February 2016 - jbossws-issues - Jboss List Archives

[JBoss JIRA] (JBWS-3981) Remove requirement of org.apache.cxf.impl module dependency for STS deployments

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/JBWS-3981?page=com.atlassian.jira.plugin.... ] Alessio Soldano commented on JBWS-3981: --------------------------------------- Documentation updated in pages https://docs.jboss.org/author/display/JBWS/SAML+Bearer+Assertion+Scenario https://docs.jboss.org/author/display/JBWS/SAML+Holder-Of-Key+Assertion+S... https://docs.jboss.org/author/display/JBWS/ActAs+WS-Trust+Scenario https://docs.jboss.org/author/display/JBWS/WS-Trust+and+STS > Remove requirement of org.apache.cxf.impl module dependency for STS deployments > ------------------------------------------------------------------------------- > > Key: JBWS-3981 > URL: https://issues.jboss.org/browse/JBWS-3981 > Project: JBoss Web Services > Issue Type: Enhancement > Components: jbossws-cxf, productization > Reporter: Alessio Soldano > Assignee: Alessio Soldano > Fix For: jbossws-cxf-5.2.0.Final > > > We currently expect users deploying a WS-Trust STS endpoint to set a dependency to org.apache.cxf.impl module, to gain visibility on the org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider class as well as misc utility classes from cxf-services-sts-core.jar. > This has the side effect of exposing impl details of the whole Apache CXF to the deployment, as well as generating a warning in the logs as that module is private. > Moreover, should JAX-RS annotations be added to any of the jars we have in the cxf module, the STS deployment would fail due to the way jaxrs subsystem works on WildFly. > We should hence set a dependency to an independent module which should filter the exported classes (at least we should only expose the contents of the cxf-services-sts-core and cxf-rt-ws-security jars). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3981) Remove requirement of org.apache.cxf.impl module dependency for STS deployments

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/JBWS-3981?page=com.atlassian.jira.plugin.... ] Alessio Soldano edited comment on JBWS-3981 at 2/17/16 9:23 AM: ---------------------------------------------------------------- I've added a new org.jboss.ws.cxf.sts module to be used for STS deployment dependencies. Now, I could not simply export a filtered set of packages from org.apache.cxf.impl in there, basically because WFCORE-1372. So, I've split cxf-rt-ws-security.jar and cxf-services-sts-core.jar into separate cxf sub-modules and re-exported them in org.jboss.ws.cxf.sts. This way the cxf submodules act as filters and the org.jboss.ws.cxf.sts module does not need to filter anything and hence avoids the bug. was (Author: asoldano): I've added a new org.jboss.ws.cxf.sts module to be used for STS deployment dependencies. Now, I could not simply export a filtered set of packages from org.apache.cxf.impl in there, basically because WFCORE-1372. So, I've split cxf-rt-ws-security.jar and cxf-services-sts-core.jar into separate cxf sub-modules and re-exported them in org.jboss.ws.cxf.sts. This way the cxf submodules act as filters and the org.jboss.ws.cxf.sts module do not need to filter anything and hence avoid the bug. > Remove requirement of org.apache.cxf.impl module dependency for STS deployments > ------------------------------------------------------------------------------- > > Key: JBWS-3981 > URL: https://issues.jboss.org/browse/JBWS-3981 > Project: JBoss Web Services > Issue Type: Enhancement > Components: jbossws-cxf, productization > Reporter: Alessio Soldano > Assignee: Alessio Soldano > Fix For: jbossws-cxf-5.2.0.Final > > > We currently expect users deploying a WS-Trust STS endpoint to set a dependency to org.apache.cxf.impl module, to gain visibility on the org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider class as well as misc utility classes from cxf-services-sts-core.jar. > This has the side effect of exposing impl details of the whole Apache CXF to the deployment, as well as generating a warning in the logs as that module is private. > Moreover, should JAX-RS annotations be added to any of the jars we have in the cxf module, the STS deployment would fail due to the way jaxrs subsystem works on WildFly. > We should hence set a dependency to an independent module which should filter the exported classes (at least we should only expose the contents of the cxf-services-sts-core and cxf-rt-ws-security jars). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3982) Clean-up test deployment dependencies

by Alessio Soldano (JIRA)

