You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@karaf.apache.org by Grzegorz Grzybek <gr...@gmail.com> on 2022/11/07 11:56:44 UTC
[ANN] Pax Web 8.0.12 and 9.0.2 released
Hello
I'd like to announce new minor releases of Pax Web: 8.0.12 and 9.0.2.
There was one bug fixed related to non-default HttpContext and resource
servlet registered in Tomcat runtime by felix.webconsole. Thanks +Martin
Zukal <ma...@stabilit.ch> for the report!
Non runtime updates are ASM 9.4 and BouncyCastle 1.72 (test only).
Jetty and Tomcat runtimes are upgraded and the current versions are:
- Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
- Tomcat 9.0.68
- Undertow 2.2.21.Final
For completeness, the changelogs is available for 8.0.12[1] and 9.0.2[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/228?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/227?closed=1
Re: [ANN] Pax Web 8.0.18 and 9.0.7 released
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Thanks !
I'm updating/testing in Karaf.
Regards
JB
On Thu, Mar 23, 2023 at 6:43 PM Grzegorz Grzybek <gr...@gmail.com> wrote:
>
> Hello
>
> I'd like to announce new minor releases of Pax Web: 8.0.18 and 9.0.7.
>
> Current runtime versions are:
>
> Jetty 9.4.51.v20230217 (8.0.x) and 10.0.14 (9.0.x)
> Tomcat 9.0.73
> Undertow 2.2.23.Final
>
> There's new Karaf feature called "pax-web-jetty-http2-extras" which includes additional, client-side http2 Jetty bundles. And existing "pax-web-jetty-extras" feature contains two additional Jetty bundles.
>
> For completeness, the changelogs is available for 8.0.18[1] and 9.0.7[2].
>
> kind regards
> Grzegorz Grzybek
> ===
> [1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/241?closed=1
> [2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/242?closed=1
>
> --
> --
> ------------------
> OPS4J - http://www.ops4j.org - ops4j@googlegroups.com
>
> ---
> You received this message because you are subscribed to the Google Groups "OPS4J" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ops4j+unsubscribe@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/ops4j/CAAdXmhqoYkihzgDHv%3DMBW5d5Unaddq1E0Ozty-PHf0_GAKZq7g%40mail.gmail.com.
[ANN] Pax Web 8.0.27 and 9.0.16 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new releases of Pax Web: 8.0.27 and 9.0.16. Only
runtimes are upgraded (Tomcat and Undertow)
Current runtime versions are:
- Jetty 9.4.54.v20240208 (8.0.x) and 10.0.20 (9.0.x)
- Tomcat 9.0.87
- Undertow 2.2.31.Final
For completeness, the changelogs are available for 8.0.27[1] and 9.0.16[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/260?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/261?closed=1
[ANN] Pax Web 8.0.26 and 9.0.15 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new bugfix releases of Pax Web: 8.0.26 and 9.0.15.
Current runtime versions are:
- Jetty 9.4.54.v20240208 (8.0.x) and 10.0.20 (9.0.x)
- Tomcat 9.0.86
- Undertow 2.2.30.Final
There's also one fix for a problem reported by Ivaylo Milev about
non-working "org.ops4j.pax.web.session.cookie.secure" option.
For completeness, the changelogs are available for 8.0.26[1] and 9.0.15[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/258?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/259?closed=1
[ANN] Pax Web 8.0.25 and 9.0.14 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new bugfix releases of Pax Web: 8.0.25 and 9.0.14.
Current runtime versions are:
- Jetty 9.4.53.v20231009 (8.0.x) and 10.0.19 (9.0.x)
- Tomcat 9.0.85
- Undertow 2.2.28.Final
There's one fix for a problem reported by @liao-qing-hua that
"org.ops4j.pax.web.session.timeout" option was ignored.
