[jira] [Commented] (CXF-8671) Support Jakarta EE 10
[ https://issues.apache.org/jira/browse/CXF-8671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17853635#comment-17853635 ] Andriy Redko commented on CXF-8671: --- [~ruslan.hryn] I think it is reasonable to expect the release this year > Support Jakarta EE 10 > - > > Key: CXF-8671 > URL: https://issues.apache.org/jira/browse/CXF-8671 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0 > > > Support Jakarta EE 10 > Jakarta EE 10 has Landed - > [https://jakartaee-ambassadors.io/2022/09/22/jakarta-ee-10-released/] > [https://jakarta.ee/release/10/] > [https://www.infoq.com/news/2023/01/glassfish-delivers-support-jdk17/] > > Specs > ([https://repo1.maven.org/maven2/jakarta/platform/jakartaee-api-parent/10.0.0/jakartaee-api-parent-10.0.0.pom):] > * Jakarta Activation 2.1* > * Jakarta Authentication 3.0* > * Jakarta Authorization 2.1* > * Jakarta Batch 2.1* > * Jakarta Bean Validation 3.0 > * Jakarta Common Annotations 2.1* > * Jakarta Concurrency 3.0* > * Jakarta Connectors 2.1* > * Jakarta Contexts and Dependency Injection 4.0* > * Jakarta Debugging Support for Other Languages 2.0 > * Jakarta Dependency Injection 2.0 > * Jakarta Enterprise Beans 4.0 (except for Jakarta Enterprise Beans entity > beans and associated Jakarta Enterprise Beans QL, and embedded container, > which have been made removed) > * Jakarta Expression Language 5.0* > * Jakarta Interceptors 2.1* > * Jakarta JSON Processing 2.1* > * Jakarta JSON Binding 3.0* > * Jakarta Mail 2.1* > * Jakarta Managed Beans 2.0 > * Jakarta Messaging 3.1* > * Jakarta Persistence 3.1* > * Jakarta RESTful Web Services 3.1* > * Jakarta Security 3.0* > * Jakarta Servlet 6.0* > * Jakarta Server Faces 4.0* > * Jakarta Server Pages 3.1* > * Jakarta Standard Tag Library 3.0* > * Jakarta Transactions 2.0 > * Jakarta WebSocket 2.1* > * Jakarta Enterprise Beans 3.2 and earlier entity beans and associated > Jakarta Enterprise Beans QL > * Jakarta Enterprise Beans 2.x API group > * Jakarta Enterprise Web Services 2.0 > * Jakarta SOAP with Attachments 3.0* > * Jakarta XML Web Services 4.0* > * Jakarta XML Binding 4.0* > > Rest Client TCK update: > - [https://github.com/eclipse/microprofile-rest-client/pull/352] > > Updates required: > - Brave 6 > - OpenTelemetry 1.37.0+ > - Apache Tika 3.0.0 > ([https://github.com/apache/tika/releases/tag/3.0.0-BETA)] > - *[DONE]* UnboundID LDAP SDK for Java 7.0.0 > ([https://github.com/pingidentity/ldapsdk/releases/tag/7.0.0]) > - *[DONE]* Undertow 2.3.x > - *[DONE]* Jetty 12 > ([https://github.com/eclipse/jetty.project/releases/tag/jetty-12.0.0.beta0]) > - Hibernate Validator 8 ([https://hibernate.org/validator/releases/8.0/)] > - *[DONE]* Hibernate 6.4 > ([https://in.relation.to/2023/11/23/orm-640-final/|https://in.relation.to/2023/08/31/orm-630/]) > - *[DONE]* Weld 5 > ([https://weld.cdi-spec.org/news/2022/04/29/weld-500Final/]) > - *[DONE]* Spring Boot 3.2 > ([https://github.com/spring-projects/spring-boot/releases/tag/v3.2.0|https://github.com/spring-projects/spring-boot/releases/tag/v3.1.0]) > - *[DONE]* Spring Security 6.2 > ([https://github.com/spring-projects/spring-security/releases/tag/6.1.0]) > - *[DONE]* Micrometer 1.12 > ([https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0|https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0-M1]) > - {*}[DONE]{*}Micrometer Tracing 1.2 > ([https://github.com/micrometer-metrics/tracing/releases/tag/v1.1.4)] > - *[DONE]* Spring LDAP 3.2 > ([https://github.com/spring-projects/spring-ldap/releases/tag/3.2.0)|https://github.com/spring-projects/spring-ldap/releases/tag/3.1.0)] > Microprofile 6.0 > ([https://download.eclipse.org/microprofile/microprofile-6.0/microprofile-spec-6.0.html),] > aligned with JakartaEE 10 core profile: > - Microprofile OpenAPI 3.1 > ([https://github.com/eclipse/microprofile-open-api/releases/tag/3.1]) > - Microprofile Config 3.1 > ([https://github.com/eclipse/microprofile-config/releases/tag/3.1]) > - Angus Mail > ([https://github.com/eclipse-ee4j/angus-mail/releases/tag/2.0.1]) > - > [https://github.com/arquillian/arquillian-container-weld/releases/tag/3.0.2.Final] > > Migration Guide: > [https://cwiki.apache.org/confluence/display/CXF20DOC/4.1+Migration+Guide] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-8671) Support Jakarta EE 10
[ https://issues.apache.org/jira/browse/CXF-8671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17853570#comment-17853570 ] Ruslan Gryn commented on CXF-8671: -- [~reta] maybe you can provide an approximate magnitude when expecting the release. For example, in 1 month, 6 months, 1 year, etc > Support Jakarta EE 10 > - > > Key: CXF-8671 > URL: https://issues.apache.org/jira/browse/CXF-8671 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0 > > > Support Jakarta EE 10 > Jakarta EE 10 has Landed - > [https://jakartaee-ambassadors.io/2022/09/22/jakarta-ee-10-released/] > [https://jakarta.ee/release/10/] > [https://www.infoq.com/news/2023/01/glassfish-delivers-support-jdk17/] > > Specs > ([https://repo1.maven.org/maven2/jakarta/platform/jakartaee-api-parent/10.0.0/jakartaee-api-parent-10.0.0.pom):] > * Jakarta Activation 2.1* > * Jakarta Authentication 3.0* > * Jakarta Authorization 2.1* > * Jakarta Batch 2.1* > * Jakarta Bean Validation 3.0 > * Jakarta Common Annotations 2.1* > * Jakarta Concurrency 3.0* > * Jakarta Connectors 2.1* > * Jakarta Contexts and Dependency Injection 4.0* > * Jakarta Debugging Support for Other Languages 2.0 > * Jakarta Dependency Injection 2.0 > * Jakarta Enterprise Beans 4.0 (except for Jakarta Enterprise Beans entity > beans and associated Jakarta Enterprise Beans QL, and embedded container, > which have been made removed) > * Jakarta Expression Language 5.0* > * Jakarta Interceptors 2.1* > * Jakarta JSON Processing 2.1* > * Jakarta JSON Binding 3.0* > * Jakarta Mail 2.1* > * Jakarta Managed Beans 2.0 > * Jakarta Messaging 3.1* > * Jakarta Persistence 3.1* > * Jakarta RESTful Web Services 3.1* > * Jakarta Security 3.0* > * Jakarta Servlet 6.0* > * Jakarta Server Faces 4.0* > * Jakarta Server