But it seems that we have done an Axis2 1.1.1 with adressing-1.1.1.mar and soapmonitor-1.1.1.mar modules. Will this be a problem ?
thanks, nandana On Wed, Jul 9, 2008 at 3:33 PM, Saminda Abeyruwan <[EMAIL PROTECTED]> wrote: > Guys, Axis2 module follow the version semantics of > > [major.minor] > > Thus, having addressing-1.4.1.mar will cause problem in version > resolution. > > Am I making an absurd assumption here ? > > Saminda > > On Wed, Jul 9, 2008 at 12:26 PM, Deepal Jayasinghe <[EMAIL PROTECTED]> > wrote: > >> Hehe :) >> >> I was wondering why did Glen tell that , I even went and read old mails :) >> >> >> Davanum Srinivas wrote: >> >>> s/Deepal/Dims/ ? :) >>> >>> Glen Daniels wrote: >>> | >>> | Deepal, what are you so worried about, exactly? That it will take >>> | forever to get the release out? >>> | >>> | IMHO, a point release is for fixing critical issues, and should not >>> | necessarily be limited to one particular issue. I think we should run >>> | this basically just like a regular release but with a much shorter >>> | timeframe. My suggestion: >>> | >>> | - Let's aim to get 1.4.1 out the door at the end of next week, i.e. >>> July >>> | 18th (is that enough time, Nandana?). >>> | >>> | - As always it's good to go through at least one RC so people can kick >>> | the tires, check the artifacts, etc. So let's aim to get the RC out by >>> | Tuesday the 15th. >>> | >>> | - Backing up, this allows a week (from today through next Monday) for >>> | development work, during which time I think people should be able to >>> fix >>> | anything they consider critical (of course, with no new functionality). >>> | >>> | - As RM, Nandana gets the final say as to what gets checked in to the >>> | branch and what does not. >>> | >>> | Thoughts? >>> | >>> | --Glen >>> | >>> | Davanum Srinivas wrote: >>> | Exactly what i was afraid of :( Sigh! this is a *very* slippery slope. >>> | >>> | -- dims >>> | >>> | Amila Suriarachchi wrote: >>> | | On Mon, Jul 7, 2008 at 6:03 PM, Davanum Srinivas <[EMAIL PROTECTED]> >>> | wrote: >>> | | >>> | |> Nandana, >>> | |> >>> | |> +1 from me for you to be the Release Manager for 1.4.1 >>> | | >>> | | >>> | | + 1 from me. >>> | | >>> | |> >>> | |> IMHO, we should use 1.4 branch. The *ONLY* change should be the >>> | |> security change. Nothing more. >>> | | >>> | | I think we need to fix any possible other critical issues as well. >>> | | eg. https://issues.apache.org/jira/browse/AXIS2-3870 >>> | | This is a memory leak and we need to fix this. >>> | | >>> | | thanks, >>> | | Amila. >>> | | >>> | | >>> | | >>> | |> >>> | |> thanks, >>> | |> dims >>> | |> >>> | |> On Mon, Jul 7, 2008 at 6:50 AM, Nandana Mihindukulasooriya >>> | |> <[EMAIL PROTECTED]> wrote: >>> | |>> I would like to volunteer to be the release manager for Axis2 >>> 1.4.1. >>> | |>> >>> | |>> I think we can fix the critical issues in the 1.4 branch (or a >>> 1.4.1 >>> | |> branch >>> | |>> ) and do the 1.4.1 release. I don't think doing 1.4.1 from the >>> | trunk is >>> | |> the >>> | |>> appropriate way as trunk is now java 1.5 and has lot of major >>> changes >>> | |> after >>> | |>> Axis2 1.4 . However we can fix any issues that are not already >>> | fixed in >>> | |> the >>> | |>> trunk at the same time when we fix those in the branch. >>> | |>> >>> | |>> Hope this is oky with Axis2 release guidelines. >>> | |>> >>> | |>> thanks, >>> | |>> nandana >>> | |>> >>> | |>> On Tue, Jul 1, 2008 at 6:39 PM, Davanum Srinivas < >>> [EMAIL PROTECTED]> >>> | |> wrote: >>> | |>>> IMHO, The logic is the same as for blockers. If there is a work >>> | |>>> around, it's not a blocker. So i am +0 on a 1.4.1 since there is a >>> | |>>> work around that can be documented. >>> | |>>> >>> | |>>> That said, If someone is willing to drive a 1.4.1 as the release >>> | |>>> manager, please do go ahead. >>> | |>>> >>> | |>>> thanks, >>> | |>>> dims >>> | |>>> >>> | |>>> On Tue, Jul 1, 2008 at 2:48 AM, Sanka Samaranayake >>> | <[EMAIL PROTECTED]> >>> | |>>> wrote: >>> | |>>>> Hi, >>> | |>>>> >>> | |>>>> For the users who is already using 1.4 version, the workaround >>> | would >>> | |> be >>> | |>>>> to >>> | |>>>> define policies in services.xml without using >>> | <wsa:PolicyAttachment>. >>> | |>>>> Then >>> | |>>>> the problem is that those policies will appear in <wsdl:PortType> >>> | |> which >>> | |>>>> is >>> | |>>>> not correct but security will apply for both format of service >>> | URLs. >>> | |>>>> >>> | |>>>> Hence +1 for fixing that issue and do 1.4.1 release. >>> | |>>>> >>> | |>>>> Thanks, >>> | |>>>> Sanka >>> | |>>>> >>> | |>>>> >>> | |>>>> On Mon, Jun 30, 2008 at 8:59 PM, Nandana Mihindukulasooriya >>> | |>>>> <[EMAIL PROTECTED]> wrote: >>> | |>>>>> Hi, >>> | |>>>>> There are few issues with Axis2 1.4 / Rampart 1.4 with the >>> new >>> | |>>>>> policy >>> | |>>>>> configuration. The new policy configuration which allows us to >>> | apply >>> | |>>>>> policies to binding hierarchy is a great feature when in comes >>> | to ws >>> | |>>>>> security policy configuration. It allows security policies to be >>> | |>>>>> attached to >>> | |>>>>> the correct attachment points. But there are few issues that >>> | need to >>> | |> be >>> | |>>>>> fixed in Axis2 1.4. I will list them below. >>> | |>>>>> 1.) If we configure security using new configuration, >>> | service can >>> | |>>>>> be >>> | |>>>>> accessed without security. >>> | |>>>>> In Axis2 1.4, a service is exposed in two EPRs >>> (consider >>> | |> SOAP >>> | |>>>>> 1.1 >>> | |>>>>> binding). >>> | |>>>>> eg. >>> | |>>>>> >>> | |>>>>> >>> | |>>>>> >>> | |> >>> | >>> http://localhost:8080/axis2/services/SecureService.SecureServiceHttpSoap11Endpoint >>> | >>> | |>>>>> >>> http://localhost:8080/axis2/services/SecureService >>> | |>>>>> But if we you set the policies using the new >>> | configuration, >>> | |>>>>> if >>> | |>>>>> you do a web service call to the older EPR, you can access the >>> | |> service >>> | |>>>>> without any security even though it is secured using the binding >>> | |>>>>> hierarchy. >>> | |>>>>> This happens because if we call the old EPR, it is not >>> | dispatched to >>> | |> a >>> | |>>>>> binding. But this leaves the service vulnerable. I think we >>> should >>> | |>>>>> dispatch >>> | |>>>>> to one of the bindings may be using soap envelope version if we >>> | have >>> | |>>>>> only >>> | |>>>>> one binding with that soap version. We should have a way to >>> | dispatch >>> | |>>>>> messages which comes to old EPR to one of the bindings else we >>> | should >>> | |>>>>> have >>> | |>>>>> an option to disable that EPR. >>> | |>>>>> >>> | |>>>>> 2.) In the out flow, policies are not set correctly in the >>> | |> binding >>> | |>>>>> message. >>> | |>>>>> This is fixed in the trunk but this bug is there in >>> | Axis2 >>> | |>>>>> 1.4. >>> | |>>>>> >>> | |>>>>> So the option we have is to configure security using the old >>> | |>>>>> configuration. But then the problem is policies are attached to >>> | the >>> | |>>>>> port >>> | |>>>>> type which is the correct way to do if we have policies using >>> | |>>>>> <service>,<operation><message> tags. But this makes Axis2 not >>> | |>>>>> interoperable >>> | |>>>>> as security policies should be attached to binding hierarchy >>> | |> according >>> | |>>>>> WS >>> | |>>>>> Security policy specification. Ideally we should always use the >>> | new >>> | |>>>>> configuration to apply security. And code generation also >>> doesn't >>> | |> work >>> | |>>>>> correctly when the policies attached to the port type (polices >>> are >>> | |> not >>> | |>>>>> correctly attached to the stub). >>> | |>>>>> >>> | |>>>>> So I think it would be great if can consider a Axis2 1.4.1 >>> with >>> | |>>>>> these >>> | |>>>>> things fixed. >>> | |>>>>> >>> | |>>>>> thanks, >>> | |>>>>> nandana >>> | |>>>> >>> | |>>>> -- >>> | |>>>> Sanka Samaranayake >>> | |>>>> WSO2 Inc. >>> | |>>>> >>> | |>>>> http://sankas.blogspot.com/ >>> | |>>>> http://www.wso2.org/ >>> | |>>> >>> | |>>> >>> | |>>> -- >>> | |>>> Davanum Srinivas :: http://davanum.wordpress.com >>> | |>>> >>> | |>>> >>> | --------------------------------------------------------------------- >>> | |>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> | |>>> For additional commands, e-mail: [EMAIL PROTECTED] >>> | |>>> >>> | |> >>> | |> >>> | |> -- >>> | |> Davanum Srinivas :: http://davanum.wordpress.com >>> | |> >>> | |> >>> --------------------------------------------------------------------- >>> | |> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> | |> For additional commands, e-mail: [EMAIL PROTECTED] >>> | |> >>> | |> >>> | | >>> | | >>> |> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> |> >>> >>> | --------------------------------------------------------------------- >>> | To unsubscribe, e-mail: [EMAIL PROTECTED] >>> | For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> -- >> Thanks, >> Deepal >> ................................................................ >> http://blogs.deepal.org/ >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > Saminda Abeyruwan > > Senior Software Engineer > WSO2 Inc. - www.wso2.org