For completeness, the changelogs are available for 8.0.25[1] and 9.0.14[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/256?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/257?closed=1
[ANN] Pax Web 8.0.24 and 9.0.13 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new bugfix releases of Pax Web: 8.0.24 and 9.0.13.
Current runtime versions are:
- Jetty 9.4.53.v20231009 (8.0.x) and 10.0.17 (9.0.x)
- Tomcat 9.0.82
- Undertow 2.2.28.Final
There's one fix for a problem reported by Amichai Rothman as
https://issues.apache.org/jira/browse/KARAF-7773. It is a case where
- dynamic filters registered by ServletContextListeners are not
destroyed by Jetty
- ServletContextListeners are not removed during WAB undeployment
For completeness, the changelogs are available for 8.0.24[1] and 9.0.13[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/254?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/255?closed=1
[ANN] Pax Web 8.0.23 and 9.0.12 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.23 and 9.0.12.
Current runtime versions are:
- Jetty 9.4.53.v20231009 (8.0.x) and 10.0.17 (9.0.x)
- Tomcat 9.0.82
- Undertow 2.2.28.Final
These are important fixes related to recent CVE-2023-44487: HTTP/2 Rapid
Reset Attack <https://nvd.nist.gov/vuln/detail/CVE-2023-44487>.
There's also a minor QoL improvements/fixes:
- OSGi security (ServletContextHelper.handleSecurity()) - user was not
visible in access log (thanks François de Parscau!)
- Keycloak 19+ (up to 22) integration was not complete
- Additional Tomcat valves (from context.xml) were removed on restart
(thanks Stephan Siano!)
- ServletContext.getServletContextName() returned wrong value for WABs
(thanks Amichai Rothman!)
For completeness, the changelogs are available for 8.0.23[1] and 9.0.12[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/252?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/253?closed=1
[ANN] Pax Web 8.0.22 and 9.0.11 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.22 and 9.0.11.
Current runtime versions are:
- Jetty 9.4.52.v20230823 (8.0.x) and 10.0.16 (9.0.x)
- Tomcat 9.0.80
- Undertow 2.2.26.Final
There's also a minor fix related to "secure" flag for a connector
(connector WAS secure, but it was displayed as normal).
For completeness, the changelogs are available for 8.0.22[1] and 9.0.11[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/249?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/250?closed=1
[ANN] Pax Web 8.0.21 and 9.0.10 released (was: [ANN] Pax Web 8.0.20 and 9.0.9 released)
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Sorry for wrong subject line (forward of previous ANN email...)
śr., 26 lip 2023 o 16:48 Grzegorz Grzybek <gr...@gmail.com> napisał(a):
> Hello
>
> I'd like to announce new minor releases of Pax Web: 8.0.21 and 9.0.10.
>
> Current runtime versions are:
>
> - Jetty 9.4.51.v20230217 (8.0.x) and 10.0.15 (9.0.x)
> - Tomcat 9.0.78
> - Undertow 2.2.25.Final
>
> For completeness, the changelogs are available for 8.0.21[1] and 9.0.10[2].
>
> kind regards
> Grzegorz Grzybek
> ===
> [1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/247?closed=1
> [2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/248?closed=1
>
>
Fwd: [ANN] Pax Web 8.0.20 and 9.0.9 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.21 and 9.0.10.
Current runtime versions are:
- Jetty 9.4.51.v20230217 (8.0.x) and 10.0.15 (9.0.x)
- Tomcat 9.0.78
- Undertow 2.2.25.Final
For completeness, the changelogs are available for 8.0.21[1] and 9.0.10[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/247?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/248?closed=1
[ANN] Pax Web 8.0.20 and 9.0.9 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.20 and 9.0.9.
