[jira] [Commented] (CXF-7910) Change JAX-WS javax to jakarta artifact dependencies
[ https://issues.apache.org/jira/browse/CXF-7910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16742862#comment-16742862 ] Dennis Kieselhorst commented on CXF-7910: - Thank you for testing. If we postpone it, it should be 3.4.0. In my view it's a major change that should not be introduced in a minor release. > Change JAX-WS javax to jakarta artifact dependencies > > > Key: CXF-7910 > URL: https://issues.apache.org/jira/browse/CXF-7910 > Project: CXF > Issue Type: Task > Components: JAX-WS Runtime >Reporter: Dennis Kieselhorst >Assignee: Dennis Kieselhorst >Priority: Minor > Fix For: 3.3.0 > > Time Spent: 10m > Remaining Estimate: 0h > > See https://github.com/eclipse-ee4j/jax-ws-api/issues/46 > According to https://projects.eclipse.org/projects/ee4j.jaxws/ will be > released on 2018-12-14. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CXF-7910) Change JAX-WS javax to jakarta artifact dependencies
[ https://issues.apache.org/jira/browse/CXF-7910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16742871#comment-16742871 ] Freeman Fang commented on CXF-7910: --- Agree, let's defer those with other jakarta stuff to CXF 3.4.0 and get CXF 3.3 out ASAP. > Change JAX-WS javax to jakarta artifact dependencies > > > Key: CXF-7910 > URL: https://issues.apache.org/jira/browse/CXF-7910 > Project: CXF > Issue Type: Task > Components: JAX-WS Runtime >Reporter: Dennis Kieselhorst >Assignee: Dennis Kieselhorst >Priority: Minor > Fix For: 3.3.0 > > Time Spent: 10m > Remaining Estimate: 0h > > See https://github.com/eclipse-ee4j/jax-ws-api/issues/46 > According to https://projects.eclipse.org/projects/ee4j.jaxws/ will be > released on 2018-12-14. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CXF-7910) Change JAX-WS javax to jakarta artifact dependencies
[ https://issues.apache.org/jira/browse/CXF-7910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16742894#comment-16742894 ] Colm O hEigeartaigh commented on CXF-7910: -- +1. > Change JAX-WS javax to jakarta artifact dependencies > > > Key: CXF-7910 > URL: https://issues.apache.org/jira/browse/CXF-7910 > Project: CXF > Issue Type: Task > Components: JAX-WS Runtime >Reporter: Dennis Kieselhorst >Assignee: Dennis Kieselhorst >Priority: Minor > Fix For: 3.3.0 > > Time Spent: 10m > Remaining Estimate: 0h > > See https://github.com/eclipse-ee4j/jax-ws-api/issues/46 > According to https://projects.eclipse.org/projects/ee4j.jaxws/ will be > released on 2018-12-14. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (CXF-7910) Change JAX-WS javax to jakarta artifact dependencies
[ https://issues.apache.org/jira/browse/CXF-7910?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dennis Kieselhorst updated CXF-7910: Fix Version/s: (was: 3.3.0) > Change JAX-WS javax to jakarta artifact dependencies > > > Key: CXF-7910 > URL: https://issues.apache.org/jira/browse/CXF-7910 > Project: CXF > Issue Type: Task > Components: JAX-WS Runtime >Reporter: Dennis Kieselhorst >Assignee: Dennis Kieselhorst >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > See https://github.com/eclipse-ee4j/jax-ws-api/issues/46 > According to https://projects.eclipse.org/projects/ee4j.jaxws/ will be > released on 2018-12-14. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (CXF-7910) Change JAX-WS javax to jakarta artifact dependencies
[ https://issues.apache.org/jira/browse/CXF-7910?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dennis Kieselhorst reassigned CXF-7910: --- Assignee: (was: Dennis Kieselhorst) > Change JAX-WS javax to jakarta artifact dependencies > > > Key: CXF-7910 > URL: https://issues.apache.org/jira/browse/CXF-7910 > Project: CXF > Issue Type: Task > Components: JAX-WS Runtime >Reporter: Dennis Kieselhorst >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > See https://github.com/eclipse-ee4j/jax-ws-api/issues/46 > According to https://projects.eclipse.org/projects/ee4j.jaxws/ will be > released on 2018-12-14. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CXF-7910) Change JAX-WS javax to jakarta artifact dependencies
[ https://issues.apache.org/jira/browse/CXF-7910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16742994#comment-16742994 ] Andriy Redko commented on CXF-7910: --- Hi [~ffang], Thanks a lot for figuring out this issue. No, I didn't run tests since the Jenkins (https://builds.apache.org/job/CXF-Trunk-PR/902/) did it, and the STSUnitTest.testBearerSAML2Token is failing there. Certainly +1 to defer this change to 3.4.0, we need more time to make sure all different cases are covered. Thanks. Best Regards, Andriy Redko > Change JAX-WS javax to jakarta artifact dependencies > > > Key: CXF-7910 > URL: https://issues.apache.org/jira/browse/CXF-7910 > Project: CXF > Issue Type: Task > Components: JAX-WS Runtime >Reporter: Dennis Kieselhorst >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > See https://github.com/eclipse-ee4j/jax-ws-api/issues/46 > According to https://projects.eclipse.org/projects/ee4j.jaxws/ will be > released on 2018-12-14. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (CXF-7944) OAuthClientUtils hides error message if it contains a comma
