From 04/23/2009 to 05/22/2009


08:54 AM Feature #10: SPEP to use KeyStore resolver for local public keys
Also affects the Apache/IIS SPEP code. S M
12:09 AM Feature #31: Merge SSO pipeline code into trunk
Merged trunk and feature branch to create new branch source:branches/ssopipeline (r1383) S M
12:07 AM Feature #31: Merge SSO pipeline code into trunk
Requires testing to ensure that POST plugin has not regressed from current set of functionality, at least. Redirect should also be thoroughly tested. S M


11:38 PM Feature #21 (Closed): Make Metadata processing more generic
11:34 PM Bug #15 (Closed): Manager error messages disappear too quickly
11:34 PM Bug #14 (Closed): ESOE Manager's delete icon is ambiguous
11:32 PM Bug #13 (Closed): OSX Leopard XML parsing problem
Can't fix this, it's an issue with Xerces which should be solved by the upgrade to 3.x (#12) S M
03:09 PM Bug #30 (Closed): Base64 redirect URLs are mangled when they contain a + character
Applied in changeset r1380. S M
03:09 PM Revision 70202161c973350e7235a8e441352be6eb52191d: Fixed the handling of space characters in Base...
Fixed the handling of space characters in Base64 messages. Previously, they were just ignored, but now we change them back to + symbols. Fixes #30 S M
01:17 PM Bug #30: Base64 redirect URLs are mangled when they contain a + character
In the Apache SPEP: When there is a + character in a Base64 encoded URL, the redirect from /spep/sso back to the requested content causes an internal server error. S M


01:46 PM Revision 7ff3b358bb50e9956401501abad657fa3332d1a3: SPEP data is now pushed into Grails before the...
SPEP data is now pushed into Grails before the controller is invoked. S M
10:38 AM Revision 90254fe556b7e23c815c1ceda11882c64c6d19c0: spep-grails: Updated svn:ignore, and made the ...
spep-grails: Updated svn:ignore, and made the Install script more informative. S M
10:09 AM Revision f82800fe2a3595845488a3b6b723135a3d15919f: Creating project directory for SPEP Grails plu...
Creating project directory for SPEP Grails plugin. S M


