On Tue, Jun 10, 2008 at 2:40 PM, O hEigeartaigh, Colm < [EMAIL PROTECTED]> wrote:
> > > There are a few other misc issues that could go into a 1.5.5 release. > > > Can anyone identify any others? > > Currently there are 5 issues marked as "fix for 1.5.5": > > http://issues.apache.org/jira/secure/IssueNavigator.jspa?reset=true&mode > =hide&sorter/order=DESC&sorter/field=priority&resolution=-1&pid=12310063 > &fixfor=12313215<http://issues.apache.org/jira/secure/IssueNavigator.jspa?reset=true&mode=hide&sorter/order=DESC&sorter/field=priority&resolution=-1&pid=12310063&fixfor=12313215> > > We should possibly look into upgrading bouncycastle (WSS-125) and > xmlsec? +1, we use xml-sec 1.4.1 with WSS4J 1.5.4 in Rampart and works fine. We haven't tested yet with bouncycastle 1.36/1.39 but will do soon. I think we can also close the following issues: > > http://issues.apache.org/jira/browse/WSS-23 > http://issues.apache.org/jira/browse/WSS-64 > http://issues.apache.org/jira/browse/WSS-42 > http://issues.apache.org/jira/browse/WSS-99 > > > And would we be open for a 1.5.5 release, hot on the heels of 1.5.4? > > +1 from me, forcing projects to have the opensaml jar available is > something we should fix asap. What would be the time line for 1.5.5 release ? thanks, nandana > -----Original Message----- > From: Fred Dushin [mailto:[EMAIL PROTECTED] > Sent: 09 June 2008 22:24 > To: wss4j-dev > Subject: 1.5.5 release? > > Dan Kulp spotted a problem with the 1.5.4 release, which I'd like to > fix ASAP. Apparently this is causing a lot of problems for CXF and > ServiceMix, though there will likely be others. > > The issue comes down to a dependency on OpenSAML libraries at init > time. As part of the work to make processors replaceable, I changed > the hard-coded class names (string constants) to XXX.class.getName(). > This static code gets loaded at load time of the WSSConfig class, > which is central to the toolkit, and one of the class names is a > processor, which appears to have a static dependency on an openSAML > type. If the openSAML JAR can't be found, then toolkit initialization > fails. > > Currently, the opensaml JARs are not deployed into central, which is a > problem for projects that can't find the JARs elsewhere (such as a > local mirror of central). > > So one thing I'd like to do is fix the immediate problem, so that we > can avoid reliance on opensaml as a deployemnt requirement. We can > also work on deploying the opensaml JAR and POM to central, and I've > got an email out to Scott Cantor on that. But I'd prefer to make the > fix, as well. > > There are a few other misc issues that could go into a 1.5.5 release. > Can anyone identify any others? And would we be open for a 1.5.5 > release, hot on the heels of 1.5.4? I'd be willing to spin the > release (though I did loose a script I wrote as a result of a disk > failure, so I'd have to make up some lost ground). > > Let me know what you all think. This opensaml issue could be a > problem for other mavenized projects that depend on WSS4J. > > -Fred > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > ---------------------------- > IONA Technologies PLC (registered in Ireland) > Registered Number: 171387 > Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/
