[jira] [Created] (FEDIZ-147) IDP will be listed in HomeRealm Selection view, even if it should not be used directly
Jan Bernhardt created FEDIZ-147:
---
Summary: IDP will be listed in HomeRealm Selection view, even if
it should not be used directly
Key: FEDIZ-147
URL: https://issues.apache.org/jira/browse/FEDIZ-147
Project: CXF-Fediz
Issue Type: Bug
Components: IDP
Reporter: Jan Bernhardt
Assignee: Jan Bernhardt
Priority: Minor
Fix For: 1.3.0
If Fediz IDP should be used only as a RP-IDP with no direct login, I would set
{{useCurrentIdp}} of IDP configuration to false.
In this case I the IDP should not be listed within the home realm selection
view. But instead only trusted 3rd Party IDPs should be listed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (CXF-6740) Collision by Swagger2Feature in two OSGI bundles
[
https://issues.apache.org/jira/browse/CXF-6740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15110338#comment-15110338
]
Akitoshi Yoshida commented on CXF-6740:
---
Hi Andriy, Sergey,
sounds good.
Thanks.
regards, aki
> Collision by Swagger2Feature in two OSGI bundles
> -
>
> Key: CXF-6740
> URL: https://issues.apache.org/jira/browse/CXF-6740
> Project: CXF
> Issue Type: Bug
> Components: OSGi
>Affects Versions: 3.1.4
> Environment: Apache Karaf 4.0.2
>Reporter: Andre Schlegel
>Assignee: Andriy Redko
>
> I have two separate bundles in my karaf, which are using cxf with the
> swagger2feature. The endpoints (/cxf/bpc-core and /cxf/bpc-monitor/ ) in both
> bundles working fine. But I got on both swagger-URL the same swagger-File
> (both for the monitor endpoints).
> I'm using the blueprint for swagger2feature configuration and annotation for
> the endpoints.
> core bundle
> {code}
> http://www.osgi.org/xmlns/blueprint/v1.0.0";
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>xmlns:cxf="http://cxf.apache.org/blueprint/core";
>xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs";
>xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0
> http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
>http://cxf.apache.org/blueprint/core
> http://cxf.apache.org/schemas/blueprint/core.xsd
>http://cxf.apache.org/jaxrs
> http://cxf.apache.org/schemas/blueprint/jaxrs.xsd";>
>
> class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
>
> class="de.virtimo.bpc.core.resource.AuthenticationResource" />
> class="de.virtimo.bpc.core.resource.Configuration" />
>
>
> class="org.apache.cxf.jaxrs.swagger.Swagger2Feature">
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> {code}
> Monitor Bundle
> {code}
> http://www.osgi.org/xmlns/blueprint/v1.0.0";
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>xmlns:cxf="http://cxf.apache.org/blueprint/core";
>xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs";
>xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0
> http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
>http://cxf.apache.org/blueprint/core
> http://cxf.apache.org/schemas/blueprint/core.xsd
>http://cxf.apache.org/jaxrs
> http://cxf.apache.org/schemas/blueprint/jaxrs.xsd";>
>
> class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
>
> class="de.virtimo.bpc.module.monitor.resource.Monitor" />
>
> class="org.apache.cxf.jaxrs.swagger.Swagger2Feature">
> Center"/>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> {code}
> I got the swagger-file for the monitor bundle on /cxf/bpc-core/swagger.json
> and /cxf/bpc-monitor/swagger.json
> Anyone suggestion how to handle this scenario?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Resolved] (FEDIZ-147) IDP will be listed in HomeRealm Selection view, even if it should not be used directly
[
https://issues.apache.org/jira/browse/FEDIZ-147?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Bernhardt resolved FEDIZ-147.
-
Resolution: Fixed
> IDP will be listed in HomeRealm Selection view, even if it should not be used
> directly
> --
>
> Key: FEDIZ-147
> URL: https://issues.apache.org/jira/browse/FEDIZ-147
> Project: CXF-Fediz
> Issue Type: Bug
> Components: IDP
>Reporter: Jan Bernhardt
>Assignee: Jan Bernhardt
>Priority: Minor
> Fix For: 1.3.0
>
>
> If Fediz IDP should be used only as a RP-IDP with no direct login, I would
> set {{useCurrentIdp}} of IDP configuration to false.