Alessio Soldano created JBWS-3982: ------------------------------------- Summary: Clean-up test deployment dependencies Key: JBWS-3982 URL: https://issues.jboss.org/browse/JBWS-3982 Project: JBoss Web Services Issue Type: Task Components: jbossws-cxf Reporter: Alessio Soldano Assignee: Alessio Soldano Fix For: jbossws-cxf-5.2.0.Final In the cxf-specific testsuite, we have some test deployments specifying dependencies to module org.apache.cxf.impl, which is private and should hence not be used unless there's a real reason for doing that. With the upgrade to Apache CXF 3 series, the org.apache.cxf module now contains cxf-rt-core.jar instead of cxf-api.jar, so the public org.apache.cxf module can be used instead of the org.apache.cxf.impl one in some scenarios (where cxf core classes usage where the reason for setting the dependency). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3981) Remove requirement of org.apache.cxf.impl module dependency for STS deployments

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/JBWS-3981?page=com.atlassian.jira.plugin.... ] Alessio Soldano commented on JBWS-3981: --------------------------------------- Documentation pending, to be updated before release. > Remove requirement of org.apache.cxf.impl module dependency for STS deployments > ------------------------------------------------------------------------------- > > Key: JBWS-3981 > URL: https://issues.jboss.org/browse/JBWS-3981 > Project: JBoss Web Services > Issue Type: Enhancement > Components: jbossws-cxf, productization > Reporter: Alessio Soldano > Assignee: Alessio Soldano > Fix For: jbossws-cxf-5.2.0.Final > > > We currently expect users deploying a WS-Trust STS endpoint to set a dependency to org.apache.cxf.impl module, to gain visibility on the org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider class as well as misc utility classes from cxf-services-sts-core.jar. > This has the side effect of exposing impl details of the whole Apache CXF to the deployment, as well as generating a warning in the logs as that module is private. > Moreover, should JAX-RS annotations be added to any of the jars we have in the cxf module, the STS deployment would fail due to the way jaxrs subsystem works on WildFly. > We should hence set a dependency to an independent module which should filter the exported classes (at least we should only expose the contents of the cxf-services-sts-core and cxf-rt-ws-security jars). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3981) Remove requirement of org.apache.cxf.impl module dependency for STS deployments

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/JBWS-3981?page=com.atlassian.jira.plugin.... ] Alessio Soldano commented on JBWS-3981: --------------------------------------- I've added a new org.jboss.ws.cxf.sts module to be used for STS deployment dependencies. Now, I could not simply export a filtered set of packages from org.apache.cxf.impl in there, basically because WFCORE-1372. So, I've split cxf-rt-ws-security.jar and cxf-services-sts-core.jar into separate cxf sub-modules and re-exported them in org.jboss.ws.cxf.sts. This way the cxf submodules act as filters and the org.jboss.ws.cxf.sts module do not need to filter anything and hence avoid the bug. > Remove requirement of org.apache.cxf.impl module dependency for STS deployments > ------------------------------------------------------------------------------- > > Key: JBWS-3981 > URL: https://issues.jboss.org/browse/JBWS-3981 > Project: JBoss Web Services > Issue Type: Enhancement > Components: jbossws-cxf, productization > Reporter: Alessio Soldano > Assignee: Alessio Soldano > Fix For: jbossws-cxf-5.2.0.Final > > > We currently expect users deploying a WS-Trust STS endpoint to set a dependency to org.apache.cxf.impl module, to gain visibility on the org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider class as well as misc utility classes from cxf-services-sts-core.jar. > This has the side effect of exposing impl details of the whole Apache CXF to the deployment, as well as generating a warning in the logs as that module is private. > Moreover, should JAX-RS annotations be added to any of the jars we have in the cxf module, the STS deployment would fail due to the way jaxrs subsystem works on WildFly. > We should hence set a dependency to an independent module which should filter the exported classes (at least we should only expose the contents of the cxf-services-sts-core and cxf-rt-ws-security jars). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3981) Remove requirement of org.apache.cxf.impl module dependency for STS deployments

by Alessio Soldano (JIRA)

Alessio Soldano created JBWS-3981: ------------------------------------- Summary: Remove requirement of org.apache.cxf.impl module dependency for STS deployments Key: JBWS-3981 URL: https://issues.jboss.org/browse/JBWS-3981 Project: JBoss Web Services Issue Type: Enhancement Components: jbossws-cxf, productization Reporter: Alessio Soldano Assignee: Alessio Soldano Fix For: jbossws-cxf-5.2.0.Final We currently expect users deploying a WS-Trust STS endpoint to set a dependency to org.apache.cxf.impl module, to gain visibility on the org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider class as well as misc utility classes from cxf-services-sts-core.jar. This has the side effect of exposing impl details of the whole Apache CXF to the deployment, as well as generating a warning in the logs as that module is private. Moreover, should JAX-RS annotations be added to any of the jars we have in the cxf module, the STS deployment would fail due to the way jaxrs subsystem works on WildFly. We should hence set a dependency to an independent module which should filter the exported classes (at least we should only expose the contents of the cxf-services-sts-core and cxf-rt-ws-security jars). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3980) Make removing console log handler during prepare phase of testsuite optional

by Jan Blizňák (JIRA)

