Deprecated API
Contents
-
ElementDescriptionThis header is no longer supported by browsers. Use
SetCookieHeader
instead.UseClientSecretPostAuthenticationFilter(CredentialPair)
instead.for removal withEncryptedPrivateKeyJwtClientAuthenticationFilter.Builder.withEncryptionPurpose(Purpose)
. Will be removed in winter 2021 season.Please useEncryptedPrivateKeyJwtClientAuthenticationFilter.Builder.withEncryptionSecretReference(SecretReference)
instead. Will be removed in winter 2021 season.for removal withPrivateKeyJwtClientAuthenticationFilter.Builder.withSigningPurpose(Purpose)
. Will be removed in winter 2021 season.Please useSecretReference
API instead. Will be removed in winter 2021 season.Please usePrivateKeyJwtClientAuthenticationFilter.Builder.withSigningSecretReference(SecretReference)
instead. Will be removed in winter 2021 season.since 7.2.0, with OPENIG-5793. UseFunctions.find(String, String)
orFunctions.matchesWithRegex(String, String)
instead.since 7.2.0, with OPENIG-5957. UseFunctions.findGroups(String, String)
instead.please useCookieFilter.builder()
please useCookieFilter.builder()
please useCookieFilter.builder()
please useCookieFilter.builder()
please useCookieFilter.builder()
use the other constructor instead.useSqlAttributesFilter(DataSource, String, ScheduledExecutorService)
instead.
-
ClassDescriptionThis header is no longer supported by browsers. Use
SetCookieHeader
instead.since 26.2. SeeFilters.newUrlEncodedHttpBasicAuthFilter(String, SecretReference)
for a replacement.The “/oauth2/tokeninfo” endpoint was deprecated in AM 6.5.OpenAmAccessTokenResolver
is deprecated and should not be used.UseEncryptedThenSignedJwtHeaderBuilder
instead.UseEncryptedThenSignedJwtBuilder
instead.UseContentEncryptionHandler
instead.UseRSAEncryptionHandler
andAESCBCHMACSHA2ContentEncryptionHandler
instead.UseRSAEncryptionHandler
andAESCBCHMACSHA2ContentEncryptionHandler
instead.UseSecretECDSASigningHandler
insteadUseSecretEdDSASigningHandler
instead.UseSecretHmacSigningHandler
insteadThis algorithm is inherently insecure and shouldn't be used.UseSecretRSASigningHandler
insteadUseEncryptedThenSignedJwt
instead.PreferSecretsJwtTokenHandler
instead.RequestHandler
now has default methods which implement the not-supported behavior. This class is here for transition from pre-JDK8 impelementations.This class will be removed once CAF has been migrated fully to CHF, at which point components should createSecurityContext
s directly rather than via request attributes.in 7.1, useAbstractDecorator
as a replacement along with the class service/factory.in 2023.4.0, useSamlFederationFilterHeaplet
as a replacementUseSecretsKeyManagerHeaplet
instead.UseKeyStoreSecretStoreHeaplet
instead.UseSecretsTrustManagerHeaplet
instead.
