You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by Colm O hEigeartaigh <co...@apache.org> on 2015/05/29 19:42:57 UTC
[VOTE] - Release Apache WSS4J 2.1.1
This is a vote to release Apache WSS4J 2.1.1. This release fixes an
important bug in 2.1.0, which prevents signing or validating a signed SAML
token in an OSGi container.
Issues fixed:
https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
SVN tag:
http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
Maven artifacts:
https://repository.apache.org/content/repositories/orgapachews-1017/
+1 from me.
Colm.
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Alessio Soldano <as...@redhat.com>.
+1
On 29/05/15 19:42, Colm O hEigeartaigh wrote:
> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
> important bug in 2.1.0, which prevents signing or validating a signed
> SAML token in an OSGi container.
>
> Issues fixed:
>
> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>
> SVN tag:
>
> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>
> Maven artifacts:
>
> https://repository.apache.org/content/repositories/orgapachews-1017/
>
> +1 from me.
>
> Colm.
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
--
Alessio Soldano
Web Service Lead, JBoss
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Marc Giger <gi...@apache.org>.
+1
Marc
On Fri, 29 May 2015 18:42:57 +0100
Colm O hEigeartaigh <co...@apache.org> wrote:
> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
> important bug in 2.1.0, which prevents signing or validating a signed
> SAML token in an OSGi container.
>
> Issues fixed:
>
> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>
> SVN tag:
>
> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>
> Maven artifacts:
>
> https://repository.apache.org/content/repositories/orgapachews-1017/
>
> +1 from me.
>
> Colm.
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Daniel Kulp <dk...@apache.org>.
+1
Dan
> On May 29, 2015, at 1:42 PM, Colm O hEigeartaigh <co...@apache.org> wrote:
>
> This is a vote to release Apache WSS4J 2.1.1. This release fixes an important bug in 2.1.0, which prevents signing or validating a signed SAML token in an OSGi container.
>
> Issues fixed:
>
> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>
> SVN tag:
>
> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>
> Maven artifacts:
>
> https://repository.apache.org/content/repositories/orgapachews-1017/
>
> +1 from me.
>
> Colm.
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Colm O hEigeartaigh <co...@apache.org>.
The vote passes with 6 binding +1 votes, and 2 non-binding +1 votes. I'll
upload the artifacts.
Colm.
On Tue, Jun 2, 2015 at 12:55 PM, Colm O hEigeartaigh <co...@apache.org>
wrote:
>
> Thanks for the analysis Dan. I will remove the entry from the NOTICE file
> and change the error message just to be sure.
>
> Colm.
>
> On Mon, Jun 1, 2015 at 2:45 PM, Daniel Kulp <dk...@apache.org> wrote:
>
>>
>> > On May 31, 2015, at 11:21 AM, Andreas Veithen <
>> andreas.veithen@gmail.com> wrote:
>> >
>> > The NOTICE file in the source distribution has an extra entry giving
>> > attribution to University of Southampton. Shouldn't that entry be
>> > present in the NOTICE files included in the JARs as well?
>>
>> Actually, I think it should be removed from the one in the source for the
>> 2.x branches. I went through the old patch that was submitted for that
>> and the entire patch has now been completely rewritten as part of the
>> updates to WSS4J 2.0 and the streaming/dom separations and code unification
>> and inclusion of the ws-security policy processing. The only part of the
>> patch that’s left is really just an error message:
>>
>> requiredElementNotSigned=Element {0} is not included in the signature
>>
>> which is not something I think a Notice is needed for. Even the code
>> around where that error was thrown is completely different.
>>
>> Anyway, that’s something that I wouldn’t consider a blocker for a
>> release. We can get that removed for the next releases.
>>
>> Dan
>>
>>
>>
>> >
>> > Andreas
>> >
>> > On Fri, May 29, 2015 at 6:42 PM, Colm O hEigeartaigh
>> > <co...@apache.org> wrote:
>> >> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
>> >> important bug in 2.1.0, which prevents signing or validating a signed
>> SAML
>> >> token in an OSGi container.
>> >>
>> >> Issues fixed:
>> >>
>> >> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>> >>
>> >> SVN tag:
>> >>
>> >> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>> >>
>> >> Maven artifacts:
>> >>
>> >> https://repository.apache.org/content/repositories/orgapachews-1017/
>> >>
>> >> +1 from me.
>> >>
>> >> Colm.
>> >>
>> >>
>> >> --
>> >> Colm O hEigeartaigh
>> >>
>> >> Talend Community Coder
>> >> http://coders.talend.com
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
>> > For additional commands, e-mail: dev-help@ws.apache.org
>> >
>>
>> --
>> Daniel Kulp
>> dkulp@apache.org - http://dankulp.com/blog
>> Talend Community Coder - http://coders.talend.com
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
>> For additional commands, e-mail: dev-help@ws.apache.org
>>
>>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Colm O hEigeartaigh <co...@apache.org>.
