Release date: 2016-06-27
For a complete list of issues addressed in this release, see https://issues.shibboleth.net/jira/issues/?filter=11476.
xmlsectool
has been ported from the old OpenSAML 2 software stack to OpenSAML 3. This means that xmlsectool
relies only on supported software. xmlsectool
now requires at least Java 7 to run.xmlsectool
no longer depends on, or bundles, "endorsed" versions of them. One benefit of this change is that some cases in which xmlsectool
previously inserted redundant namespace prefix definitions have been addressed (see XSTJ-4).net.shibboleth.tool.xmlsectool.XMLSecTool
.xmlsectool
no longer creates log files in its home directory by default. This means that write access to the installation directory is no longer required to run xmlsectool
. If the previous behaviour is desired, use the --logConfig
command line option to supply a custom logging configuration.--quiet
logging is selected. If the previous behaviour is desired, use the --logConfig
command line option to supply a custom logging configuration.--signatureRequired
command line option has been removed. Its effect was always present by default and there was no way to negate it, rendering it entirely redundant.--digest
command line option if you are sure that you need to override this.xmlsectool
V1.2.0 will not be accepted by default by xmlsectool
V2.0.0. If you are sure that you need to override this, you can do so by using the new --whitelistDigest
option to remove a specific digest algorithm from the blacklist, as an alternative to the combination of --clearBlacklist
and --blacklistDigest
options already available from V1.2.0.KeyValue
elements produced by previous versions of xmlsectool
are no longer included in the output.