Hello Colm,
Issue created in JIRA: CXF-7869 - Infinite loop in rest
client<https://issues.apache.org/jira/browse/CXF-7869>
Best Regards.
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: jeudi 11 octobre 2018 16:13
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subje
2018 15:42
To: users@cxf.apache.org
Subject: Re: Infinite loop in rest client
Hi,
I don't think so - it should be wrapped in a synchronized map, I'll fix it for
CXF 3.2.7.
Colm.
On Wed, Oct 10, 2018 at 1:26 PM COURTAULT Francois <
francois.courta...@gemalto.com> wrote:
> Hello,
>
&g
Hello,
We are using TomEE 7.0.5 or 7.1.0 which embeds cxf 3.1.15.
During stress tests, we found several threads with this pattern:
java.lang.Thread.State: RUNNABLE
at java.util.WeakHashMap.put(WeakHashMap.java:453)
at
Happy birthday !!!
On 04/16/2018 09:15 PM, Dennis Kieselhorst wrote:
> Hi,
>
> it's time to celebrate: 10 years ago, on April 16th in the year 2008,
> CXF graduated from the Apache incubator as a merge of the Objectweb
> Celtix project and the Codehaus XFire project (see
>
Hello everyone,
Could you tell me if the attachment-max-header-size is available in cxf 3.1.13
? and how to set it ?
Best regards.
This message and any attachments are intended solely for the addressees and may
contain confidential information. Any unauthorized
Hello,
First of all, I am using cxf 3.1.13 in TomEE (7.0.4).
If my JAX-WS endpoint raises a RuntimeException or an Exception, in the server
log I have something like:
13-Dec-2017 16:23:31.027 WARNING [http-nio-8080-exec-2]
org.apache.cxf.phase.PhaseInterceptorChain.doDefaultLogging
Message-
From: COURTAULT Francois [mailto:francois.courta...@gemalto.com]
Sent: lundi 23 octobre 2017 14:49
To: us...@tomee.apache.org
Cc: users@cxf.apache.org
Subject: [++SPAM++]: RE: [+SPAM+]: Re: [+SPAM+]: Re: How to setup ActiveMQ in
TomEE to not use persistence for JMS ?
Hello Romain
Message-
From: Romain Manni-Bucau [mailto:rmannibu...@gmail.com]
Sent: lundi 23 octobre 2017 12:56
To: us...@tomee.apache.org
Cc: users@cxf.apache.org
Subject: [+SPAM+]: Re: [+SPAM+]: Re: How to setup ActiveMQ in TomEE to not use
persistence for JMS ?
2017-10-23 12:17 GMT+02:00 COURTAULT Francois
ucau [mailto:rmannibu...@gmail.com]
Sent: lundi 23 octobre 2017 11:33
To: us...@tomee.apache.org
Cc: users@cxf.apache.org
Subject: [+SPAM+]: Re: How to setup ActiveMQ in TomEE to not use persistence
for JMS ?
& = in xml ;)
Romain Manni-Bucau
@rmannibucau | Blog | Old Blog | Github | LinkedIn
2
any spring config
Romain Manni-Bucau
@rmannibucau | Blog | Old Blog | Github | LinkedIn
2017-10-23 9:54 GMT+02:00 COURTAULT Francois <francois.courta...@gemalto.com>:
> Hello Romain,
>
> Thanks for your answer but my question is more on how to achieve that without
> using so
dIn
2017-10-23 9:30 GMT+02:00 COURTAULT Francois <francois.courta...@gemalto.com>:
> Hello,
>
> First, it seems that, by default, ActiveMQ in TomEE, in case we use some JMS
> stuff in our application, uses persistent repository, right ?
> Second, looking at some ActiveMQ
Hello,
First, it seems that, by default, ActiveMQ in TomEE, in case we use some JMS
stuff in our application, uses persistent repository, right ?
Second, looking at some ActiveMQ docs, one way to disable persistence for JMS
is to :
* Have an activemq.xml file with the following setting
that you are trying to get rid of and the
ClassCastExceptions?
Thanks,
Andy
On Tue, Oct 17, 2017 at 12:29 PM, COURTAULT Francois <
francois.courta...@gemalto.com> wrote:
> Hello,
>
> First of all, we are using cxf 3.1.10 included in TomEE 7.0.3.