Pages 3.1* > * Jakarta Standard Tag Library 3.0* > * Jakarta Transactions 2.0 > * Jakarta WebSocket 2.1* > * Jakarta Enterprise Beans 3.2 and earlier entity beans and associated > Jakarta Enterprise Beans QL > * Jakarta Enterprise Beans 2.x API group > * Jakarta Enterprise Web Services 2.0 > * Jakarta SOAP with Attachments 3.0* > * Jakarta XML Web Services 4.0* > * Jakarta XML Binding 4.0* > > Rest Client TCK update: > - [https://github.com/eclipse/microprofile-rest-client/pull/352] > > Updates required: > - Brave 6 > - OpenTelemetry 1.37.0+ > - Apache Tika 3.0.0 > ([https://github.com/apache/tika/releases/tag/3.0.0-BETA)] > - *[DONE]* UnboundID LDAP SDK for Java 7.0.0 > ([https://github.com/pingidentity/ldapsdk/releases/tag/7.0.0]) > - *[DONE]* Undertow 2.3.x > - *[DONE]* Jetty 12 > ([https://github.com/eclipse/jetty.project/releases/tag/jetty-12.0.0.beta0]) > - Hibernate Validator 8 ([https://hibernate.org/validator/releases/8.0/)] > - *[DONE]* Hibernate 6.4 > ([https://in.relation.to/2023/11/23/orm-640-final/|https://in.relation.to/2023/08/31/orm-630/]) > - *[DONE]* Weld 5 > ([https://weld.cdi-spec.org/news/2022/04/29/weld-500Final/]) > - *[DONE]* Spring Boot 3.2 > ([https://github.com/spring-projects/spring-boot/releases/tag/v3.2.0|https://github.com/spring-projects/spring-boot/releases/tag/v3.1.0]) > - *[DONE]* Spring Security 6.2 > ([https://github.com/spring-projects/spring-security/releases/tag/6.1.0]) > - *[DONE]* Micrometer 1.12 > ([https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0|https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0-M1]) > - {*}[DONE]{*}Micrometer Tracing 1.2 > ([https://github.com/micrometer-metrics/tracing/releases/tag/v1.1.4)] > - *[DONE]* Spring LDAP 3.2 > ([https://github.com/spring-projects/spring-ldap/releases/tag/3.2.0)|https://github.com/spring-projects/spring-ldap/releases/tag/3.1.0)] > Microprofile 6.0 > ([https://download.eclipse.org/microprofile/microprofile-6.0/microprofile-spec-6.0.html),] > aligned with JakartaEE 10 core profile: > - Microprofile OpenAPI 3.1 > ([https://github.com/eclipse/microprofile-open-api/releases/tag/3.1]) > - Microprofile Config 3.1 > ([https://github.com/eclipse/microprofile-config/releases/tag/3.1]) > - Angus Mail > ([https://github.com/eclipse-ee4j/angus-mail/releases/tag/2.0.1]) > - > [https://github.com/arquillian/arquillian-container-weld/releases/tag/3.0.2.Final] > > Migration Guide: > [https://cwiki.apache.org/confluence/display/CXF20DOC/4.1+Migration+Guide] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-8828) Support Jakarta EE 11
[ https://issues.apache.org/jira/browse/CXF-8828?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-8828: -- Description: Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) Minimum JDK requirement - JDK-17 Specs updates: * [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891, |https://github.com/apache/cxf/pull/1891] [https://jakarta.ee/specifications/persistence/3.2/)|https://jakarta.ee/specifications/persistence/3.2/] * Jakarta Annotations 3.0 ([https://jakarta.ee/specifications/annotations/3.0/)] * Jakarta Authorization 3.0 ([https://jakarta.ee/specifications/authorization/3.0/)] * Jakarta Contexts and Dependency Injection 4.1 ([https://jakarta.ee/specifications/cdi/4.1/)] * Jakarta Expression Language 6.0 ([https://jakarta.ee/specifications/expression-language/6.0/)] * Jakarta Interceptors 2.2 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta RESTful Web Services 4.0 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta Validation 3.1 ([https://jakarta.ee/specifications/bean-validation/3.1/]) * Jakarta WebSocket 2.2 ([https://jakarta.ee/specifications/websocket/2.2/]) * Jakarta Concurrency 3.1 ([https://jakarta.ee/specifications/concurrency/3.1/)] * Jakarta Data 1.0 ([https://jakarta.ee/specifications/data/1.0/)] * Jakarta Faces 4.1 ([https://jakarta.ee/specifications/faces/4.1/)] * Jakarta Pages 4.0 ([https://jakarta.ee/specifications/pages/4.0/)] * Jakarta Servlet 6.1 ([https://jakarta.ee/specifications/servlet/6.1/]) * Jakarta Authentication 3.0 (https://jakarta.ee/specifications/authentication/3.1/) * Jakarta Security 4.0 (https://jakarta.ee/specifications/security/4.0/) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) was: Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) Minimum JDK requirement - JDK-17 Specs updates: * [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891, |https://github.com/apache/cxf/pull/1891] [https://jakarta.ee/specifications/persistence/3.2/)|https://jakarta.ee/specifications/persistence/3.2/] * Jakarta Annotations 3.0 ([https://jakarta.ee/specifications/annotations/3.0/)] * Jakarta Authorization 3.0 ([https://jakarta.ee/specifications/authorization/3.0/)] * Jakarta Contexts and Dependency Injection 4.1 ([https://jakarta.ee/specifications/cdi/4.1/)] * Jakarta Expression Language 6.0 ([https://jakarta.ee/specifications/expression-language/6.0/)] * Jakarta Interceptors 2.2 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta RESTful Web Services 4.0 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta Validation 3.1 ([https://jakarta.ee/specifications/bean-validation/3.1/]) * Jakarta WebSocket 2.2 ([https://jakarta.ee/specifications/websocket/2.2/]) * Jakarta Concurrency 3.1 ([https://jakarta.ee/specifications/concurrency/3.1/)] * Jakarta Data 1.0 ([https://jakarta.ee/specifications/data/1.0/)] * Jakarta Faces 4.1 ([https://jakarta.ee/specifications/faces/4.1/)] * Jakarta Pages 4.0 ([https://jakarta.ee/specifications/pages/4.0/)] * Jakarta Servlet 6.1 (https://jakarta.ee/specifications/servlet/6.1/) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) > Support Jakarta EE 11 > - > > Key: CXF-8828 > URL: https://issues.apache.org/jira/browse/CXF-8828 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.2.0 > > > Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) > Minimum JDK requirement - JDK-17 > > Specs updates: > * [Jakarta Validation 3.1 > (|https://jakarta.ee/specifications/bean-validation/3.1/] > [https://github.com/apache/cxf/pull/1889)] > * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891, > |https://github.com/apache/cxf/pull/1891] > [https://jakarta.ee/specifications/persistence/3.2/)|https://jakarta.ee/specifications/persistence/3.2/] > * Jakarta Annotations 3.0 > ([https://jakarta.ee/specifications/annotations/3.0/)] > * Jaka
