All work
- Eclipse compiler does not allow Memcache StorageRecordTranscoder to infer typeOSJ-431Resolved issue: OSJ-431Scott Cantor
- Make InResponseTo validation optionalOSJ-430Resolved issue: OSJ-430Scott Cantor
- Spurious warning on unsigned SAML redirect messagesOSJ-429Resolved issue: OSJ-429Scott Cantor
- SAML MessageDecoders should enforce that SAMLRequest/SAMLResponse contain correct message typeOSJ-428Brent Putman
- Simple signature verification fails to detect parameter smugglingOSJ-427Resolved issue: OSJ-427Brent Putman
- Consider clearing storage "dirty" flag in more appropriate spotOSJ-426Scott Cantor
- IdP keeps repeatedly attempting to delete local storage dataOSJ-425Resolved issue: OSJ-425Scott Cantor
- opensaml-bom forces the version of Spring FrameworkOSJ-424Brent Putman
- Consider guarding classloading of ECNamedCurveTableOSJ-423Resolved issue: OSJ-423Brent Putman
- Support EDS-compatible discovery feed for batch resolversOSJ-422Rod Widdowson
- Generated metadata is not validOSJ-421Resolved issue: OSJ-421Scott Cantor
- SAML20AssertionValidator allows non-Entity IssuersOSJ-420Resolved issue: OSJ-420Scott Cantor
- SAML20AssertionValidator creates mis-formatted error stringOSJ-419Resolved issue: OSJ-419Scott Cantor
- Allow various classes to skip servlet request check at init timeOSJ-418Scott Cantor
- MessageHandler to flag SAML responses with error status codesOSJ-417Resolved issue: OSJ-417Scott Cantor
- Test coverage for disallowed encryption or signing algorithmsOSJ-416Brent Putman
- Suspicious comparison of Boolean references in SAML2AuthnRequestsSignedSecurityHandlerOSJ-415Resolved issue: OSJ-415
- Suspicious comparison of Integer references in AttributeConsumingServiceSelectorOSJ-414Resolved issue: OSJ-414
- StorageService implementations compare version improperly.OSJ-413Resolved issue: OSJ-413Scott Cantor
- Metadata unmarshalling fails on comment elementOSJ-412Resolved issue: OSJ-412Scott Cantor
- Remove cryptacular dependencyOSJ-410Daniel Fisher
- Metadata generation template missing space before entityIDOSJ-409Resolved issue: OSJ-409Scott Cantor
- Review effects of Bouncy Castle 1.78's change to PEM parsingOSJ-408Brent Putman
- Request to make opensaml compatible with httpclient-4.* or httpclient5OSJ-407Resolved issue: OSJ-407Brent Putman
- Seems to produce SamlResponses which are against XML encryption specificationOSJ-406Resolved issue: OSJ-406Scott Cantor
- CompositeMetadataResolver.setId is not accessibleOSJ-405Resolved issue: OSJ-405Brent Putman
- MD generator creates invalid metadata - lang attributes missing for DisplayName and DescriptionOSJ-404Resolved issue: OSJ-404Scott Cantor
- Metadata generation omits xml:lang tag in some spotsOSJ-403Resolved issue: OSJ-403Scott Cantor
- LogoutMessage interface inherited from RequestAbstractTypeOSJ-402Resolved issue: OSJ-402Scott Cantor
- Implement chunked cookie storage with client storage serviceOSJ-401Scott Cantor
- Failure in OpenSAML tests with Santuario xmlsec 3.0.4OSJ-400Resolved issue: OSJ-400Brent Putman
- FileBackedHTTPMetadataResolverTest.testNoBackupFileLoadWhenMetadataCached brokenOSJ-397Resolved issue: OSJ-397Scott Cantor
- Replace BOMs in opensaml-parent with inlined dependency mgmt.OSJ-394Resolved issue: OSJ-394Scott Cantor
- Add CSP protection to OpenSAML messaging templatesOSJ-393Resolved issue: OSJ-393Scott Cantor
- OpenSAML's strict processing mode does not load ADFS metadataOSJ-392Resolved issue: OSJ-392Brent Putman
- Default supported TLS protocols appears too broadOSJ-391Resolved issue: OSJ-391Brent Putman
- Investigate possibility of HttpClient connection reuse with our custom TLS handlingOSJ-390Brent Putman
- Use try-with-resources for HttpEntity access for HttpClientOSJ-389Resolved issue: OSJ-389Brent Putman
- Extend metadata resolution with custom criteriaOSJ-399Resolved issue: OSJ-399Scott Cantor
- Update RSASSA-PSS AlgorithmDescriptors when Santuario updates their methodologyOSJ-388Resolved issue: OSJ-388Brent Putman
- Always use try-with-resources withHttpClient requests not involving HttpClientResponseHandlerOSJ-387Resolved issue: OSJ-387Brent Putman
- Update ConfigurationPropertiesSource to return a custom typeOSJ-386Resolved issue: OSJ-386Brent Putman
- Investigate update to Santuario XML Security 3.xOSJ-385Resolved issue: OSJ-385Brent Putman
- HTTP client changes to allow for preemptive basic authOSJ-384Resolved issue: OSJ-384Brent Putman
- Signature failures log WARN for Redirect binding but DEBUG for POST bindingOSJ-383Resolved issue: OSJ-383Brent Putman
- Implement support for legacy class transitions in getSubcontext(String)OSJ-382Resolved issue: OSJ-382Scott Cantor
- opensaml-core uses an old version of Metrics that depends on jdk.unsupportedOSJ-381Resolved issue: OSJ-381Scott Cantor
- Logging of assertion validation is overwriting specific error messagesOSJ-380Resolved issue: OSJ-380Scott Cantor
- "trustAnchors parameter must be non-empty" failure in httpClientOSJ-379Brent Putman
- Logging on AlgorithmSupport "failures" should be DEBUGOSJ-378Resolved issue: OSJ-378Brent Putman
50 of 389
