You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2019/01/19 07:57:46 UTC
svn commit: r1039206 - in /websites/production/cxf/content:
cache/docs.pageCache docs/33-migration-guide.html
Author: buildbot
Date: Sat Jan 19 07:57:46 2019
New Revision: 1039206
Log:
Production update by buildbot for cxf
Modified:
websites/production/cxf/content/cache/docs.pageCache
websites/production/cxf/content/docs/33-migration-guide.html
Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/cxf/content/docs/33-migration-guide.html
==============================================================================
--- websites/production/cxf/content/docs/33-migration-guide.html (original)
+++ websites/production/cxf/content/docs/33-migration-guide.html Sat Jan 19 07:57:46 2019
@@ -107,7 +107,7 @@ Apache CXF -- 3.3 Migration Guide
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h3 id="id-3.3MigrationGuide-MajorNotes:">Major Notes:</h3><h3 id="id-3.3MigrationGuide-ClaimsHandling:">Claims Handling:</h3><ul><li>The claimType of the <a shape="rect" class="external-link" href="https://github.com/apache/cxf/blob/master/rt/security/src/main/java/org/apache/cxf/rt/security/claims/Claim.java" rel="nofollow">Claim</a> class is now a "String" instead of a "URI".  This might break existing ClaimsHandler implementations in the STS. In addition, the ClaimsHandler interface now returns a List<String> for getSupportedClaimTypes() instead of List<URI>.</li><li>The Claims access control annotations/interceptors <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/CXF-6727">now work</a> with JWT tokens (as well as SAML tokens). This resulted in the following package changes:<br clear="none"><ul><li>ClaimsAuthorizingInterceptor has moved from the cxf-rt-security-saml module to the cxf-rt-security modul
e. The package name of the ClaimsAuthorizingInterceptor has changed: from org.apache.cxf.rt.security.saml.interceptor.ClaimsAuthorizingInterceptor to org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingInterceptor.</li><li>ClaimsAuthorizingFilter has moved from the cxf-rt-rs-security-xml module to the cxf-rt-frontend-jaxrs module. The package name of the ClaimsAuthorizingFilter  has changed: from org.apache.cxf.rs.security.saml.authorization.ClaimsAuthorizingFilter to org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter</li></ul></li></ul><h3 id="id-3.3MigrationGuide-NewFeatures:">New Features:</h3><ul><li>Support for signing HTTP messages via the HTTP Signature draft spec is included (<a shape="rect" class="external-link" href="https://tools.ietf.org/html/draft-cavage-http-signatures" rel="nofollow">https://tools.ietf.org/html/draft-cavage-http-signatures</a>) in the cxf-rt-rs-security-http-signature module.</li></ul><h3 id="id-3.3MigrationGuide-Majordependenc
ychanges:">Major dependency changes:</h3></div>
+<div id="ConfluenceContent"><h3 id="id-3.3MigrationGuide-MajorNotes:">Major Notes:</h3><h3 id="id-3.3MigrationGuide-ClaimsHandling:">Claims Handling:</h3><ul><li>The claimType of the <a shape="rect" class="external-link" href="https://github.com/apache/cxf/blob/master/rt/security/src/main/java/org/apache/cxf/rt/security/claims/Claim.java" rel="nofollow">Claim</a> class is now a "String" instead of a "URI".  This might break existing ClaimsHandler implementations in the STS. In addition, the ClaimsHandler interface now returns a List<String> for getSupportedClaimTypes() instead of List<URI>.</li><li>The Claims access control annotations/interceptors <a shape="rect" class="external-link" href="https://issues.apache.org/jira/browse/CXF-6727">now work</a> with JWT tokens (as well as SAML tokens). This resulted in the following package changes:<br clear="none"><ul><li>ClaimsAuthorizingInterceptor has moved from the cxf-rt-security-saml module to the cxf-rt-security modul
e. The package name of the ClaimsAuthorizingInterceptor has changed: from org.apache.cxf.rt.security.saml.interceptor.ClaimsAuthorizingInterceptor to org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingInterceptor.</li><li>ClaimsAuthorizingFilter has moved from the cxf-rt-rs-security-xml module to the cxf-rt-frontend-jaxrs module. The package name of the ClaimsAuthorizingFilter  has changed: from org.apache.cxf.rs.security.saml.authorization.ClaimsAuthorizingFilter to org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter</li></ul></li></ul><h3 id="id-3.3MigrationGuide-NewFeatures:">New Features:</h3><ul><li>Support for signing HTTP messages via the HTTP Signature draft spec is included (<a shape="rect" class="external-link" href="https://tools.ietf.org/html/draft-cavage-http-signatures" rel="nofollow">https://tools.ietf.org/html/draft-cavage-http-signatures</a>) in the cxf-rt-rs-security-http-signature module.</li></ul><h3 id="id-3.3MigrationGuide-Majordependenc
ychanges:">Major dependency changes:</h3><ul><li>Spring and Spring Security have been upgraded to 5.x, the Spring Boot dependency is now 2.x. However old versions will currently still work.</li><li>JAX-RS and JAXB APIs are now JakartaEE dependencies. All other JakartaEE dependencies will follow with the next major release. Old dependencies can still be just, but this requires exclusions to avoid duplicate transitive dependencies (currently no relocation is in place).</li></ul></div>
</div>
<!-- Content -->
</td>