Versions Compared

Old Version 120

changes.mady.by.user Ian Young

Saved on

compared with

New Version 121

changes.mady.by.user Ian Young

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • MDA-217: This release is built with Java 11, and requires a Java 11 or later execution environment. (Previously MDA-189 targeted the release to Java 8)

  • JPAR-125: Updated from V4.3 to V5.x of Spring Framework.

Packaging Changes

In version 0.10.0, the packaging of the Metadata Aggregator has been completely revised:

  • MDA-266: In prior versions, a single distribution package in .zip format was provided bundling a simple command-line interface, the MDA framework and all required dependencies, with a name like aggregator-cli-0.9.2-bin.zip. In version 0.10.0, two distribution packages are available:

    • mda-distribution-0.10.0.tar.gz, intended for non-Windows systems, and

    • mda-distribution-0.10.0.zip, intended for Windows systems.

Each package includes, as before, the MDA framework, the simple command-line interface and all required dependencies. Additional text files such as license material and examples follow Windows line endings for the .zip distribution and Unix line endings for the .tar.gz distribution. Both distributions include invocation scripts for both Linux (mda.sh) and Windows (mda.bat) systems following the natural line-ending conventions for their intended platforms.

By preference, you should use the .zip distribution only on Windows systems. If you are migrating from 0.9.x on a non-Windows system, you should switch to the .tar.gz distribution instead. However, the .zip distribution still includes the Linux invocation script with Unix-style line endings so it will still work. This behaviour is not guaranteed for future releases.

  • MDA-266: Maven artifact IDs for the JAR artifacts have changed:

    • aggregator-pipeline is now mda-framework

    • aggregator-cli is now mda-cli

The group ID remains net.shibboleth.metadata.

  • MDA-158: The packaging of the RSA key blacklist list resources introduced in version 0.9.0 has been changed. Previously included in the aggregator-pipeline artifact, these resources have now been moved into a separate aggregatormda-keylists-blacklistsrsa artifact. The resource names have not changed. This means that if your application does not use these resources, it may decrease in size by around 13MB. Applications making use of the blacklist resources may need to add a dependency on aggregatormda-keylists-blacklistsrsa.

  • MDA-181: A Maven BOM (Bill Of Materials) artifact has been made available. This makes it easier for projects using the Shibboleth MDA as a dependency to acquire a consistent set of managed dependencies without using the Shibboleth parent POM. You can include the MDA BOM in your Maven project like this:

    Code Block
    languagexml
    <dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>net.shibboleth.metadata</groupId>
            <artifactId>aggregator<artifactId>mda-bom</artifactId>
            <version>0.10.0</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

  • JPAR-113: The packaged aggregatormda-module JAR files, as well as a number of underlying library JARs have been given automatic module names as described in Java Modularity, for future use on the Java module path under Java 9 and later releases. Note that this version of the Shibboleth Metadata Aggregator has not been tested on, and is therefore not guaranteed to work on, the Java module path.

...

  • MDA-179: The Version class is now functional, rather than throwing a NullPointerException when used.

  • MDA-196: Setting the XMLSignatureSigningStage's includeX509SubjectName property to true caused a ClassCastException. It now behaves as intended, resulting in an <X509SubjectName> element being added to the signature's  <KeyInfo>'s <X509Data> element.

  • MDA-216: signatures generated by the XMLSignatureSigningStage under Java 11 are now consistent with signatures generated under earlier versions of Java.

  • MDA-220EntityFilterStage handled the case of whitelisting incorrectly when the collection of entity IDs to whitelist was empty. The stage now correctly removes all items from the collection, rather than removing none of them.

  • MDA-224XMLSignatureSigningStage threw an IndexOutOfBoundsException if the includeKeyValue property was set to true without either setting the publicKey or certificates properties; the stage now just omits the KeyValue from the signature as if includeKeyValue had been set to false.

  • MDA-226: The idTransformers property setter on ItemIdTransformStage incorrectly accumulated values from multiple calls instead of acting as a normal collection setter; this has been corrected.

  • MDA-243: The getter method for the ContactPersonFilterStage's designatedTypes property was misspelled. It is now getDesignatedTypes.