Thanks Andreas,

I have been, and remain, very focused on the release crunch - and the
wicket 9 update. Indeed there is a 2.26-M0 miledtone and a test plan taking
shape:
https://github.com/geoserver/geoserver.github.io/pull/214

If you have capacity to start the gas-sec-oidc community module you are
welcome to. I have do not have the capacity right now.

I was going to start by trying to take an inventory of what OAuth2
functionality is used. Most of my experience is with OIDC which has a
number of optional settings now. I was hoping to start small and see what
functionality needs to be added over time.


- -
Jody Garnett


On Mon, Sep 2, 2024 at 8:03 AM Watermeyer, Andreas <
andreas.waterme...@its-digital.de> wrote:

> Hi Jody,
>
>
>
> sorry, I missed your mail. The plan sounds reasonable to me.
>
>
>
> Has it been clarified in the meantime who is to take over the migration or
> the creation of the new gs-sec-oidc module? And when should that be
> finished?
>
>
>
> Should I have a look at it? Or can I help with something else? For
> example, there was still a task open that was about JS renovation, but I
> can't find it right now.
>
>
>
> Best regards,
>
> Andreas
>
>
>
> *Von:* Jody Garnett <jody.garn...@gmail.com>
> *Gesendet:* Dienstag, 20. August 2024 18:21
> *An:* Watermeyer, Andreas <andreas.waterme...@its-digital.de>
> *Cc:* geoserver-devel@lists.sourceforge.net
> *Betreff:* Re: [Geoserver-devel] Spring Security Upgrade
>
>
>
> [Externe E-Mail] Vorsicht beim Öffnen von Links und Anhängen. / Be careful
> when opening links and attachments.
>
> Welcome back Andreas,
>
>
>
> GeoCat is very much focused on OIDC and brining up such an extension to
> supported status.
>
> What does that mean for the existing OIDC extension in the community
> section?
>
>
>
> Here is my mad plan:
>
>
>
>    1. leave the existing gs-sec-oauth2-openid-connect  community module
>    in place - it can continue to operate for the 2.26 release cycle ... and be
>    removed for 2.27.x when the spring-framework-6 update happens
>    2. make a copy as a new gs-sec-oidc module and adapt the
>    spring-security-framework OAuth2 client ... to be developed during the 2.27
>    release cycle in September
>    3. folks can migrate to the new implementation while we use
>    spring-security 5.8 and both are operational
>    4. when the spring-security 6.3 update happens
>    gs-sec-oauth2-openid-connect is removed, and gs-sec-oidc remains available
>    5. once it meets the graduation requirements GeoCat would like to
>    propose the new module as an extension. It may be a bit challenging
>    (setting up some kind of online testing with GitHub workflow to achieve
>    test coverage for example)
>
>
>
> BTW: I will also be on holiday now until 2024-08-13.
>
>
>
> I am speaking with my boss tomorrow, everyone has been away on vacation!
>
>
>
> I made a post
> <https://geoserver.org/behind%20the%20scenes/2024/07/22/developer-update.html>
>  and
> GeoServer project steering committee has picked up one new silver sponsor
> ($3000/annual). I am still hoping for more interested parties (specificly
> for the github / google / geonode modules).
>
> - -
>
> Jody Garnett
>
>
>
>
>
> On Aug 13, 2024 at 8:41:34 AM, "Watermeyer, Andreas" <
> andreas.waterme...@its-digital.de> wrote:
>
> Hi Jody,
>
>
>
> I am back now. Please let me know when we can discuss how to continue with
> this. I will pause the task in the meantime.
>
>
>
> Best regards,
>
> Andreas
>
>
>
> *Von:* Jody Garnett <jody.garn...@gmail.com>
> *Gesendet:* Donnerstag, 25. Juli 2024 18:12
> *An:* Watermeyer, Andreas <andreas.waterme...@its-digital.de>
> *Cc:* geoserver-devel@lists.sourceforge.net
> *Betreff:* Re: [Geoserver-devel] Spring Security Upgrade
>
>
>
> [Externe E-Mail] Vorsicht beim Öffnen von Links und Anhängen. / Be careful
> when opening links and attachments.
>
> Enjoy you vacation, I will be away for some weeks also. Lets catch up when
> we return (and hopefully some other parties will of stepped forward as
> interested by then).
>
> --
>
> Jody Garnett
>
>
>
>
>
> On Jul 25, 2024 at 3:42:13 AM, "Watermeyer, Andreas" <
> andreas.waterme...@its-digital.de> wrote:
>
> Hi Jody,
>
>
>
> > GeoCat is very much focused on OIDC and brining up such an extension to