>
> For example:
>
>
Hello,
First of all, we are using cxf 3.1.10 included in TomEE 7.0.3.
For example:
* we have a REST 2.0 client which send a request to another TomEE
7.0.3.
* If this server is not there, we get the following message: WebClient
has thrown exception, unwinding now
Hello,
Sorry, my bad ... confusion of 2 mailing-list.
Best Regards.
-Original Message-
From: Dennis Kieselhorst [mailto:d...@apache.org]
Sent: lundi 25 septembre 2017 17:02
To: users@cxf.apache.org
Subject: Re: TomEE -Java EE 8 compatible or certified ?
> As Java EE 8 is out, could you
Hello everyone,
As Java EE 8 is out, could you tell us when a TomEE version will be at least
compatible or certified released ?
Any pointer to TomEE roadmap ? (Maybe an announcement at Oracle Java One ?)
Have to wait for TomEE 9 because of Servlet 4.0 ?
Best Regards.
Hello everyone,
We are using apache-cxf 3.1.10 in TomEE 7.0.3.
In our application, we have JAX-WS client code which targets a remote endpoint.
My question is quite basic:
- when the JAX-WS client code is called the first time, an HTTP call
is performed in order to get the remote
Subject: [+SPAM+]: Re: Question about WSS and timestamp
The short answer is yes. Do you want to change the creation of the Timestamp or
the verification? Using WS-SecurityPolicy or not?
Colm.
On Fri, Jun 5, 2015 at 7:24 PM, COURTAULT Francois
francois.courta...@gemalto.com wrote:
Hello everyone
Hello everyone,
Is it possible using cxf api, to control the accuracy (for example
milli-second) of a WSS timestamp ? Something like:
wsu:Timestamp
xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd;
wsu:Created2015-06-03T03:43:07.365Z/wsu:Created
Hello,
I finally manage this to work. Most probably a mistake on my side.
So sorry ...
Best Regards.
-Original Message-
From: COURTAULT Francois
Sent: jeudi 23 octobre 2014 20:49
To: 'users@cxf.apache.org'
Subject: Wsa headers
Hello everyone,
First of all, I have read the CXF
Hello everyone,
First of all, I have read the CXF documentation at
http://cxf.apache.org/docs/ws-addressing.html
I am targeting a OneWay web service with the following JAX-WS annotation:
@Addressing(enabled = true, required = true) with a CXF 2.7.7 client.
In the soap message send by CXF, I
[mailto:cohei...@apache.org]
Sent: mardi 11 mars 2014 15:38
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Blur between secpolicy 1.2 and X509 Token profile
CXF supports referencing X.509 tokens via Thumbprint KeyIdentifier references.
I don't know why a section on thumbprint
the order
be, according to you:
1) IssuerSerial
2) Thumbprint
3) KeyIdentifier
Or another order ?
Best Regards.
-Original Message-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: mardi 11 mars 2014 16:57
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re
Hello guys,
Any answer to my question ?
Best Regards.
-Original Message-
From: COURTAULT Francois
Sent: mercredi 5 février 2014 12:22
To: users@cxf.apache.org
Subject: Blur between secpolicy 1.2 and X509 Token profile
Hello everyone,
I am a little bit lost because In the security
Hello everyone,
I am a little bit lost because In the security policy spec v1.2
(http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.html),
there are several ways to reference a X509Token (§5.4.3) which are allowed:
* sp:RequireKeyIdentifierReference ... / ?
Services Consulting http://www.sosnoski.com/consult.html
CXF and Web Services Security Training
http://www.sosnoski.com/training.html
Web Services Jump-Start http://www.sosnoski.com/jumpstart.html
On 12/21/2013 12:03 AM, COURTAULT Francois wrote:
Hello Colm,
First, thanks for answering.
In fact we
/
/sp:EncryptedParts
And
sp:SignedParts
sp:Body/
/sp:SignedParts
Right ?
Best Regards.
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: vendredi 20 décembre 2013 11:36
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Need your help again ;-)
What do you actually want to sign
Hello everyone,
We are using only AsymmetricBinding assertion to a recipient with :
* InitiatorSignatureToken (IncludeToken/AlwaysToRecipient)
* RecipientEncryptionToken (IncludeToken/Never)
* IncludeTimestamp
* ProtectTokens
*
Shakirin [mailto:ashaki...@talend.com]
Sent: mardi 17 décembre 2013 16:45
To: users@cxf.apache.org
Cc: cohei...@apache.org; COURTAULT Francois
Subject: RE: Spec questions
Hi,
1) Is the mapping I have provided in my last post right or wrong ?