06:43 AM Feature #29: Formatted interval/timeout parameters to monitor type classes
A nice feature would be the modification of properties that specify a timeout or interval value, to include a unit quantifier rather than always assuming some base unit of time. For example: where currently the parameters passed into monitor type ... S M
06:43 AM Documentation #28: Create ESOE flow chart
Create a flow chart to better describe flows of information around the ESOE to make it easier for new users to understand S M
06:41 AM Bug #27: ESOE single logout hangs when an SPEP is unresponsive.
Terminating a user session hangs the user agent (browser) for the duration of the web service timeout (60s) if the SPEP does not accept the web service connection. This could potentially be fixed by offloading the single logout web service call... S M
06:41 AM Feature #26: Introduce the ability to configure whether cookies are secure.
The code for setting various cookies has been changed to use insecure rather than secure, as testing on web servers that had no SSL connectivity was proving difficult. This should be changed so that an option can be configured in esoe.config to en... S M
06:40 AM Feature #25: Complete support for HTTP Redirect
Update HTTP Redirect impl to support signatures S M
06:40 AM Documentation #24: Provide some sample code in web application to detect that browser cookies are...
Provide some example code for web portals to detect that browser cookies are disabled and display message that users should enable them. S M
06:39 AM Bug #23: IssuerID is not required on SAML RequestAbstractType
project esoecore, class AuthenticationAuthorityProcessorBase, method execute(): In the following line: data.setIssuerID(data.getAuthnRequest().getIssuer().getValue()); you assume that the request always has an issuer-id != null. Ac... S M
06:39 AM Feature #22: Blank screen on auth problem
If the backend ldap server used for auth and identity is dead the user is not presented an error page. The system instead fails to a white page at /signin S M
06:39 AM Feature #21: Make Metadata processing more generic
The metadata retrieval process is currently quite rigid to our specific requirements. Allow for more flexibility in processing of metadata documents, expose all aspects of a SAML 2.0 metadata document to callers, allow for multiple metadata doc... S M
06:38 AM Feature #20: Improve attribute release security
The current Attribute authority implementation should be overhauled to switch from an "all attributes" mode on AA requests to an "approved attributes" mode on a request. Approved attributes should be determined based upon the active metadata fo... S M
06:38 AM Feature #19: Dynamic Attribute Updates
Currently all attribute data is stored in a database in a schema valid XML document, this document is only parsed and Attribute Authority/Sessions Create configured at ESOE startup. Re-engineer this code structure so that a thread regularly pol... S M
06:38 AM Bug #18: SPEP registration in the database is per-entity, not per-node as it should be
(r:1200) only queries by EntID, not by NodeID as it should. The update is done similarly so that only one entry will exist per SPEP Entity, regardless of how many nodes it has. S M
06:37 AM Feature #17: Add external users to confluence group
Add a feature to the confluence/jira integrator that will identify users who have logged in from an external ESOE source and add them to a client specified group. S M
06:37 AM Feature #16: SPEP Java configuration validation
Verify SPEP startup processes to make sure that any missing configuration is appropriately logged for the user. On 0.7.0 when missing a variable no logging was present. Please also ensure logging is appropriate which properties file is missing ... S M
06:36 AM Bug #15: Manager error messages disappear too quickly
Red error messages at the top of the page disappear too quickly to be read or copied. Suggest putting a "dismiss" icon and making errors remain indefinitely. S M
06:35 AM Bug #14: ESOE Manager's delete icon is ambiguous
The delete icon (red circle with - sign) is a little ambiguous. Suggest either putting a tooltip or description on the icon where it is used, or changing the icon to something more obvious, like the cross icon for a deactivated service. S M
06:35 AM Bug #13: OSX Leopard XML parsing problem
The SPEP fails to parse metadata correctly on OSX Leopard giving the following error: (extra debug output included). 2008-01-14 13:47:06 [ERROR] spep::MetadataThread - Invalid metadata document. Unmarshalling failed: SAXException while unmarsha... S M
06:34 AM Feature #12: Upgrade to support XSD 3.2.0 & Xerces 3.0.1
Upgrade to latest release of XSD and Xerces. Need to regenerate the XSD bindings code. S M
06:33 AM Bug #11: IdentifierCacheImpl takes to long to complete cleanCache
When large numbers of sessions are recorded in ESOE the cleanup code in public int cleanCache(int age) blocks for a long period of time as the map is synchronized and lots of processing going on. This causes all other clients connecting to ESOE... S M
06:33 AM Feature #10: SPEP to use KeyStore resolver for local public keys
Allow SPEP to use a KeyStore resolver to retrieve multiple keys for metadata keys. This will allow for smooth expiry of metadata key content with services updated in advance S M
06:33 AM Bug #9: Repeated error messages on Intel Mac OSX 10.5
The process has forked and you cannot use this CoreFoundation functionality safely. You MUST exec(). Break on __THE_PROCESS_HAS_FORKED_AND_YOU_CANNOT_USE_THIS_COREFOUNDATION_FUNCTIONALITY___YOU_MUST_EXEC__() to debug. This does not appear to... S M
06:32 AM Feature #8: Logging improvements
This was originally logged against the IIS SPEP project. S M
06:32 AM Feature #8: Logging improvements
Null characters are present on some log messages in the log Log library needs improvements More log output across the projects S M
06:31 AM Feature #7: Verify that signing key belongs to issuer
At the current time, the signature on a document is validated without verifying that the supposed issuer is the owner of said key. Need to validate that the owner of the key is also the issuer of the document. S M
06:31 AM Bug #6: Validate xalan.jar and jaxb-jvm1.4.jar as being required in endorsed directories
Appears they may not be required in the endorsed directory, jaxb-jvm1.4.jar in the webapp itself and xalan not needed at all. S M
06:30 AM Bug #5: Extra nulls appended to authn request
When creating requests to send to the ESOE extra nulls are appended by the writer, need to terminate output at the end of character data not end of the buffer S M
06:30 AM Feature #4: Remove SPEP Authn bean depecency on HttpRequest and HttpResponse
Line 211 of AuthnProcessorServlet populates request and response objects when really all we need is strings. S M
06:29 AM Feature #3: Change the way cookie clear operates
Two things need to change to make cookie clear function correctly (and therefore stop lazy session init causing session invalidation on every request). - Fix the cookie clear config so that a hostname or a domain can be set, at which to clear t... S M
06:28 AM Bug #2: MySQL creation script does not set handle case when log_bin_trust_function_creators = 0
Function creation routines currently break MySQL deployments where log_bin_trust_function_creators = 0 The temporary correction to this problem is 'set GLOBAL log_bin_trust_function_creators=1' when running the MySQL creation script. "The i... S M
06:27 AM Bug #1: ENTITYID field is too long
On database creation, error message "Specified key was too long; max key length is 767 bytes" appears. As this is a UTF-8 field, it needs to be shortened to 255 characters (currently 512), as UTF-8 characters are calculated by MySQL as being 3... S M
« Previous
Next »

Also available in: Atom