Week notes (2018-01-08 – 2018-01-12)


More battling configuration management. Caught in a situation where:

  • the existing configuration management for Shibboleth is shared across two existing services, and I want to use it for a third
  • that config was last updated in 2015
  • a validation check before a particular file is provisioned evidently doesn't work, and if you test whether it would work now on one of the existing hosts, it doesn't work
  • it doesn't work because an XML Schema file references another schema file with a broken relative URL
  • that XML Schema is provided by a Debian package, and the software in that package is quite happy to work like this

How do you fix that!?

The answer is either (1) stick a symlink in /usr/share/xml/shibboleth/ pointing at the right place (urgh), or (2) don't do the schema validation.

I think we've settled for the latter. So much time wasted though ☹.


Spent the day in "Implementing a Shibboleth SP (Service Provider)" training, provided by Jisc. In retrospect it's all pleasantly straightforward once you've spent the time to learn how. So while I could have got there through reading the documentation, it was good to have the uninterrupted time to learn, and the knowledgeable person on hand to correct all my silly mistakes.

I've since started writing a noddy internal federation management tool that validates submitted SAML metadata snippets so they can be safely included in a combined metadata file for use by an IdP.


A day off to go to London. Interview at [redacted]. Caught up with old uni friends; coffee with a fellow Oxford Nightline volunteer, and a walk, beer and pizza with a fellow Keble Computer Science alumnus. Home for 10PM; a good day ☺.


Work from home day. More config management.

Finally got round to responding to a request about data in OxPoints not making its way into maps.ox. Answer: The data goes OxPoints → data.ox.ac.uk → api.m.ox.ac.uk, and the importer for the last step is no longer running on a schedule, and plus, I thought api.m.ox.ac.uk got the data from OxPoints directly. I need to document this.


A bit more OxPoints data wrangling. Met new project manager for the first time. Lunch with the lovely Pip. Late to a TIER API WG teleconference, but it was good to be able to talk to them all. TIER are trying to solve Identity Management problems in US HE, so it seems worthwhile to try to align ourselves with their institutional community.

Got conditional job offer from mySociety. Next week we try to meet the condition.