Collection point for discussion around V4 scoping, before we turn this into formal JIRA issues. Emphasis on anything we might do that would require interim work on 3.4 to prepare for.
- Require Java 8 (theoretically could be 9, but seems unlikely)
- Spring Framework 5
- Need to validate Spring WebFlow sooner rather than later
- Deprecated or embrace Rhino? Or Nashorn?
- Code Coverage - we used it early in V3, Adopt or drop.
- Remove use of parameterized constructors - IDP-1047Getting issue details... STATUS , - IDP-1054Getting issue details... STATUS (and others)
- Generics in API classes - IDP-316Getting issue details... STATUS (and others)
- Deprecate SVN Resource and replace with "something" (see also here)
- Other code cleanup
- Move Attribute Encoding elsewhere
- Fix use of impl classes in deployer wiring of connectors - IDP-1179Getting issue details... STATUS
- Mixed Mode language (allow raw spring inside attribute-resolver &c, and get it parsed inside the same spring context tree) - JSE-18Getting issue details... STATUS
- Multi- Attribute sources, attribute decoding (and gateways) - IDP-926Getting issue details... STATUS and many many more
- Container work (jetty-base, windows installer, containers, java (see also - IDP-1092Getting issue details... STATUS and many many many more
- Type conversion in data connectors - IDP-514Getting issue details... STATUS
- Signable Config - IDP-448Getting issue details... STATUS
- ValidUntil Metadata filter - IDP-693Getting issue details... STATUS
- Old style transients in the attribute encode
- UK Federation issue?
- Data Connectors shared between users (some write back some dont) - IDP-1052Getting issue details... STATUS
Remove the text-based status view and point the status command line at the metrics interface.
- Perhaps turn text view into a prettier view of more information
Unless explicitly noted, everything proposed currently warns in the log.
- 'Legacy' (V2) relying-party.xml. and security name space
- This is currently not warned on
- The security name space is, in addition used in support of complex metadata configuration (e.g. X509 signature validation). We should remove this and document how to do it with attendant spring wiring.
- Removing this will allow cleanup in metadata-providers parsing (for example the <MetadataResolver> parser needs to be aware that it might be top level or it might be below a <RelyingParty>)
- Legacy Principal Connectors
- Plus a lot of upstream code.
- Currently warned on (since 3.0)
- Will this allow refactoring of the C14N code to remove hooks for legacy support?
- Legacy namespaces for Attribute Fitering and Resolution
(urn:mace:shibboleth:2.0:afp:mf:basic, urn:mace:shibboleth:2.0:afp:mf:saml, urn:mace:shibboleth:2.0:attribute:encoder, urn:mace:shibboleth:2.0:resolver:ad, urn:mace:shibboleth:2.0:resolver:dc, urn:mace:shibboleth:2.0:resolver:pc)
- Currently warned on (since 3.3, 3.2)
- Legacy NameID-based AttributeEncoders
- Making the work context available to to Attribute Scripts
- Warned on
- Can then remove
- mergeResults attributes (deprecated since V2.?)
- queryUsesStoredProcedure & cacheResults attributes (deprecated in V2?)
- Attribute Filter details
- Issuer filters (Not implemented and warned on in V3.)
- Rule References
- Attribute <Dependency> - IDP-680Getting issue details... STATUS (Plus a lot of upstream code.)
- Old style scripted attributes
- Old style (pre 3.3) MFA
- Will be tricky but need to warn on property and flow use if we can
- Resources and end-of-life-ing of other custom schema
- Change default audit log format
There are many deprecated methods and classes (also Interfaces) which currently do not log warnings. Probably need to review and, if appropriate add warning for 3.4.