You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by GitBox <gi...@apache.org> on 2020/09/12 21:21:05 UTC
[GitHub] [santuario-xml-security-java] peterdemaeyer opened a new pull request #8: Made order of output processors in a chain deterministic and intuitive
peterdemaeyer opened a new pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-737701161
Thanks f@coheigea, that was the problem indeed: the version of WSS4J was wrong.
I'm sure I had changed it at some point, but my change probably got lost lost when I pulled or something.
Such a rookie mistake, I feel silly for not having checked that sooner, but anyway, I'm on the right track again and I'll finish up in the coming days (hopefully).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-737701161
Thanks f@coheigea, that was the problem indeed: the version of WSS4J was wrong.
I'm sure I had changed it at some point, but my change probably got lost lost when I pulled or something.
Suck a rookie mistake, I feel silly for not having checked that sooner, but anyway, I'm on the right track again and I'll finish up in the coming days (hopefully).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-696037507
@peterdemaeyer Many thanks, however there are still some problems. WSS4J feeds into Apache CXF, which actually has most of the more complicated streaming WS-Security tests. And the PR is still causing tests to fail there:
`[ERROR] Errors:
[ERROR] WSSCTest.testSecureConversation:305 Error doing ADC-ES_IPingService
[ERROR] WSSCTest.testSecureConversation:305 Error doing _AD-ES_IPingService
[ERROR] WSSecurity111Test.testClientServer:178->WSSecurity11Common.runClientServer:81 » SOAPFault
[ERROR] X509TokenTest.testKeyIdentifierEncryptBeforeSigningDerived:274 » SOAPFault A s...
[INFO]
`
To reproduce clone Apache CXF, and update the parent/pom.xml:
`
<cxf.wss4j.version>2.4.0-SNAPSHOT</cxf.wss4j.version>
<cxf.xmlsec.bundle.version>2.3.0-SNAPSHOT</cxf.xmlsec.bundle.version>
`
Then do: mvn clean install -DskipTests and then run the tests in systests/ws-security
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703817548
When I change cxf.wss4j.version=2.4.0-SNAPSHOT in the parent/pom.xml,
"mvn clean install -DskipTests" fails on Apache CXF Karaf Features:
```
...
[INFO] Apache CXF STS test OSGi deployment ................ SUCCESS [ 0.472 s]
[INFO] Apache CXF Karaf Parent ............................ SUCCESS [ 0.030 s]
[INFO] Apache CXF Karaf Commands .......................... SUCCESS [ 0.391 s]
[INFO] Apache CXF WSN API ................................. SUCCESS [ 2.726 s]
[INFO] Apache CXF WSN Core ................................ SUCCESS [ 0.852 s]
[INFO] Apache CXF WSN OSGi ................................ SUCCESS [ 0.346 s]
[INFO] Apache CXF WS-Discovery API ........................ SUCCESS [ 2.317 s]
[INFO] Apache CXF WS-Discovery Service .................... SUCCESS [ 0.213 s]
[INFO] Apache CXF Karaf Features .......................... FAILURE [ 27.600 s]
[INFO] Apache CXF STS Integration Tests ................... SKIPPED
[INFO] Apache CXF Services ................................ SKIPPED
[INFO] Apache CXF STS service ............................. SKIPPED
[INFO] Apache CXF STS systests ............................ SKIPPED
[INFO] Apache CXF WSN service ............................. SKIPPED
[INFO] Apache CXF WS-Discovery ............................ SKIPPED
[INFO] Apache CXF XKMS Common ............................. SKIPPED
...
