You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cxf.apache.org by Colm O hEigeartaigh <co...@apache.org> on 2012/02/15 14:01:48 UTC
Re: svn commit: r1244464 - in /cxf/branches/2.4.x-fixes:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/
rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/ rt/ws/security/src/test/resources/org/apache/cxf/ws/secur
It could do, but in that case the existing applications are using
policies that are not compliant with the WS-SecurityPolicy 1.2 or 1.3
specs. I don't have a strong opinion about it though, I can revert on
2.4.x if you want.
Colm.
On Wed, Feb 15, 2012 at 12:42 PM, Daniel Kulp <dk...@apache.org> wrote:
>
>
> Colm,
>
> I'm a bit concerned about pushing this back onto the 2.4 branch (slightly
> less concerned about 2.5). This could cause existing applications to stop
> working as they may have policies that don't meet the stricter parsing.
>
> Right?
>
> Dan
>
>
> On Wednesday, February 15, 2012 12:37:35 PM coheigea@apache.org wrote:
>> Author: coheigea
>> Date: Wed Feb 15 12:37:34 2012
>> New Revision: 1244464
>>
>> URL: http://svn.apache.org/viewvc?rev=1244464&view=rev
>> Log:
>> Adding stricter SecurityPolicy parsing
>>
>> Conflicts:
>>
>>
> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X50
>> 9TokenBuilder.java
>>
>>
>> Conflicts:
>>
>>
> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/Asy
>> mmetricBindingBuilder.java
>> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/Sym
>> metricBindingBuilder.java
>> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X50
>> 9TokenBuilder.java
>> systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/policy/cl
>> ient/client.xml
>> systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/policy/se
>> rver/server.xml
>>
>> Modified:
>>
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/AlgorithmSuiteBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/AsymmetricBindingBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/EncryptedPartsBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/HttpsTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/IssuedTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/KerberosTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/KeyValueTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/LayoutBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/RequiredPartsBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/SamlTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/SecureConversationTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/SecurityContextTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/SignedPartsBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/SpnegoContextTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/SymmetricBindingBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/TransportBindingBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/UsernameTokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>> urity/policy/builders/X509TokenBuilder.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/sec
>> urity/wss4j/PolicyBasedWss4JInOutTest.java
>> cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/w
>> s/security/wss4j/signed_elements_with_sst_issued_token_policy.xml
>> cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/resources/o
>> rg/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl
>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>> /cxf/systest/ws/kerberos/DoubleItKerberos.wsdl
>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>> /cxf/systest/ws/saml/DoubleItSaml.wsdl
>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>> /cxf/systest/ws/saml/client/client.xml
>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>> /cxf/systest/ws/saml/server/server.xml
>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>> /cxf/systest/ws/ut/DoubleItUt.wsdl
>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>> /cxf/systest/ws/ut/client/client.xml
>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>> /cxf/systest/ws/ut/server/server.xml
>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>> /cxf/systest/ws/x509/DoubleItX509.wsdl
>>
>> Modified:
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: svn commit: r1244464 - in /cxf/branches/2.4.x-fixes: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/ rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/ rt/ws/security/src/test/resources/org/apache/cxf/ws/secur
Posted by Daniel Kulp <dk...@apache.org>.
On Wednesday, February 15, 2012 1:19:14 PM Colm O hEigeartaigh wrote:
> Actually on thinking about this a bit more, I'll revert on 2.4 and 2.5.
>
Thanks. I think that's the right choice.
Can you add a note to the "Runtime Changes" section at:
http://cxf.apache.org/docs/26-migration-guide.html
describing the stricter compliance checking? Thanks!
Dan
> Colm.
>
> On Wed, Feb 15, 2012 at 1:01 PM, Colm O hEigeartaigh
>
> <co...@apache.org> wrote:
> > It could do, but in that case the existing applications are using
> > policies that are not compliant with the WS-SecurityPolicy 1.2 or 1.3
> > specs. I don't have a strong opinion about it though, I can revert on
> > 2.4.x if you want.
> >
> > Colm.
> >
> > On Wed, Feb 15, 2012 at 12:42 PM, Daniel Kulp <dk...@apache.org> wrote:
> >> Colm,
> >>
> >> I'm a bit concerned about pushing this back onto the 2.4 branch
> >> (slightly
> >> less concerned about 2.5). This could cause existing applications to
> >> stop working as they may have policies that don't meet the stricter
> >> parsing.
> >>
> >> Right?