[jira] [Updated] (CXF-8828) Support Jakarta EE 11
[ https://issues.apache.org/jira/browse/CXF-8828?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-8828: -- Description: Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) Minimum JDK requirement - JDK-17 Specs updates: * [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891, |https://github.com/apache/cxf/pull/1891] [https://jakarta.ee/specifications/persistence/3.2/)|https://jakarta.ee/specifications/persistence/3.2/] * Jakarta Annotations 3.0 ([https://jakarta.ee/specifications/annotations/3.0/)] * Jakarta Authorization 3.0 ([https://jakarta.ee/specifications/authorization/3.0/)] * Jakarta Contexts and Dependency Injection 4.1 ([https://jakarta.ee/specifications/cdi/4.1/)] * Jakarta Expression Language 6.0 ([https://jakarta.ee/specifications/expression-language/6.0/)] * Jakarta Interceptors 2.2 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta RESTful Web Services 4.0 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta Validation 3.1 ([https://jakarta.ee/specifications/bean-validation/3.1/]) * Jakarta WebSocket 2.2 ([https://jakarta.ee/specifications/websocket/2.2/]) * Jakarta Concurrency 3.1 ([https://jakarta.ee/specifications/concurrency/3.1/)] * Jakarta Data 1.0 ([https://jakarta.ee/specifications/data/1.0/)] * Jakarta Faces 4.1 ([https://jakarta.ee/specifications/faces/4.1/)] * Jakarta Pages 4.0 ([https://jakarta.ee/specifications/pages/4.0/)] * Jakarta Servlet 6.1 (https://jakarta.ee/specifications/servlet/6.1/) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) was: Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) Minimum JDK requirement - JDK-17 Specs updates: * [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891, |https://github.com/apache/cxf/pull/1891] [https://jakarta.ee/specifications/persistence/3.2/)|https://jakarta.ee/specifications/persistence/3.2/] * Jakarta Annotations 3.0 ([https://jakarta.ee/specifications/annotations/3.0/)] * Jakarta Authorization 3.0 ([https://jakarta.ee/specifications/authorization/3.0/)] * Jakarta Contexts and Dependency Injection 4.1 ([https://jakarta.ee/specifications/cdi/4.1/)] * Jakarta Expression Language 6.0 ([https://jakarta.ee/specifications/expression-language/6.0/)] * Jakarta Interceptors 2.2 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta RESTful Web Services 4.0 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta Validation 3.1 ([https://jakarta.ee/specifications/bean-validation/3.1/]) * Jakarta WebSocket 2.2 ([https://jakarta.ee/specifications/websocket/2.2/]) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) > Support Jakarta EE 11 > - > > Key: CXF-8828 > URL: https://issues.apache.org/jira/browse/CXF-8828 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.2.0 > > > Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) > Minimum JDK requirement - JDK-17 > > Specs updates: > * [Jakarta Validation 3.1 > (|https://jakarta.ee/specifications/bean-validation/3.1/] > [https://github.com/apache/cxf/pull/1889)] > * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891, > |https://github.com/apache/cxf/pull/1891] > [https://jakarta.ee/specifications/persistence/3.2/)|https://jakarta.ee/specifications/persistence/3.2/] > * Jakarta Annotations 3.0 > ([https://jakarta.ee/specifications/annotations/3.0/)] > * Jakarta Authorization 3.0 > ([https://jakarta.ee/specifications/authorization/3.0/)] > * Jakarta Contexts and Dependency Injection 4.1 > ([https://jakarta.ee/specifications/cdi/4.1/)] > * Jakarta Expression Language 6.0 > ([https://jakarta.ee/specifications/expression-language/6.0/)] > * Jakarta Interceptors 2.2 > ([https://jakarta.ee/specifications/restful-ws/4.0/)] > * Jakarta RESTful Web Services 4.0 > ([https://jakarta.ee/specifications/restful-ws/4.0/)] > * Jakarta Validation 3.1
[jira] [Commented] (CXF-8671) Support Jakarta EE 10
[ https://issues.apache.org/jira/browse/CXF-8671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17853299#comment-17853299 ] Andriy Redko commented on CXF-8671: --- [~ruslan.hryn] no ETA for release but you could try snapshots already > Support Jakarta EE 10 > - > > Key: CXF-8671 > URL: https://issues.apache.org/jira/browse/CXF-8671 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0 > > > Support Jakarta EE 10 > Jakarta EE 10 has Landed - > [https://jakartaee-ambassadors.io/2022/09/22/jakarta-ee-10-released/] > [https://jakarta.ee/release/10/] > [https://www.infoq.com/news/2023/01/glassfish-delivers-support-jdk17/] > > Specs > ([https://repo1.maven.org/maven2/jakarta/platform/jakartaee-api-parent/10.0.0/jakartaee-api-parent-10.0.0.pom):] > * Jakarta Activation 2.1* > * Jakarta Authentication 3.0* > * Jakarta Authorization 2.1* > * Jakarta Batch 2.1* > * Jakarta Bean Validation 3.0 > * Jakarta Common Annotations 2.1* > * Jakarta Concurrency 3.0* > * Jakarta Connectors 2.1* > * Jakarta Contexts and Dependency Injection 4.0* > * Jakarta Debugging Support for Other Languages 2.0 > * Jakarta Dependency Injection 2.0 > * Jakarta Enterprise Beans 4.0 (except for Jakarta Enterprise Beans entity > beans and associated Jakarta Enterprise Beans QL, and embedded container, > which have been made removed) > * Jakarta Expression Language 5.0* > * Jakarta Interceptors 2.1* > * Jakarta JSON Processing 2.1* > * Jakarta JSON Binding 3.0* > * Jakarta Mail 2.1* > * Jakarta Managed Beans 2.0 > * Jakarta Messaging 3.1* > * Jakarta Persistence 3.1* > * Jakarta RESTful Web Services 3.1* > * Jakarta Security 3.0* > * Jakarta Servlet 6.0* > * Jakarta Server Faces 4.0* > * Jakarta Server Pages 3.1* > * Jakarta Standard Tag Library 3.0* > * Jakarta Transactions 2.0 > * Jakarta WebSocket 2.1* > * Jakarta Enterprise Beans 3.2 and earlier entity beans and associated > Jakarta Enterprise Beans QL > * Jakarta Enterprise Beans 2.x