-
FieldDescription
OAuth2ClientFilter.Heaplet.NAME
is more accurate and should be used for all new referencesOAuth2ResourceServerFilterHeaplet.NAME
is more accurate and should be used for all new referencesSince 2023.6 - supports legacy behaviour only
-
MethodDescriptionUse
ElasticsearchUtil.NORMALIZING_OBJECT_MAPPER
instead.UseHttpClientHandler.ProxyInfo.getCredentials()
insteadUseHttpClientHandler.ProxyInfo.getCredentials()
insteadReplaced byContentTypeHeader.getDirectives()
for removal withEncryptedPrivateKeyJwtClientAuthenticationFilter.Builder.withEncryptionPurpose(Purpose)
. Will be removed in winter 2021 season.Please useEncryptedPrivateKeyJwtClientAuthenticationFilter.Builder.withEncryptionSecretReference(SecretReference)
instead. Will be removed in winter 2021 season.UseOAuth2Error.asWwwAuthenticateHeader()
instead.for removal withPrivateKeyJwtClientAuthenticationFilter.Builder.withSigningPurpose(Purpose)
. Will be removed in winter 2021 season.Please useSecretReference
API instead. Will be removed in winter 2021 season.Please usePrivateKeyJwtClientAuthenticationFilter.Builder.withSigningSecretReference(SecretReference)
instead. Will be removed in winter 2021 season.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Only valid for RFC 2965 cookies ("Cookie2"), which have been deprecated and removed by most clients.Because Entity content should be read asynchronously. Instead retrieve theForm
withEntity.getFormAsync()
.useForm.fromFormString(String)
instead.useForm.toFormString()
instead.UseJweHeaderBuilder.epk(JWK)
instead.PreferJwtBuilderFactory.jwe(EncryptionKey)
instead.This method provides no security at all and shouldn't be used.PreferSignedJwtBuilderImpl.encrypt(EncryptionKey)
instead.PreferEncryptedJwt.decrypt(SecretsProvider, Purpose)
instead.PreferEncryptedJwt.decryptRawPayload(SecretsProvider, Purpose)
instead.replaced byEcJWK.getEllipticCurve()
.replaced byJWK.getJwaAlgorithm()
UseJWK.getX509Thumbprint()
instead.UseJWKSetParser.jwkSetAsync(URL)
instead.UseJwksStore.findJwkAsync(String)
instead.UseJwksStore.findJwkAsync(String)
instead.UseJwksStore.reloadJwksAsync()
instead.UseJwksStore.setJwkUrlAsync(URL)
instead.UseJwksStoreService.configureJwksStore(String, Duration, Duration, URL, Clock)
with an explicit clock.PreferEncryptedThenSignedJwt.decrypt(SecretsProvider, Purpose)
instead.Replaced byJwsAlgorithm.parseCryptographicAlgorithm(String)
useSigningManager.newEcdsaSigningHandler(SigningKey)
} insteaduseSigningManager.newEcdsaSigningHandler(SigningKey)
} insteaduseSigningManager.newHmacSigningHandler(SigningKey)
insteaduseSigningManager.newHmacSigningHandler(SigningKey)
insteadThis method is inherently insecure and shouldn't be used.UseSigningManager.newSigningHandler(SigningKey)
insteaduseJsonValue::copy
directly insteadUseCrestHttp.newHttpHandler(CrestApplication)
instead.UseCrestHttp.newHttpHandler(CrestApplication)
instead.UseCrestHttp.newHttpHandler(CrestApplication)
instead.Since 25.0.0. Prefer to useCrestHttp.newHttpHandler(CrestApplication, Factory)
and provide your own factory instead of the default one.Since 25.0.0. Prefer to useCrestHttp.newHttpHandler(CrestApplication, HttpContextFactory, Factory)
and provide your own factory instead of the default one.Since 25.0.0. Prefer to useCrestHttp.newHttpHandler(CrestApplication, Context, Factory)
and provide your own factory instead of the default one.UseCrestHttp.newHttpHandler(CrestApplication)
instead.in favor ofResourceException.newResourceException(int)
UseResources.newHandler(Object)
instead.UseResources.newHandler(Object)
instead.UseResources.newHandler(Object)
instead.UseResponses.newQueryResponse(String, CountPolicy, int)
instead.since 7.2.0, with OPENIG-5793. UseFunctions.find(String, String)
orFunctions.matchesWithRegex(String, String)
instead.since 7.2.0, with OPENIG-5957. UseFunctions.findGroups(String, String)
instead.please useCookieFilter.builder()
please useCookieFilter.builder()
please useCookieFilter.builder()
please useCookieFilter.builder()
please useCookieFilter.builder()