From me view your mapping is correct, I would add
Hello guys,
I really need your answers to the questions I have asked in my last post. Could
you look at those please ?
Best regards.
-Original Message-
From: COURTAULT Francois
Sent: vendredi 13 décembre 2013 17:46
To: users@cxf.apache.org; Andrei Shakirin
Cc: cohei...@apache.org
Hello,
Any answer to my previous questions ?
Best Regards.
-Original Message-
From: COURTAULT Francois [mailto:francois.courta...@gemalto.com]
Sent: mercredi 11 décembre 2013 09:45
To: Andrei Shakirin; users@cxf.apache.org
Cc: cohei...@apache.org
Subject: RE: Spec questions
Hello
?
Which one is mandatory (or not) with this policy assertion ?
Best Regards.
-Original Message-
From: Andrei Shakirin [mailto:ashaki...@talend.com]
Sent: mardi 10 décembre 2013 15:45
To: COURTAULT Francois; users@cxf.apache.org
Cc: cohei...@apache.org
Subject: RE: Spec questions
Hi,
In my
décembre 2013 11:28
To: COURTAULT Francois
Cc: Andrei Shakirin; users@cxf.apache.org
Subject: Re: Spec questions
No, if you have a Require* Assertion, then only that is allowed to reference
that token.
Colm.
On Mon, Dec 9, 2013 at 5:18 PM, COURTAULT Francois
francois.courta...@gemalto.com wrote
to a Binary Security Token
* Reference to an Issuer and Serial Number
are allowed ?
Best regards.
-Original Message-
From: Andrei Shakirin [mailto:ashaki...@talend.com]
Sent: lundi 9 décembre 2013 15:46
To: cohei...@apache.org; COURTAULT Francois
Cc: users@cxf.apache.org
Subject
décembre 2013 18:01
To: users@cxf.apache.org
Cc: cohei...@apache.org; COURTAULT Francois
Subject: RE: Spec questions
Hi,
Colm knows the subject better, anyway short answer from me:
-Original Message-
From: COURTAULT Francois [mailto:francois.courta...@gemalto.com]
Sent: Donnerstag, 5
Hello everyone,
I try to understand what policy requires that a Certificate reference has to be
included in the SignedInfo section.
Is it due to sp:ProtectTokens/ policy assertion ? If I read the spec at
§6.5, it was stated that:
This boolean property specifies whether signatures must cover
Hello everyone,
Something which puzzle me :(
I have a CXF client code which works fine by using CXF 2.5.4 libraries or CXF
2.6.1 libraries which targets a Web service hosted in Weblogic 11g. I have
generated the client artifacts by using the following command:
wsdl2java.bat -client -fe jaxws21
/2013/06/denial-of-service-attacks-on-apache-cxf.html
Colm.
On Wed, Nov 6, 2013 at 12:09 PM, COURTAULT Francois
francois.courta...@gemalto.com wrote:
Hello everyone,
Something which puzzle me :(
I have a CXF client code which works fine by using CXF 2.5.4 libraries
or CXF 2.6.1 libraries
: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: mardi 5 novembre 2013 11:32
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Question about OnlySignEntireHeadersAndBody policy assertion
It's explained in section 6.6 - [Entire Header and Body Signatures] Property.
Your
Hello everyone,
What is the meaning of OnlySignEntireHeadersAndBody policy assertion ?
I looked at
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.html.
As we are using asymmetric binding, the only description I got in this spec is :
2012 21:07
To: users@cxf.apache.org; COURTAULT Francois
Subject: Re: Regression with UT over HTTPS on 2.6.1
On Oct 11, 2012, at 5:27 AM, COURTAULT Francois
francois.courta...@gemalto.com wrote:
Hello,
Any answer regarding this topic ?
IMO: in general, I consider the written text of the spec
Hello,
Any answer regarding this topic ?
Best Regards.