API group > * Jakarta Enterprise Web Services 2.0 > * Jakarta SOAP with Attachments 3.0* > * Jakarta XML Web Services 4.0* > * Jakarta XML Binding 4.0* > > Rest Client TCK update: > - [https://github.com/eclipse/microprofile-rest-client/pull/352] > > Updates required: > - Brave 6 > - OpenTelemetry 1.37.0+ > - Apache Tika 3.0.0 > ([https://github.com/apache/tika/releases/tag/3.0.0-BETA)] > - *[DONE]* UnboundID LDAP SDK for Java 7.0.0 > ([https://github.com/pingidentity/ldapsdk/releases/tag/7.0.0]) > - *[DONE]* Undertow 2.3.x > - *[DONE]* Jetty 12 > ([https://github.com/eclipse/jetty.project/releases/tag/jetty-12.0.0.beta0]) > - Hibernate Validator 8 ([https://hibernate.org/validator/releases/8.0/)] > - *[DONE]* Hibernate 6.4 > ([https://in.relation.to/2023/11/23/orm-640-final/|https://in.relation.to/2023/08/31/orm-630/]) > - *[DONE]* Weld 5 > ([https://weld.cdi-spec.org/news/2022/04/29/weld-500Final/]) > - *[DONE]* Spring Boot 3.2 > ([https://github.com/spring-projects/spring-boot/releases/tag/v3.2.0|https://github.com/spring-projects/spring-boot/releases/tag/v3.1.0]) > - *[DONE]* Spring Security 6.2 > ([https://github.com/spring-projects/spring-security/releases/tag/6.1.0]) > - *[DONE]* Micrometer 1.12 > ([https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0|https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0-M1]) > - {*}[DONE]{*}Micrometer Tracing 1.2 > ([https://github.com/micrometer-metrics/tracing/releases/tag/v1.1.4)] > - *[DONE]* Spring LDAP 3.2 > ([https://github.com/spring-projects/spring-ldap/releases/tag/3.2.0)|https://github.com/spring-projects/spring-ldap/releases/tag/3.1.0)] > Microprofile 6.0 > ([https://download.eclipse.org/microprofile/microprofile-6.0/microprofile-spec-6.0.html),] > aligned with JakartaEE 10 core profile: > - Microprofile OpenAPI 3.1 > ([https://github.com/eclipse/microprofile-open-api/releases/tag/3.1]) > - Microprofile Config 3.1 > ([https://github.com/eclipse/microprofile-config/releases/tag/3.1]) > - Angus Mail > ([https://github.com/eclipse-ee4j/angus-mail/releases/tag/2.0.1]) > - > [https://github.com/arquillian/arquillian-container-weld/releases/tag/3.0.2.Final] > > Migration Guide: > [https://cwiki.apache.org/confluence/display/CXF20DOC/4.1+Migration+Guide] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXFXJC-47) XJC DefaultValue plugin uses JAXBElement that does not have a default constructor
[ https://issues.apache.org/jira/browse/CXFXJC-47?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXFXJC-47. Resolution: Fixed > XJC DefaultValue plugin uses JAXBElement that does not have a default > constructor > - > > Key: CXFXJC-47 > URL: https://issues.apache.org/jira/browse/CXFXJC-47 > Project: CXF XJC Utils > Issue Type: Bug >Affects Versions: 4.0.0 >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.0.1, 4.1.0, 3.3.4 > > > As reported by the user (see please > https://github.com/apache/cxf-xjc-utils/pull/129): > We've found a minor bug when using extensions and substitiongroups. > The defaultvalue-plugin generates a {{new JAXBElement}} expression, which > isn't valid java code, as JAXBElement does not have a default constructor. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CXF-8671) Support Jakarta EE 10
[ https://issues.apache.org/jira/browse/CXF-8671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17853246#comment-17853246 ] Ruslan Gryn edited comment on CXF-8671 at 6/7/24 6:18 PM: -- do you have an ETA for the delivery of Jetty 12 support? because it is the blocker for migration to Spring Boot 3.2 This is important because the support of Spring Boot 3.1 ended a few weeks ago. was (Author: ruslan.hryn): do you have an ETA for the delivery of Jetty 12 support? because it is the blocker for migration to Spring Boot 3.2 This is important because the support of Spring Boot 3.1 ended a few weeks ago. > Support Jakarta EE 10 > - > > Key: CXF-8671 > URL: https://issues.apache.org/jira/browse/CXF-8671 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0 > > > Support Jakarta EE 10 > Jakarta EE 10 has Landed - > [https://jakartaee-ambassadors.io/2022/09/22/jakarta-ee-10-released/] > [https://jakarta.ee/release/10/] > [https://www.infoq.com/news/2023/01/glassfish-delivers-support-jdk17/] > > Specs > ([https://repo1.maven.org/maven2/jakarta/platform/jakartaee-api-parent/10.0.0/jakartaee-api-parent-10.0.0.pom):] > * Jakarta Activation 2.1* > * Jakarta Authentication 3.0* > * Jakarta Authorization 2.1* > * Jakarta Batch 2.1* > * Jakarta Bean Validation 3.0 > * Jakarta Common Annotations 2.1* > * Jakarta Concurrency 3.0* > * Jakarta Connectors 2.1* > * Jakarta Contexts and Dependency Injection 4.0* > * Jakarta Debugging Support for Other Languages 2.0 > * Jakarta Dependency Injection 2.0 > * Jakarta Enterprise Beans 4.0 (except for Jakarta Enterprise Beans entity > beans and associated Jakarta Enterprise Beans QL, and embedded container, > which have been made removed) > * Jakarta Expression Language 5.0* > * Jakarta Interceptors 2.1* > * Jakarta JSON Processing 2.1* > * Jakarta JSON Binding 3.0* > * Jakarta Mail 2.1* > * Jakarta Managed Beans 2.0 > * Jakarta Messaging 3.1* > * Jakarta Persistence 3.1* > * Jakarta RESTful Web Services 3.1* > * Jakarta Security 3.0* > * Jakarta Servlet 6.0* > * Jakarta Server Faces 4.0* > * Jakarta Server Pages 3.1* > * Jakarta Standard Tag Library 3.0* > * Jakarta Transactions 2.0 > * Jakarta WebSocket 2.1* > * Jakarta Enterprise Beans 3.2 and earlier entity beans and associated > Jakarta Enterprise Beans QL > * Jakarta Enterprise Beans 2.x API group > * Jakarta Enterprise Web Services 2.0 > * Jakarta SOAP with Attachments 3.0* > * Jakarta XML Web Services 4.0* > * Jakarta XML Binding 4.0* > > Rest Client TCK update: > - [https://github.com/eclipse/microprofile-rest-client/pull/352] > > Updates required: > - Brave 6 > - OpenTelemetry 1.37.0+ > - Apache Tika 3.0.0 > ([https://github.com/apache/tika/releases/tag/3.0.0-BETA)] > - *[DONE]* UnboundID LDAP SDK for Java 7.0.0 > ([https://github.com/pingidentity/ldapsdk/releases/tag/7.0.0]) > - *[DONE]* Undertow 2.3.x > - *[DONE]* Jetty 12 > ([https://github.com/eclipse/jetty.project/releases/tag/jetty-12.0.0.beta0]) > - Hibernate Validator 8 ([https://hibernate.org/validator/releases/8.0/)] > - *[DONE]* Hibernate 6.4 > ([https://in.relation.to/2023/11/23/orm-640-final/|https://in.relation.to/2023/08/31/orm-630/]) > - *[DONE]* Weld 5 > ([https://weld.cdi-spec.org/news/2022/04/29/weld-500Final/]) > - *[DONE]* Spring Boot 3.2 > ([https://github.com/spring-projects/spring-boot/releases/tag/v3.2.0|https://github.com/spring-projects/spring-boot/releases/tag/v3.1.0]) > - *[DONE]* Spring Security 6.2 > ([https://github.com/spring-projects/spring-security/releases/tag/6.1.0]) > - *[DONE]* Micrometer 1.12 > ([https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0|https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0-M1]) > - {*}[DONE]{*}Micrometer Tracing 1.2 > ([https://github.com/micrometer-metrics/tracing/releases/tag/v1.1.4)] > - *[DONE]* Spring LDAP 3.2 > ([https://github.com/spring-projects/spring-ldap/releases/tag/3.2.0)|https://github.com/spring-projects/spring-ldap/releases/tag/3.1.0)] > Microprofile 6.0 > ([https://download.eclipse.org/microprofile/microprofile-6.0/microprofile-spec-6.0.html),] > aligned with JakartaEE 10 core profile: > - Microprofile OpenAPI 3.1 > ([https://github.com/eclipse/microprofile-open-api/releases/tag/3.1]) > - Microprofile Config 3.1 > ([https://github.com/eclipse/microprofile-config/releases/tag/3.1]) > - Angus Mail > ([https://githu
[jira] [Commented] (CXF-8671) Support Jakarta EE 10
[ https://issues.apache.org/jira/browse/CXF-8671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17853246#comment-17853246 ] Ruslan Gryn commented on CXF-8671: -- do you have an ETA for the delivery of Jetty 12 support? because it is the blocker for migration to Spring Boot 3.2 This is important because the support of Spring Boot 3.1 ended a few weeks ago. > Support Jakarta EE 10 > - > > Key: CXF-8671 > URL: https://issues.apache.org/jira/browse/CXF-8671 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0 > > > Support Jakarta EE 10 > Jakarta EE 10 has Landed - > [https://jakartaee-ambassadors.io/2022/09/22/jakarta-ee-10-released/] > [https://jakarta.ee/release/10/] > [https://www.infoq.com/news/2023/01/glassfish-delivers-support-jdk17/] > > Specs > ([https://repo1.maven.org/maven2/jakarta/platform/jakartaee-api-parent/10.0.0/jakartaee-api-parent-10.0.0.pom):] > * Jakarta Activation 2.1* > * Jakarta Authentication 3.0* > * Jakarta Authorization 2.1* > * Jakarta Batch 2.1* > * Jakarta Bean Validation 3.0 > * Jakarta Common Annotations 2.1* > * Jakarta Concurrency 3.0* > * Jakarta Connectors 2.1* > * Jakarta Contexts and Dependency Injection 4.0* > * Jakarta Debugging Support for Other Languages 2.0 > * Jakarta Dependency Injection 2.0 > * Jakarta Enterprise Beans 4.0 (except for Jakarta Enterprise Beans entity > beans and associated Jakarta Enterprise Beans QL, and embedded container, > which have been made removed) > * Jakarta Expression Language 5.0* > * Jakarta Interceptors 2.1* > * Jakarta JSON Processing 2.1* > * Jakarta JSON Binding 3.0* > * Jakarta Mail 2.1* > * Jakarta Managed Beans 2.0 > * Jakarta Messaging 3.1* > * Jakarta Persistence 3.1* > * Jakarta RESTful Web Services 3.1* > * Jakarta Security 3.0* > * Jakarta Servlet 6.0* > * Jakarta Server Faces 4.0* > * Jakarta Server Pages 3.1* > * Jakarta Standard Tag Library 3.0* > * Jakarta Transactions 2.0 > * Jakarta WebSocket 2.1* > * Jakarta Enterprise Beans 3.2 and earlier entity beans and associated > Jakarta Enterprise Beans QL > * Jakarta Enterprise Beans 2.x API group > * Jakarta Enterprise Web Services 2.0 > * Jakarta SOAP with Attachments 3.0* > * Jakarta XML Web Services 4.0* > * Jakarta XML Binding 4.0* > > Rest Client TCK update: > - [https://github.com/eclipse/microprofile-rest-client/pull/352] > > Updates required: > - Brave 6 > - OpenTelemetry 1.37.0+ > - Apache Tika 3.0.0 > ([https://github.com/apache/tika/releases/tag/3.0.0-BETA)] > - *[DONE]* UnboundID LDAP SDK for Java 7.0.0 > ([https://github.com/pingidentity/ldapsdk/releases/tag/7.0.0]) > - *[DONE]* Undertow 2.3.x > - *[DONE]* Jetty 12 > ([https://github.com/eclipse/jetty.project/releases/tag/jetty-12.0.0.beta0]) > - Hibernate Validator 8 ([https://hibernate.org/validator/releases/8.0/)] > - *[DONE]* Hibernate 6.4 > ([https://in.relation.to/2023/11/23/orm-640-final/|https://in.relation.to/2023/08/31/orm-630/]) > - *[DONE]* Weld 5 > ([https://weld.cdi-spec.org/news/2022/04/29/weld-500Final/]) > - *[DONE]* Spring Boot 3.2 > ([https://github.com/spring-projects/spring-boot/releases/tag/v3.2.0|https://github.com/spring-projects/spring-boot/releases/tag/v3.1.0]) > - *[DONE]* Spring Security 6.2 > ([https://github.com/spring-projects/spring-security/releases/tag/6.1.0]) > - *[DONE]* Micrometer 1.12 > ([https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0|https://github.com/micrometer-metrics/micrometer/releases/tag/v1.11.0-M1]) > - {*}[DONE]{*}Micrometer Tracing 1.2 > ([https://github.com/micrometer-metrics/tracing/releases/tag/v1.1.4)] > - *[DONE]* Spring LDAP 3.2 > ([https://github.com/spring-projects/spring-ldap/releases/tag/3.2.0)|https://github.com/spring-projects/spring-ldap/releases/tag/3.1.0)] > Microprofile 6.0 > ([https://download.eclipse.org/microprofile/microprofile-6.0/microprofile-spec-6.0.html),] > aligned with JakartaEE 10 core profile: > - Microprofile OpenAPI 3.1 > ([https://github.com/eclipse/microprofile-open-api/releases/tag/3.1]) > - Microprofile Config 3.1 > ([https://github.com/eclipse/microprofile-config/releases/tag/3.1]) > - Angus Mail > ([https://github.com/eclipse-ee4j/angus-mail/releases/tag/2.0.1]) > - > [https://github.com/arquillian/arquillian-container-weld/releases/tag/3.0.2.Final] > > Migration Guide: > [https://cwiki.apache.org/confluence/display/CXF20DOC/4.1+Migration+Guide] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (FEDIZ-258) Update Kerberos systest to skip on IBM Java