> In this case I the IDP should not be listed within the home realm selection
> view. But instead only trusted 3rd Party IDPs should be listed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (FEDIZ-147) IDP will be listed in HomeRealm Selection view, even if it should not be used directly
[
https://issues.apache.org/jira/browse/FEDIZ-147?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Bernhardt updated FEDIZ-147:
Description:
If Fediz IDP should be used only as a RP-IDP with no direct login, I would set
{{useCurrentIdp}} of IDP configuration to {{false}}.
In this case I the IDP should not be listed within the home realm selection
view. But instead only trusted 3rd Party IDPs should be listed.
was:
If Fediz IDP should be used only as a RP-IDP with no direct login, I would set
{{useCurrentIdp}} of IDP configuration to false.
In this case I the IDP should not be listed within the home realm selection
view. But instead only trusted 3rd Party IDPs should be listed.
> IDP will be listed in HomeRealm Selection view, even if it should not be used
> directly
> --
>
> Key: FEDIZ-147
> URL: https://issues.apache.org/jira/browse/FEDIZ-147
> Project: CXF-Fediz
> Issue Type: Bug
> Components: IDP
>Reporter: Jan Bernhardt
>Assignee: Jan Bernhardt
>Priority: Minor
> Fix For: 1.3.0
>
>
> If Fediz IDP should be used only as a RP-IDP with no direct login, I would
> set {{useCurrentIdp}} of IDP configuration to {{false}}.
> In this case I the IDP should not be listed within the home realm selection
> view. But instead only trusted 3rd Party IDPs should be listed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Created] (CXF-6753) OAuth2 audience support is incomplete
Sergey Beryozkin created CXF-6753: - Summary: OAuth2 audience support is incomplete Key: CXF-6753 URL: https://issues.apache.org/jira/browse/CXF-6753 Project: CXF Issue Type: Bug Components: JAX-RS, JAX-RS Security Reporter: Sergey Beryozkin Assignee: Sergey Beryozkin Fix For: 3.1.5, 3.2.0 The audience support in the OAuth2 code was done awhile back based on the now expired draft, and while no standard is available, it is important to update the model now that it is getting integrated into Fediz/etc. Specifically, a single audience is only supported in the model while multiple audiences per token are possible. Token introspection response may include a single or multiple audiences, with a single audience being allowed to be reported as a non-array (as per JWT audience). Audience checks need to be updated too. The audience, if reported to the token/authorization endpoint, will have to be contained in the list of client audiences created during the registration. This can be relaxed in the future and become more dynamic -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CXF-6740) Collision by Swagger2Feature in two OSGI bundles
[
https://issues.apache.org/jira/browse/CXF-6740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15110595#comment-15110595
]
Akitoshi Yoshida commented on CXF-6740:
---
Hi Andriy,
there seems to be a recent update to swagger regarding this issue.
https://github.com/swagger-api/swagger-core/issues/1482
it looks like the problem might have been solved with this patch.
regards, aki
> Collision by Swagger2Feature in two OSGI bundles
> -
>
> Key: CXF-6740
> URL: https://issues.apache.org/jira/browse/CXF-6740
> Project: CXF
> Issue Type: Bug
> Components: OSGi
>Affects Versions: 3.1.4
> Environment: Apache Karaf 4.0.2
>Reporter: Andre Schlegel
>Assignee: Andriy Redko
>
> I have two separate bundles in my karaf, which are using cxf with the
> swagger2feature. The endpoints (/cxf/bpc-core and /cxf/bpc-monitor/ ) in both
> bundles working fine. But I got on both swagger-URL the same swagger-File
> (both for the monitor endpoints).
> I'm using the blueprint for swagger2feature configuration and annotation for
> the endpoints.