Levi Miller created CXF-7944:
Summary: OAuthClientUtils hides error message if it contains a
comma
Key: CXF-7944
URL: https://issues.apache.org/jira/browse/CXF-7944
Project: CXF
Issue Type: Bug
Affects Versions: 3.2.7
Reporter: Levi Miller
OAuthClientUtils.getAccessToken hides the response error if the error message
contains a comma.
The root cause of this is that OAuthJSONProvider.readJSONResponse uses
String.split(",") to parse the json string, which throws
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1{code}
if there are unexpected commas.
Stack trace:
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(Unknown Source)
at
org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.readJSONResponse(OAuthJSONProvider.java:310)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:312)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:231)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:179){code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (CXF-7944) OAuthClientUtils hides error message if it contains a comma
[
https://issues.apache.org/jira/browse/CXF-7944?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Levi Miller updated CXF-7944:
-
Description:
OAuthClientUtils.getAccessToken hides the response error if the error message
contains a comma.
The root cause of this is that OAuthJSONProvider.readJSONResponse uses
String.split(",") to parse the json string, which throws
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1{code}
if there are unexpected commas.
Stack trace:
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(Unknown Source)
at
org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.readJSONResponse(OAuthJSONProvider.java:310)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:312)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:231)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:179){code}
response.getEntity() json string:
{code:java}
{"error":"invalid_client","error_description":"Client authentication failed due
to unknown client, no client authentication included, or unsupported
authentication method."}{code}
was:
OAuthClientUtils.getAccessToken hides the response error if the error message
contains a comma.
The root cause of this is that OAuthJSONProvider.readJSONResponse uses
String.split(",") to parse the json string, which throws
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1{code}
if there are unexpected commas.
Stack trace:
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(Unknown Source)
at
org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.readJSONResponse(OAuthJSONProvider.java:310)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:312)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:231)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:179){code}
Json:
{code:java}
{"error":"invalid_client","error_description":"Client authentication failed due
to unknown client, no client authentication included, or unsupported
authentication method."}{code}
> OAuthClientUtils hides error message if it contains a comma
> ---
>
> Key: CXF-7944
> URL: https://issues.apache.org/jira/browse/CXF-7944
> Project: CXF
> Issue Type: Bug
>Affects Versions: 3.2.7
>Reporter: Levi Miller
>Priority: Major
>
> OAuthClientUtils.getAccessToken hides the response error if the error message
> contains a comma.
> The root cause of this is that OAuthJSONProvider.readJSONResponse uses
> String.split(",") to parse the json string, which throws
> {code:java}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -1{code}
> if there are unexpected commas.
>
> Stack trace:
> {code:java}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -1
> at java.lang.String.substring(Unknown Source)
> at
> org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.readJSONResponse(OAuthJSONProvider.java:310)
> at
> org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:312)
> at
> org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:231)
> at
> org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:179){code}
> response.getEntity() json string:
> {code:java}
> {"error":"invalid_client","error_description":"Client authentication failed
> due to unknown client, no client authentication included, or unsupported
> authentication method."}{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Updated] (CXF-7944) OAuthClientUtils hides error message if it contains a comma
[
https://issues.apache.org/jira/browse/CXF-7944?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Levi Miller updated CXF-7944:
-
Description:
OAuthClientUtils.getAccessToken hides the response error if the error message
contains a comma.
