You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by dk...@apache.org on 2019/10/31 14:36:06 UTC

[ws-wss4j] 05/07: Added tag for 1.5.5-RC2

This is an automated email from the ASF dual-hosted git repository.

dkulp pushed a commit to annotated tag 1_5_5
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git

commit 97723197d0b384db093a845eaf3b3ba61d5e6113
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Jan 14 18:37:18 2009 +0000

    Added tag for 1.5.5-RC2
---
 ChangeLog.txt            | 30 +++++++++++++++--
 contrib/wss4j-release.sh | 87 ++++++++++++++++++++++++++++++++++++++++++++++++
 pom.xml                  |  3 +-
 3 files changed, 116 insertions(+), 4 deletions(-)

diff --git a/ChangeLog.txt b/ChangeLog.txt
index db778eb..09ab5c4 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -9,18 +9,33 @@ Release 1.5.5
 =============
 
 ** Bug
+
     * [WSS-42] - java.lang.NoClassDefFoundError: org/apache/xml/security/encryption/XMLEncryptionException
+    * [WSS-60] - Problems when SOAP envelope namespace prefix is null
+    * [WSS-62] - the crypto file not being retrieved in the doReceiverAction method for the Saml Signed Token
+    * [WSS-86] - CryptoBase.splitAndTrim does not take into account the format of a DN constructed by different providers
+    * [WSS-87] - CryptoBase.getAliasForX509Cert(String, BigInteger) fails when issuer string contains OIDs
     * [WSS-94] - Security Breach : The client certificate signature is not verified if the serial number is known in the keystore
+    * [WSS-111] - Some work on UsernameToken derived keys
     * [WSS-121] - Bug in default value for SAML issuer class property
     * [WSS-126] - SignatureProcessor:verifyXMLSignature method - Crypto object can have null values in the following scenario but it throws an Exception if the Crypto object is null
+    * [WSS-127] - No way of signing with UsernameToken without sending the password
     * [WSS-129] - Couple places where "cause" of WSSecurityException not set
     * [WSS-133] - Method and variable misspellings fixed
     * [WSS-140] - WSSecEncryptedKey produces EncryptedKey element with invalid Id attribute
     * [WSS-141] - handleUsernameToken gives too much information. Can be used to deternine if a username exists or not
     * [WSS-142] - We ship opensaml 1.0.1 even though we use opensaml 1.1 in maven
     * [WSS-149] - AbstractCrypto requires org.apache.ws.security.crypto.merlin.file to be set and point to an existing file
+    * [WSS-151] - Password type in UsernameToken not deserialized correctly
+    * [WSS-152] - Problem with processing Username Tokens with no password type
+    * [WSS-153] - Signature confirmation of multiple signatures doesn't work
+
 ** Improvement
+
+    * [WSS-79] - Compatibility issue with weblogic wsse
     * [WSS-85] - Better exception handling in the crypto (e.g. no e.printStackTrace())
+    * [WSS-110] - Add OSGi entries to jar manifest.
+    * [WSS-118] - Support for SAML 1.1 SecurityTokenReferences in /org/apache/ws/security/processor/DerivedKeyTokenProcessor
     * [WSS-122] - Some fixes for the website
     * [WSS-123] - 1.5.4 requires opensaml jar, older versions did not
     * [WSS-125] - Upgrade BouncyCastle version
@@ -30,13 +45,24 @@ Release 1.5.5
     * [WSS-138] - Add Nabble to site mailing list page
     * [WSS-145] - Problem in upgrading to xml-sec 1.4.2
     * [WSS-150] - Upgrade to XALAN 2.7.1
-* New Feature
+    * [WSS-154] - Allow WSSConfig injection in WSHandler and improve WSSConfig for injection of Processors instances
+
+** New Feature
+
     * [WSS-23] - no way to programmatically set crypto.properties
-* Task
+
+** Task
+
     * [WSS-124] - Get maven dependencies pushed to central
     * [WSS-132] - TestWSSecurityX509v1 failing
     * [WSS-144] - Remove tab characters from WSS4J files
 