Current runtime versions are:
- Jetty 9.4.51.v20230217 (8.0.x) and 10.0.15 (9.0.x)
- Tomcat 9.0.74
- Undertow 2.2.24.Final
There's one important change. Johannes Utzig reported slow deployment times
in real-world, complex Karaf installation. He found that WAB deployment
involved "scanning" of all transitive bundles, while in fact the proper way
to scan a WAB is to scan:
- /WEB-INF/classes and /WEB-INF/*.jar of the WAB - or generally - all
WAB's entries from Bundle-ClassPath manifest
- all attached WAB OSGi bundle fragments
- all bundles "wired" to the WAB (and its fragments) using
Import-Package, Require-Bundle and "osgi.extender" namespace
The scanning however should NOT be transitive (because otherwise we can
reach thousands of bundles).
Also, this release, together with Pax URL 2.6.14 *fully passes official
OSGi CMPN TCK for Web Applications specification!* (OSGi CMPN chapter 128).
For completeness, the changelogs is available for 8.0.20[1] and 9.0.9[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/245?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/246?closed=1
[ANN] Pax Web 8.0.19 and 9.0.8 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.19 and 9.0.8.
Current runtime versions are:
- Jetty 9.4.51.v20230217 (8.0.x) and 10.0.14 (9.0.x)
- Tomcat 9.0.73
- Undertow 2.2.23.Final
Besides single improvement (allow custom Tomcat Server implementation -
thanks Mathias Schwaninger!), this release is a step toward OSGi CMPN TCK
compliance.
I was experimenting with public TCK tests from https://github.com/osgi/osgi/
project (only CPMN Web Applications specification for now) and 136 tests
pass out of 138 (I've created osgi/osgi issues for the two remaining tests).
I'm going to check Whiteboard and HttpService TCK tests soon.
For completeness, the changelogs is available for 8.0.19[1] and 9.0.8[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/243?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/244?closed=1
[ANN] Pax Web 8.0.18 and 9.0.7 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.18 and 9.0.7.
Current runtime versions are:
- Jetty 9.4.51.v20230217 (8.0.x) and 10.0.14 (9.0.x)
- Tomcat 9.0.73
- Undertow 2.2.23.Final
There's new Karaf feature called "pax-web-jetty-http2-extras" which
includes additional, client-side http2 Jetty bundles. And existing
"pax-web-jetty-extras" feature contains two additional Jetty bundles.
For completeness, the changelogs is available for 8.0.18[1] and 9.0.7[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/241?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/242?closed=1
[ANN] Pax Web 8.0.17 and 9.0.6 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.17 and 9.0.6. These
versions are tiny improvements over previous 8.0.16 and 9.0.5 releases.
Thanks to Maurice Betzel <https://github.com/Maurice-Betzel> we've
repackaged Keycloak 21 which has just been released too. So Pax Web will
support / package:
- Keycloak 18.0.x which still contains something called "Fuse Adapters"
(a.k.a. Pax Web Adapters)
- Current major upstream Keycloak upgrade which is now 21.0.0
Current runtime versions are still:
- Jetty 9.4.50.v20221201 (8.0.x) and 10.0.13 (9.0.x)
- Tomcat 9.0.72
- Undertow 2.2.23.Final
For completeness, the changelogs is available for 8.0.17[1] and 9.0.6[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/239?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/240?closed=1
[ANN] Pax Web 8.0.16 and 9.0.5 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.16 and 9.0.5.
Current runtime versions are:
- Jetty 9.4.50.v20221201 (8.0.x) and 10.0.13 (9.0.x)
- Tomcat 9.0.72
- Undertow 2.2.23.Final
Another corner case was solved when WAB, Whiteboard and HttpService
registered web elements were registered into the same target context (a
case originally called "Where is JSF Support?").
A feature from Pax Web 7 is back - now both WebContainer (an extension to
standard HttpService) and Whiteboard (this is new - there was no such
option in Pax Web 7) can be used to register security configuration:
- login config
- security constraints
- security roles
A new whiteboard-security sample was added here:
https://github.com/ops4j/org.ops4j.pax.web/tree/web-8.0.16/samples/samples-whiteboard/whiteboard-security
And finally I've reviewed Pax Web 7 support for Keycloak. In Pax Web 7 it
worked only in Undertow runtime (mostly due to problems on Keycloak side).
