ppalaga commented on PR #3279:
URL: https://github.com/apache/cxf/pull/3279#issuecomment-4893100024

   Thanks for this fix, @coheigea. When testing with it I have found a small 
issue: 
   
   When setting `decoupled.enabled=true` and reducing `allowedSchemes` to just 
`https://` via system property, the error message still says 
   
   ```
   Decoupled WS-Addressing ReplyTo 
(http://localhost:8081/ws-addressing-target/replyTo) is not permitted by this 
server. Enable with system property 
org.apache.cxf.ws.addressing.decoupled.enabled=true
   ```
   
   That's misleading, because `decoupled.enabled=true` is set already. It 
should recommend to expand the `allowedSchemes`.
   
   Besides that, as usual, I would like to let Quarkus CXF users to use 
MicroProfile config to configure the decoupled permissions. Implementing it is 
easy, the only question is, whether we could find a way for Quarkus CXF to 
override the error and log messages to use 
`quarkus.cxf.endpoint.addressing.decoupled.enabled` and 
`quarkus.cxf.endpoint.addressing.decoupled.allowed-schemes` instead of 
`org.apache.cxf.ws.addressing.decoupled.enabled` and 
`org.apache.cxf.ws.addressing.decoupled.allowedSchemes` respectively? An SPI 
would perhaps work, but it sounds like an overkill for such a simple thing. 
Could we perhaps introduce some system properties for that?
   
   I'd be happy to send a PR for both issues in case it sounds reasonable to 
you?
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to