Hi Dan, Hi Colm, On Fri, 19 Aug 2011 14:58:04 -0400 Daniel Kulp <[email protected]> wrote:
> > Yep. From a quick look, there is definitely a bit of work to do with > it. Obviously separating out the CXF and non-CXF parts would also be > a requirement and moving the CXF specific stuff to CXF. (so we don't > end up with a circular dependency between CXF and wss4j) Updating There is no real dependency to CXF. CXF was just used as demonstration how easy it is to integrate. Therefore I wrote an SecurityIn- and Out-Interceptor. Of course, these classes have to be moved to CXF if my framework will be accepted. > to the latest Neethi, etc.... Colm and I have also added a lot of > stuff to CXF and WSS4J lately that we'd definitely like to make sure > get ported over. Kerberos is one, but there are a bunch of other > things as well. Yes, I had not enough man power to follow the releases. Also there were some fixes between the WSS4J releases which must be ported over (I think all tickets in WSS4J since 1.5.8 must be verified in swssf. As I already said, swssf is feature and bug compatible;-) > > There are a few other things to think about with it as well like > interactions with FastInfoset (which CXF can currently support, but > this wouldn't due to operating on the OutputStream directly instead > of an XMLStream/EventWriter). Mapping all the current CXF configs in > may take a bit as well, but nothing too major I would expect. I was just to lazy and had no time left to implement the XMLStreamWriter. At the time, I noticed that a simple OutputStream matches perfectly for the CXF integration. But you are right, this will be a requirement. For the FastInfoset case, maybe we find a more efficient way as writing to an XMLStreamWriter and then translate to FastInfoset... I think the configuration of WSS4J and swssf also needs some refactoring. I already have some ideas, but this can be discussed later. All the mentioned things are from my point of view relatively easy to solve. A lot more work needs to be done in finishing the policy verification and its tests. Also if requested the whole client setup via policy should/must be implemented. And of course there are other issues to solve too... > > .... snip ..... > > > > What do you think? > > > > Fine. > > Some questions: > > - In which format do you expect the source? tar? svn dump? Access > > to my repo? ...? > > And svndump would be preferred. Infra can import that directly into > an area of our svn and not lose any history. Basically, you would > need to create a svndump, create a md5 hash (and ideally a gpg > signature) and make those available someplace. Then file a JIRA at > apache pointing to it (or attaching if it's not too big) and record > the md5 in the JIRA to make sure it identifies the right bits. I opened a ticket and attached the svn dump: https://issues.apache.org/jira/browse/WSS-311 > > We would then need to vote to accept the contribution (mostly a > formality). Ideally, we'd vote to make you a committer at the same > time. When the vote passes, we get infra to import it. > > > - Is anything else to do from my side (separating, ...), aside > > re-licensing under the apache license? > > - Whom should I send the (of course re-licensed) code? > > See above. Since this is a sizable contribution (more than a simple > bug patch), it will likely need an official code grant. See: > > http://incubator.apache.org/ip-clearance/index.html > > Filing a grant requires an Apache member to help out, but Colm and I > are both members (and there are other around here as well) that would > be more than happy to help out. If you have any questions about it, > let me know and I'd be happy to help. I prepared the form as far as I could. Please have a look at http://gigerstyle.homelinux.com/downloads/swssf/swssf.xml Also I filled out the grants.txt : http://gigerstyle.homelinux.com/downloads/swssf/grants.txt http://gigerstyle.homelinux.com/downloads/swssf/grants.txt.asc You will find my gpg public key for signature-verification on the key-servers or under the following URL: http://gigerstyle.homelinux.com/?page_id=28 It's not entirely clear to me: Do I have to send some documents to the apache office or secretary? Did I everything correctly so far? What are the next steps? > > Also, you should file an Apache ICLA: > http://www.apache.org/licenses/#clas > > That's the first step in getting an account created for you to become > a committer. Doing that sooner can help speed things up. Also done. I already got an ack from secretary. Should I forward the acknowledgment to you? > > > > Do you have some more questions? > > I think that's it for me. Let me just say "very nice job". :-) Thank you Dan! Kind regards Marc > > Dan > -- Lesson 1: Cryptographic protocols should not be developed by a committee. -- Niels Ferguson and Bruce Schneier --
signature.asc
Description: PGP signature