Thanks for the analysis Dan. I will remove the entry from the NOTICE file
and change the error message just to be sure.
Colm.
On Mon, Jun 1, 2015 at 2:45 PM, Daniel Kulp <dk...@apache.org> wrote:
>
> > On May 31, 2015, at 11:21 AM, Andreas Veithen <an...@gmail.com>
> wrote:
> >
> > The NOTICE file in the source distribution has an extra entry giving
> > attribution to University of Southampton. Shouldn't that entry be
> > present in the NOTICE files included in the JARs as well?
>
> Actually, I think it should be removed from the one in the source for the
> 2.x branches. I went through the old patch that was submitted for that
> and the entire patch has now been completely rewritten as part of the
> updates to WSS4J 2.0 and the streaming/dom separations and code unification
> and inclusion of the ws-security policy processing. The only part of the
> patch that’s left is really just an error message:
>
> requiredElementNotSigned=Element {0} is not included in the signature
>
> which is not something I think a Notice is needed for. Even the code
> around where that error was thrown is completely different.
>
> Anyway, that’s something that I wouldn’t consider a blocker for a
> release. We can get that removed for the next releases.
>
> Dan
>
>
>
> >
> > Andreas
> >
> > On Fri, May 29, 2015 at 6:42 PM, Colm O hEigeartaigh
> > <co...@apache.org> wrote:
> >> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
> >> important bug in 2.1.0, which prevents signing or validating a signed
> SAML
> >> token in an OSGi container.
> >>
> >> Issues fixed:
> >>
> >> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
> >>
> >> SVN tag:
> >>
> >> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
> >>
> >> Maven artifacts:
> >>
> >> https://repository.apache.org/content/repositories/orgapachews-1017/
> >>
> >> +1 from me.
> >>
> >> Colm.
> >>
> >>
> >> --
> >> Colm O hEigeartaigh
> >>
> >> Talend Community Coder
> >> http://coders.talend.com
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: dev-help@ws.apache.org
> >
>
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: dev-help@ws.apache.org
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Andreas Veithen <an...@gmail.com>.
Sounds good.
+1 (binding)
Andreas
On Mon, Jun 1, 2015 at 2:45 PM, Daniel Kulp <dk...@apache.org> wrote:
>
>> On May 31, 2015, at 11:21 AM, Andreas Veithen <an...@gmail.com> wrote:
>>
>> The NOTICE file in the source distribution has an extra entry giving
>> attribution to University of Southampton. Shouldn't that entry be
>> present in the NOTICE files included in the JARs as well?
>
> Actually, I think it should be removed from the one in the source for the 2.x branches. I went through the old patch that was submitted for that and the entire patch has now been completely rewritten as part of the updates to WSS4J 2.0 and the streaming/dom separations and code unification and inclusion of the ws-security policy processing. The only part of the patch that’s left is really just an error message:
>
> requiredElementNotSigned=Element {0} is not included in the signature
>
> which is not something I think a Notice is needed for. Even the code around where that error was thrown is completely different.
>
> Anyway, that’s something that I wouldn’t consider a blocker for a release. We can get that removed for the next releases.
>
> Dan
>
>
>
>>
>> Andreas
>>
>> On Fri, May 29, 2015 at 6:42 PM, Colm O hEigeartaigh
>> <co...@apache.org> wrote:
>>> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
>>> important bug in 2.1.0, which prevents signing or validating a signed SAML
>>> token in an OSGi container.
>>>
>>> Issues fixed:
>>>
>>> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>>>
>>> SVN tag:
>>>
>>> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>>>
>>> Maven artifacts:
>>>
>>> https://repository.apache.org/content/repositories/orgapachews-1017/
>>>
>>> +1 from me.
>>>
>>> Colm.
>>>
>>>
>>> --
>>> Colm O hEigeartaigh
>>>
>>> Talend Community Coder
>>> http://coders.talend.com
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
>> For additional commands, e-mail: dev-help@ws.apache.org
>>
>
> --
> Daniel Kulp
> dkulp@apache.org - http://dankulp.com/blog
> Talend Community Coder - http://coders.talend.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: dev-help@ws.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Daniel Kulp <dk...@apache.org>.
> On May 31, 2015, at 11:21 AM, Andreas Veithen <an...@gmail.com> wrote:
>
> The NOTICE file in the source distribution has an extra entry giving
> attribution to University of Southampton. Shouldn't that entry be
> present in the NOTICE files included in the JARs as well?