Jamie Mark Goodyear created FEDIZ-258: - Summary: Update Kerberos systest to skip on IBM Java Key: FEDIZ-258 URL: https://issues.apache.org/jira/browse/FEDIZ-258 Project: CXF-Fediz Issue Type: Test Environment: IBM Semeru 8 on PPC64LE, Stream 9 OS Reporter: Jamie Mark Goodyear Update Kerberos systest to skip on IBM Java (same as CXF core). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-8976) Update to OpenTelemetry v1.39.0
[ https://issues.apache.org/jira/browse/CXF-8976?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-8976: -- Summary: Update to OpenTelemetry v1.39.0 (was: Update to OpenTelemetry v1.38.0) > Update to OpenTelemetry v1.39.0 > --- > > Key: CXF-8976 > URL: https://issues.apache.org/jira/browse/CXF-8976 > Project: CXF > Issue Type: Improvement > Components: Tracing >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0 > > > The OpenTelemetry v1.35.0 SDKs switched to Brave 6: > {noformat} > "io.zipkin.brave:brave-bom:6.0.0", > "io.zipkin.reporter2:zipkin-reporter-bom:3.2.1", {noformat} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXFXJC-47) XJC DefaultValue plugin uses JAXBElement that does not have a default constructor
[ https://issues.apache.org/jira/browse/CXFXJC-47?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXFXJC-47: --- Fix Version/s: 3.3.4 (was: 3.3.3) > XJC DefaultValue plugin uses JAXBElement that does not have a default > constructor > - > > Key: CXFXJC-47 > URL: https://issues.apache.org/jira/browse/CXFXJC-47 > Project: CXF XJC Utils > Issue Type: Bug >Affects Versions: 4.0.0 >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.0.1, 4.1.0, 3.3.4 > > > As reported by the user (see please > https://github.com/apache/cxf-xjc-utils/pull/129): > We've found a minor bug when using extensions and substitiongroups. > The defaultvalue-plugin generates a {{new JAXBElement}} expression, which > isn't valid java code, as JAXBElement does not have a default constructor. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXFXJC-47) XJC DefaultValue plugin uses JAXBElement that does not have a default constructor
[ https://issues.apache.org/jira/browse/CXFXJC-47?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXFXJC-47: --- Fix Version/s: 3.3.3 > XJC DefaultValue plugin uses JAXBElement that does not have a default > constructor > - > > Key: CXFXJC-47 > URL: https://issues.apache.org/jira/browse/CXFXJC-47 > Project: CXF XJC Utils > Issue Type: Bug >Affects Versions: 4.0.0 >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 3.3.3, 4.0.1, 4.1.0 > > > As reported by the user (see please > https://github.com/apache/cxf-xjc-utils/pull/129): > We've found a minor bug when using extensions and substitiongroups. > The defaultvalue-plugin generates a {{new JAXBElement}} expression, which > isn't valid java code, as JAXBElement does not have a default constructor. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXFXJC-47) XJC DefaultValue plugin uses JAXBElement that does not have a default constructor.
[ https://issues.apache.org/jira/browse/CXFXJC-47?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXFXJC-47: --- Description: As reported by the user (see please https://github.com/apache/cxf-xjc-utils/pull/129): We've found a minor bug when using extensions and substitiongroups. The defaultvalue-plugin generates a {{new JAXBElement}} expression, which isn't valid java code, as JAXBElement does not have a default constructor. > XJC DefaultValue plugin uses JAXBElement that does not have a default > constructor. > -- > > Key: CXFXJC-47 > URL: https://issues.apache.org/jira/browse/CXFXJC-47 > Project: CXF XJC Utils > Issue Type: Bug >Affects Versions: 4.0.0 >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.0.1, 4.1.0 > > > As reported by the user (see please > https://github.com/apache/cxf-xjc-utils/pull/129): > We've found a minor bug when using extensions and substitiongroups. > The defaultvalue-plugin generates a {{new JAXBElement}} expression, which > isn't valid java code, as JAXBElement does not have a default constructor. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXFXJC-47) XJC DefaultValue plugin uses JAXBElement that does not have a default constructor
[ https://issues.apache.org/jira/browse/CXFXJC-47?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXFXJC-47: --- Summary: XJC DefaultValue plugin uses JAXBElement that does not have a default constructor (was: XJC DefaultValue plugin uses JAXBElement that does not have a default constructor.) > XJC DefaultValue plugin uses JAXBElement that does not have a default > constructor > - > > Key: CXFXJC-47 > URL: https://issues.apache.org/jira/browse/CXFXJC-47 > Project: CXF XJC Utils > Issue Type: Bug >Affects Versions: 4.0.0 >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.0.1, 4.1.0 > > > As reported by the user (see please > https://github.com/apache/cxf-xjc-utils/pull/129): > We've found a minor bug when using extensions and substitiongroups. > The defaultvalue-plugin generates a {{new JAXBElement}} expression, which > isn't valid java code, as JAXBElement does not have a default constructor. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXFXJC-47) XJC DefaultValue plugin uses JAXBElement that does not have a default constructor.
[ https://issues.apache.org/jira/browse/CXFXJC-47?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXFXJC-47: --- Affects Version/s: 4.0.0 > XJC DefaultValue plugin uses JAXBElement that does not have a default > constructor. > -- > > Key: CXFXJC-47 > URL: https://issues.apache.org/jira/browse/CXFXJC-47 > Project: CXF XJC Utils > Issue Type: Bug >Affects Versions: 4.0.0 >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXFXJC-47) XJC DefaultValue plugin uses JAXBElement that does not have a default constructor.
Andriy Redko created CXFXJC-47: -- Summary: XJC DefaultValue plugin uses JAXBElement that does not have a default constructor. Key: CXFXJC-47 URL: https://issues.apache.org/jira/browse/CXFXJC-47 Project: CXF XJC Utils Issue Type: Bug Reporter: Andriy Redko Assignee: Andriy Redko -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXFXJC-47) XJC DefaultValue plugin uses JAXBElement that does not have a default constructor.
