Return-Path: X-Original-To: apmail-cxf-dev-archive@www.apache.org Delivered-To: apmail-cxf-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7099F9CEC for ; Wed, 15 Feb 2012 13:01:50 +0000 (UTC) Received: (qmail 12984 invoked by uid 500); 15 Feb 2012 13:01:50 -0000 Delivered-To: apmail-cxf-dev-archive@cxf.apache.org Received: (qmail 12943 invoked by uid 500); 15 Feb 2012 13:01:50 -0000 Mailing-List: contact dev-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list dev@cxf.apache.org Received: (qmail 12935 invoked by uid 99); 15 Feb 2012 13:01:50 -0000 Received: from minotaur.apache.org (HELO minotaur.apache.org) (140.211.11.9) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Feb 2012 13:01:50 +0000 Received: from localhost (HELO mail-tul01m020-f169.google.com) (127.0.0.1) (smtp-auth username coheigea, mechanism plain) by minotaur.apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Feb 2012 13:01:49 +0000 Received: by obbta7 with SMTP id ta7so1794373obb.0 for ; Wed, 15 Feb 2012 05:01:49 -0800 (PST) MIME-Version: 1.0 Received: by 10.182.0.106 with SMTP id 10mr17923089obd.72.1329310909031; Wed, 15 Feb 2012 05:01:49 -0800 (PST) Reply-To: coheigea@apache.org Received: by 10.182.90.161 with HTTP; Wed, 15 Feb 2012 05:01:48 -0800 (PST) Date: Wed, 15 Feb 2012 13:01:48 +0000 Message-ID: Subject: Re: svn commit: r1244464 - in /cxf/branches/2.4.x-fixes: rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/ rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/ rt/ws/security/src/test/resources/org/apache/cxf/ws/secur From: Colm O hEigeartaigh To: dev@cxf.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable It could do, but in that case the existing applications are using policies that are not compliant with the WS-SecurityPolicy 1.2 or 1.3 specs. I don't have a strong opinion about it though, I can revert on 2.4.x if you want. Colm. On Wed, Feb 15, 2012 at 12:42 PM, Daniel Kulp wrote: > > > Colm, > > I'm =A0a bit concerned about pushing this back onto the 2.4 branch =A0(sl= ightly > less concerned about 2.5). =A0 =A0This could cause existing applications = to stop > working as they may have policies that don't meet the stricter parsing. > > Right? > > Dan > > > On Wednesday, February 15, 2012 12:37:35 PM coheigea@apache.org wrote: >> Author: coheigea >> Date: Wed Feb 15 12:37:34 2012 >> New Revision: 1244464 >> >> URL: http://svn.apache.org/viewvc?rev=3D1244464&view=3Drev >> Log: >> Adding stricter SecurityPolicy parsing >> >> Conflicts: >> >> > rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/X= 50 >> 9TokenBuilder.java >> >> >> Conflicts: >> >> > rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/A= sy >> mmetricBindingBuilder.java >> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/= Sym >> metricBindingBuilder.java >> rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders/= X50 >> 9TokenBuilder.java >> systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/policy= /cl >> ient/client.xml >> systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/policy= /se >> rver/server.xml >> >> Modified: >> >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/AlgorithmSuiteBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/AsymmetricBindingBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/EncryptedPartsBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/HttpsTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/IssuedTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/KerberosTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/KeyValueTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/LayoutBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/RequiredPartsBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/SamlTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/SecureConversationTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/SecurityContextTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/SignedPartsBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/SpnegoContextTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/SymmetricBindingBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/TransportBindingBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/UsernameTokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/= sec >> urity/policy/builders/X509TokenBuilder.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/= sec >> urity/wss4j/PolicyBasedWss4JInOutTest.java >> cxf/branches/2.4.x-fixes/rt/ws/security/src/test/resources/org/apache/cx= f/w >> s/security/wss4j/signed_elements_with_sst_issued_token_policy.xml >> cxf/branches/2.4.x-fixes/systests/ws-security-examples/src/test/resource= s/o >> rg/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl >> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa= che >> /cxf/systest/ws/kerberos/DoubleItKerberos.wsdl >> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa= che >> /cxf/systest/ws/saml/DoubleItSaml.wsdl >> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa= che >> /cxf/systest/ws/saml/client/client.xml >> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa= che >> /cxf/systest/ws/saml/server/server.xml >> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa= che >> /cxf/systest/ws/ut/DoubleItUt.wsdl >> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa= che >> /cxf/systest/ws/ut/client/client.xml >> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa= che >> /cxf/systest/ws/ut/server/server.xml >> cxf/branches/2.4.x-fixes/systests/ws-security/src/test/resources/org/apa= che >> /cxf/systest/ws/x509/DoubleItX509.wsdl >> >> Modified: > -- > Daniel Kulp > dkulp@apache.org - http://dankulp.com/blog > Talend Community Coder - http://coders.talend.com --=20 Colm O hEigeartaigh Talend Community Coder http://coders.talend.com