[jira] [Created] (CXF-4512) AtomPojoProvider should use MBR Class parameter when checking for custom writers and builders
Sergey Beryozkin created CXF-4512: - Summary: AtomPojoProvider should use MBR Class parameter when checking for custom writers and builders Key: CXF-4512 URL: https://issues.apache.org/jira/browse/CXF-4512 Project: CXF Issue Type: Bug Components: JAX-RS Reporter: Sergey Beryozkin If a JAX-RS resource method returns say 'Resource' interface class but at the runtime it happens to be ResourceImpl then AtomPojoProvider is not capable to find the registered custom writers/readers or builders. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Created] (CXF-4513) First request to a webservice overrides jaxws:endpoint address parameter.
Wojtek Malinowski created CXF-4513:
--
Summary: First request to a webservice overrides jaxws:endpoint
address parameter.
Key: CXF-4513
URL: https://issues.apache.org/jira/browse/CXF-4513
Project: CXF
Issue Type: Bug
Affects Versions: 2.6.2
Environment: windows xp/linux debian, tomcat 6.0.29/6.0.35, java 1.6.22
Reporter: Wojtek Malinowski
I have prepared some webservice, which has an endpoint configured as follows:
Having deployed my webservice using CXF 2.6.2 to the tomcat server (6.0.29)
locally (but the same situation is on production systems), I'm going into
http://localhost:8080/MyService/services servlet and there I'm getting such
info:
{code}
publishedEndpointUrl: null
address: /AuthorizationWebService
Endpoint address:
http://localhost:8080/MyService/services/AuthorizationWebService
WSDL : {http://test/authorization}AuthorizationService
Target namespace: http://test/authorization
{code}
This is non-standard, because I modified FormattedServiceListWrite to have
publishedEndpointUrl and address on the screen:
{code}
writer.write("publishedEndpointUrl: " +
""
+ sd.getEndpointInfo().getProperty("publishedEndpointUrl")
+ "");
writer.write("address: " + ""
+ sd.getEndpointInfo().getAddress() + "");
{code}
This is a correct situation, the endpoint address is taken from my request.
But after I called some function from this webservice (and a requested path
contains localhost), the returned info changes to:
{code}
publishedEndpointUrl: null
address: http://localhost:8080/MyService/services/AuthorizationWebService
Endpoint address:
http://localhost:8080/MyService/services/AuthorizationWebService
WSDL : {http://test/authorization}AuthorizationService
Target namespace: http://test/authorization
{code}
This is worse, because when I try to call this servlet using
http://127.0.0.1:8080/MyService/services I will still get the reference with
localhost:8080. The next request to this webservice (calling another function)
using address 127.0.0.1 does not change the address. But if I called my
function for the first after restarting the tomcat using 127.0.0.1 then it
would like this:
{code}
publishedEndpointUrl: null
address: http://127.0.0.1:8080/MyService/services/AuthorizationWebService
Endpoint address:
http://127.0.0.1:8080/MyService/services/AuthorizationWebService
WSDL : {http://test/authorization}AuthorizationService
Target namespace: http://test/authorization
{code}
To sum up, the address parameter is changed from /AuthorizationWebService to
REQUEST_PATH/AuthorizationWebService during the first request to the
webservice. This results in incorrect paths showed by the cxf servlet, when
webservice is available (and requested by users) through more than one address.
I think the correct behaviour would be that the address parameter would never
change, so when I request the servlet listing webservice the "basePath"
parameter would still be used to determine the full path despite user requests
in a meantime (and would be the same for all webservice as it is before the
first request).
Tested on CXF 2.6.2 using windows xp or linux debian, java 1.6.22 and tomcat
6.0.29 (linux) or 6.0.35 (windows).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Created] (FEDIZ-26) SAMLTokenValidator throws a NPE when an Attribute of the Assertion does not have a NameFormat.
Colm O hEigeartaigh created FEDIZ-26: Summary: SAMLTokenValidator throws a NPE when an Attribute of the Assertion does not have a NameFormat. Key: FEDIZ-26 URL: https://issues.apache.org/jira/browse/FEDIZ-26 Project: CXF-Fediz Issue Type: Bug Affects Versions: 1.0.1 Reporter: Colm O hEigeartaigh Assignee: Colm O hEigeartaigh Fix For: 1.0.2 The SAMLTokenValidator throws a NPE when an Attribute of the Assertion does not have a NameFormat. This was introduced by the fix for FEDIZ-22. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (FEDIZ-26) SAMLTokenValidator throws a NPE when an Attribute of the Assertion does not have a NameFormat.
