Release 0.14.0 Status

[larry mccay <lm...@apache.org>]

All -

I have identified a couple other blockers for this release and they are
delaying the creation of a new RC.

Pac4J is becoming more and more important as KnoxSSO is being used more.

* KNOX-1119 is intended to acquire a meaningful identity attribute from the
resulting UserProfile rather than just the ID. This is especially important
for the indirect authentication clients in pac4j such as SAML, OAuth,
OpenID.

* KNOX-1120 is intended to complete the migration to pac4j 2.1.0 which
should include eliminating the use of ConfigSingleton class which makes it
difficult to have multiple pac4j protected topologies in the same instance
- as they step on each other.

I expect these to take a few days to resolve and am hoping to get a new RC
spin up by the end of the week.

Thanks,

--larry

Re: Release 0.14.0 Status

[larry mccay <lm...@apache.org>]

All -

Open JIRAs for 0.14.0 are down to a couple doc issues.
I have started to spin a new RC.

Please hold off on any commits to the v0.14.0 branch at this point.

I will announce the RC availability for testing once it is ready.

thanks,

--larry

On Wed, Nov 22, 2017 at 10:05 AM, larry mccay <lm...@apache.org> wrote:

> Thanks, Jérôme - I hadn't actually noticed that setConfig is setting the
> singleton too!
>
> On Wed, Nov 22, 2017 at 4:47 AM, Jérôme LELEU <le...@gmail.com> wrote:
>
>> Hi,
>>
>> It's great to see you're fully autonomous with pac4j now!
>>
>> You certainly already know that, but to stay away from the
>> ConfigSingleton,
>> you must use the setConfigOnly method instead of the setConfig method (on
>> the SecurityFilter component).
>>
>> Am I'm still there if you have issues/questions with pac4j ;-)
>>
>> Thanks.
>> Best regards,
>> Jérôme
>>
>>
>> On Tue, Nov 21, 2017 at 9:35 PM, larry mccay <lm...@apache.org> wrote:
>>
>> > Thanks, Jérôme - we are already on those versions!
>> > Looks like we need a final cleanup task to divorce us from the
>> > ConfigSingleton.
>> >
>> > On Tue, Nov 21, 2017 at 12:59 PM, Jérôme LELEU <le...@gmail.com>
>> wrote:
>> >
>> >> Hi,
>> >>
>> >> You should use j2e-pac4j v3.0.0 and pac4j v2.1.0.
>> >>
>> >> Keep me posted if you have any issue.
>> >>
>> >> Thanks.
>> >> Best regards,
>> >> Jérôme
>> >>
>> >>
>> >> On Tue, Nov 21, 2017 at 5:55 PM, larry mccay <lm...@apache.org>
>> wrote:
>> >>
>> >>> All -
>> >>>
>> >>> I have identified a couple other blockers for this release and they
>> are
>> >>> delaying the creation of a new RC.
>> >>>
>> >>> Pac4J is becoming more and more important as KnoxSSO is being used
>> more.
>> >>>
>> >>> * KNOX-1119 is intended to acquire a meaningful identity attribute
>> from
>> >>> the resulting UserProfile rather than just the ID. This is especially
>> >>> important for the indirect authentication clients in pac4j such as
>> SAML,
>> >>> OAuth, OpenID.
>> >>>
>> >>> * KNOX-1120 is intended to complete the migration to pac4j 2.1.0 which
>> >>> should include eliminating the use of ConfigSingleton class which
>> makes it
>> >>> difficult to have multiple pac4j protected topologies in the same
>> instance
>> >>> - as they step on each other.
>> >>>
>> >>> I expect these to take a few days to resolve and am hoping to get a
>> new
>> >>> RC spin up by the end of the week.
>> >>>
>> >>> Thanks,
>> >>>
>> >>> --larry
>> >>>
>> >>
>> >>
>> >
>>
>
>

Re: Release 0.14.0 Status

[larry mccay <lm...@apache.org>]

Thanks, Jérôme - I hadn't actually noticed that setConfig is setting the
singleton too!

On Wed, Nov 22, 2017 at 4:47 AM, Jérôme LELEU <le...@gmail.com> wrote:

> Hi,
>
> It's great to see you're fully autonomous with pac4j now!
>
> You certainly already know that, but to stay away from the ConfigSingleton,
> you must use the setConfigOnly method instead of the setConfig method (on
> the SecurityFilter component).
>
> Am I'm still there if you have issues/questions with pac4j ;-)
>
> Thanks.
> Best regards,
> Jérôme
>
>
> On Tue, Nov 21, 2017 at 9:35 PM, larry mccay <lm...@apache.org> wrote:
>
> > Thanks, Jérôme - we are already on those versions!
> > Looks like we need a final cleanup task to divorce us from the
> > ConfigSingleton.
> >
> > On Tue, Nov 21, 2017 at 12:59 PM, Jérôme LELEU <le...@gmail.com> wrote:
> >
> >> Hi,
> >>
> >> You should use j2e-pac4j v3.0.0 and pac4j v2.1.0.
> >>
> >> Keep me posted if you have any issue.
> >>
> >> Thanks.
> >> Best regards,
> >> Jérôme
> >>
> >>
> >> On Tue, Nov 21, 2017 at 5:55 PM, larry mccay <lm...@apache.org> wrote:
> >>
> >>> All -
> >>>
> >>> I have identified a couple other blockers for this release and they are
> >>> delaying the creation of a new RC.
> >>>
> >>> Pac4J is becoming more and more important as KnoxSSO is being used
> more.
> >>>
> >>> * KNOX-1119 is intended to acquire a meaningful identity attribute from
> >>> the resulting UserProfile rather than just the ID. This is especially
> >>> important for the indirect authentication clients in pac4j such as
> SAML,
> >>> OAuth, OpenID.
> >>>
> >>> * KNOX-1120 is intended to complete the migration to pac4j 2.1.0 which
> >>> should include eliminating the use of ConfigSingleton class which
> makes it
> >>> difficult to have multiple pac4j protected topologies in the same
> instance
> >>> - as they step on each other.
> >>>
> >>> I expect these to take a few days to resolve and am hoping to get a new
> >>> RC spin up by the end of the week.
> >>>
> >>> Thanks,
> >>>
> >>> --larry
> >>>
> >>
> >>
> >
>

