Time
S
Nick
Message
08:28 bencomp joined #dataverse
09:31 majest1c joined #dataverse
10:55 xvx joined #dataverse
12:47 bencomp joined #dataverse
13:35 mckinney joined #dataverse
14:20 pdurbin
bencomp: hi. Do you plan to use more than one Glassfish server with Dataverse 4? If so, I have a question related to Shibboleth. bricas how about you? mckinney do we even know where the HMS instance will be hosted for sure, how many servers, and if Shibboleth will be used? :)
14:22 bencomp
pdurbin: no, we don't plan to. But please ask :)
14:24 pdurbin
actually, hmm
14:24 pdurbin
maybe it's fine
14:25 pdurbin
maybe I'll throw away this email I've been writing
14:25 pdurbin
:)
14:28 pdurbin
my observation is that if I curl https://dataverse.harvard.edu/Shibboleth.sso/Metadata I get Location="https://dataverse.harvard.edu/Shibboleth.sso/SAML2/POST " (for example), which is good. I was surprised that if I curl the *actual* "machine name" (or whatever you call it) for each of the three glassfish servers the "Location" changes. So I guess it's dynamic. Probably fine. We'll just always give out the
14:28 pdurbin
production URL when exchanging metadata.
14:29 bencomp
my little experience is that Shibboleth is pretty good with proxies
14:37 pdurbin
bencomp: any thoughts on how imporant it is to back up /etc/shibboleth/sp-cert.pem and /etc/shibboleth/sp-key.pem if you've already shared metadata with InCommon or some other federation?
14:37 pdurbin
heh. I guess I wrote that it's important to back up these files: http://guides.dataverse.org/en/4.2.4/installation/shibboleth.html#backups :)
14:37 pdurbin
but I don't explain why
14:38 pdurbin
it's probably not just me being paranoid
14:38 pdurbin
I'm pretty sure the public key shows up in the metadata
14:40 bencomp
I don't know if you can recreate a .pem or both .pems from the metadata
14:41 bencomp
it might be easier to restore the files directly from a backup
14:43 pdurbin
yeah
14:43 pdurbin
backups++
14:43 pdurbin
bencomp: very unlikely that the metadata contains the *private* key
14:47 * pdurbin
adds a reminder to https://github.com/IQSS/dataverse/issues/2953
15:33 bencomp1 joined #dataverse
15:39 pameyer joined #dataverse
15:45 pdurbin
mckinney: how do you feel about me assinging https://github.com/IQSS/dataverse/issues/2728 to you too? to think about. /cc pameyer
15:59 mckinney
pdurbin: yes, i'll take that one - it seems highly relevant to our requirements & use cases
16:00 pdurbin
mckinney: please see if you have permissions to assign it to yourself
16:00 pameyer
I don't know if object storage fits into that one
16:01 mckinney
pdurbin: pameyer can fill you in on HMS hosting plans - not sure yet if shibboleth will come into play
16:02 pameyer
if shibboleth is that least-complexity path to getting ldap auth working, then possibly
16:02 pameyer
that route *could* be through having ldap produce something that shibboleth can understand (which might be on the table for other stuff)
16:13 mckinney joined #dataverse
16:21 pdurbin
pameyer: we really aren't planning on supporting LDAP. Can you use Shibboleth instead? We can talk about this in person tomorrow. :)
16:26 pameyer
pdurbin: sounds like a plan
16:27 pdurbin
cool
16:27 pdurbin
pameyer: also, this is the issue about object storage: https://github.com/IQSS/dataverse/issues/1347
16:27 pdurbin
pameyer: S3 support is how I think of it. But I don't know if you're interested in that or not.
16:28 pameyer
we're interested in S3 for uploads at least
16:28 pdurbin
pameyer: interesting. ok
16:29 pdurbin
let me find a branch. hold please
16:29 pameyer
the reason I wasn't sure if object storage fit into 2728 was fopen/cloud api call
16:29 pameyer
but it could go either way
16:29 pameyer
no hurry :)
16:30 pdurbin
https://github.com/IQSS/dataverse/commits/2909-MOC-collab-swift but more useful to read is probably https://github.com/IQSS/dataverse/issues/2909 . Note that Swift basically S3.
