how to migrate from opensaml 2.6 to 3.1.1

Question

I have to migrate a class from opensaml 2.6 to opensaml 3.1.1 Compiling I obtain some errors

1)

Element plaintextElement = getElementAssertion(inputBean)         


        

Answer 1

Not sure if you managed to upgrade to opensaml 3 already but since I came across this while attempting the upgrade myself I thought I'm gonna document what I found.

There's very little documentation as apparently it's not a priority for them at the moment (also mentioned here: OpenSaml3 Documentation), the most useful (even if by far not complete) page I found is this one: https://wiki.shibboleth.net/confluence/display/OS30/Initialization+and+Configuration

1) There's a class SerializeSupport with a method prettyPrintXML in lib net.shibboleth.utilities:java-support

2) Initialization is now done via InitializationService e.g.

InitializationService.initialize();

You can retrieve the builder/marshallers via XMLObjectProviderRegistrySupport e.g.:

XMLObjectProviderRegistrySupport.getMarshallerFactory()
XMLObjectProviderRegistrySupport.getBuilderFactory()
XMLObjectProviderRegistrySupport.getUnmarshallerFactory()

Mind that opensaml is using the Java Service Provider API. In my case (using OSGi bundle org.apache.servicemix.bundles:org.apache.servicemix.bundles.opensaml) for parsing a SAML assertion I added the SPI config META-INF/services/org.opensaml.core.config.Initializer containing the following entries:

org.opensaml.core.xml.config.XMLObjectProviderInitializer
org.opensaml.core.xml.config.GlobalParserPoolInitializer
org.opensaml.saml.config.XMLObjectProviderInitializer
org.opensaml.saml.config.SAMLConfigurationInitializer
org.opensaml.xmlsec.config.XMLObjectProviderInitializer

EDIT: The above worked in a test but did not run in the OSGi container. Workaround for OSGi: OpenSAML3 resource not found 'default-config.xml' in OSGi container

If you use the standard libraries (org.opensaml:opensaml-core, org.opensaml:opensaml-saml-api, org.opensaml:opensaml-saml-impl, ...) you may not need to add any SPI config as the jars already contain SPI configs with a standard configuration for initialization.

3) There's a class BasicCredential in lib org.opensaml:opensaml-security-api. I don' see an alternative to providing a key during initalization.