You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ni...@apache.org on 2012/10/19 09:37:45 UTC
svn commit: r1399990 - /cxf/trunk/services/sts/sts-core/pom.xml
Author: ningjiang
Date: Fri Oct 19 07:37:45 2012
New Revision: 1399990
URL: http://svn.apache.org/viewvc?rev=1399990&view=rev
Log:
CXF-4585 Updated the cxf imports version range of sts-core bundle
Modified:
cxf/trunk/services/sts/sts-core/pom.xml
Modified: cxf/trunk/services/sts/sts-core/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/pom.xml?rev=1399990&r1=1399989&r2=1399990&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/pom.xml (original)
+++ cxf/trunk/services/sts/sts-core/pom.xml Fri Oct 19 07:37:45 2012
@@ -102,9 +102,9 @@
org.apache.cxf.sts.*;version=${project.version}
</Export-Package>
<Import-Package>
- org.apache.cxf.sts.provider.*;version=${project.version},
+ org.apache.cxf.sts.provider.*;version="[2.6,3)",
!org.apache.cxf.sts.*,
- org.apache.cxf.*;version=${project.version},
+ org.apache.cxf.*;version="[2.6,3)",
javax.xml.ws*;version="[0.0,3)",
org.springframework.ldap*;resolution:=optional,
*
Re: svn commit: r1399990 -
/cxf/trunk/services/sts/sts-core/pom.xml
Posted by Willem jiang <wi...@gmail.com>.
DefaultSecurityTokenServiceProvider need to use the cxf-rt-ws-security module.
If we remove the import package, it will cause some trouble for us to load the DefaultSecurityTokenServiceProvider.
On Friday, October 19, 2012 at 8:24 PM, Colm O hEigeartaigh wrote:
> > I'm also wondering why its importing org.apache.cxf.sts.provider which
>
>
> it's also exporting. Isn't that something it shouldn't be
> > doing? Colm, know why?
>
>
>
> No idea. At a guess it was put there to add the STS provider framework
> (should be "org.apache.cxf.ws.security.sts.provider") in the
> cxf-rt-ws-security module. But it can just be removed I think.
>
> Colm.
>
> On Fri, Oct 19, 2012 at 12:43 PM, Daniel Kulp <dkulp@apache.org (mailto:dkulp@apache.org)> wrote:
>
> >
> > I'm -1 to this change (and to the similar change done to the wsn stuff).
> > I KNOW the latest sts stuff doesn't work with 2.6.0 due to the security
> > enhancements done in 2.6.1. As we move forward, I'm 95% confident that
> > other security related things will prevent it from working in the future.
> >
> > I'm also wondering why its importing org.apache.cxf.sts.provider which
> > it's also exporting. Isn't that something it shouldn't be doing? Colm,
> > know why?
> >
> >
> > Dan
> >
> >
> >
> > On Oct 19, 2012, at 3:37 AM, ningjiang@apache.org (mailto:ningjiang@apache.org) wrote:
> >
> > > Author: ningjiang
> > > Date: Fri Oct 19 07:37:45 2012
> > > New Revision: 1399990
> > >
> > > URL: http://svn.apache.org/viewvc?rev=1399990&view=rev
> > > Log:
> > > CXF-4585 Updated the cxf imports version range of sts-core bundle
> > >
> > > Modified:
> > > cxf/trunk/services/sts/sts-core/pom.xml
> > >
> > > Modified: cxf/trunk/services/sts/sts-core/pom.xml
> > > URL:
> >
> >
> > http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/pom.xml?rev=1399990&r1=1399989&r2=1399990&view=diff
> >
> >
> > ==============================================================================
> > > --- cxf/trunk/services/sts/sts-core/pom.xml (original)
> > > +++ cxf/trunk/services/sts/sts-core/pom.xml Fri Oct 19 07:37:45 2012
> > > @@ -102,9 +102,9 @@
> >
> >
> > org.apache.cxf.sts.*;version=${project.version}
> > > </Export-Package>
> > > <Import-Package>
> > > -
> >
> >
> > org.apache.cxf.sts.provider.*;version=${project.version},
> > > +
> >
> >
> > org.apache.cxf.sts.provider.*;version="[2.6,3)",
> > > !org.apache.cxf.sts.*,
> > > - org.apache.cxf.*;version=${project.version},
> > > + org.apache.cxf.*;version="[2.6,3)",
> > > javax.xml.ws*;version="[0.0,3)",
> >
> >
> > org.springframework.ldap*;resolution:=optional,
> > > *
> >
> >
> >
> > --
> > Daniel Kulp
> > dkulp@apache.org - http://dankulp.com/blog
> > Talend Community Coder - http://coders.talend.com
>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
Re: svn commit: r1399990 - /cxf/trunk/services/sts/sts-core/pom.xml
Posted by Colm O hEigeartaigh <co...@apache.org>.