[ https://issues.jboss.org/browse/JBWS-3980?page=com.atlassian.jira.plugin.... ] Jan Blizňák updated JBWS-3980: ------------------------------ Git Pull Request: https://github.com/jbossws/jbossws-cxf/pull/5 Sent pull request https://github.com/jbossws/jbossws-cxf/pull/5 Console handlers are removed when _enableServerLoggingToConsole_ property is not specified. Default behaviour is the same as before, ie. no server message in console. > Make removing console log handler during prepare phase of testsuite optional > ---------------------------------------------------------------------------- > > Key: JBWS-3980 > URL: https://issues.jboss.org/browse/JBWS-3980 > Project: JBoss Web Services > Issue Type: Enhancement > Components: jbossws-cxf > Affects Versions: jbossws-cxf-5.1.3.Final > Reporter: Jan Blizňák > Assignee: Jan Blizňák > Priority: Optional > > Current groovy scripts for preparing various server configuration for tests remove console handler and set logging only to file. > This might be convenient for passing testsuite and/or for local run. For CI job or for debugging purposes it is often useful to have whole output (server log and test log) in one place to have context. So making the removal optional seems better to me. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3980) Make removing console log handler during prepare phase of testsuite optional

by Jan Blizňák (JIRA)

Jan Blizňák created JBWS-3980: --------------------------------- Summary: Make removing console log handler during prepare phase of testsuite optional Key: JBWS-3980 URL: https://issues.jboss.org/browse/JBWS-3980 Project: JBoss Web Services Issue Type: Enhancement Components: jbossws-cxf Affects Versions: jbossws-cxf-5.1.3.Final Reporter: Jan Blizňák Assignee: Jan Blizňák Priority: Optional Current groovy scripts for preparing various server configuration for tests remove console handler and set logging only to file. This might be convenient for passing testsuite and/or for local run. For CI job or for debugging purposes it is often useful to have whole output (server log and test log) in one place to have context. So making the removal optional seems better to me. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3979) Remove org.apache.santuario.xmlsec dependency from org.jboss.as.webservices.server.integration module

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/JBWS-3979?page=com.atlassian.jira.plugin.... ] Alessio Soldano updated JBWS-3979: ---------------------------------- Fix Version/s: jbossws-cxf-5.2.0.Final > Remove org.apache.santuario.xmlsec dependency from org.jboss.as.webservices.server.integration module > ----------------------------------------------------------------------------------------------------- > > Key: JBWS-3979 > URL: https://issues.jboss.org/browse/JBWS-3979 > Project: JBoss Web Services > Issue Type: Task > Reporter: Alessio Soldano > Assignee: Alessio Soldano > Fix For: jbossws-cxf-5.2.0.Final > > > We can remove org.apache.santuario.xmlsec dependency from org.jboss.as.webservices.server.integration module as Santuario is not needed directly from JBossWS (it's directly used by WSS4J and CXF though). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (JBWS-3979) Remove org.apache.santuario.xmlsec dependency from org.jboss.as.webservices.server.integration module

by Alessio Soldano (JIRA)

[ https://issues.jboss.org/browse/JBWS-3979?page=com.atlassian.jira.plugin.... ] Alessio Soldano updated JBWS-3979: ---------------------------------- Project: JBoss Web Services (was: WildFly) Key: JBWS-3979 (was: WFLY-6164) Workflow: classic default workflow (was: GIT Pull Request workflow ) > Remove org.apache.santuario.xmlsec dependency from org.jboss.as.webservices.server.integration module > ----------------------------------------------------------------------------------------------------- > > Key: JBWS-3979 > URL: https://issues.jboss.org/browse/JBWS-3979 > Project: JBoss Web Services > Issue Type: Task > Reporter: Alessio Soldano > Assignee: Alessio Soldano > > We can remove org.apache.santuario.xmlsec dependency from org.jboss.as.webservices.server.integration module as Santuario is not needed directly from JBossWS (it's directly used by WSS4J and CXF though). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jbossws-issues February 2016