Thanks Andreas, I have been, and remain, very focused on the release crunch - and the wicket 9 update. Indeed there is a 2.26-M0 miledtone and a test plan taking shape: https://github.com/geoserver/geoserver.github.io/pull/214
If you have capacity to start the gas-sec-oidc community module you are welcome to. I have do not have the capacity right now. I was going to start by trying to take an inventory of what OAuth2 functionality is used. Most of my experience is with OIDC which has a number of optional settings now. I was hoping to start small and see what functionality needs to be added over time. - - Jody Garnett On Mon, Sep 2, 2024 at 8:03 AM Watermeyer, Andreas < andreas.waterme...@its-digital.de> wrote: > Hi Jody, > > > > sorry, I missed your mail. The plan sounds reasonable to me. > > > > Has it been clarified in the meantime who is to take over the migration or > the creation of the new gs-sec-oidc module? And when should that be > finished? > > > > Should I have a look at it? Or can I help with something else? For > example, there was still a task open that was about JS renovation, but I > can't find it right now. > > > > Best regards, > > Andreas > > > > *Von:* Jody Garnett <jody.garn...@gmail.com> > *Gesendet:* Dienstag, 20. August 2024 18:21 > *An:* Watermeyer, Andreas <andreas.waterme...@its-digital.de> > *Cc:* geoserver-devel@lists.sourceforge.net > *Betreff:* Re: [Geoserver-devel] Spring Security Upgrade > > > > [Externe E-Mail] Vorsicht beim Öffnen von Links und Anhängen. / Be careful > when opening links and attachments. > > Welcome back Andreas, > > > > GeoCat is very much focused on OIDC and brining up such an extension to > supported status. > > What does that mean for the existing OIDC extension in the community > section? > > > > Here is my mad plan: > > > > 1. leave the existing gs-sec-oauth2-openid-connect community module > in place - it can continue to operate for the 2.26 release cycle ... and be > removed for 2.27.x when the spring-framework-6 update happens > 2. make a copy as a new gs-sec-oidc module and adapt the > spring-security-framework OAuth2 client ... to be developed during the 2.27 > release cycle in September > 3. folks can migrate to the new implementation while we use > spring-security 5.8 and both are operational > 4. when the spring-security 6.3 update happens > gs-sec-oauth2-openid-connect is removed, and gs-sec-oidc remains available > 5. once it meets the graduation requirements GeoCat would like to > propose the new module as an extension. It may be a bit challenging > (setting up some kind of online testing with GitHub workflow to achieve > test coverage for example) > > > > BTW: I will also be on holiday now until 2024-08-13. > > > > I am speaking with my boss tomorrow, everyone has been away on vacation! > > > > I made a post > <https://geoserver.org/behind%20the%20scenes/2024/07/22/developer-update.html> > and > GeoServer project steering committee has picked up one new silver sponsor > ($3000/annual). I am still hoping for more interested parties (specificly > for the github / google / geonode modules). > > - - > > Jody Garnett > > > > > > On Aug 13, 2024 at 8:41:34 AM, "Watermeyer, Andreas" < > andreas.waterme...@its-digital.de> wrote: > > Hi Jody, > > > > I am back now. Please let me know when we can discuss how to continue with > this. I will pause the task in the meantime. > > > > Best regards, > > Andreas > > > > *Von:* Jody Garnett <jody.garn...@gmail.com> > *Gesendet:* Donnerstag, 25. Juli 2024 18:12 > *An:* Watermeyer, Andreas <andreas.waterme...@its-digital.de> > *Cc:* geoserver-devel@lists.sourceforge.net > *Betreff:* Re: [Geoserver-devel] Spring Security Upgrade > > > > [Externe E-Mail] Vorsicht beim Öffnen von Links und Anhängen. / Be careful > when opening links and attachments. > > Enjoy you vacation, I will be away for some weeks also. Lets catch up when > we return (and hopefully some other parties will of stepped forward as > interested by then). > > -- > > Jody Garnett > > > > > > On Jul 25, 2024 at 3:42:13 AM, "Watermeyer, Andreas" < > andreas.waterme...