Versions Compared

Old Version 165

changes.mady.by.user Ian Young

Saved on

compared with

New Version 166

changes.mady.by.user Ian Young

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • MDA-179: The Version class is now functional, rather than throwing a NullPointerException when used.

  • MDA-196: Setting the XMLSignatureSigningStage's includeX509SubjectName property to true caused a ClassCastException. It now behaves as intended, resulting in an <X509SubjectName> element being added to the signature's  <KeyInfo>'s <X509Data> element.

  • MDA-216: signatures generated by the XMLSignatureSigningStage under recent versions of Java are now consistent with signatures generated under earlier versions of Java: specifically, they no longer include explicit CR (ASCII 13) characters even on systems where lines are terminated by LF characters only.

  • MDA-220EntityFilterStage handled the case of whitelisting incorrectly when the collection of entity IDs to whitelist was empty. The stage now correctly removes all items from the collection, rather than removing none of them.

  • MDA-224XMLSignatureSigningStage threw an IndexOutOfBoundsException if the includeKeyValue property was set to true without either setting the publicKey or certificates properties; the stage now just omits the KeyValue from the signature as if includeKeyValue had been set to false.

  • MDA-226: The idTransformers property setter on ItemIdTransformStage incorrectly accumulated values from multiple calls instead of acting as a normal collection setter; this has been corrected.

  • MDA-243: The getter method for the ContactPersonFilterStage's designatedTypes property was misspelled. It is now getDesignatedTypes.

  • MDA-269: The MDQueryMD5ItemIdTransformer, MDQuerySHA1ItemIdTransformer, SHA1StringTransformer and X509RSAOpenSSLBlacklistValidator classes had a dependency on the default Charset, which in Java versions prior to Java 18 can vary across platforms, resulting in unstable results for strings containing non-ASCII characters. These classes now use UTF-8 exclusively when converting strings, matching the behaviour introduced by JEP 400 in Java 18.

  • MDA-273: CRDetectionStage was intended to indicate the SAML entity in which a &#13; appeared, as a way of helping to narrow this down in large aggregates. This functionality was broken but now appears: the error message is now prefixed with the entity’s ID attribute if present, or failing that its entityID.

  • MDA-280: Previously, EntityDescriptorItemIdPopulationStage would throw a ConstraintViolation at run time if asked to extract the entityID from an entity lacking that attribute, or for which the attribute was the empty string. This would result in failure of the entire pipeline. The stage now ignores such an entity, in the same way as it previously ignored items which were not EntityDescriptors at all. To detect such malformed entities in a controlled fashion, schema validation (and, optionally, removal of schema-invalid entities) is the recommended approach.

...