77.22.0

What's Changed

Feature - major opensaml library upgrade

• build(deps): Replace SAML Library by @Tallicia in #2908

Fixes

• Fix new SAML. Re-establish SAML setup for legacy by @strehle in #3164
• fix velocity dependency by @strehle in #3169
• Fix flaky StaleUrlCacheTests by @duanemay in #3179
• Fix retrieval of login.saml.providers by @strehle in #3178
• Fix issue #3104 by @strehle in #3182

Misc

• Support SAML keypair without a passphrase by @strehle in #3172
• Add logs in case of SAML issues by @strehle in #3173
• Refactor password grant by @strehle in #3165

Dependency Bumps

• build(deps): bump versions.jacksonVersion from 2.18.1 to 2.18.2 by @dependabot in #3166
• build(deps): bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 6.0.0.5145 to 6.0.1.5171 by @dependabot in #3167
• build(deps): bump jasmine from 5.4.0 to 5.5.0 in /uaa by @dependabot in #3176
• build(deps): bump jasmine-core from 5.4.0 to 5.5.0 in /uaa by @dependabot in #3175
• build(deps): bump org.eclipse.jgit:org.eclipse.jgit from 7.0.0.202409031743-r to 7.1.0.202411261347-r by @dependabot in #3177

Deprecation information

The setup of UAA with YAML setting

login.serviceProviderKey
login.serviceProviderCertificate

was set to deprecation a while ago, but the support is still in there. Please prepare your UAA configuration to change either towards

login.saml.serviceProviderKey
login.saml.serviceProviderCertificate

or if you want support key-rotation with SAML make use of the map in

login.saml.keys

similar to JWT signing keys

Full Changelog: v77.20.0...v77.22.0