Page tree
Skip to end of metadata
Go to start of metadata

Collection point for discussion around V4 scoping, before we turn this into formal JIRA issues. Emphasis on anything we might do that would require interim work on 3.4 to prepare for.


  • Require Java 8 (theoretically could be 9, but seems unlikely)
  • Spring Framework 5
    • Need to validate Spring WebFlow sooner rather than later
  • Deprecated or embrace Rhino? Or Nashorn?
  • Code Coverage - we used it early in V3,  Adopt or drop.
  • Remove use of parameterized constructors  IDP-1047 - Getting issue details... STATUS IDP-1054 - Getting issue details... STATUS  (and others)
  • Generics in API classes  IDP-316 - Getting issue details... STATUS  (and others)
  • Deprecate SVN Resource and replace with "something"
  • Other code ceanup


  • Move Attribute Encoding elsewhere
  • Mixed Mode language (allow raw spring inside attribute-resolver &c, and get it parsed inside the same spring context tree) JSE-18 - Getting issue details... STATUS
  • Multi- Attribute sources, attribute decoding (and gateways)  IDP-926 - Getting issue details... STATUS  and many many more
  • Container work (jetty-base, windows installer,  containers, java (see also  IDP-1092 - Getting issue details... STATUS  and many many many more 
  • Type conversion in data connectors  IDP-514 - Getting issue details... STATUS
  • Signable Config  IDP-448 - Getting issue details... STATUS


  • ValidUntil Metadata filter  IDP-693 - Getting issue details... STATUS
  • Old style transients in the attribute encode
    • UK Federation issue?
  • Data Connectors shared between users (some write back some dont) IDP-1052 - Getting issue details... STATUS


Configuration Related

Unless explicitly noted, everything proposed currently warns in the log. 

  • 'Legacy' (V2) relying-party.xml.
    • This is currently not warned on
    • Removing this may allow cleanup in metadata-providers
  • Legacy Principal Connectors
    • Plus a lot of upstream code.
    • Currently warned on (since 3.0)
    • Will this allow refactoring of the C14N code to remove hooks for legacy support?
  • Legacy namespaces for Attribute Fitering and Resolution (urn:mace:shibboleth:2.0:afp:mf:basic, urn:mace:shibboleth:2.0:afp:mf:saml, urn:mace:shibboleth:2.0:attribute:encoder,  urn:mace:shibboleth:2.0:resolver:ad, urn:mace:shibboleth:2.0:resolver:dc, urn:mace:shibboleth:2.0:resolver:pc)
    • Currently warned on (since 3.3, 3.2)
  • Making the work context available to to Attribute Scripts
    • Warned on
    • Can then remove
  • LDAPDataConnector:
    • mergeResults attributes (deprecated since V2.?)
    • queryUsesStoredProcedure & cacheResults attributes (deprecated in V2?)
  • Attribute Filter details 
    • Issuer filters (Not implemented and warned on in V3.)
    • Rule References
  • Attribute <Dependency>  IDP-680 - Getting issue details... STATUS  (Plus a lot of upstream code.)
  •  /META-INF/net.shibboleth.idp/config.xml
  • Old style scripted attributes edu.internet2.middleware.shibboleth.common.attribute.provider.BasicAttribute
  • Old style (pre 3.3) MFA
    • Probably not warned on, (is it even be possible?)
  • Use of Resource backed metadata source with anything but a ref.
    • Not warned on (yet)

Code Related

There are many deprecated methods and classes (also Interfaces) which currently do not log warnings.  Probably need to review and, if appropriate add warning for 3.4.

  • No labels