Return-Path: X-Original-To: apmail-axis-java-dev-archive@www.apache.org Delivered-To: apmail-axis-java-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5920E1130C for ; Fri, 11 Jul 2014 12:25:05 +0000 (UTC) Received: (qmail 44129 invoked by uid 500); 11 Jul 2014 12:25:04 -0000 Delivered-To: apmail-axis-java-dev-archive@axis.apache.org Received: (qmail 43980 invoked by uid 500); 11 Jul 2014 12:25:04 -0000 Mailing-List: contact java-dev-help@axis.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: java-dev@axis.apache.org Delivered-To: mailing list java-dev@axis.apache.org Received: (qmail 43970 invoked by uid 99); 11 Jul 2014 12:25:04 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Jul 2014 12:25:04 +0000 Date: Fri, 11 Jul 2014 12:25:04 +0000 (UTC) From: "Detelin Yordanov (JIRA)" To: java-dev@axis.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (RAMPART-415) Upgrade Rampart to use latest wss4j 1.6.16 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/RAMPART-415?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Detelin Yordanov updated RAMPART-415: ------------------------------------- Description: Rampart uses an outdated wss4j 1.6.4 version, while wss4j 1.6.16 was released just recently. I think it is important for Rampart to use latest stable wss4j, additionally my team is willing to contribute some Rampart extensions which require wss4j 1.6.16. I tested Rampart trunk with wss4j 1.6.16 and noticed two failing tests: - org.apache.rampart.RampartTest.testWithPolicy, scenario 7 - org.apache.rahas.impl.util.CommonUtilTest.testGetDecryptedBytes The first issue is caused by a change in wss4j to add an "id" to the "Reference List" security processing results even when the value is an empty literal. I discussed the issue on wss4j mailing list and a fix for this will be available in next wss4j 1.6.17 version, see: http://mail-archives.apache.org/mod_mbox/ws-dev/201407.mbox/%3CCAEu2FRPX1ENvbytEJnybLnc1W1zB9SsjXskgH7M0AdSzaMRxyA@mail.gmail.com%3E Meanwhile, I proposed a temporary fix in Rampart that skips results with empty Ids (attached). The second issue is triggered by a change in xmlsec 1.5.2 which adds cloning of KeyInfo elements, however the root cause seems to be a change is how Rahas TestUtil constructs a SOAP envelope: [Avoid direct references to Axiom implementation classes|http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-trust/src/test/java/org/apache/rahas/test/util/TestUtil.java?r1=1298295&r2=1299913] I have raised this issue on Axis2 dev list: http://mail-archives.apache.org/mod_mbox/axis-java-dev/201407.mbox/%3CCAEu2FROZusGJr%3DtzSRXe88hXYpV%3DzAyrNE-vwDYpi0tZG9Vy4Q%40mail.gmail.com%3E I will update this issue once a solution is found. I can help with further issues if such are found. Please note that all Rampart tests pass successfully with wss4j 1.6.16 after applying the provided Rampart wss4j workaround and reverting the Rampart Axiom-related changes done in revision [1299913|http://svn.apache.org/viewvc?view=revision&revision=1299913]. was: Rampart uses an outdated wss4j 1.6.4 version, while wss4j 1.6.16 was released just recently. I think it is important for Rampart to use latest stable web services for java, additionally my team is willing to contribute some Rampart extensions which require wss4j 1.6.16. I tested Rampart trunk with wss4j 1.6.16 and noticed two failing tests: - org.apache.rampart.RampartTest.testWithPolicy, scenario 7 - org.apache.rahas.impl.util.CommonUtilTest.testGetDecryptedBytes The first issue is caused by a change in wss4j to add an "id" to the "Reference List" security processing results even when the value is an empty literal. I discussed the issue on wss4j mailing list and a fix for