-Original Message-
From: COURTAULT Francois [mailto:francois.courta...@gemalto.com]
Sent: mercredi 10 octobre 2012 17:20
To: users@cxf.apache.org; cohei...@apache.org
Subject: RE: Regression with UT over HTTPS on 2.6.1
Hello
hEigeartaigh [mailto:cohei...@apache.org]
Sent: mercredi 30 mai 2012 09:56
To: users@cxf.apache.org
Subject: Re: Regression with UT over HTTPS on 2.6.1
Yes that looks right.
Colm.
On Wed, May 30, 2012 at 8:12 AM, COURTAULT Francois
francois.courta...@gemalto.com wrote:
Hello everyone,
You are right
-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: mercredi 10 octobre 2012 16:01
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Regression with UT over HTTPS on 2.6.1
Hi,
My interpretation is that the comment associated with TokenAssertionType
defined in the schema does
implemented by CXF team
is mandatory or not ?
Best Regards.
-Original Message-
From: Daniel Kulp [mailto:dk...@apache.org]
Sent: lundi 30 juillet 2012 18:41
To: users@cxf.apache.org
Cc: COURTAULT Francois
Subject: Re: @OneWay interpretation and HTTP binding
The OneWay handling in CXF
to the sp:HttpsToken/ as you have
it below.
Glen
On 05/29/2012 12:46 PM, COURTAULT Francois wrote:
Resending ...
-Original Message-
From: COURTAULT Francois [mailto:francois.courta...@gemalto.com]
Sent: lundi 28 mai 2012 19:36
To: cohei...@apache.org
Cc: users@cxf.apache.org
Subject
Resending ...
-Original Message-
From: COURTAULT Francois [mailto:francois.courta...@gemalto.com]
Sent: lundi 28 mai 2012 19:36
To: cohei...@apache.org
Cc: users@cxf.apache.org
Subject: RE: Regression with UT over HTTPS on 2.6.1
Hello,
Sorry, you mean that in the policy file, I should
:19
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Regression with UT over HTTPS on 2.6.1
wsp:Policy is still required by the following fragment:
wsp:Policy xmlns:wsp=...
(
sp:HttpBasicAuthentication / |
sp:HttpDigestAuthentication / |
sp:RequireClientCertificate
/
/wsp:Policy
/sp:TransportToken
Right ?
Best Regards.
From: COURTAULT Francois
Sent: lundi 28 mai 2012 17:25
To: 'cohei...@apache.org'
Cc: users@cxf.apache.org
Subject: RE: Regression with UT over HTTPS on 2.6.1
Hello,
But there is one in the policy I have sent to you.
Extract
for me to
test your modification ?
- Should it be fixed in the next release ? which one ?
Best Regards.
-Original Message-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: vendredi 20 avril 2012 12:27
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Aware
Thanks a lot.
Could you tell me when the next snapshot will be built then ?
Best Regards.
-Original Message-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: vendredi 20 avril 2012 14:40
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Aware of compatibility
at all to the server
certificate which seems, according to me, mandatory in order to be able to
perform this server signature verification at the client side ?
Best Regards.
-Original Message-
From: COURTAULT Francois
Sent: mercredi 18 avril 2012 20:34
To: users@cxf.apache.org
Cc: 'cohei
(JaxWsClientProxy.java:134)
Any idea ?
Best Regards.
-Original Message-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: jeudi 19 avril 2012 15:19
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Aware of compatibility issue between CXF and Metro/Weblogic ?
If you
between CXF and Metro/Weblogic ?
Try adding in the following dependency:
groupIdorg.slf4j/groupId
artifactIdslf4j-jdk14/artifactId
Failing that take a look at any of the STS systests in CXF to see how logging
works there.
Colm.
On Mon, Apr 16, 2012 at 5:41 PM, COURTAULT Francois
information is missing ?
Best Regards.
-Original Message-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: vendredi 13 avril 2012 15:01
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Aware of compatibility issue between CXF and Metro/Weblogic ?
- *if* message level
Any feedback ?
Best Regards.
-Original Message-
From: COURTAULT Francois
Sent: jeudi 12 avril 2012 12:32
To: cohei...@apache.org
Cc: users@cxf.apache.org
Subject: RE: Aware of compatibility issue between CXF and Metro/Weblogic ?
Hello,
I have looked at the security policy spec (1.3
does it mean that all the security headers and the body
have to be signed ?
