OpenSAML user discussion

Hi,

we are still using opensaml 1.1 as our applicationservers do not yet support 
saml 2.

I noticed in the sourcecode there was a bugfix solving the following issue:

The specification says that in a saml:Subject, either NameIdentifier or 
ConfirmationMethod (in block SubjectConfirmation) is mandatory.
However, the javacode building a SAMLSubject out of a dom Element never reads 
the SubjectConfirmation part if the NameIdentifier is null.
=> if the NameIdentifier is null, it always throws a MalformedException.

This was solved in the latest version of SAMLSubject (of saml1.1):
Revision 405 -  
Modified Wed May 17 15:03:54 2006 EDT (2 years, 10 months ago) by cantor 
Handle Subject with no NameID.

However,
this version of the class is not in the downloadable jar which means everyone 
using the jar of opensaml 1.1 has this bug.
I can easily integrate the bugfix locally but some of our clients that will 
be using opensaml1.1 to send/receive saml messages will have problems with 
this unless I present them an updated jar.

Can't there be a new, official release of the jar containing the bugfix ?


Frederik