You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "moshiko kasirer (JIRA)" <ji...@apache.org> on 2015/04/06 15:43:12 UTC
[jira] [Commented] (CXF-6237) CXF 3.0.3 rt-security has problems
working with latest open saml version (2.6.1)
[ https://issues.apache.org/jira/browse/CXF-6237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14481222#comment-14481222 ]
moshiko kasirer commented on CXF-6237:
--------------------------------------
HI any news about an official release of 2.0.4 ?
> CXF 3.0.3 rt-security has problems working with latest open saml version (2.6.1)
> --------------------------------------------------------------------------------
>
> Key: CXF-6237
> URL: https://issues.apache.org/jira/browse/CXF-6237
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security, WS-* Components
> Affects Versions: 3.0.3
> Reporter: moshiko kasirer
> Assignee: Colm O hEigeartaigh
> Attachments: OpenSamlTestingFailsWithNewXmlSec.docx
>
>
> Hi,
> CXF-rt-ws-security 3.0.3 is working with wss4j of version:
> <cxf.wss4j.version>2.0.2</cxf.wss4j.version>
> an xmlsec version of version:
> <cxf.xmlsec.bundle.version>2.0.2</cxf.xmlsec.bundle.version>
> and open SAML of version:
> <cxf.opensaml.version>2.6.1</cxf.opensaml.version>
> that is problematic as from one hand CXF 3.0.3 is dependent on XMLSEC version 2.*+ and throws multiple no method exist exceptions when working with 1.5.5* XMLSEC versions
> and on the other hand the latest open SAML which is the CXF open saml version (2.6.1) fails on validating the SAML token when working with XMLSEC version 2.*
> so actually when working with both CXF 3 and OPEN SAML 2.6.1
> this will happen
> when working with xmlsec 1.5.* OPEN SAML works CXF fails
> when working with xmlsec 2.0.* CXF works OPEN SAML fails...
> you can see under open saml 2.6.1 that it holds xmlsec version 1.5.6 which is overrided by CXF and wss4j (2.0.2)
> can you please help me figure out a way to overcome this issue?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)