Best Regards.
-Original Message-
From: COURTAULT Francois [mailto:francois.courta...@gemalto.com]
Sent: mercredi 11 avril 2012 17:59
To: cohei...@apache.org
Cc: users@cxf.apache.org
Subject: RE: Aware
.
-Original Message-
From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
Sent: mardi 10 avril 2012 17:18
To: COURTAULT Francois
Cc: users@cxf.apache.org
Subject: Re: Aware of compatibility issue between CXF and Metro/Weblogic ?
So according to them, the following namespaces are missing in the CXF
? If yes can we have a fix for that please ?
Best Regards.
-Original Message-
From: COURTAULT Francois
Sent: vendredi 9 mars 2012 17:36
To: 'cohei...@apache.org'
Cc: users@cxf.apache.org
Subject: RE: Aware of compatibility issue between CXF and Metro/Weblogic ?
Hello,
I have picked up
/Weblogic ?
On Tuesday, March 06, 2012 06:52:41 PM COURTAULT Francois wrote:
Hello,
Thanks for the feedback :-)
According to the issue, it should be fixed in the 2.5.3 release: right ?
When this version will be released ?
Likely in a couple weeks. We did a release on Jan 25th and we
/gmazza/entry/blog_article_index (links #33, #34)
On 03/09/2012 11:35 AM, COURTAULT Francois wrote:
Hello,
I have picked up the 2.5.3-20120309.061736-28 snapshot.
In the SOAP request I saw now, in the SOAP request,
thewsse:KeyIdentifier section in thedsig:KeyInfo
wsse:SecurityTokenReference
Any answer ?
-Original Message-
From: COURTAULT Francois [mailto:francois.courta...@gemalto.com]
Sent: mardi 6 mars 2012 18:53
To: users@cxf.apache.org; cohei...@apache.org
Subject: RE: Aware of compatibility issue between CXF and Metro/Weblogic ?
Importance: High
Hello,
Thanks
Hello,
I have tried to write a CXF client which talks to a WSS protected (X509Token)
webservice hosted in Weblogic (Metro based) but unfortunately I got a Soap
fault error.
If I compare a soap request which works and the one generated by CXF, the only
difference I have seen is that in the
:15
To: users@cxf.apache.org
Subject: Re: Aware of compatibility issue between CXF and Metro/Weblogic ?
Could you attach the security policy of the webservice, as well as the CXF
request and the other request that works?
Colm.
On Tue, Mar 6, 2012 at 12:03 PM, COURTAULT Francois
francois.courta
forgot to attach the WSDL...
Colm.
On Tue, Mar 6, 2012 at 1:05 PM, COURTAULT Francois
francois.courta...@gemalto.com wrote:
Of course I can :-)
You will find attached the wsdl of the webservice (SimpleWS.wsdl) + the soap
request which works (SOAP OK.txt) and the one which fails (CXF SOAP.txt
Hello everybody,
For UsernameToken, in my client code I have used the following code which is:
MapString, Object ctx = ((BindingProvider)
port).getRequestContext();
ctx.put(ws-security.username, myusername);
ctx.put(ws-security.password,
-SecurityPolicy use-case.
As you are using WS-SecurityPolicy (TransportBindingHandler), it does not work.
Colm.
On Fri, Feb 3, 2012 at 5:10 PM, COURTAULT Francois
francois.courta...@gemalto.com wrote:
Hello everybody,
For UsernameToken, in my client code I have used the following code which
-SecurityPolicy.
Glen
On 02/03/2012 01:03 PM, COURTAULT Francois wrote:
Hello,
I don't understand because the 2 ways of coding seem feasible
according the article at:
http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile
So do you mean that the client code provided in this article
in the tutorial depending on the option you wanted.
For example, the code segment referenced had instructions just before it
telling you to comment out / uncomment the particular segment depending on the
method you chose.
Glen
On 02/03/2012 01:33 PM, COURTAULT Francois wrote:
Hello,
OK but how
UsernameToken
On 02/03/2012 02:08 PM, Daniel Kulp wrote:
On Friday, February 03, 2012 8:02:35 PM COURTAULT Francois wrote:
Hello Glen,
First, my WDSL contains policy statements.
I have read again more carefully your article.
Let me know if I have well understood:
- if the WSDL
70 matches
Mail list logo