[ https://issues.apache.org/jira/browse/FEDIZ-26?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh resolved FEDIZ-26. -- Resolution: Fixed > SAMLTokenValidator throws a NPE when an Attribute of the Assertion does not > have a NameFormat. > -- > > Key: FEDIZ-26 > URL: https://issues.apache.org/jira/browse/FEDIZ-26 > Project: CXF-Fediz > Issue Type: Bug >Affects Versions: 1.0.1 >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh > Fix For: 1.0.2 > > > The SAMLTokenValidator throws a NPE when an Attribute of the Assertion does > not have a NameFormat. This was introduced by the fix for FEDIZ-22. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (FEDIZ-13) Add a new (default) TokenReplayCache implementation based on EhCache
[ https://issues.apache.org/jira/browse/FEDIZ-13?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Glen Mazza closed FEDIZ-13. --- > Add a new (default) TokenReplayCache implementation based on EhCache > > > Key: FEDIZ-13 > URL: https://issues.apache.org/jira/browse/FEDIZ-13 > Project: CXF-Fediz > Issue Type: Improvement > Components: Plugin >Reporter: Colm O hEigeartaigh > Fix For: 1.0.0 > > > This task is to add a new (default) TokenReplayCache implementation based on > EhCache, to cache the Assertion ID's to prevent against replay attacks. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (FEDIZ-1) WS-Federation Metadata document published at runtime in RP
[ https://issues.apache.org/jira/browse/FEDIZ-1?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Glen Mazza closed FEDIZ-1. -- > WS-Federation Metadata document published at runtime in RP > -- > > Key: FEDIZ-1 > URL: https://issues.apache.org/jira/browse/FEDIZ-1 > Project: CXF-Fediz > Issue Type: New Feature > Components: Plugin >Reporter: Oliver Wulff >Assignee: Oliver Wulff > Fix For: 1.0.0 > > Attachments: patch.txt > > > plugins/core should be enhanced to generate a WS-Federation Metadata document -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (FEDIZ-10) improved federation configuration
[ https://issues.apache.org/jira/browse/FEDIZ-10?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Glen Mazza closed FEDIZ-10. --- > improved federation configuration > - > > Key: FEDIZ-10 > URL: https://issues.apache.org/jira/browse/FEDIZ-10 > Project: CXF-Fediz > Issue Type: Improvement > Components: Plugin >Reporter: Juerg Portmann >Assignee: Oliver Wulff > Fix For: 1.0.0 > > Attachments: file.patch > > > improved federation configuration, > changed implementation to use declarative xml based configuration instead of > hardcoded approach -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (FEDIZ-11) Support for WS-Trust Namespace 2005/02
[ https://issues.apache.org/jira/browse/FEDIZ-11?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Glen Mazza closed FEDIZ-11. --- > Support for WS-Trust Namespace 2005/02 > -- > > Key: FEDIZ-11 > URL: https://issues.apache.org/jira/browse/FEDIZ-11 > Project: CXF-Fediz > Issue Type: Improvement > Components: Plugin >Reporter: Oliver Wulff >Assignee: Oliver Wulff > Fix For: 1.0.0 > > > Fediz Plugin validates the namespace against WS-Trust 1.3. > Microsoft ADFS uses the namespace 2005/02 by default: > http://schemas.xmlsoap.org/ws/2005/02/trust -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (FEDIZ-12) SAML 1.1 token validation fails
[ https://issues.apache.org/jira/browse/FEDIZ-12?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Glen Mazza closed FEDIZ-12. --- > SAML 1.1 token validation fails > --- > > Key: FEDIZ-12 > URL: https://issues.apache.org/jira/browse/FEDIZ-12 > Project: CXF-Fediz > Issue Type: Bug > Components: Plugin >Reporter: Oliver Wulff >Assignee: Oliver Wulff > Fix For: 1.0.0 > > > SAML 1.1 token validation fails with exception: > java.lang.UnsupportedOperationException > org.apache.cxf.fediz.core.ClaimCollection.addAll(ClaimCollection.java:86) > org.apache.cxf.fediz.core.saml.SAMLTokenValidator.parseClaimsInAssertion(SAMLTokenValidator.java:246) > org.apache.cxf.fediz.core.saml.SAMLTokenValidator.validateAndProcessToken(SAMLTokenValidator.java:160) > org.apache.cxf.fediz.core.FederationProcessorImpl.processSignInRequest(FederationProcessorImpl.java:164) > org.apache.cxf.fediz.core.FederationProcessorImpl.processRequest(FederationProcessorImpl.java:78) > org.apache.cxf.fediz.tomcat.FederationAuthenticator.authenticate(FederationAuthenticator.java:314) > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544) > org.apache.cxf.fediz.tomcat.FederationAuthenticator.invoke(FederationAuthenticator.java:134) > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (FEDIZ-24) maximumClockSkew is not optional
[ https://issues.apache.org/jira/browse/FEDIZ-24?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Glen Mazza closed FEDIZ-24. --- > maximumClockSkew is not optional > > > Key: FEDIZ-24 > URL: https://issues.apache.org/jira/browse/FEDIZ-24 > Project: CXF-Fediz > Issue Type: Bug > Components: Plugin >Affects Versions: 1.0.0 >Reporter: Oliver Wulff >Assignee: Oliver Wulff >Priority: Minor > Fix For: 1.0.1 > > > maximumClockSkew must be configured. Otherwise an exception occurs. > maximumClockSkew should be optional where default is 5 seconds. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (FEDIZ-22) Improved support for other claims encoding in SAML attributes