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 03:58 min
[INFO] Finished at: 2020-10-05T20:35:09+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.karaf.tooling:karaf-maven-plugin:4.2.9:verify (verify) on project apache-cxf: Verification failures: Verification failures:
[ERROR] Feature resolution failed for [cxf-ws-rm/3.4.1.SNAPSHOT]
[ERROR] Message: Unable to resolve root: missing requirement [root] osgi.identity; osgi.identity=cxf-ws-rm; type=karaf.feature; version=3.4.1.SNAPSHOT; filter:="(&(osgi.identity=cxf-ws-rm)(type=karaf.feature)(version>=3.4.1.SNAPSHOT))" [caused by: Unable to resolve cxf-ws-rm/3.4.1.SNAPSHOT: missing requirement [cxf-ws-rm/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=cxf-ws-security; type=karaf.feature; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]" [caused by: Unable to resolve cxf-ws-security/3.4.1.SNAPSHOT: missing requirement [cxf-ws-security/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=cxf-rt-security-saml; type=karaf.feature; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]" [caused by: Unable to resolve cxf-rt-security-saml/3.4.1.SNAPSHOT: missing requirement [cxf-rt-security-saml/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=org.apache.cxf.cxf-rt-security-saml; type=osgi.bundle; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]"; resolution:=mandatory [caused by: Unable to resolve org.apache.cxf.c
xf-rt-security-saml/3.4.1.SNAPSHOT: missing requirement [org.apache.cxf.cxf-rt-security-saml/3.4.1.SNAPSHOT] osgi.wiring.package; filter:="(&(osgi.wiring.package=org.apache.wss4j.common.principal)(version>=2.4.0)(!(version>=3.0.0)))" [caused by: Unable to resolve org.apache.wss4j.wss4j-ws-security-common/2.4.0.SNAPSHOT: missing requirement [org.apache.wss4j.wss4j-ws-security-common/2.4.0.SNAPSHOT] osgi.wiring.package; filter:="(&(osgi.wiring.package=org.apache.jcp.xml.dsig.internal.dom)(version>=2.3.0)(!(version>=3.0.0)))"]]]]]
[ERROR] Repositories: {
[ERROR] file:/home/peter/IdeaProjects/cxf/osgi/karaf/features/target/classes/features.xml
[ERROR] mvn:org.apache.karaf.features/framework/4.2.9/xml/features
[ERROR] mvn:org.apache.karaf.features/spring/4.2.9/xml/features
[ERROR] mvn:org.apache.karaf.features/standard/4.2.9/xml/features
[ERROR] mvn:org.ops4j.pax.cdi/pax-cdi-features/1.0.0/xml/features
[ERROR] mvn:org.ops4j.pax.web/pax-web-features/7.2.16/xml/features
[ERROR] }
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-736023688
@coheigea, looking at the dates of those patches (September), those look outdated.
I made some additional changes somewhere in October and "replaced" my earlier commits (I use "git rebase --interactive" quite a lot on my own private branches to keep a single clean and uncluttered diff).
I confirm that "mvn clean install" works perfectly in systests/kerberos.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735270001
@coheigea, all these test are green for me, using openjdk version "11.0.9.1" 2020-11-04 on Ubuntu.
These look like the kind of failures I fixed in my latest commit (now already several weeks ago).
Can you confirm you have the right combination of my latest changes for the ws-wss4j project and santuario-xml-security-java (my SANTUARIO-555 branches)?
1. santuario-xml-security-java, branch SANTUARIO-555, head SHA1 ID 05bbeef73970f58cd5a5e883b6f6bd48b89aac8c
2. ws-wss4j, branch SANTUARIO-555, head SHA1 ID 8ea02a1b63127df06d7dac739b159f204003c797
I made no changes to cxf, but the head SHA1 ID I have there is 44ae16c06b3e7aabe0cc5df2aec351d0eadff5db.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735270001
@coheigea, all these test are green for me, using openjdk version "11.0.9.1" 2020-11-04 on Ubuntu.
These look like the kind of failures I fixed in my latest commit (now already several weeks ago).
Can you confirm you have the right combination of my latest changes for the ws-wss4j project and santuario-xml-security-java (my SANTUARIO-555 branches)?
1. santuario-xml-security-java, branch SANTUARIO-555, head SHA1 ID 05bbeef73970f58cd5a5e883b6f6bd48b89aac8c.
2. ws-wss4j, branch SANTUARIO-555, head SHA1 ID 8ea02a1b63127df06d7dac739b159f204003c797.
I made no changes to cxf, the head SHA1 ID I have there is 74ede52ee9594bad61608150d441f1d9a49701aa.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-704050396
This is the underlying error: filter:="(&(osgi.wiring.package=org.apache.jcp.xml.dsig.internal.dom)(version>=2.3.0)
In parent/pom.xml, you also need to change: <cxf.xmlsec.bundle.version>2.3.0-SNAPSHOT</cxf.xmlsec.bundle.version>
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-737701161
Thanks @coheigea, that was the problem indeed: the version of WSS4J was wrong.
