Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
IMPORTEND: Is not finished because that contains a braking change, like
javax.servlet.* --> jakarta.servket.*
as one example and we miss some third-party libs that use the new API.
# Conflicts:
# eaaf_core_api/checks/spotbugs-exclude.xml
# eaaf_core_api/pom.xml
# eaaf_core_utils/checks/spotbugs-exclude.xml
# pom.xml
|
|
This version requires Java 17 as minimum
# Conflicts:
# build_reporting/pom.xml
# eaaf-springboot-utils/pom.xml
# eaaf_core/pom.xml
# eaaf_core_api/pom.xml
# eaaf_core_utils/pom.xml
# eaaf_modules/eaaf_module_auth_sl20/pom.xml
# eaaf_modules/eaaf_module_moa-sig/pom.xml
# eaaf_modules/eaaf_module_pvp2_core/pom.xml
# eaaf_modules/eaaf_module_pvp2_idp/pom.xml
# eaaf_modules/eaaf_module_pvp2_sp/pom.xml
# eaaf_modules/pom.xml
# pom.xml
|
|
|
|
|
|
The check can be disabled by using the configuration property: modules.sl20.security.truststore.need.valid.certificate
|
|
|
|
|
|
|
|
|
|
serializable
|
|
Select trusted X509 certificates based on KeyInfo from XML-Signature, if possible
|
|
serialization for storage
|
|
|
|
|
|
|
|
|
|
application specific information into error-GUI model
|
|
|
|
|
|
|
|
|
|
|
|
Details: openSAML4 uses org.apache.xml.security.algorithms.JCEMapper to
define JCE cryptoprovider for openSAML crypto. operations. However, this
JCEMapper is not used for openSAML Decrypter, so it must be set manually.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Reason: Exception messages are illustrated as UX errors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
skipped
- SBA Pentest finds a pattern that skip security validation SBA(202209-10.2)
|
|
configurated
|