> I'm also wondering why its importing org.apache.cxf.sts.provider which
it's also exporting. Isn't that something it shouldn't be
> doing? Colm, know why?
No idea. At a guess it was put there to add the STS provider framework
(should be "org.apache.cxf.ws.security.sts.provider") in the
cxf-rt-ws-security module. But it can just be removed I think.
Colm.
On Fri, Oct 19, 2012 at 12:43 PM, Daniel Kulp <dk...@apache.org> wrote:
>
> I'm -1 to this change (and to the similar change done to the wsn stuff).
> I KNOW the latest sts stuff doesn't work with 2.6.0 due to the security
> enhancements done in 2.6.1. As we move forward, I'm 95% confident that
> other security related things will prevent it from working in the future.
>
> I'm also wondering why its importing org.apache.cxf.sts.provider which
> it's also exporting. Isn't that something it shouldn't be doing? Colm,
> know why?
>
>
> Dan
>
>
>
> On Oct 19, 2012, at 3:37 AM, ningjiang@apache.org wrote:
>
> > Author: ningjiang
> > Date: Fri Oct 19 07:37:45 2012
> > New Revision: 1399990
> >
> > URL: http://svn.apache.org/viewvc?rev=1399990&view=rev
> > Log:
> > CXF-4585 Updated the cxf imports version range of sts-core bundle
> >
> > Modified:
> > cxf/trunk/services/sts/sts-core/pom.xml
> >
> > Modified: cxf/trunk/services/sts/sts-core/pom.xml
> > URL:
> http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/pom.xml?rev=1399990&r1=1399989&r2=1399990&view=diff
> >
> ==============================================================================
> > --- cxf/trunk/services/sts/sts-core/pom.xml (original)
> > +++ cxf/trunk/services/sts/sts-core/pom.xml Fri Oct 19 07:37:45 2012
> > @@ -102,9 +102,9 @@
> >
> org.apache.cxf.sts.*;version=${project.version}
> > </Export-Package>
> > <Import-Package>
> > -
> org.apache.cxf.sts.provider.*;version=${project.version},
> > +
> org.apache.cxf.sts.provider.*;version="[2.6,3)",
> > !org.apache.cxf.sts.*,
> > - org.apache.cxf.*;version=${project.version},
> > + org.apache.cxf.*;version="[2.6,3)",
> > javax.xml.ws*;version="[0.0,3)",
> >
> org.springframework.ldap*;resolution:=optional,
> > *
> >
> >
>
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: svn commit: r1399990 -
/cxf/trunk/services/sts/sts-core/pom.xml
Posted by Willem jiang <wi...@gmail.com>.
Hi Dan,
I'm sorry, I just saw the mail.
For the wsn service stuff, as it is not tied with CXF version which we ship, so it should be fine.
I will revert the sts-service part, as it could introduce some security related issue.
--
Willem Jiang
Red Hat, Inc.