I'm sure I had changed it at some point, but my change probably got lost when I pulled or something.
Such a rookie mistake, I feel silly for not having checked that sooner, but anyway, I'm on the right track again and I'll finish up in the coming days (hopefully).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-693635141
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-716761837
I finally managed to find and fix the remaining problem (in WSS4J).
The problem was that the FinalDerivedKeyTokenOutputProcessor.
In ADC-ES_IPingService, two instances were created: one for the encryption (first action) and one for the signature (second action), but because of the shared token between encryption and signature, the signature's instance had to come before the encryption's security token output processor.
I updated my 2 pull requests in Santuario and WSS4J.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-709576929
Okay, after a lot of trouble (and still not able to run tests properly in IntelliJ), I'm finally getting somewhere.
One problem is that the order of UsernameTokenOutputProcessor and TimestampOutputProcessor conflicts.
Both processors define in their constructors that they come after the other.
That's certainly a problem when trying to make the order deterministic.
Which one is supposed to come first? Or does it maybe depend on the circumstances?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-709996165
Good catch, I fixed TimestampOutputProcessor to run before UsernameTokenOutputProcessor. The remaining CXF systest failures are:
[ERROR] WSSCTest.testSecureConversation:305 Error doing ADC-ES_IPingService
[ERROR] WSSCTest.testSecureConversation:305 Error doing _AD-ES_IPingService
[ERROR] WSSecurity111Test.testClientServer:178->WSSecurity11Common.runClientServer:81 » SOAPFault
[ERROR] X509TokenTest.testKeyIdentifierEncryptBeforeSigningDerived:274 » SOAPFault A s...
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703413960
What errors are you seeing with CXF? Try "mvn clean install -DskipTests".
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703411908
I've been trying to investigate CXF, but I'm struggling to even build it.
It has a ton of subprojects, and it fails to build halfway.
I can't even get to investigating the failing tests.
I still have a couple of things to try out, but in any case that's why it's taking a bit longer.
Meanwhile I've improved the original PR in Santuario a bit to fail when processors are added to a chain with conflicting order.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-736023688
@coheigea, looking at the dates of those patches (September), those look outdated.
I made some additional changes somewhere in October and "replaced" my earlier commits (I use "git rebase --interactive" quite a lot on my feature/bugfix branches, maybe that threw you off...).
I confirm that "mvn clean install" works perfectly in systests/kerberos.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-734693951
Thanks for your hard work @peterdemaeyer ! There are still some WS-Security test failures in CXF though to fix with this patch:
In systests/kerberos:
[ERROR] KerberosTokenTest.testKerberosOverAsymmetric:242->runKerberosTest:441 » SOAPFault
[ERROR] KerberosTokenTest.testKerberosOverAsymmetricSignedEncrypted:330->runKerberosTest:441 » SOAPFault
[ERROR] KerberosTokenTest.testKerberosOverSymmetric:200->runKerberosTest:441 » SOAPFault
In services/sts/systests/basic:
ERROR] Errors:
[ERROR] UsernameActAsTest.testUsernameActAs:136->doubleIt:167 » SOAPFault Marshalling ...
[ERROR] UsernameActAsTest.testUsernameActAs:136->doubleIt:167 » SOAPFault Marshalling ...
[ERROR] UsernameOnBehalfOfTest.testUsernameOnBehalfOf:135->doubleIt:166 » SOAPFault Ma...
[ERROR] UsernameOnBehalfOfTest.testUsernameOnBehalfOf:135->doubleIt:166 » SOAPFault Ma...
[ERROR] X509SymmetricBindingTest.testX509SAML2Supporting:229->doubleIt:274 » SOAPFault
[ERROR] X509SymmetricBindingTest.testX509SAML2Supporting:229->doubleIt:274 » SOAPFault
[ERROR] X509SymmetricBindingTest.testX509SAML2Supporting:229->doubleIt:274 » SOAPFault
[ERROR] X509SymmetricBindingTest.testX509SAML2Supporting:229->doubleIt:274 » SOAPFault
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703411908
I've been investigating CXF, but I'm struggling to even build it.
It has a ton of subprojects, and it fails to build halfway.
I can't even get to investigating the failing tests.
I still have a couple of things to try out, but in any case that's why it's taking a bit longer.