> >>
> >> Dan
> >>
> >> On Wednesday, February 15, 2012 12:37:35 PM coheigea@apache.org wrote:
> >>> Author: coheigea
> >>> Date: Wed Feb 15 12:37:34 2012
> >>> New Revision: 1244464
> >>>
> >>> URL: http://svn.apache.org/viewvc?rev=1244464&view=rev
> >>> Log:
> >>> Adding stricter SecurityPolicy parsing
> >>
> >>> Conflicts:
> >> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X
> >> 50
> >>
> >>> 9TokenBuilder.java
> >>
> >>> Conflicts:
> >> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/A
> >> sy
> >>
> >>> mmetricBindingBuilder.java
> >>> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/
> >>> Sym
> >>> metricBindingBuilder.java
> >>> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/
> >>> X50
> >>> 9TokenBuilder.java
> >>> systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/policy
> >>> /cl
> >>> ient/client.xml
> >>> systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/policy
> >>> /se
> >>> rver/server.xml
> >>>
> >>> Modified:
> >>>
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/AlgorithmSuiteBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/AsymmetricBindingBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/EncryptedPartsBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/HttpsTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/IssuedTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/KerberosTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/KeyValueTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/LayoutBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/RequiredPartsBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/SamlTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/SecureConversationTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/SecurityContextTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/SignedPartsBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/SpnegoContextTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/SymmetricBindingBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/TransportBindingBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/UsernameTokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/policy/builders/X509TokenBuilder.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/
> >>> sec
> >>> urity/wss4j/PolicyBasedWss4JInOutTest.java
> >>> cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cx
> >>> f/w
> >>> s/security/wss4j/signed_elements_with_sst_issued_token_policy.xml
> >>> cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/resource
> >>> s/o
> >>> rg/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl
> >>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa
> >>> che
> >>> /cxf/systest/ws/kerberos/DoubleItKerberos.wsdl
> >>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa
> >>> che
> >>> /cxf/systest/ws/saml/DoubleItSaml.wsdl
> >>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa
> >>> che
> >>> /cxf/systest/ws/saml/client/client.xml
> >>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa
> >>> che
> >>> /cxf/systest/ws/saml/server/server.xml
> >>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa
> >>> che
> >>> /cxf/systest/ws/ut/DoubleItUt.wsdl
> >>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa
> >>> che
> >>> /cxf/systest/ws/ut/client/client.xml
> >>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa
> >>> che
> >>> /cxf/systest/ws/ut/server/server.xml
> >>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa
> >>> che
> >>> /cxf/systest/ws/x509/DoubleItX509.wsdl
> >>
> >>> Modified:
> >> --
> >> Daniel Kulp
> >> dkulp@apache.org - http://dankulp.com/blog
> >> Talend Community Coder - http://coders.talend.com
> >
> > --
> > Colm O hEigeartaigh
> >
> > Talend Community Coder
> > http://coders.talend.com
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
Re: svn commit: r1244464 - in /cxf/branches/2.4.x-fixes:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/
rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/ rt/ws/security/src/test/resources/org/apache/cxf/ws/secur
Posted by Colm O hEigeartaigh <co...@apache.org>.
Actually on thinking about this a bit more, I'll revert on 2.4 and 2.5.
Colm.
On Wed, Feb 15, 2012 at 1:01 PM, Colm O hEigeartaigh
<co...@apache.org> wrote:
> It could do, but in that case the existing applications are using
> policies that are not compliant with the WS-SecurityPolicy 1.2 or 1.3
> specs. I don't have a strong opinion about it though, I can revert on
> 2.4.x if you want.
>
> Colm.
>
> On Wed, Feb 15, 2012 at 12:42 PM, Daniel Kulp <dk...@apache.org> wrote:
>>
>>
>> Colm,
>>
>> I'm a bit concerned about pushing this back onto the 2.4 branch (slightly
>> less concerned about 2.5). This could cause existing applications to stop
>> working as they may have policies that don't meet the stricter parsing.
>>
>> Right?
>>
>> Dan
>>
>>
>> On Wednesday, February 15, 2012 12:37:35 PM coheigea@apache.org wrote:
>>> Author: coheigea
>>> Date: Wed Feb 15 12:37:34 2012
>>> New Revision: 1244464
>>>
>>> URL: http://svn.apache.org/viewvc?rev=1244464&view=rev
>>> Log:
>>> Adding stricter SecurityPolicy parsing
>>>
>>> Conflicts:
>>>
>>>
>> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X50
>>> 9TokenBuilder.java
>>>
>>>
>>> Conflicts:
>>>
>>>
>> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/Asy
>>> mmetricBindingBuilder.java
>>> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/Sym
>>> metricBindingBuilder.java
>>> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X50
>>> 9TokenBuilder.java
>>> systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/policy/cl
>>> ient/client.xml
>>> systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/policy/se
>>> rver/server.xml
>>>
>>> Modified:
>>>
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/AlgorithmSuiteBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/AsymmetricBindingBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/EncryptedPartsBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/HttpsTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/IssuedTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/KerberosTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/KeyValueTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/LayoutBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/RequiredPartsBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/SamlTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/SecureConversationTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/SecurityContextTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/SignedPartsBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/SpnegoContextTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/SymmetricBindingBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/TransportBindingBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/UsernameTokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/sec
>>> urity/policy/builders/X509TokenBuilder.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/sec
>>> urity/wss4j/PolicyBasedWss4JInOutTest.java
>>> cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cxf/w
>>> s/security/wss4j/signed_elements_with_sst_issued_token_policy.xml
>>> cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/resources/o
>>> rg/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl
>>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>>> /cxf/systest/ws/kerberos/DoubleItKerberos.wsdl
>>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>>> /cxf/systest/ws/saml/DoubleItSaml.wsdl
>>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>>> /cxf/systest/ws/saml/client/client.xml
>>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>>> /cxf/systest/ws/saml/server/server.xml
>>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>>> /cxf/systest/ws/ut/DoubleItUt.wsdl
>>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>>> /cxf/systest/ws/ut/client/client.xml
>>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>>> /cxf/systest/ws/ut/server/server.xml
>>> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apache
>>> /cxf/systest/ws/x509/DoubleItX509.wsdl
>>>
>>> Modified:
>> --
>> Daniel Kulp
>> dkulp@apache.org - http://dankulp.com/blog
>> Talend Community Coder - http://coders.talend.com
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com