Now there are new Karaf features that ensure that Pax Web 8/9 can integrate
with Keycloak 18 (which contains something called "Fuse Adapters") and
Keycloak 20 (where "Fuse Adapters" were removed). These features are:
- pax-web-jetty-keycloak18
- pax-web-tomcat-keycloak18
- pax-web-undertow-keycloak18
- pax-web-jetty-keycloak20
- pax-web-tomcat-keycloak20
- pax-web-undertow-keycloak20
The "keycloak18" features are designed to work with Keycloak 18.0.x and
require this feature repository:
"mvn:org.keycloak/keycloak-osgi-features/18.0.3/xml/features"
The "keycloak20" features do NOT require Keycloak features (because
Keycloak 19 has them removed) and Pax Web itself repackages proper Keycloak
libraries (because not all of them are proper OSGi bundles).
If you want to know more about how I tested Pax Web with Keycloak, please
look at the readme files:
-
https://github.com/ops4j/org.ops4j.pax.web/blob/web-8.0.16/pax-web-keycloak18/readme.adoc
-
https://github.com/ops4j/org.ops4j.pax.web/blob/web-8.0.16/pax-web-keycloak20/readme.adoc
For completeness, the changelogs is available for 8.0.16[1] and 9.0.5[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/238?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/237?closed=1
[ANN] Pax Web 8.0.15 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor release of Pax Web: 8.0.15. It will be part
of Karaf 4.4.3.
- Kevin Schmidt helped to fix pax-web-jetty - org.eclipse.jetty.rewrite
import package was missing
- Kevan Jahanshahi found a problem with missing org.apache.xpath import
package for pax-web-jsp
All runtimes are updated:
- Jetty 9.4.50.v20221201
- Tomcat 9.0.70
- Undertow 2.2.22.Final
For completeness, the changelog is available for 8.0.15[1].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/236?closed=1
>
[ANN] Pax Web 8.0.14 and 9.0.4 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.14 and 9.0.4.
There's one, quite tricky problem resolved (thanks Oliver F. for your great
analysis!):
- there was an issue when WAB was wired to a service (backend) bundle
and this bundle was updated. This bundle had to register (Whiteboard or
HttpService) servlets into the same context as the WAB.
It was possible to detect it, because the WAB used "/" context path and CXF
(cxf-rt-transports-http) registers "/cxf" servlet into "/" path.
Current versions of runtimes are:
- Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
- Tomcat 9.0.69
- Undertow 2.2.21.Final
For completeness, the changelogs is available for 8.0.14[1] and 9.0.4[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/233?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/234?closed=1
[ANN] Pax Web 8.0.13 and 9.0.3 released
Posted by Grzegorz Grzybek <gr...@gmail.com>.
Hello
I'd like to announce new minor releases of Pax Web: 8.0.12 and 9.0.2.
There are three problems resolved:
- there was a little timing issue if a web element targeting default
whiteboard context was processed before the actual context was processed by
target runtime
- there was a problem getting named dispatcher for "default" name, when
a custom servlet from web.xml was using "/" mapping (thanks Prashanth
Ettaboina for the report!)
- ${karaf.etc}/jetty-web.xml was actually not processed even if declared
in ${karaf.etc}/org.ops4j.pax.web.cfg (thanks Oliver F. for the report!)
Tomcat runtime is upgraded and the current versions are:
- Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
- Tomcat 9.0.69
- Undertow 2.2.21.Final
For completeness, the changelogs is available for 8.0.13[1] and 9.0.3[2].
kind regards
Grzegorz Grzybek
===
[1]: https://github.com/ops4j/org.ops4j.pax.web/milestone/231?closed=1
[2]: https://github.com/ops4j/org.ops4j.pax.web/milestone/232?closed=1