16:31 pameyer
cool - hadn't known swift ~= s3
16:32 pameyer
both are on the list of stuff to learn more about, but as 2 things...
16:36 pdurbin
yeah, this is interesting. good stuff: https://github.com/IQSS/dataverse/blob/e67238071b1f1d39e90993280f671e55cf2bd9cd/src/main/java/edu/harvard/iq/dataverse/dataaccess/SwiftAccessIO.java
16:39 pdurbin
pameyer: I'm thinking about adding you to https://github.com/orgs/IQSS/teams/dataverse-readonly (like I did for mckinney) so I can @mention you in issues.
16:40 pameyer
public InputStream openSwiftFileAsInputStream :)
16:40 pameyer
pdurbin: I thought you'd bee @mentioning me in issues already
16:42 pdurbin
pameyer: I have been but it doesn't autocomplete and I'm lazy. Do you mind if I add you?
16:43 pameyer
nope
16:44 pdurbin
pameyer: added but you have to accept
16:50 pameyer
pdurbin: looking for the accept option ...
16:58 pameyer
...not seeing it
17:03 pdurbin
pameyer: you seem to be in. thanks
18:52 mckinney joined #dataverse
19:52 pdurbin
nice list of Shibboleth/SAML federations (including InCommon): http://www.protectnetwork.org/support/faq/identity-federations
20:29 bencomp joined #dataverse
21:18 pdurbin
pameyer mckinney: shoot. I gotta run soon but I wanted to touch base with you about the sprint meetings. Specifically, are you ok with me creating a folder in Google Drive that's public with a doc for each meeting? The docs would allow public comments.
21:22 pdurbin
or we could just take notes right here in this channel :)
21:22 mckinney
either way is fine by me
21:22 pdurbin
might get a little messy/annoying though
21:23 mckinney
i plan to add them to a trello board that would be available to anyone on the team who is interested
21:23 pdurbin
oh!
21:24 mckinney
we can discuss what might work best tomorrow
21:25 mckinney
have a good night
21:27 pdurbin
mckinney pameyer: here, for now, please add agenda items here: https://docs.google.com/document/d/1gZ1AkqS3DAwBHLCm6rkzROSKPXHGRCD7aK5mlTw9XAg/edit?usp=sharing
21:29 pdurbin
can you both edit that doc?
21:31 pdurbin
bencomp: is DANS part of one of these? http://www.protectnetwork.org/support/faq/identity-federations
21:32 axfelix joined #dataverse
21:33 bencomp
pdurbin: no
21:33 pdurbin
oh. I forget what yours is called
21:33 pdurbin
or maybe yours isn't a federation
21:34 bencomp
SURFconext is "our" federation
21:35 pdurbin
searchbot`: lucky SURFconext
21:35 searchbot`
pdurbin: https://www.surf.nl/en/services-and-products/surfconext/index.html
21:35 pdurbin
why isn't it listed on that other page then? where is the best list of all the federations?
21:35 bencomp
edugain?
21:36 pdurbin
searchbot`: lucky edugain
21:36 searchbot`
pdurbin: http://services.geant.net/edugain/Pages/Home.aspx
21:36 pdurbin
hmm, can't find a list there. anyway, gotta go pick up the kids
21:37 bencomp
o/
21:37 pdurbin
have a good night, #dataverse
21:38 pdurbin
xvx: I hear https://trello.com/c/7AQ5V9aJ/28-about-page-replicate-others-work-vs-replicate-others-work is fixed but it's probably cached for a bit. Please check later and thanks again.
21:39 xvx
jolly good, fix wasn't too long of a wait
21:44 pdurbin
yeah, cache must be shorter than I realized
21:44 pdurbin
ok, really going. o/
22:20 xvx joined #dataverse
22:25 pameyer
pdurbin: is that agenda items for tomorrow or monday?
22:45 pameyer
and I just saw pdurbin's "really going"...
22:46 pdurbin
pameyer: tomorrow
