[jira] [Created] (CXF-7469) DocLiteralInInterceptor creates DataReader too soon
Daniel Kulp created CXF-7469: Summary: DocLiteralInInterceptor creates DataReader too soon Key: CXF-7469 URL: https://issues.apache.org/jira/browse/CXF-7469 Project: CXF Issue Type: Bug Components: Core Affects Versions: 3.0.14, 3.1.11 Reporter: Daniel Kulp Assignee: Daniel Kulp Fix For: 3.0.15, 3.1.13, 3.2.0 The DocLiteralInInterceptor creates the DataReader prior to determining the BindingOperationInfo. Thus, the SchemaValidation setting on the operation/method level cannot take affect. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Resolved] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sergey Beryozkin resolved CXF-7467.
---
Resolution: Fixed
Fix Version/s: 3.2.0
3.1.13
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
> Fix For: 3.1.13, 3.2.0
>
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (FEDIZ-137) IDP Login Cancel does not work
[ https://issues.apache.org/jira/browse/FEDIZ-137?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Colm O hEigeartaigh updated FEDIZ-137: -- Fix Version/s: (was: 1.4.1) 1.4.2 > IDP Login Cancel does not work > -- > > Key: FEDIZ-137 > URL: https://issues.apache.org/jira/browse/FEDIZ-137 > Project: CXF-Fediz > Issue Type: Bug > Components: IDP >Reporter: Sergey Beryozkin > Fix For: 1.4.2 > > > 'Cancel' does not seem to work. > When a user goes to a realm selection page: and presses 'Cancel' there, the > form does not react, though something changes in the server output, and then > the 2nd Cancel results in a user being asked to enter the name and password. > If the user selects a realm, and when asked to to enter the name and > password: > - if Cancel is pressed immediately in the name/password dialog then the user > sees 401 reported by Tomcat itself, with the browser staying at > "https://localhost:8443/fediz-idp/federation/up; > - If a user enters a wrong name/password first and then on a second try > presses Cancel - 401 is returned by this time from Spring Security: > "HTTP Status 401 - No AuthenticationProvider found for > org.springframework.security.authentication.UsernamePasswordAuthenticationToken" > > In all the cases the user is 'locked' on the IDP endpoint with no way to > return. > The user should be optionally redirected back to the RP which is where the > interaction with the user can be controlled better if needed in cases of > Cancel given that Cancel is a message from the user that the user wishes to > leave the login process hence 401 is not appropriate. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16123263#comment-16123263
]
Ingo Weiss commented on CXF-7467:
-
I did, https://github.com/apache/cxf/pull/303.
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16123252#comment-16123252
]
Sergey Beryozkin commented on CXF-7467:
---
Can you please create a Java 7 friendly patch for 3.1.x ?
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7467) WSDLManagerImpl requires privileged actions in order to work under a security manager
[
https://issues.apache.org/jira/browse/CXF-7467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16123235#comment-16123235
]
ASF GitHub Bot commented on CXF-7467:
-
Github user asfgit closed the pull request at:
https://github.com/apache/cxf/pull/304
> WSDLManagerImpl requires privileged actions in order to work under a security
> manager
> -
>
> Key: CXF-7467
> URL: https://issues.apache.org/jira/browse/CXF-7467
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
>Affects Versions: 3.1.12
>Reporter: Ingo Weiss
> Labels: security
>
> When using CXF and WSDL under a security manager, security related exceptions
> are thrown, making initialisation of {{WSDLManagerImpl}} fail.
> {noformat}
> Caused by: java.security.AccessControlException: WFSM01: Permission check
> failed (permission "("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/wsdl.properties"
> "read")" in code source "(vfs:/content/executorService.war/WEB-INF/classes
> )" of "ModuleClassLoader for Module
> "deployment.executorService.war" from Service Module Loader")
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
> at
> org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:350)
> at java.io.FileInputStream.(FileInputStream.java:127)
> at
> javax.wsdl.factory.WSDLFactory.findFactoryImplName(WSDLFactory.java:243)
> at javax.wsdl.factory.WSDLFactory.newInstance(WSDLFactory.java:60)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:84)
> at org.apache.cxf.wsdl11.WSDLManagerImpl.(WSDLManagerImpl.java:80)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:249)
> at org.apache.cxf.bus.extension.Extension.load(Extension.java:261)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.loadAndRegister(ExtensionManagerImpl.java:213)
> at
> org.apache.cxf.bus.extension.ExtensionManagerImpl.getBeanOfType(ExtensionManagerImpl.java:320)
> at
> org.apache.cxf.bus.extension.ExtensionManagerBus.getExtension(ExtensionManagerBus.java:215)
> at
> org.apache.cxf.jaxws.ServiceImpl.initializePorts(ServiceImpl.java:169)
> at org.apache.cxf.jaxws.ServiceImpl.initialize(ServiceImpl.java:160)
> at org.apache.cxf.jaxws.ServiceImpl.(ServiceImpl.java:129)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7438) Xml validation error with MTOM
[
https://issues.apache.org/jira/browse/CXF-7438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16123217#comment-16123217
]
Sergius Mohr commented on CXF-7438:
---
[~dkulp] did already a commit to
[master|https://github.com/apache/cxf/commit/720b41e218cf0b8103b397ff869aa08222cd98d4]
and [3.1.x-fixes
branch|https://github.com/apache/cxf/commit/88c48ed4b6164afbb7cc97c6a8bffc63babcf5af]
my test with 3.1.13-SNAPSHOT was succesful
is it possible to create a new release (3.1.13) within the next days?
