axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Samisa Abeysinghe <>
Subject Re: question on consuming service with lopsided security
Date Sat, 06 Nov 2010 02:49:25 GMT
On Sat, Nov 6, 2010 at 3:10 AM, Dennis Sosnoski <> wrote:

> On 11/06/2010 07:00 AM, Sanjiva Weerawarana wrote:
> > Wow .. so you published an article on developerWorks saying Axis2
> > can't do it and it turns out its an error on your part. Thanks for
> > asking for a correction but its a bit frustrating to see that done as
> > you can imagine. This is especially the case since several of your
> > recent articles are comparing Axis2 and CXF and showing cases that CXF
> > does better. Do you seriously thnk Axis2 doesn't have many scenarios
> > where its not hugely better than CXF?
> I'd very much like to know what these scenarios are.
> As to the error in my article, I spent hours working on the Axis2 code
> part to finally get it working. I did this because it bothered me that I
> didn't know just why things were broken, and I wanted to make sure the
> article was accurate. I finally tried changing the way I was setting the
> policy on the client from using:
>                Options options = client.getOptions();
> options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);
> to:
>                client.getAxisService().applyPolicy(policy);
> and that seemed to correct the problem (along with an unrelated change
> to the server WSDL to match the service name). I've used the first
> approach before when the Rampart runtime configuration is embedded in
> the policy, but it looks like the second needs to be used when the
> policy is in generated code and you're only setting the Rampart
> configuration. Since there's essentially no documentation of this I
> don't know whether it's an Axis2 bug or not. I called it my error anyway.
> The first two errors I found in trying to work with Axis2 for this
> article, that the 1.5.2 distribution was missing a file required for
> security and that the codegen won't work with the WS-Policy 1.5
> namespace, are both actual errors, as far as I can see.
> >
> > Trust me, there are :). But none of us are taking the time to write
> > them up and publish .. IMO that's ok; in the end its user choice.
> Well, the Rampart JIRA currently shows 131 open issues, and that's just
> the actual security implementation code. The CXF Jira shows a total of
> 217 open issues for the whole project, with only 40 for the WS-*
> components (many of which don't relate to security). If the Axis2
> implementation is so solid, I'm curious why there are so many unresolved
> issues?

Look at the total issue number too... people have found more issues in Axis2
space and solved more issues compared to CXF. (see end of mail)

Also, look at the downloads:


downloads <=>
more usage <=> more scenarios tested <=> more bugs found!!!

Less open issues != better software


Project Summary[image:
726   15%[image: In
2[image: Reopened]<>
47   1%[image: Resolved]<>
3623   75%[image:
403   8%

Project Summary[image:
217   7%[image:
6[image: Resolved]<>
40   1%[image: Closed]<>
2781   91%

Samisa ...

View raw message