Re: Release 0.14.0 Status

[Jérôme LELEU <le...@gmail.com>]

Hi,

It's great to see you're fully autonomous with pac4j now!

You certainly already know that, but to stay away from the ConfigSingleton,
you must use the setConfigOnly method instead of the setConfig method (on
the SecurityFilter component).

Am I'm still there if you have issues/questions with pac4j ;-)

Thanks.
Best regards,
Jérôme


On Tue, Nov 21, 2017 at 9:35 PM, larry mccay <lm...@apache.org> wrote:

> Thanks, Jérôme - we are already on those versions!
> Looks like we need a final cleanup task to divorce us from the
> ConfigSingleton.
>
> On Tue, Nov 21, 2017 at 12:59 PM, Jérôme LELEU <le...@gmail.com> wrote:
>
>> Hi,
>>
>> You should use j2e-pac4j v3.0.0 and pac4j v2.1.0.
>>
>> Keep me posted if you have any issue.
>>
>> Thanks.
>> Best regards,
>> Jérôme
>>
>>
>> On Tue, Nov 21, 2017 at 5:55 PM, larry mccay <lm...@apache.org> wrote:
>>
>>> All -
>>>
>>> I have identified a couple other blockers for this release and they are
>>> delaying the creation of a new RC.
>>>
>>> Pac4J is becoming more and more important as KnoxSSO is being used more.
>>>
>>> * KNOX-1119 is intended to acquire a meaningful identity attribute from
>>> the resulting UserProfile rather than just the ID. This is especially
>>> important for the indirect authentication clients in pac4j such as SAML,
>>> OAuth, OpenID.
>>>
>>> * KNOX-1120 is intended to complete the migration to pac4j 2.1.0 which
>>> should include eliminating the use of ConfigSingleton class which makes it
>>> difficult to have multiple pac4j protected topologies in the same instance
>>> - as they step on each other.
>>>
>>> I expect these to take a few days to resolve and am hoping to get a new
>>> RC spin up by the end of the week.
>>>
>>> Thanks,
>>>
>>> --larry
>>>
>>
>>
>

Re: Release 0.14.0 Status

[larry mccay <lm...@apache.org>]

Thanks, Jérôme - we are already on those versions!
Looks like we need a final cleanup task to divorce us from the
ConfigSingleton.

On Tue, Nov 21, 2017 at 12:59 PM, Jérôme LELEU <le...@gmail.com> wrote:

> Hi,
>
> You should use j2e-pac4j v3.0.0 and pac4j v2.1.0.
>
> Keep me posted if you have any issue.
>
> Thanks.
> Best regards,
> Jérôme
>
>
> On Tue, Nov 21, 2017 at 5:55 PM, larry mccay <lm...@apache.org> wrote:
>
>> All -
>>
>> I have identified a couple other blockers for this release and they are
>> delaying the creation of a new RC.
>>
>> Pac4J is becoming more and more important as KnoxSSO is being used more.
>>
>> * KNOX-1119 is intended to acquire a meaningful identity attribute from
>> the resulting UserProfile rather than just the ID. This is especially
>> important for the indirect authentication clients in pac4j such as SAML,
>> OAuth, OpenID.
>>
>> * KNOX-1120 is intended to complete the migration to pac4j 2.1.0 which
>> should include eliminating the use of ConfigSingleton class which makes it
>> difficult to have multiple pac4j protected topologies in the same instance
>> - as they step on each other.
>>
>> I expect these to take a few days to resolve and am hoping to get a new
>> RC spin up by the end of the week.
>>
>> Thanks,
>>
>> --larry
>>
>
>

Re: Release 0.14.0 Status

[Jérôme LELEU <le...@gmail.com>]

Hi,

You should use j2e-pac4j v3.0.0 and pac4j v2.1.0.

Keep me posted if you have any issue.

Thanks.
Best regards,
Jérôme


On Tue, Nov 21, 2017 at 5:55 PM, larry mccay <lm...@apache.org> wrote:

> All -
>
> I have identified a couple other blockers for this release and they are
> delaying the creation of a new RC.
>
> Pac4J is becoming more and more important as KnoxSSO is being used more.
>
> * KNOX-1119 is intended to acquire a meaningful identity attribute from
> the resulting UserProfile rather than just the ID. This is especially
> important for the indirect authentication clients in pac4j such as SAML,
> OAuth, OpenID.
>
> * KNOX-1120 is intended to complete the migration to pac4j 2.1.0 which
> should include eliminating the use of ConfigSingleton class which makes it
> difficult to have multiple pac4j protected topologies in the same instance
> - as they step on each other.
>
> I expect these to take a few days to resolve and am hoping to get a new RC
> spin up by the end of the week.
>
> Thanks,
>
> --larry
>