/
2020-06-19 Meeting notes

2020-06-19 Meeting notes

Jun 19, 2020

Date

Jun 19, 2020

Attendees

  • @Mike Gorrell

  • @Craig McNally

  • @Ryan Berger

  • @Axel Dörrer

  • @Julian Ladisch

Discussion items

Time

Item

Who

Notes

Time

Item

Who

Notes

5 min

Open JIRA project/organization issues

@Mike Gorrell

No progress on actions from previous meeting: 

Open questions that @Mike Gorrell will investigate:

  1. Can the Security Project be setup so that new issues automatically set the Security Level to FOLIO Security Group?

  2. Some issues appear to show Security Level but others don't. Investigate. Could be issue type (Epic vs Story vs Task vs Bug).

  3. Clarify and/or propose how we set a security level that allows only those who might need to know (ie. the specific developers who might work on issues) 

??

Review status of open issues in project

Team

Review open JIRA Security issues as a team.

Axel raised the issue around why we would need mod-login-saml - could we avoid creating/updating code that handles SSO (mod-login-saml uses pac4j) by leveraging NGINX or Apache plugins. @Tod Olson has also asked about this. Allowing FOLIO to provide SSO capability and not relying on an independent technology allows sites - especially those that are managing multiple tenants, to manage the various SSO configs within a FOLIO context - in other words this is beneficial. Ryan raised the suggest that we might create a FOLIO module that encapsulates something like NGINX so that we can get the best of both worlds. Craig will create a spike to see how feasible this is... Axel and Ryan volunteered to help.

Reviewed list and signed priority where there was none. Also assigned teams and upcoming sprints to make sure issues will be reviewed by teams soon. Will review list again next week.