> Xml validation error with MTOM
> --
>
> Key: CXF-7438
> URL: https://issues.apache.org/jira/browse/CXF-7438
> Project: CXF
> Issue Type: Bug
> Components: JAXB Databinding
>Affects Versions: 3.1.11
>Reporter: Casper Biever
>Priority: Minor
>
> We have an issue similar to CXF-7185 except in our case the cvc-type is
> different. We suggest the following change to DataWriterImpl:
> {code}
> // CXF-1194 and CXF-7438 this hack is specific to MTOM, so pretty safe to
> leave in here before calling the origHandler.
> String msg = event.getMessage();
> if ((msg.startsWith("cvc-type.3.1.2") ||
> msg.startsWith("cvc-complex-type.2.2"))
> && msg.contains(marshaller.getLastMTOMElementName().getLocalPart())) {
> return true;
> }
> {code}
> Our xsd contains this:
> {code:language=xml}
>
>
> maxOccurs="unbounded"/>
>
>
> {code}
> Without MTOM enabled everything ist fine, with MTOM enabled the error occurs.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Resolved] (CXF-6882) Implement JAX-RS 2.1 NIO Proposal (Server/Writer)
[ https://issues.apache.org/jira/browse/CXF-6882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergey Beryozkin resolved CXF-6882. --- Resolution: Fixed > Implement JAX-RS 2.1 NIO Proposal (Server/Writer) > - > > Key: CXF-6882 > URL: https://issues.apache.org/jira/browse/CXF-6882 > Project: CXF > Issue Type: Sub-task > Components: JAX-RS >Reporter: Sergey Beryozkin >Assignee: Andriy Redko > Labels: server > Fix For: 3.2.0 > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (CXF-5973) Response.created(URI) resolves relative URIs relative to the servlet URI instead of the request URI
[
https://issues.apache.org/jira/browse/CXF-5973?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16123103#comment-16123103
]
Tobias Oberlies commented on CXF-5973:
--
https://java.net/jira/browse/JAX_RS_SPEC-483 was moved to
https://github.com/jax-rs/api/issues/488
> Response.created(URI) resolves relative URIs relative to the servlet URI
> instead of the request URI
> ---
>
> Key: CXF-5973
> URL: https://issues.apache.org/jira/browse/CXF-5973
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS
>Affects Versions: 2.7.5, 2.7.12
>Reporter: Tobias Oberlies
>
> According to the [JavaDoc of
> javax.ws.rs.core.Response.created(URI)|http://docs.oracle.com/javaee/6/api/javax/ws/rs/core/Response.html#created%28java.net.URI%29],
> relative URIs should be resolved relative to the request URI.
> However, CXF resolves the URI relative the the servlet path of the
> CXFNonSpringJaxrsServlet.
> Example:
> For a resource at path {{/account/someaccount/entries}} served by a servlet
> registered at {{/service/b/api}}, the following code should result in a
> response with the HTTP header {{Location:
> http://localhost/service/b/api/account/someaccount/entries/newentry}}
> {noformat}
> @POST
> public Response create() {
> URI location = new URI("newentry");
> return Response.created(location).build();
> }
> {noformat}
> However, the header has the incorrect value {{Location:
> http://localhost/service/b/api/newentry}}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (CXF-7464) add java2swagger maven plugin so that can generate swagger(json/yaml) during build time
[ https://issues.apache.org/jira/browse/CXF-7464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16122981#comment-16122981 ] Freeman Fang commented on CXF-7464: --- Thanks Dennis! (Just back from vacation) > add java2swagger maven plugin so that can generate swagger(json/yaml) during > build time > --- > > Key: CXF-7464 > URL: https://issues.apache.org/jira/browse/CXF-7464 > Project: CXF > Issue Type: New Feature > Components: Tooling >Reporter: Freeman Fang >Assignee: Freeman Fang > Fix For: 3.2.0 > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