Meanwhile I've improved the original PR in Santuario a bit to fail when processors are added to a chain with conflicting order.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-691983045
Please rebase off master, which now has the fix for SANTUARIO-554.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735360075
Almost all tests in cxf are green for me (using OpenJDK Java 11).
Only a couple of issues which I'm pretty sure are unrelated to my changes:
1. cxf-rt-rs-security-oauth2 gets stuck, see CXF-8382.
2. cxf-systests-microprofile-weld has a failure in ClientHeaderParamTest.resetWiremock. It's the next to last projects in the long chain and all the ones before were green, which mean all the ones before (including the ones you mentioned earlier) were successful.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703817548
"mvn clean install -DskipTests" fails on Apache CXF Karaf Features.
```
...
[INFO] Apache CXF STS test OSGi deployment ................ SUCCESS [ 0.472 s]
[INFO] Apache CXF Karaf Parent ............................ SUCCESS [ 0.030 s]
[INFO] Apache CXF Karaf Commands .......................... SUCCESS [ 0.391 s]
[INFO] Apache CXF WSN API ................................. SUCCESS [ 2.726 s]
[INFO] Apache CXF WSN Core ................................ SUCCESS [ 0.852 s]
[INFO] Apache CXF WSN OSGi ................................ SUCCESS [ 0.346 s]
[INFO] Apache CXF WS-Discovery API ........................ SUCCESS [ 2.317 s]
[INFO] Apache CXF WS-Discovery Service .................... SUCCESS [ 0.213 s]
[INFO] Apache CXF Karaf Features .......................... FAILURE [ 27.600 s]
[INFO] Apache CXF STS Integration Tests ................... SKIPPED
[INFO] Apache CXF Services ................................ SKIPPED
[INFO] Apache CXF STS service ............................. SKIPPED
[INFO] Apache CXF STS systests ............................ SKIPPED
[INFO] Apache CXF WSN service ............................. SKIPPED
[INFO] Apache CXF WS-Discovery ............................ SKIPPED
[INFO] Apache CXF XKMS Common ............................. SKIPPED
...
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 03:58 min
[INFO] Finished at: 2020-10-05T20:35:09+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.karaf.tooling:karaf-maven-plugin:4.2.9:verify (verify) on project apache-cxf: Verification failures: Verification failures:
[ERROR] Feature resolution failed for [cxf-ws-rm/3.4.1.SNAPSHOT]
[ERROR] Message: Unable to resolve root: missing requirement [root] osgi.identity; osgi.identity=cxf-ws-rm; type=karaf.feature; version=3.4.1.SNAPSHOT; filter:="(&(osgi.identity=cxf-ws-rm)(type=karaf.feature)(version>=3.4.1.SNAPSHOT))" [caused by: Unable to resolve cxf-ws-rm/3.4.1.SNAPSHOT: missing requirement [cxf-ws-rm/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=cxf-ws-security; type=karaf.feature; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]" [caused by: Unable to resolve cxf-ws-security/3.4.1.SNAPSHOT: missing requirement [cxf-ws-security/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=cxf-rt-security-saml; type=karaf.feature; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]" [caused by: Unable to resolve cxf-rt-security-saml/3.4.1.SNAPSHOT: missing requirement [cxf-rt-security-saml/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=org.apache.cxf.cxf-rt-security-saml; type=osgi.bundle; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]"; resolution:=mandatory [caused by: Unable to resolve org.apache.cxf.c
xf-rt-security-saml/3.4.1.SNAPSHOT: missing requirement [org.apache.cxf.cxf-rt-security-saml/3.4.1.SNAPSHOT] osgi.wiring.package; filter:="(&(osgi.wiring.package=org.apache.wss4j.common.principal)(version>=2.4.0)(!(version>=3.0.0)))" [caused by: Unable to resolve org.apache.wss4j.wss4j-ws-security-common/2.4.0.SNAPSHOT: missing requirement [org.apache.wss4j.wss4j-ws-security-common/2.4.0.SNAPSHOT] osgi.wiring.package; filter:="(&(osgi.wiring.package=org.apache.jcp.xml.dsig.internal.dom)(version>=2.3.0)(!(version>=3.0.0)))"]]]]]
