Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-623

Deprecated type of credentials in provided sample LDAP config

    XMLWordPrintable

    Details

      Description

      Hi,

      When getting a 3.0.0 IdP ready to roll out, I was checking for any warnings in idp-process.log.

      I found this one:

      2015-02-25 11:58:20,808 - WARN [net.shibboleth.idp.profile.spring.relyingparty.security.credential.X509ResourceCredentialParser:52] - Credential type 'X509Filesystem' has been deprecated; use the compatible Credential type 'X509ResourceBacked'
      

      and I've tracked it down to this snippet in attribute-resolver.xml which I took from attribute-resolver-ldap.xml

              <dc:StartTLSTrustCredential id="LDAPtoIdPCredential" xsi:type="sec:X509Filesystem">
                  <sec:Certificate>%{idp.attribute.resolver.LDAP.trustCertificates}</sec:Certificate>
              </dc:StartTLSTrustCredential>
      

      Changing the type to sec:X509ResourceBacked fixed it.

      I already found IDP-396 reporting missing documentation for the types (and I had to guess there are no syntax changes - at least checked the schema).

      Reporting this one so that the sample configuration in attribute-resolver-ldap.xml gets updated.

      Cheers,
      Vlad

        Attachments

          Activity

            People

            Assignee:
            cantor.2@osu.edu Scott Cantor
            Reporter:
            vme28@canterbury.ac.nz Vladimir Mencl
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 15 minutes
                15m