davsclaus opened a new pull request, #24054: URL: https://github.com/apache/camel/pull/24054
## Summary _Claude Code on behalf of Claus Ibsen_ - Make `cxf-rt-ws-security` optional in `camel-cxf-soap` so most CXF users avoid the 13+ transitive `org.opensaml` JARs hosted on the unreliable `build.shibboleth.net` repository - Extract wss4j-dependent cert extraction from `DefaultCxfBinding` into a new `WsSecurityHelper` class that is only loaded when wss4j is on the classpath (classpath detection via `Class.forName`) - Exclude `org.opensaml:*` transitives from `cxf-rt-ws-security` in both `camel-cxf-soap` (optional/compile) and `camel-cxf-spring-soap` (test scope) - Remove the now-unnecessary `.mvn/rrf/groupId-B_shibboleth.txt` Maven Repository Resolution Filter since no module resolves opensaml artifacts anymore - Add upgrade guide entry documenting the change and how users who need WS-Security/OpenSAML can add the dependencies explicitly ## Test plan - [x] `mvn verify` passes for `camel-cxf-soap` (compilation with optional wss4j, opensaml excluded) - [x] `mvn verify` passes for `camel-cxf-spring-soap` — all 158 tests pass including 4 WS-Security tests (signature, encryption, username token, security policy) - [x] `mvn dependency:tree -Dincludes=org.opensaml` confirms zero opensaml artifacts in both modules - [ ] CI full build 🤖 Generated with [Claude Code](https://claude.com/claude-code) Closes: https://issues.apache.org/jira/browse/CAMEL-23773 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
