mace-opensaml-users - Re: Sha2 signature info requested
Subject: OpenSAML user discussion
List archive
- From: Brent Putman <>
- To:
- Subject: Re: Sha2 signature info requested
- Date: Tue, 02 Oct 2007 18:14:36 -0400
Prasanna Krishna wrote: Hi Brent - Well, the OpenSAML stack is (just barely, as of last week) implicitly in a beta state, because we rolled out Shibboleth in beta1. Based on the key vs. Credential API change I noted, which SVN shows took place on 5/22/07, the (alpha) code that you are using is at least 4+ months old. There have been a lot of changes to the code since then, especially with the security related components. I obviously can't tell you what to do, but I would strongly advise you to reconsider using that in production.
Well, it's going to be the same mechanism, just change the algorithm URI constant: response.setSignature(signature); ((SAMLObjectContentReference)signature.getContentReferences().get(0)) .setDigestAlgorithm(SignatureConstants.ALGO_ID_DIGEST_SHA1);
There is currently no packaged source or binary distribution, stable or otherwise. Checkout from SVN is still the way to go. The OpenSAML stack is implictly in a beta1 state, concurrent with the Shibboleth beta1 (really a rolling beta), although we haven't actually formally tagged a beta1 for OpenSAML yet. We'll probably do that very soon, to give people a consistent target against which to start really testing and developing in earnest. However, I doubt we will be providing an official binary distribution for at least a little while - at the earliest probably a later, more formal beta stage. We haven't discussed a timeline for that yet, it could be sooner. --Brent |
- Sha2 signature info requested, Prasanna Krishna, 10/02/2007
- Re: Sha2 signature info requested, Brent Putman, 10/02/2007
- RE: Sha2 signature info requested, Prasanna Krishna, 10/02/2007
- Re: Sha2 signature info requested, Brent Putman, 10/02/2007
- RE: Sha2 signature info requested, Prasanna Krishna, 10/03/2007
- RE: Sha2 signature info requested, Paul Hethmon, 10/03/2007
- RE: Sha2 signature info requested, Scott Cantor, 10/03/2007
- RE: Sha2 signature info requested, Prasanna Krishna, 10/03/2007
- Notes on KeyInfoGenerator (was: RE: Sha2 signature info requested), Brent Putman, 10/03/2007
- RE: Sha2 signature info requested, Prasanna Krishna, 10/05/2007
- Re: Sha2 signature info requested, Brent Putman, 10/05/2007
- RE: Sha2 signature info requested, Scott Cantor, 10/05/2007
- RE: Sha2 signature info requested, Prasanna Krishna, 10/05/2007
- RE: Sha2 signature info requested, Prasanna Krishna, 10/03/2007
- Re: Sha2 signature info requested, Brent Putman, 10/02/2007
- RE: Sha2 signature info requested, Prasanna Krishna, 10/02/2007
- Re: Sha2 signature info requested, Brent Putman, 10/02/2007
Archive powered by MHonArc 2.6.16.