> supported status.
>
> What does that mean for the existing OIDC extension in the community
> section?
>
>
>
> BTW: I will also be on holiday now until 2024-08-13.
>
>
>
> Best regards,
>
> Andreas Watermeyer
>
>
>
> *Von:* Jody Garnett <jody.garn...@gmail.com>
> *Gesendet:* Montag, 22. Juli 2024 18:52
> *An:* Watermeyer, Andreas <andreas.waterme...@its-digital.de>
> *Cc:* geoserver-devel@lists.sourceforge.net
> *Betreff:* Re: [Geoserver-devel] Spring Security Upgrade
>
>
>
> [Externe E-Mail] Vorsicht beim Öffnen von Links und Anhängen. / Be careful
> when opening links and attachments.
>
> Hi Andreas,
>
>
>
> Thanks for replying I will update and publish the blog post.
>
>
>
> GEOS-11271
>
>
>
> That is great news that it is going smoothly.
>
>
>
> GEOS-11272
>
>
>
> GeoCat is very much focused on OIDC and brining up such an extension to
> supported status. The blog post is in part to see if anyone has capacity
> (or budget) to take on the generic OAauth2 functionality.  Our developer
> who did the upgrade is on vacation presently, and may or may not be
> available to work on this when they return. Automated tests would be
> amazing - and test coverage is one of the tasks to hit to make this into a
> supported extension.
>
>
>
> If you are in position to start on this activity please go ahead, or we
> can talk about approach now.
>
> --
>
> Jody Garnett
>
>
>
>
>
> On Mon, Jul 22, 2024 at 1:44 AM Watermeyer, Andreas <
> andreas.waterme...@its-digital.de> wrote:
>
> Hi Jody,
>
>
>
> regarding GEOS-11271-  Upgrade spring-security to 5.8:
>
>
>
> I started to work on this now. The upgrade itself seems to be limited to
> adjusting the pom only. I am now about to do some integration testing, also
> to become familiar with the GS functionality in that area.
>
>
>
> Regarding GEOS-11272 spring-security-oauth replacement, with
> spring-security 5.8:
>
>
>
> Considering GeoCat has done the same upgrade for the GeoNetwork codebase,
> GeoCat is probably in a much better position to work on this. Therefor I
> suggest that GeoCat takes over this task.
>
> We could either provide further support on this task, for example in
> testing (manual or automated). I suppose automated integration tests are
> not yet existing. I suppose it would be possible to setup some integration
> tests with a dockerized OIDC server, for example Spring Authorization
> Server. Also, something else would be Ok to work on, for example “Refactor
> inline JavaScript in the OGC API modules” seems possible.
>
>
>
> What do you think?
>
>
>
> Best regards,
>
> Andreas
>
>
>
> *Von:* Jody Garnett <jody.garn...@gmail.com>
> *Gesendet:* Freitag, 19. Juli 2024 08:01
> *An:* Watermeyer, Andreas <andreas.waterme...@its-digital.de>
> *Cc:* geoserver-devel@lists.sourceforge.net
> *Betreff:* Re: [Geoserver-devel] Spring Security Upgrade
>
>
>
> [Externe E-Mail] Vorsicht beim Öffnen von Links und Anhängen. / Be careful
> when opening links and attachments.
>
> Here is the blog post for review:
>
> https://github.com/geoserver/geoserver.github.io/pull/205
>
>
>
> I had a couple thoughts on how to approach the GEOS-11272 and have
> capacity to assist in this work.
>
>
> --
>
> Jody Garnett
>
>
>
>
>
> On Thu, Jul 18, 2024 at 9:23 AM Jody Garnett <jody.garn...@gmail.com>
> wrote:
>
> That would be great, and fit very well with our roadmap planning.
>
>
>
> I am writing a blog post update about GEOS-11272 and other activities that
> are ready to be worked on.
>
> Can I list you and your employer as a party working in this blog post?
>
> --
>
> Jody Garnett
>
>
>
>
>
> On Jul 18, 2024 at 3:37:57 AM, "Watermeyer, Andreas" <
> andreas.waterme...@its-digital.de> wrote:
>
> Hi community,
>
>
>
> I am now starting to work on:
>
>
>
> GEOS-11271 : Upgrade spring-security to 5.8
>
> GEOS-11272 : spring-security-oauth replacement, with spring-security 5.8
>
>
>
> As far as I know no activities have taken place in this area so far.
> Otherwise please let me know.
>
>
>
> Regards,
>
> Andreas
>
>
>
>
>
> _______________________________________________
> Geoserver-devel mailing list
> Geoserver-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/geoserver-devel
>
>
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

Reply via email to