> core bundle
> {code}
> http://www.osgi.org/xmlns/blueprint/v1.0.0";
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>xmlns:cxf="http://cxf.apache.org/blueprint/core";
>xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs";
>xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0
> http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
>http://cxf.apache.org/blueprint/core
> http://cxf.apache.org/schemas/blueprint/core.xsd
>http://cxf.apache.org/jaxrs
> http://cxf.apache.org/schemas/blueprint/jaxrs.xsd";>
>
> class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
>
> class="de.virtimo.bpc.core.resource.AuthenticationResource" />
> class="de.virtimo.bpc.core.resource.Configuration" />
>
>
> class="org.apache.cxf.jaxrs.swagger.Swagger2Feature">
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> {code}
> Monitor Bundle
> {code}
> http://www.osgi.org/xmlns/blueprint/v1.0.0";
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>xmlns:cxf="http://cxf.apache.org/blueprint/core";
>xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs";
>xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0
> http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
>http://cxf.apache.org/blueprint/core
> http://cxf.apache.org/schemas/blueprint/core.xsd
>http://cxf.apache.org/jaxrs
> http://cxf.apache.org/schemas/blueprint/jaxrs.xsd";>
>
> class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
>
> class="de.virtimo.bpc.module.monitor.resource.Monitor" />
>
> class="org.apache.cxf.jaxrs.swagger.Swagger2Feature">
> Center"/>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> {code}
> I got the swagger-file for the monitor bundle on /cxf/bpc-core/swagger.json
> and /cxf/bpc-monitor/swagger.json
> Anyone suggestion how to handle this scenario?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Created] (FEDIZ-148) Investigate the source of the big memory requirements on start up and minimize them if possible
Sergey Beryozkin created FEDIZ-148: -- Summary: Investigate the source of the big memory requirements on start up and minimize them if possible Key: FEDIZ-148 URL: https://issues.apache.org/jira/browse/FEDIZ-148 Project: CXF-Fediz Issue Type: Improvement Components: IDP Reporter: Sergey Beryozkin Priority: Minor Fix For: 1.3.0 Every time I forget to set "export JAVA_OPTS="-Xmx2048M -XX:MaxPermSize=512M" before starting Fediz I see it hanging during the authentication request (after I enter alice/elica). There's some massive memory consumption at that point of time so may be that can be investigated and optimized -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (FEDIZ-149) MetadataDocument with ApplicationServiceType for IDP
Jan Bernhardt created FEDIZ-149:
---
Summary: MetadataDocument with ApplicationServiceType for IDP
Key: FEDIZ-149
URL: https://issues.apache.org/jira/browse/FEDIZ-149
Project: CXF-Fediz
Issue Type: Improvement
Components: IDP
Reporter: Jan Bernhardt
Priority: Minor
The generated Metadata Document of the IDP only container the
{{SecurityTokenServiceType}} role description. If the IDP shall be used as a
RP-IDP and should be registered at another 3rd party IDPs the
{{ApplicationServiceType}} role would be needed also.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (CXF-6743) Inconsistent versions of jax-rs specs can lead to OSGi pain
[
https://issues.apache.org/jira/browse/CXF-6743?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15110803#comment-15110803
]
Sergey Beryozkin commented on CXF-6743:
---
Hi Benson
Can you please test the bundle created as part of
https://issues.apache.org/jira/browse/SM-2769
> Inconsistent versions of jax-rs specs can lead to OSGi pain
> ---
>
> Key: CXF-6743
> URL: https://issues.apache.org/jira/browse/CXF-6743
> Project: CXF
> Issue Type: Bug
>Affects Versions: 3.1.4
>Reporter: Benson Margulies
>
> CXF's dependency tree calls for:
> {code}
>
> javax.ws.rs
> javax.ws.rs-api
> 2.0.1
>
> {code}
> However, the Karaf features asks for a servicemix bundle that only provides
> version 2.0 of the spec, and indeed, there's no SM bundle for 2.0.1. So, an
> OSGi bundle built with CXF will be prone to try to import 2.0.1 of the
> package in this jar, and then fail to be able to wire it.
> If CXF really needs 2.0.1, then we need an SM bundle for 2.0.1 (and the CXF
> feature should reference it).
> I'll link the SM jira.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Closed] (CXF-6740) Collision by Swagger2Feature in two OSGI bundles
[
https://issues.apache.org/jira/browse/CXF-6740?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andriy Redko closed CXF-6740.
-
Resolution: Won't Fix
Swagger issue, already fixed in master, on target for 1.5.7 release
> Collision by Swagger2Feature in two OSGI bundles
> -
>
> Key: CXF-6740
> URL: https://issues.apache.org/jira/browse/CXF-6740
> Project: CXF
> Issue Type: Bug
> Components: OSGi
>Affects Versions: 3.1.4
> Environment: Apache Karaf 4.0.2
>Reporter: Andre Schlegel
>Assignee: Andriy Redko
>
> I have two separate bundles in my karaf, which are using cxf with the
> swagger2feature. The endpoints (/cxf/bpc-core and /cxf/bpc-monitor/ ) in both
> bundles working fine. But I got on both swagger-URL the same swagger-File
> (both for the monitor endpoints).
> I'm using the blueprint for swagger2feature configuration and annotation for
> the endpoints.