[ERROR] Repositories: {
[ERROR] file:/home/peter/IdeaProjects/cxf/osgi/karaf/features/target/classes/features.xml
[ERROR] mvn:org.apache.karaf.features/framework/4.2.9/xml/features
[ERROR] mvn:org.apache.karaf.features/spring/4.2.9/xml/features
[ERROR] mvn:org.apache.karaf.features/standard/4.2.9/xml/features
[ERROR] mvn:org.ops4j.pax.cdi/pax-cdi-features/1.0.0/xml/features
[ERROR] mvn:org.ops4j.pax.web/pax-web-features/7.2.16/xml/features
[ERROR] }
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735611886
@peterdemaeyer The tests fail for me with both Java 8 + 11. What I am doing is downloading the following + running mvn install:
https://patch-diff.githubusercontent.com/raw/apache/santuario-xml-security-java/pull/8.patch
https://patch-diff.githubusercontent.com/raw/apache/ws-wss4j/pull/15.patch
Then with CXF master:
diff --git a/parent/pom.xml b/parent/pom.xml
index 2b0b167fd3..3537abe3c2 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -222,7 +222,7 @@
<cxf.woodstox.core.version>6.2.1</cxf.woodstox.core.version>
<cxf.woodstox.stax2-api.version>4.2.1</cxf.woodstox.stax2-api.version>
<cxf.wsdl4j.version>1.6.3</cxf.wsdl4j.version>
- <cxf.wss4j.version>2.3.0</cxf.wss4j.version>
+ <cxf.wss4j.version>2.4.0-SNAPSHOT</cxf.wss4j.version>
<cxf.xalan.version>2.7.2</cxf.xalan.version>
<cxf.xerces.version>2.12.0</cxf.xerces.version>
<cxf.xmlschema.version>2.2.5</cxf.xmlschema.version>
@@ -266,7 +266,7 @@
<cxf.xalan.bundle.version>2.7.2_3</cxf.xalan.bundle.version>
<cxf.xerces.bundle.version>2.12.0_1</cxf.xerces.bundle.version>
<cxf.xmlresolver.bundle.version>1.2_5</cxf.xmlresolver.bundle.version>
- <cxf.xmlsec.bundle.version>2.2.0</cxf.xmlsec.bundle.version>
+ <cxf.xmlsec.bundle.version>2.3.0-SNAPSHOT</cxf.xmlsec.bundle.version>
<cxf.xpp3.bundle.version>1.1.4c_6</cxf.xpp3.bundle.version>
</properties>
<build>
Can you please verify that running mvn clean install in systests/kerberos in CXF works for you? The systests/ws-security tests all pass, so I am definitely picking up your earlier fixes. However it looks to me like there are some scenarios not fully covered in your changes.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735611886
@peterdemaeyer The tests fail for me with both Java 8 + 11. What I am doing is downloading the following + running mvn install:
https://patch-diff.githubusercontent.com/raw/apache/santuario-xml-security-java/pull/8.patch
https://patch-diff.githubusercontent.com/raw/apache/ws-wss4j/pull/15.patch
Then with CXF master:
```
diff --git a/parent/pom.xml b/parent/pom.xml
index 2b0b167fd3..3537abe3c2 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -222,7 +222,7 @@
<cxf.woodstox.core.version>6.2.1</cxf.woodstox.core.version>
<cxf.woodstox.stax2-api.version>4.2.1</cxf.woodstox.stax2-api.version>
<cxf.wsdl4j.version>1.6.3</cxf.wsdl4j.version>
- <cxf.wss4j.version>2.3.0</cxf.wss4j.version>
+ <cxf.wss4j.version>2.4.0-SNAPSHOT</cxf.wss4j.version>
<cxf.xalan.version>2.7.2</cxf.xalan.version>
<cxf.xerces.version>2.12.0</cxf.xerces.version>
<cxf.xmlschema.version>2.2.5</cxf.xmlschema.version>
@@ -266,7 +266,7 @@
<cxf.xalan.bundle.version>2.7.2_3</cxf.xalan.bundle.version>
<cxf.xerces.bundle.version>2.12.0_1</cxf.xerces.bundle.version>
<cxf.xmlresolver.bundle.version>1.2_5</cxf.xmlresolver.bundle.version>
- <cxf.xmlsec.bundle.version>2.2.0</cxf.xmlsec.bundle.version>
+ <cxf.xmlsec.bundle.version>2.3.0-SNAPSHOT</cxf.xmlsec.bundle.version>
<cxf.xpp3.bundle.version>1.1.4c_6</cxf.xpp3.bundle.version>
</properties>
<build>
```
Can you please verify that running mvn clean install in systests/kerberos in CXF works for you? The systests/ws-security tests all pass, so I am definitely picking up your earlier fixes. However it looks to me like there are some scenarios not fully covered in your changes.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-693635141
> Please rebase off master, which now has the fix for SANTUARIO-554.
