2020-08-21

Owned by Ian Young
Last updated: Jul 29, 2021
3 min read

Shibboleth Developer's Meeting, 2020-08-21

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2020-09-04. Any reason to deviate from this?

60 to 90 minute call window.


Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.


AGENDA

Add items for discussion here

Attendees:


Brent

  • IDP-1657 - Getting issue details... STATUS
    • Fun with TLS!  We see different behavior when connecting to newer vs older target Linux systems with different versions of openssl.  Trying to confirm.


Daniel


Henri

  • Polishing  JOIDC-5 - Getting issue details... STATUS
    • Testing client secret value resolution on test deployment
    • Polishing the configuration XMLs (also help documentation)
  • Premilinary studying  JOIDC-13 - Getting issue details... STATUS

Ian

  • Mostly complete:  GEN-264 - Getting issue details... STATUS
    • gitolite-config and personal repositories still unconverted. Probably declaring victory, assuming people don't think it's worth fixing gitolite-config (would require changes to Gitolite itself).
    • Meanwhile, I observe that the main branch in java-idp-jetty-base and java-idp-tomcat-base is surplus to requirements.
      •  
      • Proposal: remove the main branch in these two repositories and set HEAD to the most recent numbered branch (e.g., 9.4 for java-idp-jetty-base).
        ok with me --Tom
  • Progress on  JPAR-132 - Getting issue details... STATUS  (for  MDA-65 - Getting issue details... STATUS )
    • Have this working on one module (the important one) in java-metadata-aggregator. You can see it as part of the site for the product here:
    • Changes seem minimal:
      • Needs a build plugin instance and a reporting plugin instance.
      • Need to add test to the command line used to build the site, or it doesn't include it (probably fixable, if we care).
    • We could probably add these to the parent POM if we wanted this everywhere. I don't know if it would work everywhere, of course.
    • There's a Jenkins plugin to allow you to graph a summary from job results, perhaps the nightlies? Not using that yet.
    • Example output from mvn clean verify (with <haltOnFailure>false</haltOnFailure>):
      [WARNING] Rule violated for bundle aggregator-pipeline: classes missed count is 4, but expected maximum is 0
      [WARNING] Rule violated for package net.shibboleth.metadata.pipeline: instructions covered ratio is 0.69, but expected minimum is 0.80
      [WARNING] Rule violated for package net.shibboleth.metadata.pipeline: classes missed count is 3, but expected maximum is 0
      [WARNING] Rule violated for package net.shibboleth.metadata.dom: instructions covered ratio is 0.78, but expected minimum is 0.80
      [WARNING] Rule violated for package net.shibboleth.metadata: classes missed count is 1, but expected maximum is 0
      [WARNING] Rule violated for package net.shibboleth.metadata.dom.impl: instructions covered ratio is 0.67, but expected minimum is 0.80
      [WARNING] Rule violated for package net.shibboleth.metadata.pipeline.impl: instructions covered ratio is 0.75, but expected minimum is 0.80


John


Marvin


Phil

  • Some leave, plus one more day tomorrow so will not be able to attend.
  • Closed  JDUO-10 - Getting issue details... STATUS  thanks to Scott's work on  IDP-1652 - Getting issue details... STATUS
  • Spent some time understanding where the supported principals were set, overridden, and used in order to (I think) add a strategy sensibly to the Duo validation action e.g.  JDUO-5 - Getting issue details... STATUS  (leaving open for now).
  • Updated to the latest Duo SDK ( JDUO-4 - Getting issue details... STATUS ). Adds more validation including id_token authentication.
  • Plugin POM now has the java-parent as the parent, works well. Updated to make explicit SL4FJ in the plugin.
  • Still, cleanups and tickets left.


Rod

  • Plugin management.  Installation now works (as does listing).
  • Update is all that left
  • Plus bugs
  • Plus tweaks:
    • UI work sucks.  The plugin interface will need extensive feedback.  Right now my approach is "The Perfect Is The Enemy Of The Good" 
  • Thinking about optional config files - I'd like to discuss briefly.


Scott

  • More support stuff than usual
  • JPAR-171 - Getting issue details... STATUS
  • IDP-1652 - Getting issue details... STATUS
  • IDP-1642 - Getting issue details... STATUS
  • Work all over the map on configuration, auto-wiring collections of configuration objects
  • Eliminated two existing files for the majority of deployers (some properties added or reworked to get at settings, so property file added)
  • Working on more property-driven settings for authentication flows
  • Will need to revamp more internals to autowire more objects like Principal serializers, Transcoder naming registry, all the lists that cause problems for plugins
  • Going from basic to advanced cases probably will need to rely on some way to document or produce XML snippets


Tom

Other