Re: CXF 2.0.7 for G 2.1.2? - [Fwd: Re: Re: Re: Using WS-Security with Geronimo 2.1.1]

Mon, 14 Jul 2008 17:58:52 -0700 


Was 2.0.6 OK or did it have the same TCK issues?

Dan


On Jul 14, 2008, at 4:21 PM, Joe Bohn wrote:
FWIW, I did a quick check with CXF 2.0.7 and hit some issues with the TCK tests under Geronimo. There must be some Geronimo changes necessary for this upgrade. We'll hold-off upgrading to 2.0.7 for 2.1.2 unless someone has a chance to look into the tck issues before out branch. 

Joe


Joe Bohn wrote:
Should we be considering CXF 2.0.7 for Geronimo 2.1.2? Does anybody know of specific reasons to move to 2.0.7 or hold at 2.0.6? 
Joe
Reference this portion of post by Dan Kulp on the user list:
-------- Original Message --------
Subject: Re: Re: Re: Using WS-Security with Geronimo 2.1.1
Date: Tue, 8 Jul 2008 11:10:07 -0700 (PDT)
From: Daniel Kulp <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
References: <OFFAC5A3FD.692CBA0E-ONC1257474.003F56EE- [EMAIL PROTECTED]> <[EMAIL PROTECTED] > <OF80AFEB70.45376D71-ONC1257475.002E6337- [EMAIL PROTECTED]> <[EMAIL PROTECTED] > <OF48817414.1A6C6BC0-ONC1257475.005266C9- [EMAIL PROTECTED]> <[EMAIL PROTECTED] > <[EMAIL PROTECTED]> <[EMAIL PROTECTED] > Geronimo pretty much includes just the parts of CXF that are needed to pass the JAX-WS parts of the TCK. It doesn't include the "extra" things like ws-addressing, ws-security, ws-rm, aegis databinding, etc.... Geronimo 
didn't need them so they didn't pull them in.
When adding the jar like that, keep in mind that you may need other
dependencies like wss4j, xml-sec, etc.. that ws-security requires that might 
not be shipped with Geronimo.
One thing to keep in mind is that the CXF ws-security implementation (and the Axis2/Rampart implementation as well) is based on WSS4J which isn't up to WS-Security 1.1 level yet. Some of the profiles it supports are "close" to 1.1 levels, but for the most part, it's 1.0. A note to the wss4j dev list ([EMAIL PROTECTED]) would probably a good start to figure out 
what wss4j supports.
That said, it would be great if Geronimo could update to CXF 2.0.7
(non-incubator) for a 2.1.2 release.
<snip/>




---
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog

Reply via email to