+** Wish
+
+    * [WSS-75] - remove dependency on xalan because it gets in the way of trax resolution
+    * [WSS-91] - carriage return/line feed in the security header
+
+
 Release 1.5.4
 =============
 
diff --git a/contrib/wss4j-release.sh b/contrib/wss4j-release.sh
new file mode 100755
index 0000000..531e8e6
--- /dev/null
+++ b/contrib/wss4j-release.sh
@@ -0,0 +1,87 @@
+#!/bin/sh
+#
+# Copyright (c) The Apache Software Foundation.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+if [ -z "${WSS4J_SRC_ROOT}" ]
+then
+    echo "Assuming WSS4J source tree is the CWD..."
+    WSS4J_SRC_ROOT=.
+fi
+if [ -z "${WSS4J_VERSION}" ]
+then
+    WSS4J_VERSION=SNAPSHOT
+    echo "Setting WSS4J_VERSION to ${WSS4J_VERSION}"
+fi
+if [ -z "${WSS4J_STAGE_ROOT}" ]
+then
+    WSS4J_STAGE_ROOT=/tmp/$(id -u -nr)/stage_wss4j/${WSS4J_VERSION}
+    echo "Setting WSS4J_STAGE_ROOT to ${WSS4J_STAGE_ROOT}"
+fi
+if [ -z "${M2_REPO}" ]
+then
+    M2_REPO=$HOME/.m2/repository
+    echo "Setting M2_REPO to ${M2_REPO}"
+fi
+#
+# set up the staging area
+#
+rm -rf ${WSS4J_STAGE_ROOT}
+mkdir -p ${WSS4J_STAGE_ROOT}/dist
+mkdir -p ${WSS4J_STAGE_ROOT}/maven/org/apache/ws/security/wss4j/${WSS4J_VERSION}
+#
+# Build and stage the distribution using ant
+#
+cd ${WSS4J_SRC_ROOT}
+ant clean
+ant dist || exit 1
+cp -r dist/* ${WSS4J_STAGE_ROOT}/dist
+#
+# Build and stage through maven; copy the Jartifact built by Maven to the dist
+# Since we build and test with ant, we use the ant-built JAR as the version of
+# the artifact we'll use in maven.
+#
+# All this will get fixed when we move to maven throughout.
+#
+mvn clean || exit 1
+mvn -Prelease,jdk14 install || exit 1
+mkdir -p ${WSS4J_STAGE_ROOT}/maven/org/apache/ws/security/wss4j/
+cp -r ${M2_REPO}/org/apache/ws/security/wss4j/${WSS4J_VERSION} ${WSS4J_STAGE_ROOT}/maven/org/apache/ws/security/wss4j
+cp -f ${WSS4J_STAGE_ROOT}/build/wss4j-${WSS4J_VERSION}.jar ${M2_REPO}/org/apache/ws/security/wss4j/${WSS4J_VERSION}
+#
+# Sign and hash the release bits
+#
+cd ${WSS4J_STAGE_ROOT}/dist
+for i in *
+do
+    gpg --detach-sign --armor $i
+    gpg --verify $i.asc
+done
+cd ${WSS4J_STAGE_ROOT}/maven/org/apache/ws/security/wss4j/${WSS4J_VERSION}
+for i in *
+do
+    gpg --detach-sign --armor $i
+    gpg --verify $i.asc
+done
+for i in *.jar *.pom
+do
+    md5 -q $i > $i.md5
+done
+#
+# Build the web site
+#
+cd ${WSS4J_SRC_ROOT}
+mvn site || exit 1
+cp -r target/site ${WSS4J_STAGE_ROOT}/site
+
diff --git a/pom.xml b/pom.xml
index 66d9cc6..b417255 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,8 +7,7 @@
     <artifactId>wss4j</artifactId>
     <packaging>bundle</packaging>
     <name>WSS4J</name>
-    <!-- <version>1.5.4</version> -->
-    <version>1.5.5-SNAPSHOT</version>
+    <version>1.5.5-RC2</version>
     <description>
         Apache WSS4J is an implementation of the Web Services Security
         (WS-Security) being developed at OASIS Web Services Security TC.