FuseSource is now part of Red Hat
Web: http://www.fusesource.com | http://www.redhat.com
Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) (English)
http://jnn.javaeye.com (http://jnn.javaeye.com/) (Chinese)
Twitter: willemjiang
Weibo: willemjiang
On Friday, October 19, 2012 at 7:43 PM, Daniel Kulp wrote:
>
> I'm -1 to this change (and to the similar change done to the wsn stuff). I KNOW the latest sts stuff doesn't work with 2.6.0 due to the security enhancements done in 2.6.1. As we move forward, I'm 95% confident that other security related things will prevent it from working in the future.
>
> I'm also wondering why its importing org.apache.cxf.sts.provider which it's also exporting. Isn't that something it shouldn't be doing? Colm, know why?
>
>
> Dan
>
>
>
> On Oct 19, 2012, at 3:37 AM, ningjiang@apache.org (mailto:ningjiang@apache.org) wrote:
>
> > Author: ningjiang
> > Date: Fri Oct 19 07:37:45 2012
> > New Revision: 1399990
> >
> > URL: http://svn.apache.org/viewvc?rev=1399990&view=rev
> > Log:
> > CXF-4585 Updated the cxf imports version range of sts-core bundle
> >
> > Modified:
> > cxf/trunk/services/sts/sts-core/pom.xml
> >
> > Modified: cxf/trunk/services/sts/sts-core/pom.xml
> > URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/pom.xml?rev=1399990&r1=1399989&r2=1399990&view=diff
> > ==============================================================================
> > --- cxf/trunk/services/sts/sts-core/pom.xml (original)
> > +++ cxf/trunk/services/sts/sts-core/pom.xml Fri Oct 19 07:37:45 2012
> > @@ -102,9 +102,9 @@
> > org.apache.cxf.sts.*;version=${project.version}
> > </Export-Package>
> > <Import-Package>
> > - org.apache.cxf.sts.provider.*;version=${project.version},
> > + org.apache.cxf.sts.provider.*;version="[2.6,3)",
> > !org.apache.cxf.sts.*,
> > - org.apache.cxf.*;version=${project.version},
> > + org.apache.cxf.*;version="[2.6,3)",
> > javax.xml.ws*;version="[0.0,3)",
> > org.springframework.ldap*;resolution:=optional,
> > *
>
>
>
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
Re: svn commit: r1399990 - /cxf/trunk/services/sts/sts-core/pom.xml
Posted by Daniel Kulp <dk...@apache.org>.
I'm -1 to this change (and to the similar change done to the wsn stuff). I KNOW the latest sts stuff doesn't work with 2.6.0 due to the security enhancements done in 2.6.1. As we move forward, I'm 95% confident that other security related things will prevent it from working in the future.
I'm also wondering why its importing org.apache.cxf.sts.provider which it's also exporting. Isn't that something it shouldn't be doing? Colm, know why?
Dan
On Oct 19, 2012, at 3:37 AM, ningjiang@apache.org wrote:
> Author: ningjiang
> Date: Fri Oct 19 07:37:45 2012
> New Revision: 1399990
>
> URL: http://svn.apache.org/viewvc?rev=1399990&view=rev
> Log:
> CXF-4585 Updated the cxf imports version range of sts-core bundle
>
> Modified:
> cxf/trunk/services/sts/sts-core/pom.xml
>
> Modified: cxf/trunk/services/sts/sts-core/pom.xml
> URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/pom.xml?rev=1399990&r1=1399989&r2=1399990&view=diff
> ==============================================================================
> --- cxf/trunk/services/sts/sts-core/pom.xml (original)
> +++ cxf/trunk/services/sts/sts-core/pom.xml Fri Oct 19 07:37:45 2012
> @@ -102,9 +102,9 @@
> org.apache.cxf.sts.*;version=${project.version}
> </Export-Package>
> <Import-Package>
> - org.apache.cxf.sts.provider.*;version=${project.version},
> + org.apache.cxf.sts.provider.*;version="[2.6,3)",
> !org.apache.cxf.sts.*,
> - org.apache.cxf.*;version=${project.version},
> + org.apache.cxf.*;version="[2.6,3)",
> javax.xml.ws*;version="[0.0,3)",
> org.springframework.ldap*;resolution:=optional,
> *
>
>
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com