Done.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703155181
Okay, I'll check it out...
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea merged pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea merged pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-736270457
@peterdemaeyer , even though the dates look outdated, from doing a diff against your branches the code looks the same. I checked out your forks + built the branches locally, and I still see the same error in CXF.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735270001
@coheigea, all these test are green for me, using openjdk version "11.0.9.1" 2020-11-04 on Ubuntu.
These look like the kind of failures I fixed in my latest commit (now already several weeks ago).
Can you confirm you have the right combination of my latest changes for the ws-wss4j project and santuario-xml-security-java (my SANTUARIO-555 branches)?
1. santuario-xml-security-java, branch SANTUARIO-555, head SHA1 ID 05bbeef73970f58cd5a5e883b6f6bd48b89aac8c.
2. ws-wss4j, branch SANTUARIO-555, head SHA1 ID 8ea02a1b63127df06d7dac739b159f204003c797.
I made no changes to cxf, but the head SHA1 ID I have there is 44ae16c06b3e7aabe0cc5df2aec351d0eadff5db.
Hmm, suddenly I realize that my cxf head is already quite old - I'll update and retry on my end as well.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-696037507
@peterdemaeyer Many thanks, however there are still some problems. WSS4J feeds into Apache CXF, which actually has most of the more complicated streaming WS-Security tests. And the PR is still causing tests to fail there:
`[ERROR] Errors:
[ERROR] WSSCTest.testSecureConversation:305 Error doing ADC-ES_IPingService
[ERROR] WSSCTest.testSecureConversation:305 Error doing _AD-ES_IPingService
[ERROR] WSSecurity111Test.testClientServer:178->WSSecurity11Common.runClientServer:81 » SOAPFault
[ERROR] X509TokenTest.testKeyIdentifierEncryptBeforeSigningDerived:274 » SOAPFault A s...
[INFO]
`
To reproduce clone Apache CXF, and update the parent/pom.xml:
`
<cxf.wss4j.version>2.4.0-SNAPSHOT</cxf.wss4j.version>
<cxf.xmlsec.bundle.version>2.3.0-SNAPSHOT</cxf.xmlsec.bundle.version>
`
Then do: mvn clean install -DskipTests and then run the tests in systests/ws-security
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703411908
I've been investigating CXF, but I'm struggling to even build it.
It has a ton of subprojects, and it fails to build halfway.
I can't even get to investigating the failing tests.
I still have a couple of things in mind that I can try out, but in any case that's why it's taking a bit longer.
Meanwhile I've improved the original PR in Santuario a bit to fail when processors are added to a chain with conflicting order.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703411908
I've been trying to investigate CXF, but I'm struggling to even build it.
It has a ton of subprojects, and it fails to build halfway.
I can't even get to investigating the failing tests.
I still have a couple of things to try out, but in any case that's why it's taking a bit long.
Meanwhile I've improved the original PR in Santuario a bit to fail when processors are added to a chain with conflicting order.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-736849932
I'm puzzled.
AFAICT all commits have been pushed correctly.
I rebased the 2 relevant SANTUARIO-555 branches in santuario-xml-security-java + ws-wss4j once again.
Build + tests ("mvn install") works perfectly for me on those 2 projects.
On cxf, build + tests are are green up until cxf-systests-rs-sse-jetty "Apache CXF SSE Integration System Tests for Jetty", which is very near the end of the chain and well beyond the Kerberos tests.
The next thing I'll do (tomorrow or so) is diff the patches you're referring to against my changes and try to find the difference.
For the record: I'm developing + running everything on Ubuntu Linux.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-739713304
I fixed the 2 remaining problems with the order of BinarySecurityTokenOutputProcessor and SAMLTokenOutputProcessor in ws-wss4j.
