Der findes en nyere version af resourcen her

oiosaml.java 2.0.2

OIOSAML for Java release 2.0.2 has been made available. This is a minor fix, that ensures compatibility with certain servlet containers that initializes Servlets before Filters - we now ensure that OpenSAML is bootstrapped in both cases.

Code repository

The code is still available through Softwarebørsen SVN, and can be located here


Maven repository

The binary artifacts are distributed as Maven dependencies, and can be located here



Support for multiple IdP certificates

Bob Rao

Any chance of having support for multiple signing certificates?

For example, when AD FS does a certificate rollover, it provides metadata with two signing certificates (old and new) for a few weeks before it switches its primary (used) certificate over to the new one. Currently OIOSAML just takes the signing certificate that appears first in the metadata and ignores the other one(s).

I already have a simple patch (was applied on 21204) that works: https://gist.github.com/BobVul/ebbcde029841f7c4144ca96c7cd507ce

It does grab the encryption certificates too, but that should be a simple change to fix to make it signing-only. It would be great to see this supported in the official release, especially with the move to maven, so I don't have to maintain a separate build.

Seems a very good idea - I'll push it up the foodchain, and with approval, I'll make sure i gets in the next release

Is this fix commited yet? I've looked through release notes and checked the code in trunk but can't find it.

Any plans to fix this in the near future or would it be better to patch the code base?