如何从opensaml 2.6迁移到3.1.1 [英] how to migrate from opensaml 2.6 to 3.1.1

问题描述

我必须将一个类从opensaml 2.6迁移到opensaml 3.1.1 编译时出现一些错误

1)

Element plaintextElement = getElementAssertion(inputBean);
String xml = XMLHelper.prettyPrintXML(plaintextElement);

在新版本中找不到类XMLHelper.

2)

DefaultBootstrap.bootstrap();
builderFactory = Configuration.getBuilderFactory();
Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);

我无法找到类DefaultBootstrap，也无法使用getBuilderFactory()，getMarshallerFactory()方法找到类Configuration.

3)

BasicCredential credential = new BasicCredential();

现在构造器的新BasicCredential()不可见.

我还没有找到具有弃用指示的文档. 要将该类移植到opensaml 3.1.1版本，我该怎么做?

解决方案

不确定您是否已经成功升级到opensaml 3，但是由于我自己尝试升级时遇到了这个问题，所以我想我要记录一下发现的内容.

几乎没有文档，因为目前这对他们来说不是一个优先事项(也在此处提到: OpenSaml3文档)，我发现最有用的页面(即使到目前为止还不完整)是: https://wiki.shibboleth.net/confluence/display/OS30/Initialization+and+Configuration

1)lib net.shibboleth.utilities:java-support

中有一个类SerializeSupport及其方法prettyPrintXML

2)现在通过InitializationService完成初始化 例如

InitializationService.initialize();

您可以通过XMLObjectProviderRegistrySupport例如:

来检索生成器/编组器.

XMLObjectProviderRegistrySupport.getMarshallerFactory()
XMLObjectProviderRegistrySupport.getBuilderFactory()
XMLObjectProviderRegistrySupport.getUnmarshallerFactory()

opensaml正在使用Java Service Provider API.在我的情况下(使用OSGi捆绑软件org.apache.servicemix.bundles:org.apache.servicemix.bundles.opensaml)来解析SAML断言，我添加了包含以下条目的SPI配置META-INF/services/org.opensaml.core.config.Initializer:

org.opensaml.core.xml.config.XMLObjectProviderInitializer
org.opensaml.core.xml.config.GlobalParserPoolInitializer
org.opensaml.saml.config.XMLObjectProviderInitializer
org.opensaml.saml.config.SAMLConfigurationInitializer
org.opensaml.xmlsec.config.XMLObjectProviderInitializer

编辑:上面的代码在测试中起作用，但未在OSGi容器中运行. OSGi的解决方法:找不到OpenSAML3资源OSGi容器中的"default-config.xml"

如果使用标准库(org.opensaml:opensaml-core，org.opensaml:opensaml-saml-api，org.opensaml:opensaml-saml-impl，...)，则可能不需要添加任何SPI配置，因为jar已包含具有用于初始化的标准配置的SPI配置. /p>

3)lib org.opensaml:opensaml-security-api中有一个类BasicCredential.我看不到在初始化期间提供密钥的替代方法.

I have to migrate a class from opensaml 2.6 to opensaml 3.1.1 Compiling I obtain some errors

1)

Element plaintextElement = getElementAssertion(inputBean);
String xml = XMLHelper.prettyPrintXML(plaintextElement);

I can't find the class XMLHelper in the new version.

2)

DefaultBootstrap.bootstrap();
builderFactory = Configuration.getBuilderFactory();
Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);

I can'f find class DefaultBootstrap and I can't find a class Configuration with the methods getBuilderFactory(), getMarshallerFactory()

3)

BasicCredential credential = new BasicCredential();

Now the contructor new BasicCredential() is not visible.

I haven't found documentation with deprecation indication. What must I do to port this class to the opensaml 3.1.1 version?

解决方案

Not sure if you managed to upgrade to opensaml 3 already but since I came across this while attempting the upgrade myself I thought I'm gonna document what I found.

There's very little documentation as apparently it's not a priority for them at the moment (also mentioned here: OpenSaml3 Documentation), the most useful (even if by far not complete) page I found is this one: https://wiki.shibboleth.net/confluence/display/OS30/Initialization+and+Configuration

1) There's a class SerializeSupport with a method prettyPrintXML in lib net.shibboleth.utilities:java-support

2) Initialization is now done via InitializationService e.g.

InitializationService.initialize();

You can retrieve the builder/marshallers via XMLObjectProviderRegistrySupport e.g.:

XMLObjectProviderRegistrySupport.getMarshallerFactory()
XMLObjectProviderRegistrySupport.getBuilderFactory()
XMLObjectProviderRegistrySupport.getUnmarshallerFactory()

Mind that opensaml is using the Java Service Provider API. In my case (using OSGi bundle org.apache.servicemix.bundles:org.apache.servicemix.bundles.opensaml) for parsing a SAML assertion I added the SPI config META-INF/services/org.opensaml.core.config.Initializer containing the following entries:

org.opensaml.core.xml.config.XMLObjectProviderInitializer
org.opensaml.core.xml.config.GlobalParserPoolInitializer
org.opensaml.saml.config.XMLObjectProviderInitializer
org.opensaml.saml.config.SAMLConfigurationInitializer
org.opensaml.xmlsec.config.XMLObjectProviderInitializer

EDIT: The above worked in a test but did not run in the OSGi container. Workaround for OSGi: OpenSAML3 resource not found 'default-config.xml' in OSGi container

If you use the standard libraries (org.opensaml:opensaml-core, org.opensaml:opensaml-saml-api, org.opensaml:opensaml-saml-impl, ...) you may not need to add any SPI config as the jars already contain SPI configs with a standard configuration for initialization.

3) There's a class BasicCredential in lib org.opensaml:opensaml-security-api. I don' see an alternative to providing a key during initalization.

这篇关于如何从opensaml 2.6迁移到3.1.1的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！