Deepal, what are you so worried about, exactly? That it will take
forever to get the release out?
IMHO, a point release is for fixing critical issues, and should not
necessarily be limited to one particular issue. I think we should run
this basically just like a regular release but with a much shorter
timeframe. My suggestion:
- Let's aim to get 1.4.1 out the door at the end of next week, i.e. July
18th (is that enough time, Nandana?).
- As always it's good to go through at least one RC so people can kick
the tires, check the artifacts, etc. So let's aim to get the RC out by
Tuesday the 15th.
- Backing up, this allows a week (from today through next Monday) for
development work, during which time I think people should be able to fix
anything they consider critical (of course, with no new functionality).
- As RM, Nandana gets the final say as to what gets checked in to the
branch and what does not.
Thoughts?
--Glen
Davanum Srinivas wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Exactly what i was afraid of :( Sigh! this is a *very* slippery slope.
- -- dims
Amila Suriarachchi wrote:
| On Mon, Jul 7, 2008 at 6:03 PM, Davanum Srinivas <[EMAIL PROTECTED]>
wrote:
|
|> Nandana,
|>
|> +1 from me for you to be the Release Manager for 1.4.1
|
|
| + 1 from me.
|
|>
|> IMHO, we should use 1.4 branch. The *ONLY* change should be the
|> security change. Nothing more.
|
| I think we need to fix any possible other critical issues as well.
| eg. https://issues.apache.org/jira/browse/AXIS2-3870
| This is a memory leak and we need to fix this.
|
| thanks,
| Amila.
|
|
|
|>
|> thanks,
|> dims
|>
|> On Mon, Jul 7, 2008 at 6:50 AM, Nandana Mihindukulasooriya
|> <[EMAIL PROTECTED]> wrote:
|>> I would like to volunteer to be the release manager for Axis2 1.4.1.
|>>
|>> I think we can fix the critical issues in the 1.4 branch (or a 1.4.1
|> branch
|>> ) and do the 1.4.1 release. I don't think doing 1.4.1 from the trunk is
|> the
|>> appropriate way as trunk is now java 1.5 and has lot of major changes
|> after
|>> Axis2 1.4 . However we can fix any issues that are not already fixed in
|> the
|>> trunk at the same time when we fix those in the branch.
|>>
|>> Hope this is oky with Axis2 release guidelines.
|>>
|>> thanks,
|>> nandana
|>>
|>> On Tue, Jul 1, 2008 at 6:39 PM, Davanum Srinivas <[EMAIL PROTECTED]>
|> wrote:
|>>> IMHO, The logic is the same as for blockers. If there is a work
|>>> around, it's not a blocker. So i am +0 on a 1.4.1 since there is a
|>>> work around that can be documented.
|>>>
|>>> That said, If someone is willing to drive a 1.4.1 as the release
|>>> manager, please do go ahead.
|>>>
|>>> thanks,
|>>> dims
|>>>
|>>> On Tue, Jul 1, 2008 at 2:48 AM, Sanka Samaranayake <[EMAIL PROTECTED]>
|>>> wrote:
|>>>> Hi,
|>>>>
|>>>> For the users who is already using 1.4 version, the workaround would
|> be
|>>>> to
|>>>> define policies in services.xml without using <wsa:PolicyAttachment>.
|>>>> Then
|>>>> the problem is that those policies will appear in <wsdl:PortType>
|> which
|>>>> is
|>>>> not correct but security will apply for both format of service URLs.
|>>>>
|>>>> Hence +1 for fixing that issue and do 1.4.1 release.
|>>>>
|>>>> Thanks,
|>>>> Sanka
|>>>>
|>>>>
|>>>> On Mon, Jun 30, 2008 at 8:59 PM, Nandana Mihindukulasooriya
|>>>> <[EMAIL PROTECTED]> wrote:
|>>>>> Hi,
|>>>>> There are few issues with Axis2 1.4 / Rampart 1.4 with the new
|>>>>> policy
|>>>>> configuration. The new policy configuration which allows us to apply
|>>>>> policies to binding hierarchy is a great feature when in comes to ws
|>>>>> security policy configuration. It allows security policies to be
|>>>>> attached to
|>>>>> the correct attachment points. But there are few issues that need to
|> be
|>>>>> fixed in Axis2 1.4. I will list them below.
|>>>>> 1.) If we configure security using new configuration, service
can
|>>>>> be
|>>>>> accessed without security.
|>>>>> In Axis2 1.4, a service is exposed in two EPRs (consider
|> SOAP
|>>>>> 1.1
|>>>>> binding).
|>>>>> eg.
|>>>>>
|>>>>>
|>>>>>
|>
http://localhost:8080/axis2/services/SecureService.SecureServiceHttpSoap11Endpoint
|>>>>> http://localhost:8080/axis2/services/SecureService
|>>>>> But if we you set the policies using the new
configuration,
|>>>>> if
|>>>>> you do a web service call to the older EPR, you can access the
|> service
|>>>>> without any security even though it is secured using the binding
|>>>>> hierarchy.
|>>>>> This happens because if we call the old EPR, it is not dispatched to
|> a
|>>>>> binding. But this leaves the service vulnerable. I think we should
|>>>>> dispatch
|>>>>> to one of the bindings may be using soap envelope version if we have
|>>>>> only
|>>>>> one binding with that soap version. We should have a way to dispatch
|>>>>> messages which comes to old EPR to one of the bindings else we
should
|>>>>> have
|>>>>> an option to disable that EPR.
|>>>>>
|>>>>> 2.) In the out flow, policies are not set correctly in the
|> binding
|>>>>> message.
|>>>>> This is fixed in the trunk but this bug is there in Axis2
|>>>>> 1.4.
|>>>>>
|>>>>> So the option we have is to configure security using the old
|>>>>> configuration. But then the problem is policies are attached to the
|>>>>> port
|>>>>> type which is the correct way to do if we have policies using
|>>>>> <service>,<operation><message> tags. But this makes Axis2 not
|>>>>> interoperable
|>>>>> as security policies should be attached to binding hierarchy
|> according
|>>>>> WS
|>>>>> Security policy specification. Ideally we should always use the new
|>>>>> configuration to apply security. And code generation also doesn't
|> work
|>>>>> correctly when the policies attached to the port type (polices are
|> not
|>>>>> correctly attached to the stub).
|>>>>>
|>>>>> So I think it would be great if can consider a Axis2 1.4.1 with
|>>>>> these
|>>>>> things fixed.
|>>>>>
|>>>>> thanks,
|>>>>> nandana
|>>>>
|>>>> --
|>>>> Sanka Samaranayake
|>>>> WSO2 Inc.
|>>>>
|>>>> http://sankas.blogspot.com/
|>>>> http://www.wso2.org/
|>>>
|>>>
|>>> --
|>>> Davanum Srinivas :: http://davanum.wordpress.com
|>>>
|>>> ---------------------------------------------------------------------
|>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
|>>> For additional commands, e-mail: [EMAIL PROTECTED]
|>>>
|>
|>
|> --
|> Davanum Srinivas :: http://davanum.wordpress.com
|>
|> ---------------------------------------------------------------------
|> To unsubscribe, e-mail: [EMAIL PROTECTED]
|> For additional commands, e-mail: [EMAIL PROTECTED]
|>
|>
|
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIchYLgNg6eWEDv1kRAo7lAKDKyTiR50/aWOSuc9d7pVPHQPUoeACgkg+A
sQpm1+6vbyVf0CMQkT1aYXI=
=hpVj
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