The root cause of this is that OAuthJSONProvider.readJSONResponse uses
String.split(",") to parse the json string, which throws
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1{code}
if there are unexpected commas.
Stack trace:
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(Unknown Source)
at
org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.readJSONResponse(OAuthJSONProvider.java:310)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:312)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:231)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:179){code}
Json:
{code:java}
{"error":"invalid_client","error_description":"Client authentication failed due
to unknown client, no client authentication included, or unsupported
authentication method."}{code}
was:
OAuthClientUtils.getAccessToken hides the response error if the error message
contains a comma.
The root cause of this is that OAuthJSONProvider.readJSONResponse uses
String.split(",") to parse the json string, which throws
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1{code}
if there are unexpected commas.
Stack trace:
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(Unknown Source)
at
org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.readJSONResponse(OAuthJSONProvider.java:310)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:312)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:231)
at
org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:179){code}
> OAuthClientUtils hides error message if it contains a comma
> ---
>
> Key: CXF-7944
> URL: https://issues.apache.org/jira/browse/CXF-7944
> Project: CXF
> Issue Type: Bug
>Affects Versions: 3.2.7
>Reporter: Levi Miller
>Priority: Major
>
> OAuthClientUtils.getAccessToken hides the response error if the error message
> contains a comma.
> The root cause of this is that OAuthJSONProvider.readJSONResponse uses
> String.split(",") to parse the json string, which throws
> {code:java}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -1{code}
> if there are unexpected commas.
>
> Stack trace:
> {code:java}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -1
> at java.lang.String.substring(Unknown Source)
> at
> org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.readJSONResponse(OAuthJSONProvider.java:310)
> at
> org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:312)
> at
> org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:231)
> at
> org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:179){code}
> Json:
> {code:java}
> {"error":"invalid_client","error_description":"Client authentication failed
> due to unknown client, no client authentication included, or unsupported
> authentication method."}{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Created] (CXF-7945) Swagger and Swagger UI modules export the same package which causes error in modular apps (Java 9+)
Andriy Redko created CXF-7945: - Summary: Swagger and Swagger UI modules export the same package which causes error in modular apps (Java 9+) Key: CXF-7945 URL: https://issues.apache.org/jira/browse/CXF-7945 Project: CXF Issue Type: Bug Affects Versions: 3.2.7, 3.3.0 Reporter: Andriy Redko Assignee: Andriy Redko Error occurred during initialization of boot layer java.lang.module.ResolutionException: Modules org.apache.cxf.rs.swagger.ui and org.apache.cxf.rs.swagger export package org.apache.cxf.jaxrs.swagger to module javax.servlet.api -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CXF-7856) AbstractFeature must not extend WebServiceFeature
[ https://issues.apache.org/jira/browse/CXF-7856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16743719#comment-16743719 ] Dennis Kieselhorst commented on CXF-7856: - We should definitely solve this. Currently a JAXRS application is not working on JDK 11 without adding JAXWS API. > AbstractFeature must not extend WebServiceFeature > - > > Key: CXF-7856 > URL: https://issues.apache.org/jira/browse/CXF-7856 > Project: CXF > Issue Type: Bug >Reporter: Romain Manni-Bucau >Priority: Minor > > rational being that a cxf feature is not bound to jaxws (it works with jaxrs) -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (CXF-7753) Support draft-cavage-http-signatures-09 OOTB
[ https://issues.apache.org/jira/browse/CXF-7753?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dennis Kieselhorst updated CXF-7753: Fix Version/s: 3.3.0 > Support draft-cavage-http-signatures-09 OOTB > > > Key: CXF-7753 > URL: https://issues.apache.org/jira/browse/CXF-7753 > Project: CXF > Issue Type: New Feature > Components: JAX-RS Security >Reporter: David J. M. Karlsen >Priority: Major > Labels: security, signature > Fix For: 3.3.0 > > > It would be nice to support http signing signatures: > https://tools.ietf.org/html/draft-cavage-http-signatures-09 > It will probably increase in popularity as it's part of PSD2 security: > https://www.stet.eu/assets/files/PSD2/API-DSP2-STET_V1.2.3_final.pdf > I've found a library which could be used: > https://github.com/mbarbero/http-messages-signing > either making the integration in that library, or providing a cxf component > using parts of it for the signing part. > By doing this validation of incoming requests, as well as signing of outgoing > reqs could be handled transparently by either an interceptor, or maybe more > vanilla, a JAX-RS filter. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
