...
MDA-217: This release is built with Java 11, and requires a Java 11 or later execution environment. (Previously MDA-189 targeted the release to Java 8)
JPAR-125: Updated from V4.3 to V5.x of Spring Framework.
Packaging Changes
In version 0.10.0, the packaging of the Metadata Aggregator has been completely revised:
MDA-266: In prior versions, a single distribution package in
.zip
format was provided bundling a simple command-line interface, the MDA framework and all required dependencies, with a name likeaggregator-cli-0.9.2-bin.zip
. In version 0.10.0, two distribution packages are available:mda-distribution-0.10.0.tar.gz
, intended for non-Windows systems, andmda-distribution-0.10.0.zip
, intended for Windows systems.
Each package includes, as before, the MDA framework, the simple command-line interface and all required dependencies. Additional text files such as license material and examples follow Windows line endings for the .zip
distribution and Unix line endings for the .tar.gz
distribution. Both distributions include invocation scripts for both Linux (mda.sh
) and Windows (mda.bat
) systems following the natural line-ending conventions for their intended platforms.
By preference, you should use the .zip
distribution only on Windows systems. If you are migrating from 0.9.x on a non-Windows system, you should switch to the .tar.gz
distribution instead. However, the .zip
distribution still includes the Linux invocation script with Unix-style line endings so it will still work. This behaviour is not guaranteed for future releases.
MDA-266: Maven artifact IDs for the JAR artifacts have changed:
aggregator-pipeline
is nowmda-framework
aggregator-cli
is nowmda-cli
The group ID remains net.shibboleth.metadata
.
MDA-158: The packaging of the RSA key blacklist list resources introduced in version 0.9.0 has been changed. Previously included in the
aggregator-pipeline
artifact, these resources have now been moved into a separateaggregatormda-keylists-blacklistsrsa
artifact. The resource names have not changed. This means that if your application does not use these resources, it may decrease in size by around 13MB. Applications making use of the blacklist resources may need to add a dependency onaggregatormda-keylists-blacklistsrsa
.MDA-181: A Maven BOM (Bill Of Materials) artifact has been made available. This makes it easier for projects using the Shibboleth MDA as a dependency to acquire a consistent set of managed dependencies without using the Shibboleth parent POM. You can include the MDA BOM in your Maven project like this:
Code Block language xml <dependencyManagement> <dependencies> <dependency> <groupId>net.shibboleth.metadata</groupId> <artifactId>aggregator<artifactId>mda-bom</artifactId> <version>0.10.0</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement>
JPAR-113: The packaged
aggregatormda-
module JAR files, as well as a number of underlying library JARs have been given automatic module names as described in Java Modularity, for future use on the Java module path under Java 9 and later releases. Note that this version of the Shibboleth Metadata Aggregator has not been tested on, and is therefore not guaranteed to work on, the Java module path.
...
MDA-179: The
Version
class is now functional, rather than throwing aNullPointerException
when used.MDA-196: Setting the
XMLSignatureSigningStage
'sincludeX509SubjectName
property totrue
caused aClassCastException
. It now behaves as intended, resulting in an<X509SubjectName>
element being added to the signature's<KeyInfo>
's<X509Data>
element.MDA-216: signatures generated by the
XMLSignatureSigningStage
under Java 11 are now consistent with signatures generated under earlier versions of Java.MDA-220:
EntityFilterStage
handled the case of whitelisting incorrectly when the collection of entity IDs to whitelist was empty. The stage now correctly removes all items from the collection, rather than removing none of them.MDA-224:
XMLSignatureSigningStage
threw an IndexOutOfBoundsException if theincludeKeyValue
property was set totrue
without either setting thepublicKey
orcertificates
properties; the stage now just omits theKeyValue
from the signature as ifincludeKeyValue
had been set tofalse
.MDA-226: The
idTransformers
property setter onItemIdTransformStage
incorrectly accumulated values from multiple calls instead of acting as a normal collection setter; this has been corrected.MDA-243: The getter method for the
ContactPersonFilterStage
'sdesignatedTypes
property was misspelled. It is nowgetDesignatedTypes
.