@its-digital.de> wrote: > > Hi Jody, > > > > > GeoCat is very much focused on OIDC and brining up such an extension to > supported status. > > What does that mean for the existing OIDC extension in the community > section? > > > > BTW: I will also be on holiday now until 2024-08-13. > > > > Best regards, > > Andreas Watermeyer > > > > *Von:* Jody Garnett <jody.garn...@gmail.com> > *Gesendet:* Montag, 22. Juli 2024 18:52 > *An:* Watermeyer, Andreas <andreas.waterme...@its-digital.de> > *Cc:* geoserver-devel@lists.sourceforge.net > *Betreff:* Re: [Geoserver-devel] Spring Security Upgrade > > > > [Externe E-Mail] Vorsicht beim Öffnen von Links und Anhängen. / Be careful > when opening links and attachments. > > Hi Andreas, > > > > Thanks for replying I will update and publish the blog post. > > > > GEOS-11271 > > > > That is great news that it is going smoothly. > > > > GEOS-11272 > > > > GeoCat is very much focused on OIDC and brining up such an extension to > supported status. The blog post is in part to see if anyone has capacity > (or budget) to take on the generic OAauth2 functionality. Our developer > who did the upgrade is on vacation presently, and may or may not be > available to work on this when they return. Automated tests would be > amazing - and test coverage is one of the tasks to hit to make this into a > supported extension. > > > > If you are in position to start on this activity please go ahead, or we > can talk about approach now. > > -- > > Jody Garnett > > > > > > On Mon, Jul 22, 2024 at 1:44 AM Watermeyer, Andreas < > andreas.waterme...@its-digital.de> wrote: > > Hi Jody, > > > > regarding GEOS-11271- Upgrade spring-security to 5.8: > > > > I started to work on this now. The upgrade itself seems to be limited to > adjusting the pom only. I am now about to do some integration testing, also > to become familiar with the GS functionality in that area. > > > > Regarding GEOS-11272 spring-security-oauth replacement, with > spring-security 5.8: > > > > Considering GeoCat has done the same upgrade for the GeoNetwork codebase, > GeoCat is probably in a much better position to work on this. Therefor I > suggest that GeoCat takes over this task. > > We could either provide further support on this task, for example in > testing (manual or automated). I suppose automated integration tests are > not yet existing. I suppose it would be possible to setup some integration > tests with a dockerized OIDC server, for example Spring Authorization > Server. Also, something else would be Ok to work on, for example “Refactor > inline JavaScript in the OGC API modules” seems possible. > > > > What do you think? > > > > Best regards, > > Andreas > > > > *Von:* Jody Garnett <jody.garn...@gmail.com> > *Gesendet:* Freitag, 19. Juli 2024 08:01 > *An:* Watermeyer, Andreas <andreas.waterme...@its-digital.de> > *Cc:* geoserver-devel@lists.sourceforge.net > *Betreff:* Re: [Geoserver-devel] Spring Security Upgrade > > > > [Externe E-Mail] Vorsicht beim Öffnen von Links und Anhängen. / Be careful > when opening links and attachments. > > Here is the blog post for review: > > https://github.com/geoserver/geoserver.github.io/pull/205 > > > > I had a couple thoughts on how to approach the GEOS-11272 and have > capacity to assist in this work. > > > -- > > Jody Garnett > > > > > > On Thu, Jul 18, 2024 at 9:23 AM Jody Garnett <jody.garn...@gmail.com> > wrote: > > That would be great, and fit very well with our roadmap planning. > > > > I am writing a blog post update about GEOS-11272 and other activities that > are ready to be worked on. > > Can I list you and your employer as a party working in this blog post? > > -- > > Jody Garnett > > > > > > On Jul 18, 2024 at 3:37:57 AM, "Watermeyer, Andreas" < > andreas.waterme...@its-digital.de> wrote: > > Hi community, > > > > I am now starting to work on: > > > > GEOS-11271 : Upgrade spring-security to 5.8 > > GEOS-11272 : spring-security-oauth replacement, with spring-security 5.8 > > > > As far as I know no activities have taken place in this area so far. > Otherwise please let me know. > > > > Regards, > > Andreas > > > > > > _______________________________________________ > Geoserver-devel mailing list > Geoserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geoserver-devel > >
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