There is now a remaining test failure in cxf-systests-rs-sse-base, much later in the chain, but that test doesn't even trigger any of the changed code + it runs green in my IDEA so I think it's probably a flipping test:
```
[ERROR] Failures:
[ERROR] TomcatWarTest>AbstractSseTest.testClientClosesEventSource:319
Expected: <true>
but: was <false>
[INFO]
[ERROR] Tests run: 22, Failures: 1, Errors: 0, Skipped: 0
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735270001
@coheigea, all these test are green for me, using openjdk version "11.0.9.1" 2020-11-04 on Ubuntu.
These look like the kind of failures I fixed in my latest commit (now already several weeks ago).
Can you confirm you have the right combination of my latest changes for the ws-wss4j project and santuario-xml-security-java (my SANTUARIO-555 branches)?
1. santuario-xml-security-java, branch SANTUARIO-555, head SHA1 ID 05bbeef73970f58cd5a5e883b6f6bd48b89aac8c
2. ws-wss4j, branch SANTUARIO-555, head SHA1 ID 8ea02a1b63127df06d7dac739b159f204003c797
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-737701161
Thanks @coheigea, that was the problem indeed: the version of WSS4J was wrong.
I'm sure I had changed it at some point, but my change probably got lost lost when I pulled or something.
Such a rookie mistake, I feel silly for not having checked that sooner, but anyway, I'm on the right track again and I'll finish up in the coming days (hopefully).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-703817548
When I change cxf.wss4j.version=2.4.0-SNAPSHOT in the pom.xml,
"mvn clean install -DskipTests" fails on Apache CXF Karaf Features:
```
...
[INFO] Apache CXF STS test OSGi deployment ................ SUCCESS [ 0.472 s]
[INFO] Apache CXF Karaf Parent ............................ SUCCESS [ 0.030 s]
[INFO] Apache CXF Karaf Commands .......................... SUCCESS [ 0.391 s]
[INFO] Apache CXF WSN API ................................. SUCCESS [ 2.726 s]
[INFO] Apache CXF WSN Core ................................ SUCCESS [ 0.852 s]
[INFO] Apache CXF WSN OSGi ................................ SUCCESS [ 0.346 s]
[INFO] Apache CXF WS-Discovery API ........................ SUCCESS [ 2.317 s]
[INFO] Apache CXF WS-Discovery Service .................... SUCCESS [ 0.213 s]
[INFO] Apache CXF Karaf Features .......................... FAILURE [ 27.600 s]
[INFO] Apache CXF STS Integration Tests ................... SKIPPED
[INFO] Apache CXF Services ................................ SKIPPED
[INFO] Apache CXF STS service ............................. SKIPPED
[INFO] Apache CXF STS systests ............................ SKIPPED
[INFO] Apache CXF WSN service ............................. SKIPPED
[INFO] Apache CXF WS-Discovery ............................ SKIPPED
[INFO] Apache CXF XKMS Common ............................. SKIPPED
...
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 03:58 min
[INFO] Finished at: 2020-10-05T20:35:09+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.karaf.tooling:karaf-maven-plugin:4.2.9:verify (verify) on project apache-cxf: Verification failures: Verification failures:
[ERROR] Feature resolution failed for [cxf-ws-rm/3.4.1.SNAPSHOT]
[ERROR] Message: Unable to resolve root: missing requirement [root] osgi.identity; osgi.identity=cxf-ws-rm; type=karaf.feature; version=3.4.1.SNAPSHOT; filter:="(&(osgi.identity=cxf-ws-rm)(type=karaf.feature)(version>=3.4.1.SNAPSHOT))" [caused by: Unable to resolve cxf-ws-rm/3.4.1.SNAPSHOT: missing requirement [cxf-ws-rm/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=cxf-ws-security; type=karaf.feature; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]" [caused by: Unable to resolve cxf-ws-security/3.4.1.SNAPSHOT: missing requirement [cxf-ws-security/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=cxf-rt-security-saml; type=karaf.feature; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]" [caused by: Unable to resolve cxf-rt-security-saml/3.4.1.SNAPSHOT: missing requirement [cxf-rt-security-saml/3.4.1.SNAPSHOT] osgi.identity; osgi.identity=org.apache.cxf.cxf-rt-security-saml; type=osgi.bundle; version="[3.4.1.SNAPSHOT,3.4.1.SNAPSHOT]"; resolution:=mandatory [caused by: Unable to resolve org.apache.cxf.c
