diff --git a/parent/pom.xml b/parent/pom.xml
index a0a06aa3f78..73acc3ca2b9 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -235,7 +235,7 @@
6.5.1
4.2.1
1.6.3
- 3.0.1
+ 4.0.0-SNAPSHOT
2.3.1
3.8.11.Final
2.1
diff --git a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
index 9da501b2d07..27ccf9ebfb7 100644
--- a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
@@ -98,7 +98,7 @@ private void validateAudience(Message message, Conditions cs) {
for (AudienceRestriction ar : restrictions) {
List audiences = ar.getAudiences();
for (Audience a : audiences) {
- if (absoluteAddress.equals(a.getAudienceURI())) {
+ if (absoluteAddress.equals(a.getURI())) {
return;
}
}
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
index dbc9b32d04a..85c0e0ede96 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
@@ -295,7 +295,7 @@ private boolean matchSaml2AudienceRestriction(
if (audienceRestriction.getAudiences() != null) {
boolean matchFound = false;
for (org.opensaml.saml.saml2.core.Audience audience : audienceRestriction.getAudiences()) {
- if (appliesTo.equals(audience.getAudienceURI())) {
+ if (appliesTo.equals(audience.getURI())) {
matchFound = true;
oneMatchFound = true;
break;
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlpRequestComponentBuilder.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlpRequestComponentBuilder.java
index 415aedb3bec..9e9bbad53d5 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlpRequestComponentBuilder.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlpRequestComponentBuilder.java
@@ -192,7 +192,7 @@ public static AuthnContextClassRef createAuthnCtxClassRef(
builderFactory.getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
}
AuthnContextClassRef authnCtxClassRef = requestedAuthnCtxClassRefBuilder.buildObject();
- authnCtxClassRef.setAuthnContextClassRef(authnCtxClassRefValue);
+ authnCtxClassRef.setURI(authnCtxClassRefValue);
return authnCtxClassRef;
}
diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
index 52e90f32dd0..1b4bb80b52b 100644
--- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
+++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
@@ -286,7 +286,9 @@ public void testResponseModifiedSignedAssertion() throws Exception {
DOMUtils.findAllElementsByTagNameNS(policyElement, SAMLConstants.SAML20_NS, "Assertion");
assertNotNull(assertions);
assertTrue(assertions.size() == 1);
- assertions.get(0).setAttributeNS(null, "newattr", "http://apache.org");
+ Thread.sleep(1000L);
+ Instant issueInstant = Instant.now();
+ assertions.get(0).setAttributeNS(null, "IssueInstant", issueInstant.toString());
Response marshalledResponse = (Response)OpenSAMLUtil.fromDom(policyElement);
@@ -395,7 +397,9 @@ public void testModifiedSignedResponse() throws Exception {
doc.appendChild(policyElement);
assertNotNull(policyElement);
- policyElement.setAttributeNS(null, "newattr", "http://apache.org");
+ Thread.sleep(1000L);
+ Instant issueInstant = Instant.now();
+ policyElement.setAttributeNS(null, "IssueInstant", issueInstant.toString());
Response marshalledResponse = (Response)OpenSAMLUtil.fromDom(policyElement);
diff --git a/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/xacml2/DefaultXACMLRequestBuilder.java b/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/xacml2/DefaultXACMLRequestBuilder.java
index bf03f55c794..75a345ec104 100644
--- a/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/xacml2/DefaultXACMLRequestBuilder.java
+++ b/rt/security-saml/src/main/java/org/apache/cxf/rt/security/saml/xacml2/DefaultXACMLRequestBuilder.java
@@ -27,7 +27,7 @@
import javax.xml.namespace.QName;
-import net.shibboleth.utilities.java.support.xml.DOMTypeSupport;
+import net.shibboleth.shared.xml.DOMTypeSupport;
import org.apache.cxf.message.Message;
import org.apache.cxf.rt.security.saml.xacml.CXFMessageParser;
import org.apache.cxf.rt.security.saml.xacml.XACMLConstants;
diff --git a/rt/security-saml/src/test/java/org/apache/cxf/rt/security/saml/xacml2/RequestComponentBuilderTest.java b/rt/security-saml/src/test/java/org/apache/cxf/rt/security/saml/xacml2/RequestComponentBuilderTest.java
index de3f660ad1a..3c100181000 100644
--- a/rt/security-saml/src/test/java/org/apache/cxf/rt/security/saml/xacml2/RequestComponentBuilderTest.java
+++ b/rt/security-saml/src/test/java/org/apache/cxf/rt/security/saml/xacml2/RequestComponentBuilderTest.java
@@ -31,7 +31,7 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import net.shibboleth.utilities.java.support.xml.DOMTypeSupport;
+import net.shibboleth.shared.xml.DOMTypeSupport;
import org.apache.cxf.rt.security.saml.xacml.XACMLConstants;
import org.apache.wss4j.common.saml.OpenSAMLUtil;
import org.opensaml.xacml.ctx.ActionType;
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/delegation/SAMLDelegationHandler.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/delegation/SAMLDelegationHandler.java
index 796b3013b0d..d377361389f 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/delegation/SAMLDelegationHandler.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/delegation/SAMLDelegationHandler.java
@@ -124,14 +124,14 @@ protected List getAudienceRestrictions(SamlAssertionWrapper assertion) {
for (AudienceRestrictionCondition restriction
: assertion.getSaml1().getConditions().getAudienceRestrictionConditions()) {
for (org.opensaml.saml.saml1.core.Audience audience : restriction.getAudiences()) {
- addresses.add(audience.getUri());
+ addresses.add(audience.getURI());
}
}
} else if (assertion.getSaml2() != null) {
for (org.opensaml.saml.saml2.core.AudienceRestriction restriction
: assertion.getSaml2().getConditions().getAudienceRestrictions()) {
for (org.opensaml.saml.saml2.core.Audience audience : restriction.getAudiences()) {
- addresses.add(audience.getAudienceURI());
+ addresses.add(audience.getURI());
}
}
}
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
index 7a7d740f1c1..d7d0d3cdfa5 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
@@ -390,7 +390,7 @@ private boolean matchSaml1AudienceRestriction(
for (AudienceRestrictionCondition restrCondition : restrConditions) {
if (restrCondition.getAudiences() != null) {
for (Audience audience : restrCondition.getAudiences()) {
- if (appliesTo.equals(audience.getUri())) {
+ if (appliesTo.equals(audience.getURI())) {
return true;
}
}
@@ -409,7 +409,7 @@ private boolean matchSaml2AudienceRestriction(
for (AudienceRestriction audienceRestriction : audienceRestrictions) {
if (audienceRestriction.getAudiences() != null) {
for (org.opensaml.saml.saml2.core.Audience audience : audienceRestriction.getAudiences()) {
- if (appliesTo.equals(audience.getAudienceURI())) {
+ if (appliesTo.equals(audience.getURI())) {
return true;
}
}