[ https://issues.apache.org/jira/browse/CXFXJC-47?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXFXJC-47: --- Fix Version/s: 4.1.0 4.0.1 > XJC DefaultValue plugin uses JAXBElement that does not have a default > constructor. > -- > > Key: CXFXJC-47 > URL: https://issues.apache.org/jira/browse/CXFXJC-47 > Project: CXF XJC Utils > Issue Type: Bug >Affects Versions: 4.0.0 >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.0.1, 4.1.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9007) NullPointerException in XMLStreamDataWriter.writeNode
[ https://issues.apache.org/jira/browse/CXF-9007?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17852604#comment-17852604 ] Andriy Redko commented on CXF-9007: --- Hi [~maghol] , thanks a lot for confirming, I think we could go with this small fix for now, thanks again! > NullPointerException in XMLStreamDataWriter.writeNode > - > > Key: CXF-9007 > URL: https://issues.apache.org/jira/browse/CXF-9007 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.3, 4.0.4 >Reporter: Magnus Holm >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0, 4.0.5 > > Attachments: dispatch-impl-npe.txt, interceptor-npe.txt, > invoke-async-npe.txt, invoke-sync-npe.txt > > > We're encountering sporadic weird {{NullPointerException}} in various of our > tests using different client configurations with wsdls. It seems to only > occur right after initialising the client, e.g. only on the first call. I > suspect it's some kind of race-condition, but I've not been able to create a > reproducer. I was hoping maybe someone from the project would have insight > into why this could be happening by looking at the stacktraces. > The error we're hitting appears to be here: > {code} > java.lang.NullPointerException: Cannot invoke > "org.w3c.dom.Node.getOwnerDocument()" because "nd" is null > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.writeNode(XMLStreamDataWriter.java:160) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:101) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:55) > ~[cxf-core-4.0.4.jar:4.0.4] > {code} > Update: we're using cxf-rt-transports-http-hc5. > We've had this issue on 4.0.3 and 4.0.4. We might've had it on previous > versions as well, but I don't have build history going back that far. > JDK versions: Corretto 17 (17.0.8-amzn), Zulu 17 (17.0.10-zulu) ++ -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9027) Update Performance benchmark pom values
[ https://issues.apache.org/jira/browse/CXF-9027?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9027. --- Resolution: Fixed > Update Performance benchmark pom values > --- > > Key: CXF-9027 > URL: https://issues.apache.org/jira/browse/CXF-9027 > Project: CXF > Issue Type: Test > Components: Samples >Affects Versions: 4.1.0 >Reporter: Jamie Mark Goodyear >Priority: Trivial > Fix For: 4.1.0 > > > When using the profiles for client or server there may be build issues vs the > clientserver profile. > Remove from jaxrs pom maven.exec.plugin.version from client profile. > Update soap_http_doc_lit pom cxf-rt-transports-http-jetty entry to > project.version. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9027) Update Performance benchmark pom values
[ https://issues.apache.org/jira/browse/CXF-9027?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9027: -- Fix Version/s: 4.1.0 > Update Performance benchmark pom values > --- > > Key: CXF-9027 > URL: https://issues.apache.org/jira/browse/CXF-9027 > Project: CXF > Issue Type: Test > Components: Samples >Affects Versions: 4.1.0 >Reporter: Jamie Mark Goodyear >Priority: Trivial > Fix For: 4.1.0 > > > When using the profiles for client or server there may be build issues vs the > clientserver profile. > Remove from jaxrs pom maven.exec.plugin.version from client profile. > Update soap_http_doc_lit pom cxf-rt-transports-http-jetty entry to > project.version. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9027) Update Performance benchmark pom values
[ https://issues.apache.org/jira/browse/CXF-9027?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jamie Mark Goodyear updated CXF-9027: - Flags: Patch > Update Performance benchmark pom values > --- > > Key: CXF-9027 > URL: https://issues.apache.org/jira/browse/CXF-9027 > Project: CXF > Issue Type: Test > Components: Samples >Affects Versions: 4.1.0 >Reporter: Jamie Mark Goodyear >Priority: Trivial > > When using the profiles for client or server there may be build issues vs the > clientserver profile. > Remove from jaxrs pom maven.exec.plugin.version from client profile. > Update soap_http_doc_lit pom cxf-rt-transports-http-jetty entry to > project.version. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9027) Update Performance benchmark pom values
Jamie Mark Goodyear created CXF-9027: Summary: Update Performance benchmark pom values Key: CXF-9027 URL: https://issues.apache.org/jira/browse/CXF-9027 Project: CXF Issue Type: Test Components: Samples Affects Versions: 4.1.0 Reporter: Jamie Mark Goodyear When using the profiles for client or server there may be build issues vs the clientserver profile. Remove from jaxrs pom maven.exec.plugin.version from client profile. Update soap_http_doc_lit pom cxf-rt-transports-http-jetty entry to project.version. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9009) Async operations fail in concurrent calls
[ https://issues.apache.org/jira/browse/CXF-9009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9009. --- Resolution: Fixed > Async operations fail in concurrent calls > - > > Key: CXF-9009 > URL: https://issues.apache.org/jira/browse/CXF-9009 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.5.8, 3.6.3, 4.0.4 >Reporter: Julio J. Gomez Diaz >Assignee: Andriy Redko >Priority: Major > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > Attachments: spring-soap.zip > > > An exception occurs when a SOAP client is used concurrently in async > operations, the exception is as follows: > > > {code:java} > org.apache.cxf.interceptor.Fault: Could not send Message. > at > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:434) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:412) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.jaxws.JaxWsClientProxy.invokeAsync(JaxWsClientProxy.java:326) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at jdk.proxy2/jdk.proxy2.$Proxy95.countAsync(Unknown Source) ~[na:na] > at > com.example.demo.rest.RestController.lambda$async$1(RestController.java:25) > ~[classes/:na] > at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) > ~[na:na] > at java.base/java.lang.Thread.run(Thread.java:1583) ~[na:na] > Caused by: io.netty.channel.StacklessClosedChannelException: null > at > io.netty.channel.AbstractChannel$AbstractUnsafe.ensureOpen(ChannelPromise)(Unknown > Source) ~[netty-transport-4.1.109.Final.jar:4.1.109.Final]{code} > > I created an reproducer application (find attached "spring-soap.zip") that > acts as client and server, and this publishes the following operations: > * [http://localhost:8080/async] -> it uses a soap client to call > concurrently using an async operation (this {*}fails with the exception > previously described{*}) > * [http://localhost:8080/sync] -> it uses a soap client to call concurrently > using an ordinary operation (ends without errors) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9009) Async operations fail in concurrent calls
