1 files changed, 17 insertions, 16 deletions

diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java
index 6d78b775..380e735c 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java
@@ -24,28 +24,27 @@ import javax.xml.transform.dom.DOMSource;
 import javax.xml.validation.Schema;
 import javax.xml.validation.Validator;
 
+import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
+
 import org.apache.commons.lang3.StringUtils;
-import org.opensaml.common.SignableSAMLObject;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.common.xml.SAMLSchemaBuilder;
+import org.opensaml.core.criterion.EntityIdCriterion;
+import org.opensaml.saml.common.SignableSAMLObject;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.common.xml.SAMLSchemaBuilder;
+import org.opensaml.saml.common.xml.SAMLSchemaBuilder.SAML1Version;
+import org.opensaml.saml.security.impl.SAMLSignatureProfileValidator;
 import org.opensaml.security.MetadataCriteria;
-import org.opensaml.security.SAMLSignatureProfileValidator;
-import org.opensaml.ws.message.MessageContext;
+import org.opensaml.security.credential.UsageType;
+import org.opensaml.security.criteria.UsageCriterion;
 import org.opensaml.ws.security.SecurityPolicyException;
 import org.opensaml.ws.security.SecurityPolicyRule;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.security.CriteriaSet;
-import org.opensaml.xml.security.credential.UsageType;
-import org.opensaml.xml.security.criteria.EntityIDCriteria;
-import org.opensaml.xml.security.criteria.UsageCriteria;
-import org.opensaml.xml.signature.SignatureTrustEngine;
-import org.opensaml.xml.validation.ValidationException;
+import org.opensaml.xmlsec.signature.support.SignatureTrustEngine;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Element;
 import org.xml.sax.SAXException;
 
-import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
+import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
 
 /**
  * Signature Policy for SAML2 redirect-binding.
@@ -58,6 +57,8 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit
   private static final Logger log =
       LoggerFactory.getLogger(AbstractRequestSignedSecurityPolicyRule.class);
 
+  private static SAMLSchemaBuilder schemaBuilder = new SAMLSchemaBuilder(SAML1Version.SAML_11);
+
   private SignatureTrustEngine trustEngine = null;
   private QName peerEntityRole = null;
 
@@ -136,9 +137,9 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit
       }
 
       final CriteriaSet criteriaSet = new CriteriaSet();
-      criteriaSet.add(new EntityIDCriteria(context.getInboundMessageIssuer()));
+      criteriaSet.add(new EntityIdCriterion(context.getInboundMessageIssuer()));
       criteriaSet.add(new MetadataCriteria(peerEntityRole, SAMLConstants.SAML20P_NS));
-      criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
+      criteriaSet.add(new UsageCriterion(UsageType.SIGNING));
 
       try {
         if (!trustEngine.validate(samlObj.getSignature(), criteriaSet)) {
@@ -164,7 +165,7 @@ public abstract class AbstractRequestSignedSecurityPolicyRule implements Securit
 
     String err = null;
     try {
-      final Schema test = SAMLSchemaBuilder.getSAML11Schema();
+      final Schema test = schemaBuilder.getSAMLSchema();
       final Validator val = test.newValidator();
       val.validate(new DOMSource(source));
       log.debug("Schema validation check done OK");