xf-rt-security-saml/3.4.1.SNAPSHOT: missing requirement [org.apache.cxf.cxf-rt-security-saml/3.4.1.SNAPSHOT] osgi.wiring.package; filter:="(&(osgi.wiring.package=org.apache.wss4j.common.principal)(version>=2.4.0)(!(version>=3.0.0)))" [caused by: Unable to resolve org.apache.wss4j.wss4j-ws-security-common/2.4.0.SNAPSHOT: missing requirement [org.apache.wss4j.wss4j-ws-security-common/2.4.0.SNAPSHOT] osgi.wiring.package; filter:="(&(osgi.wiring.package=org.apache.jcp.xml.dsig.internal.dom)(version>=2.3.0)(!(version>=3.0.0)))"]]]]]
[ERROR] Repositories: {
[ERROR] file:/home/peter/IdeaProjects/cxf/osgi/karaf/features/target/classes/features.xml
[ERROR] mvn:org.apache.karaf.features/framework/4.2.9/xml/features
[ERROR] mvn:org.apache.karaf.features/spring/4.2.9/xml/features
[ERROR] mvn:org.apache.karaf.features/standard/4.2.9/xml/features
[ERROR] mvn:org.ops4j.pax.cdi/pax-cdi-features/1.0.0/xml/features
[ERROR] mvn:org.ops4j.pax.web/pax-web-features/7.2.16/xml/features
[ERROR] }
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea commented on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-737044528
@peterdemaeyer Just to check, you're also changing the xmlsec version to 2.3.0-SNAPSHOT + WSS4J to 2.4.0-SNAPSHOT in CXF's parent/pom.xml?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] coheigea edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
coheigea edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-736270457
@peterdemaeyer , even though the dates look outdated, from doing a diff against your branches the code looks the same. I checked out your forks + built the branches locally, and I still see the same error in CXF.
Can you check that you are not compiling using some code that is not checked in to the branches?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-695354822
Fixed, PR created for the WSS4J project. See also comments in Jira.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-736023688
@coheigea, looking at the dates of those patches (September), those look outdated.
I made some additional changes somewhere in October and "replaced" my earlier commits (I use "git rebase --interactive" quite a lot on my feature/bugfix branches).
I confirm that "mvn clean install" works perfectly in systests/kerberos.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735360075
Almost all tests in cxf are green for me (using OpenJDK Java 11).
Only a couple of issues which I'm pretty sure are unrelated to my changes:
1. cxf-rt-rs-security-oauth2 gets stuck, see CXF-8382.
2. cxf-systests-microprofile-weld has a failure in ClientHeaderParamTest.resetWiremock. It's the next to last projects in the long chain and all the ones before were green, including the ones you mentioned earlier.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer edited a comment on pull request #8: SANTUARIO-555 Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer edited a comment on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-735270001
@coheigea, all these test are green for me, using openjdk version "11.0.9.1" 2020-11-04 on Ubuntu.
These look like the kind of failures I fixed in my latest commit (now already several weeks ago).
Can you confirm you have the right combination of my latest changes for the ws-wss4j project and santuario-xml-security-java (my SANTUARIO-555 branches)?
1. santuario-xml-security-java, branch SANTUARIO-555, head SHA1 ID 05bbeef73970f58cd5a5e883b6f6bd48b89aac8c
2. ws-wss4j, branch SANTUARIO-555, head SHA1 ID 8ea02a1b63127df06d7dac739b159f204003c797
I made no changes to cxf, but the head SHA1 ID I have there is 44ae16c06b3e7aabe0cc5df2aec351d0eadff5db.
Hmm, suddenly I realize that my cxf head is already quite old - I'll update and retry on my end as well.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [santuario-xml-security-java] peterdemaeyer commented on pull request #8: Made order of output processors in a chain deterministic and intuitive
Posted by GitBox <gi...@apache.org>.
peterdemaeyer commented on pull request #8:
URL: https://github.com/apache/santuario-xml-security-java/pull/8#issuecomment-694501392
> These changes break a lot of the WSS4J tests, even after I fixed the compile issues - could you take a look, as I can't merge this change if it breaks WSS4J?
>
> https://github.com/apache/ws-wss4j/tree/master/ws-security-stax
Okay, I can reproduce the failures, I'll need to investigate them.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org