Remove References to Deprecated OpenSaml Components

Issue gh-11658
2025-07-12 05:13:33 +00:00 · 2025-07-09 14:10:00 -06:00 · 2025-07-09 14:10:00 -06:00 · 9209a33678
commit 9209a33678
parent 7a7d2cacd2
4 changed files with 11 additions and 11 deletions
--- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc
+++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc
@ -542,7 +542,7 @@ For example, you can throw a custom exception with any additional information av
 ----
 OpenSaml4AuthenticationProvider provider = new OpenSaml4AuthenticationProvider();
 provider.setResponseValidator((responseToken) -> {
-	Saml2ResponseValidatorResult result = OpenSamlAuthenticationProvider
+	Saml2ResponseValidatorResult result = OpenSaml4AuthenticationProvider
 		.createDefaultResponseValidator()
 		.convert(responseToken)
 		.concat(myCustomValidator.convert(responseToken));
--- a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc
+++ b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc
@ -49,7 +49,7 @@ This filter calls its configured `AuthenticationConverter` to create a `Saml2Aut
 This converter additionally resolves the <<servlet-saml2login-relyingpartyregistration, `RelyingPartyRegistration`>> and supplies it to `Saml2AuthenticationToken`.

 image:{icondir}/number_2.png[] Next, the filter passes the token to its configured xref:servlet/authentication/architecture.adoc#servlet-authentication-providermanager[`AuthenticationManager`].
-By default, it uses the <<servlet-saml2login-architecture,`OpenSamlAuthenticationProvider`>>.
+By default, it uses the <<servlet-saml2login-architecture,`OpenSaml4AuthenticationProvider`>>.

 image:{icondir}/number_3.png[] If authentication fails, then _Failure_.

@ -184,9 +184,9 @@ To achieve this, any interfaces or classes where Spring Security uses OpenSAML i
 This makes it possible for you to switch out OpenSAML for some other library or an unsupported version of OpenSAML.

 As a natural outcome of these two goals, Spring Security's SAML API is quite small relative to other modules.
-Instead, such classes as `OpenSamlAuthenticationRequestFactory` and `OpenSamlAuthenticationProvider` expose `Converter` implementations that customize various steps in the authentication process.
+Instead, such classes as `OpenSamlXAuthenticationRequestFactory` and `OpenSamlXAuthenticationProvider` expose `Converter` implementations that customize various steps in the authentication process.

-For example, once your application receives a `SAMLResponse` and delegates to `Saml2WebSsoAuthenticationFilter`, the filter delegates to `OpenSamlAuthenticationProvider`:
+For example, once your application receives a `SAMLResponse` and delegates to `Saml2WebSsoAuthenticationFilter`, the filter delegates to `OpenSamlXAuthenticationProvider`:

 .Authenticating an OpenSAML `Response`
 image:{figures}/opensamlauthenticationprovider.png[]
--- a/docs/modules/ROOT/pages/servlet/saml2/logout.adoc
+++ b/docs/modules/ROOT/pages/servlet/saml2/logout.adoc
@ -510,7 +510,7 @@ Java::
 ----
@Component
 public class MyOpenSamlLogoutRequestValidator implements Saml2LogoutRequestValidator {
-	private final Saml2LogoutRequestValidator delegate = new OpenSamlLogoutRequestValidator();
+	private final Saml2LogoutRequestValidator delegate = new OpenSaml5LogoutRequestValidator();

 	@Override
    public Saml2LogoutRequestValidator logout(Saml2LogoutRequestValidatorParameters parameters) {
@ -529,7 +529,7 @@ Kotlin::
 ----
@Component
 open class MyOpenSamlLogoutRequestValidator: Saml2LogoutRequestValidator {
-	private val delegate = OpenSamlLogoutRequestValidator()
+	private val delegate = OpenSaml5LogoutRequestValidator()

 	@Override
    fun logout(parameters: Saml2LogoutRequestValidatorParameters): Saml2LogoutRequestValidator {
@ -586,7 +586,7 @@ Java::
 ----
@Component
 public class MyOpenSamlLogoutResponseValidator implements Saml2LogoutResponseValidator {
-	private final Saml2LogoutResponseValidator delegate = new OpenSamlLogoutResponseValidator();
+	private final Saml2LogoutResponseValidator delegate = new OpenSaml5LogoutResponseValidator();

 	@Override
    public Saml2LogoutValidatorResult logout(Saml2LogoutResponseValidatorParameters parameters) {
--- a/docs/modules/ROOT/pages/servlet/saml2/metadata.adoc
+++ b/docs/modules/ROOT/pages/servlet/saml2/metadata.adoc
@ -58,7 +58,7 @@ public class RefreshableRelyingPartyRegistrationRepository
        implements IterableRelyingPartyRegistrationRepository {

 	private final AssertingPartyMetadataRepository metadata =
-            OpenSamlAssertingPartyMetadataRepository
+            OpenSaml5AssertingPartyMetadataRepository
                .fromTrustedMetadataLocation("https://idp.example.org/metadata").build();

 	@Override
@ -93,7 +93,7 @@ Kotlin::
 class RefreshableRelyingPartyRegistrationRepository : IterableRelyingPartyRegistrationRepository {

    private val metadata: AssertingPartyMetadataRepository =
-        OpenSamlAssertingPartyMetadataRepository.fromTrustedMetadataLocation(
+        OpenSaml5AssertingPartyMetadataRepository.fromTrustedMetadataLocation(
            "https://idp.example.org/metadata").build()

    fun findByRegistrationId(registrationId:String?): RelyingPartyRegistration {
@ -132,7 +132,7 @@ Java::
 +
 [source,java,role="primary"]
 ----
-OpenSamlAssertingPartyMetadataRepository.withMetadataLocation("https://idp.example.org/metadata")
+OpenSaml5AssertingPartyMetadataRepository.withMetadataLocation("https://idp.example.org/metadata")
    .verificationCredentials((c) -> c.add(myVerificationCredential))
    .build();
 ----
@ -141,7 +141,7 @@ Kotlin::
 +
 [source,kotlin,role="secondary"]
 ----
-OpenSamlAssertingPartyMetadataRepository.withMetadataLocation("https://idp.example.org/metadata")
+OpenSaml5AssertingPartyMetadataRepository.withMetadataLocation("https://idp.example.org/metadata")
    .verificationCredentials({ c : Collection<Saml2X509Credential> ->
        c.add(myVerificationCredential) })
    .build()