Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

how to migrate from opensaml 2.6 to 3.1.1

I have to migrate a class from opensaml 2.6 to opensaml 3.1.1 Compiling I obtain some errors

1)

Element plaintextElement = getElementAssertion(inputBean);
String xml = XMLHelper.prettyPrintXML(plaintextElement);

I can't find the class XMLHelper in the new version.

2)

DefaultBootstrap.bootstrap();
builderFactory = Configuration.getBuilderFactory();
Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);

I can'f find class DefaultBootstrap and I can't find a class Configuration with the methods getBuilderFactory(), getMarshallerFactory()

3)

BasicCredential credential = new BasicCredential();

Now the contructor new BasicCredential() is not visible.

I haven't found documentation with deprecation indication. What must I do to port this class to the opensaml 3.1.1 version?

like image 237
Raffaele Fabbri Avatar asked Mar 04 '16 10:03

Raffaele Fabbri


1 Answers

Not sure if you managed to upgrade to opensaml 3 already but since I came across this while attempting the upgrade myself I thought I'm gonna document what I found.

There's very little documentation as apparently it's not a priority for them at the moment (also mentioned here: OpenSaml3 Documentation), the most useful (even if by far not complete) page I found is this one: https://wiki.shibboleth.net/confluence/display/OS30/Initialization+and+Configuration

1) There's a class SerializeSupport with a method prettyPrintXML in lib net.shibboleth.utilities:java-support

2) Initialization is now done via InitializationService e.g.

InitializationService.initialize();

You can retrieve the builder/marshallers via XMLObjectProviderRegistrySupport e.g.:

XMLObjectProviderRegistrySupport.getMarshallerFactory()
XMLObjectProviderRegistrySupport.getBuilderFactory()
XMLObjectProviderRegistrySupport.getUnmarshallerFactory()

Mind that opensaml is using the Java Service Provider API. In my case (using OSGi bundle org.apache.servicemix.bundles:org.apache.servicemix.bundles.opensaml) for parsing a SAML assertion I added the SPI config META-INF/services/org.opensaml.core.config.Initializer containing the following entries:

org.opensaml.core.xml.config.XMLObjectProviderInitializer
org.opensaml.core.xml.config.GlobalParserPoolInitializer
org.opensaml.saml.config.XMLObjectProviderInitializer
org.opensaml.saml.config.SAMLConfigurationInitializer
org.opensaml.xmlsec.config.XMLObjectProviderInitializer

EDIT: The above worked in a test but did not run in the OSGi container. Workaround for OSGi: OpenSAML3 resource not found 'default-config.xml' in OSGi container

If you use the standard libraries (org.opensaml:opensaml-core, org.opensaml:opensaml-saml-api, org.opensaml:opensaml-saml-impl, ...) you may not need to add any SPI config as the jars already contain SPI configs with a standard configuration for initialization.

3) There's a class BasicCredential in lib org.opensaml:opensaml-security-api. I don' see an alternative to providing a key during initalization.

like image 147
Clauds Avatar answered Nov 04 '22 19:11

Clauds