Correction, I am only -1 on CXF 2.7.5. This issue does not exist in CXF 2.6.x, so I am +1 on that.
Colm. On Wed, May 8, 2013 at 4:35 PM, Colm O hEigeartaigh <cohei...@apache.org>wrote: > > -1. Unfortunately I have discovered another blocker. > > A fix I made to the WSS4JInInterceptor for CXF 2.7.4 to populate the > SecurityContext from a JAAS Subject had the side-effect of always choosing > the first Principal from the WSS4J result list, whereas the old behaviour > was to choose the last. So if something is encrypted in the security header > first, it will take this principal. > > I've merged a fix to use the old behaviour, but also to avoid using a > Decryption Principal. > > Colm. > > > On Wed, May 8, 2013 at 3:46 PM, Willem jiang <willem.ji...@gmail.com>wrote: > >> +1 >> >> >> -- >> Willem Jiang >> >> Red Hat, Inc. >> FuseSource is now part of Red Hat >> Web: http://www.fusesource.com | http://www.redhat.com >> Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/) >> (English) >> http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese) >> Twitter: willemjiang >> Weibo: 姜宁willem >> >> >> >> >> On Wednesday, May 8, 2013 at 8:57 AM, Daniel Kulp wrote: >> >> > >> > We've resolved over 40 issues since 2.7.4. Not a lot, but it includes >> an OSGi fix that is blocking a Camel issues which may also be causing >> issues with the ServiceMix release. This also affects CXF 2.6.x which >> affects Camel 2.10.x/ServiceMix 4.5.1 so I decided to do a 2.6.x release as >> well. >> > >> > This second build fixes the 3 issues in JAX-RS that were identified as >> well as an issue in StaxUtils when using the in-jdk parser and an issue in >> the WS-Discovery service. >> > >> > >> > >> > List of issues: >> > 2.6.8 >> > >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310511&version=12324276 >> > 2.7.5 >> > >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310511&version=12324277 >> > >> > The Maven staging areas are at: >> > 2.6.8 >> > https://repository.apache.org/content/repositories/orgapachecxf-172/ >> > 2.7.5 >> > https://repository.apache.org/content/repositories/orgapachecxf-018/ >> > >> > The distributions are in the org/apache/cxf/apache-cxf/ directory of >> the Maven staging areas. >> > >> > This releases are tagged at: >> > http://svn.apache.org/repos/asf/cxf/tags/cxf-2.6.8 >> > http://svn.apache.org/repos/asf/cxf/tags/cxf-2.7.5 >> > >> > This vote will be open for at least 72 hours. >> > >> > >> > -- >> > Daniel Kulp >> > dk...@apache.org - http://dankulp.com/blog >> > Talend Community Coder - http://coders.talend.com >> >> >> >> > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