[ https://issues.apache.org/jira/browse/FEDIZ-22?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Glen Mazza closed FEDIZ-22. --- > Improved support for other claims encoding in SAML attributes > - > > Key: FEDIZ-22 > URL: https://issues.apache.org/jira/browse/FEDIZ-22 > Project: CXF-Fediz > Issue Type: Improvement > Components: Plugin >Affects Versions: 1.0.0 >Reporter: Oliver Wulff >Assignee: Oliver Wulff > Fix For: 1.0.1 > > > As described in CXF-4484 some fixes are required on the STS side to properly > encode claims in SAML 1.1/2.0 attributes. This fix supports encoding prior to > CXF-4484 and after. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Created] (CXF-4514) JAXRS client ignores enum properties when populating request URI from beans
Sergey Beryozkin created CXF-4514: - Summary: JAXRS client ignores enum properties when populating request URI from beans Key: CXF-4514 URL: https://issues.apache.org/jira/browse/CXF-4514 Project: CXF Issue Type: Bug Components: JAX-RS Reporter: Sergey Beryozkin Priority: Minor Fix For: 2.4.10, 2.5.6, 2.6.3, 2.7.0 -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (CXF-4514) JAXRS client ignores enum properties when populating request URI from beans
[ https://issues.apache.org/jira/browse/CXF-4514?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergey Beryozkin resolved CXF-4514. --- Resolution: Fixed Assignee: Sergey Beryozkin > JAXRS client ignores enum properties when populating request URI from beans > --- > > Key: CXF-4514 > URL: https://issues.apache.org/jira/browse/CXF-4514 > Project: CXF > Issue Type: Bug > Components: JAX-RS >Reporter: Sergey Beryozkin >Assignee: Sergey Beryozkin >Priority: Minor > Fix For: 2.4.10, 2.5.6, 2.6.3, 2.7.0 > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (CXF-4510) CXF SSL Documentation could be clearer about location of TrustStore and KeyStore files
[ https://issues.apache.org/jira/browse/CXF-4510?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Glen Mazza reassigned CXF-4510: --- Assignee: Glen Mazza > CXF SSL Documentation could be clearer about location of TrustStore and > KeyStore files > -- > > Key: CXF-4510 > URL: https://issues.apache.org/jira/browse/CXF-4510 > Project: CXF > Issue Type: Improvement > Components: Documentation >Affects Versions: 2.6.2 > Environment: > http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html#ClientHTTPTransport%28includingSSLsupport%29-ConfiguringSSLSupport >Reporter: Chris Owens >Assignee: Glen Mazza >Priority: Minor > Labels: configuration, docuentation, ssl, xml > > Consider adding a line or two that explains how the "file" attribute of the > element is resolved. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (FEDIZ-19) Single Sign Out
[ https://issues.apache.org/jira/browse/FEDIZ-19?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13459898#comment-13459898 ] Gina Choi commented on FEDIZ-19: We are using Fediz1.0.1 as our SSO Frame work, but it doesn't support Signle Sign Out. I am using ADFS2.0 as our STS. It would be great if Single Sign Out is supported in next Fediz release. > Single Sign Out > --- > > Key: FEDIZ-19 > URL: https://issues.apache.org/jira/browse/FEDIZ-19 > Project: CXF-Fediz > Issue Type: New Feature > Components: IDP, Plugin >Reporter: Romain Manni-Bucau > > The goal is to invalidate all sessions of "related" webapps with a single > action (button). -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (CXF-4500) Evaluate jaxrs:schemaLocations after jaxrs:providers
[ https://issues.apache.org/jira/browse/CXF-4500?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergey Beryozkin resolved CXF-4500. --- Resolution: Fixed Fix Version/s: 2.7.0 2.6.3 Assignee: Sergey Beryozkin > Evaluate jaxrs:schemaLocations after jaxrs:providers > > > Key: CXF-4500 > URL: https://issues.apache.org/jira/browse/CXF-4500 > Project: CXF > Issue Type: Bug > Components: JAX-RS >Affects Versions: 2.6.2 > Environment: CXF, Spring >Reporter: Marko Voss >Assignee: Sergey Beryozkin >Priority: Minor > Fix For: 2.6.3, 2.7.0 > > > If you set the XML catalog to the JAXBElementProvider using the new attribute > 'catalogLocation' and setup the jaxrs:schemaLocations in jaxrs:server bean > before setting up the jaxrs:providers including the JAXBElementProvider the > evaluation of the schemaLocations in > org.apache.cxf.jaxrs.utils.schemas.SchemaHandler#createSchema line 81+ will > not use the catalogLocation because of it is null. > Workaround: First, setup the jaxrs:providers, then setup the > jaxrs:schemaLocations. So the order of the elements is important. > Proposal: Evaluate the providers element before evaluating the > schemaLocations element. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