> core bundle
> {code}
> http://www.osgi.org/xmlns/blueprint/v1.0.0";
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>xmlns:cxf="http://cxf.apache.org/blueprint/core";
>xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs";
>xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0
> http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
>http://cxf.apache.org/blueprint/core
> http://cxf.apache.org/schemas/blueprint/core.xsd
>http://cxf.apache.org/jaxrs
> http://cxf.apache.org/schemas/blueprint/jaxrs.xsd";>
>
> class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
>
> class="de.virtimo.bpc.core.resource.AuthenticationResource" />
> class="de.virtimo.bpc.core.resource.Configuration" />
>
>
> class="org.apache.cxf.jaxrs.swagger.Swagger2Feature">
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> {code}
> Monitor Bundle
> {code}
> http://www.osgi.org/xmlns/blueprint/v1.0.0";
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>xmlns:cxf="http://cxf.apache.org/blueprint/core";
>xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs";
>xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0
> http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
>http://cxf.apache.org/blueprint/core
> http://cxf.apache.org/schemas/blueprint/core.xsd
>http://cxf.apache.org/jaxrs
> http://cxf.apache.org/schemas/blueprint/jaxrs.xsd";>
>
> class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
>
> class="de.virtimo.bpc.module.monitor.resource.Monitor" />
>
> class="org.apache.cxf.jaxrs.swagger.Swagger2Feature">
> Center"/>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> {code}
> I got the swagger-file for the monitor bundle on /cxf/bpc-core/swagger.json
> and /cxf/bpc-monitor/swagger.json
> Anyone suggestion how to handle this scenario?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (CXF-6740) Collision by Swagger2Feature in two OSGI bundles
[
https://issues.apache.org/jira/browse/CXF-6740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15111285#comment-15111285
]
Andriy Redko commented on CXF-6740:
---
Hi Aki,
Awesome! Thanks a lot for looking into Swagger issues, this is exactly the
problem.
PR targets *Swagger 1.5.7* so I think it is going to be fixed with this
release. Closing this ticket.
Thanks!
Best Regards,
Andriy Redko
> Collision by Swagger2Feature in two OSGI bundles
> -
>
> Key: CXF-6740
> URL: https://issues.apache.org/jira/browse/CXF-6740
> Project: CXF
> Issue Type: Bug
> Components: OSGi
>Affects Versions: 3.1.4
> Environment: Apache Karaf 4.0.2
>Reporter: Andre Schlegel
>Assignee: Andriy Redko
>
> I have two separate bundles in my karaf, which are using cxf with the
> swagger2feature. The endpoints (/cxf/bpc-core and /cxf/bpc-monitor/ ) in both
> bundles working fine. But I got on both swagger-URL the same swagger-File
> (both for the monitor endpoints).
> I'm using the blueprint for swagger2feature configuration and annotation for
> the endpoints.
> core bundle
> {code}
> http://www.osgi.org/xmlns/blueprint/v1.0.0";
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>xmlns:cxf="http://cxf.apache.org/blueprint/core";
>xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs";
>xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0
> http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
>http://cxf.apache.org/blueprint/core
> http://cxf.apache.org/schemas/blueprint/core.xsd
>http://cxf.apache.org/jaxrs
> http://cxf.apache.org/schemas/blueprint/jaxrs.xsd";>
>
> class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
>
> class="de.virtimo.bpc.core.resource.AuthenticationResource" />
> class="de.virtimo.bpc.core.resource.Configuration" />
>
>
> class="org.apache.cxf.jaxrs.swagger.Swagger2Feature">
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> {code}
> Monitor Bundle
> {code}
> http://www.osgi.org/xmlns/blueprint/v1.0.0";
>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>xmlns:cxf="http://cxf.apache.org/blueprint/core";
>xmlns:jaxrs="http://cxf.apache.org/blueprint/jaxrs";
>xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0
> http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
>http://cxf.apache.org/blueprint/core
> http://cxf.apache.org/schemas/blueprint/core.xsd
>http://cxf.apache.org/jaxrs
> http://cxf.apache.org/schemas/blueprint/jaxrs.xsd";>
>
> class="com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider" />
>
> class="de.virtimo.bpc.module.monitor.resource.Monitor" />
>
> class="org.apache.cxf.jaxrs.swagger.Swagger2Feature">
> Center"/>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> {code}
> I got the swagger-file for the monitor bundle on /cxf/bpc-core/swagger.json
> and /cxf/bpc-monitor/swagger.json
> Anyone suggestion how to handle this scenario?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