As of Version 2.1 of the Java Servlet API, useServletContext.getRealPath(java.lang.String)
instead.As of Version 2.1 of the Java Servlet API, useChfHttpServletRequestAdapter.isRequestedSessionIdFromURL()
instead.As of version 2.1, use encodeRedirectURL(String url) insteadAs of version 2.1, use encodeURL(String url) insteadAs of version 2.1, due to ambiguous meaning of the message parameter. To set a status code usesetStatus(int)
, to send an error with a description usesendError(int, String)
. Sets the status code and message for this response.since 2024.3.0, with OPENIG-8029. UseJwtValidator.Builder.claimSet(String, java.util.function.Function, JwtClaimConstraint, boolean)
instead.UseSecretBuilder.build(Purpose)
instead.UseBase64.decode(byte[])
instead.UseBase64.decode(char[])
instead.UseBase64.decode(String)
instead.Since 25.0.0. Prefer usingPromise.getOrThrow()
and handle properly theInterruptedException
in the calling code, or usePromise.getOrThrowIfInterrupted()
.Since 25.0.0. Prefer usingPromise.get(long, TimeUnit)
and handle properly theInterruptedException
in the calling code, or usePromise.getOrThrowIfInterrupted()
.useObjects.requireNonNull(Object)
} insteaduseObjects.requireNonNull(Object, String)
insteadExperience has shown thatReject.ifFalse
can be hard to read. Prefer to useReject.unless(boolean)
(which works identically) or rewrite to useReject.ifTrue(boolean)
instead.Experience has shown thatReject.ifFalse
can be hard to read. Prefer to useReject.unless(boolean, String)
(which works identically) or rewrite to useReject.ifTrue(boolean, String)
instead.ExecutorServiceFactory.createCachedThreadPool(String)
orExecutorServiceFactory.createCachedThreadPool(ThreadFactory)
should be used so that threads have meaningful names.ExecutorServiceFactory.createFixedThreadPool(int, String)
should be used so that threads have meaningful names.ExecutorServiceFactory.createScheduledService(int, String)
should be used so that threads have meaningful names.ExecutorServiceFactory.createThreadPool(int, int, long, TimeUnit, BlockingQueue, String)
should be used so that threads have meaningful names.
-
ConstructorDescriptionReplaced by
TransactionIdInboundFilter(boolean)
Replaced byContentTypeHeader(String, Map)
Replaced byContentTypeHeader(String, Map)
Since 25.0.0. Prefer usingPipeBufferedStream(Factory)
to provide your own Buffer FactoryUseClientSecretPostAuthenticationFilter(CredentialPair)
instead.The clock attribute is not used anymore. UseResourceServerFilter(AccessTokenResolver, ResourceAccess, String)
instead. Deprecated in 25.0.0.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.Use the builder instead.It is recommended to useJwksStore.newJwksStore(Duration, Duration, URL, JWKSetParser, Clock)
.Prefer using the constructorJwksStoreService(Client client)
in which you provide your own instance ofClient
. This one does instantiate a specific instance of AsyncHttpClient but does not allow any custom filter processing, nor does it close it properly.Prefer using the constructorJwksStoreService(Client client)
where timeouts are in control of the client applicationPlease useRSASigningHandler(Key)
.useSigningManager(SecretsProvider)
insteadUseSecretsJwtTokenHandler.builder()
instead.UseJsonPointer.rootPtr()
instead.use the other constructor instead.useSqlAttributesFilter(DataSource, String, ScheduledExecutorService)
instead.useHsmKeyStoreLoader(Provider hsmProvider)
instead so that management of the provider can be left to the caller.Prefer usingSecretsProvider(Clock)
and provide your own clock instance.Prefer usingRequestAuditContext(Context, Instant)
not to rely on the system clock.Prefer usingRequestAuditContext(Context, Instant)
.Prefer the use ofDuration.duration(long, TimeUnit)
.
-
Enum ConstantDescriptionthis should never be used as it is a security risk.RSA1_5 is an insecure encryption mode. Use
JweAlgorithm.RSA_OAEP_256
instead.This algorithm is inherently insecure and should not be used.This algorithm is inherently insecure and shouldn't be used.
Filters.newHttpBasicAuthenticationFilter(CredentialPair)
instead