Bugzilla – Bug 5791
upgrade JAR dependencies
Last modified: 2008-09-10 14:33:47
You need to log in before you can comment on or make changes to this bug.
In GridShib for GT 0.6.0, upgrade to the latest globus-opensaml-1.1.jar and gridshib-common*.jar.
Upgraded to gridshib-common-0_2_0.jar and globus-opensaml-1.1.jar from GridShib SAML Tools 0.2.0. Modified GridShibPushPDPImpl and SAMLAssertionPushPIPImpl. Updated the javadocs in some of the 4.0 src-proxies. Committed these files to gridshib_gt_0_6_0_branch on Wed, Jan 16, 2008.
Upgraded to gridshib-common-0_3_0-alpha.jar and globus-opensaml-1.1.jar from GridShib SAML Tools 0.3.0 Alpha. - Added id argument to addSAMLAttributes method in GS4GTSecurityContext. - Refactored SAMLQueryPIPImpl so that it passes id to addSAMLAttributes method. - Removed all references to "raw" attributes in AttributeAcceptancePIPImpl. - Call setTrusted method on trusted attributes in AttributeAcceptancePIPImpl.
Unexpectedly, the GridShib Security Framework implemented in GS-ST 0.3.0 is incompatible with GT 4.0. This is because GT 4.0 depends on release 1.25 of the BC provider (jce-jdk13-125.jar), which does not include class org.bouncycastle.asn1.ASN1InputStream However, GT 4.1, which depends on release 1.31 of the BC provider (jce-jdk13-131.jar), works just fine with the GridShib Security Framework. So the solution is to downgrade to release 1.31 of the BC provider in GS-ST 0.3.0 while upgrading to release 1.31 of the BC provider in GS4GT 0.6.0. Both GS-ST 0.3.0 and GS4GT 0.6.0 now depend on release 1.31 of the BC provider. The latter required some delicate modifications to gridshib/gt/interceptors/java/source/build.xml and the 4.0 version of post-deploy.xml.
Refreshed gridshib-common-0_3_0-alpha.jar and globus-opensaml-1.1.jar from GridShib SAML Tools 0.3.0 Alpha (since the latter has changed recently, see Bug 5817).
GS4GTv0.6.0 will ship with gridshib-common-0_3_0-alpha.jar and globus-opensaml-1.1.jar from GridShib SAML Tools 0.3.0 Alpha, so this bug does not block Bug 5568.
(In reply to comment #3) > Unexpectedly, the GridShib Security Framework implemented in GS-ST 0.3.0 is > incompatible with GT 4.0. This is because GT 4.0 depends on release 1.25 of > the BC provider (jce-jdk13-125.jar), which does not include class > > org.bouncycastle.asn1.ASN1InputStream False. The API in jce-jdk13-125.jar does in fact include this class, it's just that the following constructor does not exist: org.bouncycastle.asn1.ASN1InputStream(byte[] input); Note that this constructor is used in classes org.globus.gridshib.security.x509.SAMLX509Extension org.globus.gridshib.security.x509.GlobusCredentialTest > However, GT 4.1, which depends on release 1.31 of the BC provider > (jce-jdk13-131.jar), works just fine with the GridShib Security Framework. That's because the API in jce-jdk13-131.jar *does* include the above constructor. > So > the solution is to downgrade to release 1.31 of the BC provider in GS-ST 0.3.0 > while upgrading to release 1.31 of the BC provider in GS4GT 0.6.0. > > Both GS-ST 0.3.0 and GS4GT 0.6.0 now depend on release 1.31 of the BC provider. > The latter required some delicate modifications to > gridshib/gt/interceptors/java/source/build.xml and the 4.0 version of > post-deploy.xml. No, this is not the preferred solution. Note that the API in both jce-jdk13-125.jar and jce-jdk13-131.jar includes the constructor org.bouncycastle.asn1.ASN1InputStream(java.io.InputStream is) So a better solution is to rewrite the code so that it uses the above constructor instead of the previous constructor.
(In reply to comment #6) > > org.globus.gridshib.security.x509.SAMLX509Extension > org.globus.gridshib.security.x509.GlobusCredentialTest > > Note that the API in both > jce-jdk13-125.jar and jce-jdk13-131.jar includes the constructor > > org.bouncycastle.asn1.ASN1InputStream(java.io.InputStream is) > > So a better solution is to rewrite the code so that it uses the above > constructor instead of the previous constructor. The downgrade to jce-jdk13-125.jar is complete. Patched files committed to CVS HEAD. This patch will appear in GS-ST v0.4.3.
With the resolution of Bug 5965, integration of gridshib-common-0_4_3.jar can proceed.
gridshib-common-0_4_3.jar has been tested with GS4GT in my sandbox.
Upgraded to the latest version of GridShib Common (gridshib-common-0_5_0-rc.jar) and the Globus SAML Library (globus-opensaml-1.1.jar). The latter contains some enhancements to the SAMLAttribute class.
Forgot to synchronize the CVS repository with the JARs mentioned in Comment #10 (duh). Doing so now... Since GS-ST v0.5.0 RC is feature complete, this should be the last upgrade of consequence.
(In reply to comment #11) > > Since GS-ST v0.5.0 RC is feature complete, this should be the last upgrade of > consequence. That's true, but there will be one last JAR upgrade after GS-ST v0.5.0 Final is released. Once this is done, DON'T FORGET TO UPDATE THE FILELISTS!
(In reply to comment #11) > > Since GS-ST v0.5.0 RC is feature complete, this should be the last upgrade of > consequence. Yeah, right ;-) Just finished upgrading to 0_5_0-rc2. See Bug 6278 and Bug 6269, which forced this upgrade.
Upgraded to gridshib-common-0_5_0.jar. GS4GTv0.6.1RC2 will be distributed with this new JAR.
