cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [CONF] Apache CXF Documentation > 2.6 Migration Guide
Date Wed, 04 Apr 2012 14:03:00 GMT
    <base href="">
            <link rel="stylesheet" href="/confluence/s/2042/9/1/_/styles/combined.css?spaceKey=CXF20DOC&amp;forWysiwyg=true"
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="">2.6
Migration Guide</a></h2>
    <h4>Page <b>edited</b> by             <a href="">Colm
O hEigeartaigh</a>
                         <h4>Changes (1)</h4>
<div id="page-diffs">
                    <table class="diff" cellpadding="0" cellspacing="0">
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >* New ability to configure the CXF
created HTTP Jetty ports from config:admin service <br>* OAuth 2 support <br></td></tr>
            <tr><td class="diff-changed-lines" >* The STS now supports the Renewal
binding for SAML <span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">and
SecurityContextTokens.</span> <span class="diff-added-words"style="background-color:
#dfd;">tokens.</span> <br></td></tr>
            <tr><td class="diff-unchanged" >* The STS also supports bulk issuing/validation/cancelling/renewal
of security tokens. <br>* The STS supports some advanced features based around Claims,
such as Claims Transformation, and pluggable custom Claims Parsing. <br></td></tr>
            <tr><td class="diff-snipped" >...<br></td></tr>
    </div>                            <h4>Full Content</h4>
                    <div class="notificationGreySide">
        <h3><a name="2.6MigrationGuide-NewFeatures"></a>New Features</h3>

	<li>The big OSGi bundle used in the Karaf features.xml has been replaced with the individual
modules which are now all individual bundles.   The big OSGi bundle is still built, but some
features may not be available if that is used instead of the little bundles.</li>
	<li>New ability to configure HTTP Conduits from the OSGi config:admin service</li>
	<li>New ability to configure the CXF created HTTP Jetty ports from config:admin service</li>
	<li>OAuth 2 support</li>
	<li>The STS now supports the Renewal binding for SAML tokens.</li>
	<li>The STS also supports bulk issuing/validation/cancelling/renewal of security tokens.</li>
	<li>The STS supports some advanced features based around Claims, such as Claims Transformation,
and pluggable custom Claims Parsing.</li>
	<li>The WS-Security module now supports replay detection by default of Timestamps and
UsernameToken nonces.</li>

<h3><a name="2.6MigrationGuide-RemovedModules"></a>Removed Modules</h3>
	<li>cxf-common-utilites was merged into cxf-api</li>
	<li>cxf-rt-binding-http has been removed.  It's been "deprecated" for a while and it's
functionality has long been replaceable with the JAX-RS frontend.</li>

<h3><a name="2.6MigrationGuide-APIChanges"></a>API Changes</h3>
	<li>All API's that take or return "generic" classes have been update to properly define
the generic part.  For example, methods like:<br/>
"Class getServiceClass()" have been updated to be "Class&lt;?&gt; getServiceClass()"</li>
	<li>To resolve some of the "split-package" issues between jars, SOME (very few) classes
did have their packages changed.
		<li>org.apache.cxf.jaxb.JAXBUtils   -&gt;   org.apache.cxf.common.jaxb.JAXBUtils
  (and a couple other classes in that jaxb package)</li>
		<li>Many of the internal "Impl" classes and "Managers" (like BindingFactoryManagerImpl,
CXFBusLifeCycleManager, etc...) have moved into org.apache.cxf.bus.managers.  Users should
always rely on the interfaces they implement anyway.</li>
	<li>The selectedConduit field of AbstractConduitSelector has been removed as a ConduitSelector
may be used to select multiple conduits depending on scenarios and the selectedConduit field
may not accurately reflect the conduit that had been selected depending on the state of the
threads, clients, etc...</li>
	<li> has been deprecated and moved to org.apache.cxf.xjc.runtime.DataTypeAdapter
in a new runtime jar that is part of the cxf-xjc package.   This allows using the runtime
without bringing in all the CXF tooling dependencies. The DataTypeAdapter doesn't have any
other CXF dependencies and thus is usable outside of CXF as well.</li>
	<li>The XJC "ToString" plugin also had it's runtime dependencies moved out of
and into the cxf-xjc-runtime jar.   If you use the newer version of the ToString plugin, you
will need to add the cxf-xjc-runtime dependency to your application.  However, the cxf-xjc-runtime
jar does not depend on other CXF jars or classes and can thus be easily used in other applications
without as many dependencies pulled in.</li>

<h3><a name="2.6MigrationGuide-DependencyChanges"></a>Dependency Changes</h3>
	<li>The* classes that were in cxf-api have been moved into cxf-tools-common
or cxf-tools-validator.</li>
	<li>The classes that were in cxf-api have been moved into
	<li>cxf-common-utilities is no longer available.  All the classes in there were moved
into cxf-api to represent a complete "api".</li>
	<li>Various classes in cxf-rt-core and cxf-rt-ws-addr have been moved up to cxf-api
to resolve split-package issues.   Dependencies on cxf-rt-core would have transitively brought
in cxf-api anyway, so there should be little impact.</li>
	<li>Spring is now an optional component of the http-jetty transports module and other
modules.  Applications that may have pulled in Spring transitively via CXF will be required
to declare required spring dependencies in their own poms directly.</li>
	<li>Most of the optional JAX-RS Providers have been moved out of the cxf-rt-frontend-jaxrs
module and into a cxf-rt-rs-extension-providers module with the various dependencies marked
optional/provided.   Applications that use these optional providers will need to add the required
dependencies. Also, the package names of many of those providers has changed to resolve split-package
issues.   Example:  org.apache.cxf.jaxrs.provider.JSONProvider  -&gt;   org.apache.cxf.jaxrs.provider.json.JSONProvider</li>
	<li>EhCache is now a compile time dependency of the cxf-rt-ws-security module to support
caching and replay detection. It can be safely excluded downstream, at the expense of weakening
the caching support.</li>

<h3><a name="2.6MigrationGuide-RuntimeChanges"></a>Runtime Changes</h3>
	<li>The syntax of WS-SecurityPolicy policies is enforced more strictly. Some policies
that worked with CXF &lt; 2.6 will not load in CXF 2.6 as a result.</li>
	<li>JMS Transport - when using TextMessage, CXF now leaves the contents as a String
and uses and to boost performance.   Previously, CXF would convert
the Strings to/from byte[] requiring use of encoders, increasing memory usage, etc...   However,
some interceptors and functionality in CXF (or user interceptors) may expect or require they
InputStream/OutputStreams, not Reader/Writer.   In those cases, you may need to change to
use a BytesMessage.  For example, the FastInfoset feature and GZIP features expect to work
on InputStream/OutputStream and thus would now work with TextMessage.</li>

<h4><a name="2.6MigrationGuide-SecurityCachingChanges"></a>Security Caching
	<li>EhCache is now used by default to cache SecurityTokens for re-use, and for replay
detection. It is possible to plug in other implementations by configuration.</li>
	<li>The WS-Security module now supports replay detection by default of Timestamps and
UsernameToken nonces. The default caching time is 60 minutes.</li>

        <div id="commentsSection" class="wiki-content pageSection">
        <div style="float: right;">
            <a href=""
class="grey">Change Notification Preferences</a>
        <a href="">View
        <a href="">View
        <a href=";showCommentArea=true#addcomment">Add

View raw message