On Jun 10, 2008, at 3:05 PM, Nandana Mihindukulasooriya wrote:
On Tue, Jun 10, 2008 at 2:40 PM, O hEigeartaigh, Colm <[EMAIL PROTECTED]
> wrote:
> There are a few other misc issues that could go into a 1.5.5
release.
> Can anyone identify any others?
Currently there are 5 issues marked as "fix for 1.5.5":
http://issues.apache.org/jira/secure/IssueNavigator.jspa?reset=true&mode
=hide&sorter/order=DESC&sorter/
field=priority&resolution=-1&pid=12310063
&fixfor=12313215
We should possibly look into upgrading bouncycastle (WSS-125) and
xmlsec?
+1, we use xml-sec 1.4.1 with WSS4J 1.5.4 in Rampart and works
fine. We haven't tested yet with bouncycastle 1.36/1.39 but will do
soon.
I'm only OK with 1.4.1 if it can get put into central before then.
opensaml not being there is already causing issues for me.
Dan
I think we can also close the following issues:
http://issues.apache.org/jira/browse/WSS-23
http://issues.apache.org/jira/browse/WSS-64
http://issues.apache.org/jira/browse/WSS-42
http://issues.apache.org/jira/browse/WSS-99
> And would we be open for a 1.5.5 release, hot on the heels of 1.5.4?
+1 from me, forcing projects to have the opensaml jar available is
something we should fix asap.
What would be the time line for 1.5.5 release ?
thanks,
nandana
-----Original Message-----
From: Fred Dushin [mailto:[EMAIL PROTECTED]
Sent: 09 June 2008 22:24
To: wss4j-dev
Subject: 1.5.5 release?
Dan Kulp spotted a problem with the 1.5.4 release, which I'd like to
fix ASAP. Apparently this is causing a lot of problems for CXF and
ServiceMix, though there will likely be others.
The issue comes down to a dependency on OpenSAML libraries at init
time. As part of the work to make processors replaceable, I changed
the hard-coded class names (string constants) to XXX.class.getName().
This static code gets loaded at load time of the WSSConfig class,
which is central to the toolkit, and one of the class names is a
processor, which appears to have a static dependency on an openSAML
type. If the openSAML JAR can't be found, then toolkit initialization
fails.
Currently, the opensaml JARs are not deployed into central, which is a
problem for projects that can't find the JARs elsewhere (such as a
local mirror of central).
So one thing I'd like to do is fix the immediate problem, so that we
can avoid reliance on opensaml as a deployemnt requirement. We can
also work on deploying the opensaml JAR and POM to central, and I've
got an email out to Scott Cantor on that. But I'd prefer to make the
fix, as well.
There are a few other misc issues that could go into a 1.5.5 release.
Can anyone identify any others? And would we be open for a 1.5.5
release, hot on the heels of 1.5.4? I'd be willing to spin the
release (though I did loose a script I wrote as a result of a disk
failure, so I'd have to make up some lost ground).
Let me know what you all think. This opensaml issue could be a
problem for other mavenized projects that depend on WSS4J.
-Fred
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4,
Ireland
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Nandana Mihindukulasooriya
WSO2 inc.
http://nandana83.blogspot.com/
---
Daniel Kulp
[EMAIL PROTECTED]
http://www.dankulp.com/blog
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