Actually, I think it should be removed from the one in the source for the 2.x branches. I went through the old patch that was submitted for that and the entire patch has now been completely rewritten as part of the updates to WSS4J 2.0 and the streaming/dom separations and code unification and inclusion of the ws-security policy processing. The only part of the patch that’s left is really just an error message:
requiredElementNotSigned=Element {0} is not included in the signature
which is not something I think a Notice is needed for. Even the code around where that error was thrown is completely different.
Anyway, that’s something that I wouldn’t consider a blocker for a release. We can get that removed for the next releases.
Dan
>
> Andreas
>
> On Fri, May 29, 2015 at 6:42 PM, Colm O hEigeartaigh
> <co...@apache.org> wrote:
>> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
>> important bug in 2.1.0, which prevents signing or validating a signed SAML
>> token in an OSGi container.
>>
>> Issues fixed:
>>
>> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>>
>> SVN tag:
>>
>> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>>
>> Maven artifacts:
>>
>> https://repository.apache.org/content/repositories/orgapachews-1017/
>>
>> +1 from me.
>>
>> Colm.
>>
>>
>> --
>> Colm O hEigeartaigh
>>
>> Talend Community Coder
>> http://coders.talend.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: dev-help@ws.apache.org
>
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Andreas Veithen <an...@gmail.com>.
The NOTICE file in the source distribution has an extra entry giving
attribution to University of Southampton. Shouldn't that entry be
present in the NOTICE files included in the JARs as well?
Andreas
On Fri, May 29, 2015 at 6:42 PM, Colm O hEigeartaigh
<co...@apache.org> wrote:
> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
> important bug in 2.1.0, which prevents signing or validating a signed SAML
> token in an OSGi container.
>
> Issues fixed:
>
> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>
> SVN tag:
>
> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>
> Maven artifacts:
>
> https://repository.apache.org/content/repositories/orgapachews-1017/
>
> +1 from me.
>
> Colm.
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Samisa Abeysinghe <sa...@gmail.com>.
+1
On Tue, Jun 2, 2015 at 5:53 AM, Deepal jayasinghe <de...@gmail.com> wrote:
> +1.
>
> Deepal
>
> +1 (non-binding)
> -------------
> Freeman(Yue) Fang
>
> Red Hat, Inc.
> FuseSource is now part of Red Hat
>
>
>
> On 2015-5-30, at 上午1:42, Colm O hEigeartaigh wrote:
>
> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
> important bug in 2.1.0, which prevents signing or validating a signed SAML
> token in an OSGi container.
>
> Issues fixed:
>
> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>
> SVN tag:
>
> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>
> Maven artifacts:
>
> https://repository.apache.org/content/repositories/orgapachews-1017/
>
> +1 from me.
>
> Colm.
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
>
>
>
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Deepal jayasinghe <de...@gmail.com>.
+1.
Deepal
> +1 (non-binding)
> -------------
> Freeman(Yue) Fang
>
> Red Hat, Inc.
> FuseSource is now part of Red Hat
>
>
>
> On 2015-5-30, at 上午1:42, Colm O hEigeartaigh wrote:
>
>> This is a vote to release Apache WSS4J 2.1.1. This release fixes an
>> important bug in 2.1.0, which prevents signing or validating a signed
>> SAML token in an OSGi container.
>>
>> Issues fixed:
>>
>> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>>
>> SVN tag:
>>
>> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>>
>> Maven artifacts:
>>
>> https://repository.apache.org/content/repositories/orgapachews-1017/
>>
>> +1 from me.
>>
>> Colm.
>>
>>
>> --
>> Colm O hEigeartaigh
>>
>> Talend Community Coder
>> http://coders.talend.com <http://coders.talend.com/>
>
Re: [VOTE] - Release Apache WSS4J 2.1.1
Posted by Freeman Fang <fr...@gmail.com>.
+1 (non-binding)
-------------
Freeman(Yue) Fang
Red Hat, Inc.
FuseSource is now part of Red Hat
On 2015-5-30, at 上午1:42, Colm O hEigeartaigh wrote:
> This is a vote to release Apache WSS4J 2.1.1. This release fixes an important bug in 2.1.0, which prevents signing or validating a signed SAML token in an OSGi container.
>
> Issues fixed:
>
> https://issues.apache.org/jira/browse/WSS/fixforversion/12332242
>
> SVN tag:
>
> http://svn.apache.org/repos/asf/webservices/wss4j/tags/wss4j-2.1.1/
>
> Maven artifacts:
>
> https://repository.apache.org/content/repositories/orgapachews-1017/
>
> +1 from me.
>
> Colm.
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com