    (The filename, directory name, or volume label syntax is incorrect)
  • Some redo of integ tests profile and versions
    • Now testing Tomcat 8.5 and 9.0 as 8.0 is way EOL
  • Which runtime Java versions should we test against ? 8 and 11 ? (the free LTS ?)
  • (back burner) Jetty 9.4 SSLLabs score
  • (back burner) Nexus 3 and Maven Enforcer rule


Other