We are trying to use opensaml with spring security. We need open saml version 4.3.2 but we are not able to download using maven and its forcing us to add shibboleth repository in my POM file.
Is this legit and not have any security concerns?
Previous versions of opensaml was getting downloaded without shibboleth repository entry in my POM.
We are trying to use opensaml with spring security. We need open saml version 4.3.2 but we are not able to download using maven and its forcing us to add shibboleth repository in my POM file.
Is this legit and not have any security concerns?
Previous versions of opensaml was getting downloaded without shibboleth repository entry in my POM.
Share Improve this question edited Mar 7 at 18:25 James Z 12.3k10 gold badges27 silver badges47 bronze badges asked Mar 7 at 15:36 SanjaySanjay 3153 silver badges15 bronze badges1 Answer
Reset to default 0The Shibboleth project's statement on Maven Central is here:
https://shibboleth.atlassian/wiki/spaces/DEV/pages/1123844333/Use+of+Maven+Central
Documentation on the Shibboleth project-provided repositories is here:
https://shibboleth.atlassian/wiki/spaces/DEV/pages/2891317253/MavenRepositories