(axis-axis2-java-rampart) 01/10: RAMPART-454 Upgrade to Axis2 2.0.1-SNAPSHOT + Axiom 2.0.0 (Jakarta)

Mon, 13 Apr 2026 11:58:39 -0700 

This is an automated email from the ASF dual-hosted git repository.

robertlazarski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git

commit 34f6918fd93aedf9e447474391cc597b8a3cd3a0
Author: Robert Lazarski <[email protected]>
AuthorDate: Sun Apr 12 16:15:01 2026 -1000

    RAMPART-454 Upgrade to Axis2 2.0.1-SNAPSHOT + Axiom 2.0.0 (Jakarta)
    
    - axis2.version: 1.8.2 -> 2.0.1-SNAPSHOT
    - axiom.version: 1.4.0 -> 2.0.0
    - javax.servlet -> jakarta.servlet in RampartUtil.java
    - javax.servlet.request.X509Certificate -> 
jakarta.servlet.request.X509Certificate
    - Added jakarta.servlet-api 6.0.0 (provided) dependency
    - Added axiom-jakarta-activation and axiom-jakarta-jaxb to 
dependencyManagement
    - Updated Shibboleth Maven repo URL (old Nexus -> new releases)
    
    Builds successfully with: mvn install -Dmaven.test.skip=true 
-Dmaven.javadoc.skip=true
    OpenSAML remains at 4.3.2 — 5.x upgrade is the next step.
    
    Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
---
 modules/rampart-core/pom.xml                         |  5 +++++
 .../java/org/apache/rampart/util/RampartUtil.java    |  6 +++---
 pom.xml                                              | 20 ++++++++++++++++++--
 3 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/modules/rampart-core/pom.xml b/modules/rampart-core/pom.xml
index d3ea3872..0f5a7f15 100644
--- a/modules/rampart-core/pom.xml
+++ b/modules/rampart-core/pom.xml
@@ -103,5 +103,10 @@
             <artifactId>axiom-truth</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>jakarta.servlet</groupId>
+            <artifactId>jakarta.servlet-api</artifactId>
+            <scope>provided</scope>
+        </dependency>
     </dependencies>
 </project>
diff --git 
a/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java 
b/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
index 9bf2a2e2..7a3aad93 100644
--- 
a/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
+++ 
b/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
@@ -100,7 +100,7 @@ import javax.crypto.KeyGenerator;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.xml.namespace.QName;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
 
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.X509Certificate;
@@ -1880,7 +1880,7 @@ public class RampartUtil {
      * and, if the property is not available, will try to get the 
HttpsServletRequest from the 
      * message context properties (populated there by the AxisServlet if axis2 
is running inside a servlet
      * engine) and retrieve the https client certificate chain from its 
attributes. The client certificate
-     * chain is expected to be available under the 
<code>javax.servlet.request.X509Certificate</code>
+     * chain is expected to be available under the 
<code>jakarta.servlet.request.X509Certificate</code>
      * attribute of the servlet request. No further trust verification is done 
for the client
      * certificate - the transport listener should have already verified this.
      * 
@@ -1943,7 +1943,7 @@ public class RampartUtil {
                         Object requestProperty = 
msgContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
                         if (requestProperty instanceof HttpServletRequest) {
                            HttpServletRequest request = 
(HttpServletRequest)requestProperty;
-                            Object certificateChain = 
request.getAttribute("javax.servlet.request.X509Certificate"); //$NON-NLS-1$
+                            Object certificateChain = 
request.getAttribute("jakarta.servlet.request.X509Certificate"); //$NON-NLS-1$
                             if (certificateChain instanceof X509Certificate[]) 
{
                                 // HTTPS client certificate chain found
                                 return;
diff --git a/pom.xml b/pom.xml
index 22b6b9ff..d7f6edc0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -514,6 +514,22 @@
                 <artifactId>axiom-truth</artifactId>
                 <version>${axiom.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.apache.ws.commons.axiom</groupId>
+                <artifactId>axiom-jakarta-activation</artifactId>
+                <version>${axiom.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>jakarta.servlet</groupId>
+                <artifactId>jakarta.servlet-api</artifactId>
+                <version>6.0.0</version>
+                <scope>provided</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.ws.commons.axiom</groupId>
+                <artifactId>axiom-jakarta-jaxb</artifactId>
+                <version>${axiom.version}</version>
+            </dependency>
 
             <!-- Other Rampart Dependencies -->
             <dependency>
@@ -829,8 +845,8 @@
     </modules>
 
     <properties>
-        <axis2.version>1.8.2</axis2.version>
-        <axiom.version>1.4.0</axiom.version>
+        <axis2.version>2.0.1-SNAPSHOT</axis2.version>
+        <axiom.version>2.0.0</axiom.version>
 
         <wss4j.version>3.0.3</wss4j.version>
         <opensaml.version>4.3.2</opensaml.version>

Reply via email to