this will be available in next wss4j 1.6.17 version, see: http://mail-archives.apache.org/mod_mbox/ws-dev/201407.mbox/%3CCAEu2FRPX1ENvbytEJnybLnc1W1zB9SsjXskgH7M0AdSzaMRxyA@mail.gmail.com%3E Meanwhile, I proposed a temporary fix in Rampart that skips results with empty Ids (attached). The second issue is triggered by a change in xmlsec 1.5.2 which adds cloning of KeyInfo elements, however the root cause seems to be a change is how Rahas TestUtil constructs a SOAP envelope: [Avoid direct references to Axiom implementation classes|http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-trust/src/test/java/org/apache/rahas/test/util/TestUtil.java?r1=1298295&r2=1299913] I have raised this issue on Axis2 dev list: http://mail-archives.apache.org/mod_mbox/axis-java-dev/201407.mbox/%3CCAEu2FROZusGJr%3DtzSRXe88hXYpV%3DzAyrNE-vwDYpi0tZG9Vy4Q%40mail.gmail.com%3E I will update this issue once a solution is found. I can help with further issues if such are found. Please note that all Rampart tests pass successfully with wss4j 1.6.16 after applying the provided Rampart wss4j workaround and reverting the Rampart Axiom-related changes done in revision [1299913|http://svn.apache.org/viewvc?view=revision&revision=1299913]. > Upgrade Rampart to use latest wss4j 1.6.16 > ------------------------------------------ > > Key: RAMPART-415 > URL: https://issues.apache.org/jira/browse/RAMPART-415 > Project: Rampart > Issue Type: Improvement > Affects Versions: 1.6.2 > Reporter: Detelin Yordanov > Fix For: 1.7.0, 1.6.3 > > Attachments: rampart_wss4j.patch > > > Rampart uses an outdated wss4j 1.6.4 version, while wss4j 1.6.16 was released just recently. I think it is important for Rampart to use latest stable wss4j, additionally my team is willing to contribute some Rampart extensions which require wss4j 1.6.16. I tested Rampart trunk with wss4j 1.6.16 and noticed two failing tests: > - org.apache.rampart.RampartTest.testWithPolicy, scenario 7 > - org.apache.rahas.impl.util.CommonUtilTest.testGetDecryptedBytes > The first issue is caused by a change in wss4j to add an "id" to the "Reference List" security processing results even when the value is an empty literal. I discussed the issue on wss4j mailing list and a fix for this will be available in next wss4j 1.6.17 version, see: > http://mail-archives.apache.org/mod_mbox/ws-dev/201407.mbox/%3CCAEu2FRPX1ENvbytEJnybLnc1W1zB9SsjXskgH7M0AdSzaMRxyA@mail.gmail.com%3E > Meanwhile, I proposed a temporary fix in Rampart that skips results with empty Ids (attached). > The second issue is triggered by a change in xmlsec 1.5.2 which adds cloning of KeyInfo elements, however the root cause seems to be a change is how Rahas TestUtil constructs a SOAP envelope: > [Avoid direct references to Axiom implementation classes|http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-trust/src/test/java/org/apache/rahas/test/util/TestUtil.java?r1=1298295&r2=1299913] > I have raised this issue on Axis2 dev list: > http://mail-archives.apache.org/mod_mbox/axis-java-dev/201407.mbox/%3CCAEu2FROZusGJr%3DtzSRXe88hXYpV%3DzAyrNE-vwDYpi0tZG9Vy4Q%40mail.gmail.com%3E > I will update this issue once a solution is found. I can help with further issues if such are found. Please note that all Rampart tests pass successfully with wss4j 1.6.16 after applying the provided Rampart wss4j workaround and reverting the Rampart Axiom-related changes done in revision [1299913|http://svn.apache.org/viewvc?view=revision&revision=1299913]. -- This message was sent by Atlassian JIRA (v6.2#6252) --------------------------------------------------------------------- To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org For additional commands, e-mail: java-dev-help@axis.apache.org