[ https://issues.apache.org/jira/browse/CXF-9009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17851835#comment-17851835 ] Andriy Redko commented on CXF-9009: --- Hello [~juliojgd] , just merged it, sorry about that. Regarding the release(s), no exact timelines as of today, but I think the releases may happen this month (june) > Async operations fail in concurrent calls > - > > Key: CXF-9009 > URL: https://issues.apache.org/jira/browse/CXF-9009 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.5.8, 3.6.3, 4.0.4 >Reporter: Julio J. Gomez Diaz >Assignee: Andriy Redko >Priority: Major > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > Attachments: spring-soap.zip > > > An exception occurs when a SOAP client is used concurrently in async > operations, the exception is as follows: > > > {code:java} > org.apache.cxf.interceptor.Fault: Could not send Message. > at > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:434) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:412) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.jaxws.JaxWsClientProxy.invokeAsync(JaxWsClientProxy.java:326) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at jdk.proxy2/jdk.proxy2.$Proxy95.countAsync(Unknown Source) ~[na:na] > at > com.example.demo.rest.RestController.lambda$async$1(RestController.java:25) > ~[classes/:na] > at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) > ~[na:na] > at java.base/java.lang.Thread.run(Thread.java:1583) ~[na:na] > Caused by: io.netty.channel.StacklessClosedChannelException: null > at > io.netty.channel.AbstractChannel$AbstractUnsafe.ensureOpen(ChannelPromise)(Unknown > Source) ~[netty-transport-4.1.109.Final.jar:4.1.109.Final]{code} > > I created an reproducer application (find attached "spring-soap.zip") that > acts as client and server, and this publishes the following operations: > * [http://localhost:8080/async] -> it uses a soap client to call > concurrently using an async operation (this {*}fails with the exception > previously described{*}) > * [http://localhost:8080/sync] -> it uses a soap client to call concurrently > using an ordinary operation (ends without errors) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9016) Upgrade Spring-Framework to 5.3.34 in Apache-cxf
[ https://issues.apache.org/jira/browse/CXF-9016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17851595#comment-17851595 ] Andriy Redko commented on CXF-9016: --- No exact timelines as of today, but I think the releases may happen this month (june) > Upgrade Spring-Framework to 5.3.34 in Apache-cxf > > > Key: CXF-9016 > URL: https://issues.apache.org/jira/browse/CXF-9016 > Project: CXF > Issue Type: Improvement >Affects Versions: 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.6.3 >Reporter: Nikhil >Priority: Major > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > We have a high severity security issue with spring-framework :: > h2. Affected Spring Products and Versions > Spring Framework > * 6.1.0 - 6.1.5 > * 6.0.0 - 6.0.18 > * 5.3.0 - 5.3.33 > * Older, unsupported versions are also affected > > {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework > to parse an externally provided URL (e.g. through a query parameter) AND > perform validation checks on the host of the parsed URL may be vulnerable to > a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or > to a SSRF attack if the URL is used after passing validation checks. > This is the same as CVE-2024-22243 > [https://spring.io/security/cve-2024-22243] , but with different input. > > *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but > with different input. > – > All these issues were fixed in Spring-Framework *5.3.34* > > *Could you please review and update Spring-Framework as needed in CXF package > ?* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9016) Upgrade Spring-Framework to 5.3.34 in Apache-cxf
[ https://issues.apache.org/jira/browse/CXF-9016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17851561#comment-17851561 ] Nikhil commented on CXF-9016: - Thanks for the update and help [~reta] May I ask you on the plans / expected timelines for the release of *version 3.5.9* please ? > Upgrade Spring-Framework to 5.3.34 in Apache-cxf > > > Key: CXF-9016 > URL: https://issues.apache.org/jira/browse/CXF-9016 > Project: CXF > Issue Type: Improvement >Affects Versions: 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.6.3 >Reporter: Nikhil >Priority: Major > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > We have a high severity security issue with spring-framework :: > h2. Affected Spring Products and Versions > Spring Framework > * 6.1.0 - 6.1.5 > * 6.0.0 - 6.0.18 > * 5.3.0 - 5.3.33 > * Older, unsupported versions are also affected > > {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework > to parse an externally provided URL (e.g. through a query parameter) AND > perform validation checks on the host of the parsed URL may be vulnerable to > a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or > to a SSRF attack if the URL is used after passing validation checks. > This is the same as CVE-2024-22243 > [https://spring.io/security/cve-2024-22243] , but with different input. > > *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but > with different input. > – > All these issues were fixed in Spring-Framework *5.3.34* > > *Could you please review and update Spring-Framework as needed in CXF package > ?* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9009) Async operations fail in concurrent calls
[ https://issues.apache.org/jira/browse/CXF-9009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17851541#comment-17851541 ] Julio J. Gomez Diaz commented on CXF-9009: -- Hello [~reta] , is there any estimated date to merge your pull request and release a version with the fix? Thanks in advance, > Async operations fail in concurrent calls > - > > Key: CXF-9009 > URL: https://issues.apache.org/jira/browse/CXF-9009 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.5.8, 3.6.3, 4.0.4 >Reporter: Julio J. Gomez Diaz >Assignee: Andriy Redko >Priority: Major > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > Attachments: spring-soap.zip > > > An exception occurs when a SOAP client is used concurrently in async > operations, the exception is as follows: > > > {code:java} > org.apache.cxf.interceptor.Fault: Could not send Message. > at > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:434) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:412) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.jaxws.JaxWsClientProxy.invokeAsync(JaxWsClientProxy.java:326) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at jdk.proxy2/jdk.proxy2.$Proxy95.countAsync(Unknown Source) ~[na:na] > at > com.example.demo.rest.RestController.lambda$async$1(RestController.java:25) > ~[classes/:na] > at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) > ~[na:na] > at java.base/java.lang.Thread.run(Thread.java:1583) ~[na:na] > Caused by: io.netty.channel.StacklessClosedChannelException: null > at > io.netty.channel.AbstractChannel$AbstractUnsafe.ensureOpen(ChannelPromise)(Unknown > Source) ~[netty-transport-4.1.109.Final.jar:4.1.109.Final]{code} > > I created an reproducer application (find attached "spring-soap.zip") that > acts as client and server, and this publishes the following operations: > * [http://localhost:8080/async] -> it uses a soap client to call > concurrently using an async operation (this {*}fails with the exception > previously described{*}) > * [http://localhost:8080/sync] -> it uses a soap client to call concurrently > using an ordinary operation (ends without errors) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9026) Integrate Jacoco into Apache CXF builds to collect code coverage stats
[ https://issues.apache.org/jira/browse/CXF-9026?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9026: -- Description: We have never used any code coverage tools and it is difficult to asses the gaps in tests. The suggestion is to integrate Jacoco into Apache CXF builds to collect code coverage stats > Integrate Jacoco into Apache CXF builds to collect code coverage stats > -- > > Key: CXF-9026 > URL: https://issues.apache.org/jira/browse/CXF-9026 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0, 4.0.5 > > > We have never used any code coverage tools and it is difficult to asses the > gaps in tests. The suggestion is to integrate Jacoco into Apache CXF builds > to collect code coverage stats -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9026) Integrate Jacoco into Apache CXF builds to collect code coverage stats
Andriy Redko created CXF-9026: - Summary: Integrate Jacoco into Apache CXF builds to collect code coverage stats Key: CXF-9026 URL: https://issues.apache.org/jira/browse/CXF-9026 Project: CXF Issue Type: Improvement Reporter: Andriy Redko Assignee: Andriy Redko Fix For: 4.1.0, 4.0.5 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9025) Increase unit test coverage on org.apache.cxf.catalog
[ https://issues.apache.org/jira/browse/CXF-9025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jamie Mark Goodyear updated CXF-9025: - Flags: Patch > Increase unit test coverage on org.apache.cxf.catalog > - > > Key: CXF-9025 > URL: https://issues.apache.org/jira/browse/CXF-9025 > Project: CXF > Issue Type: Test > Components: Core >Affects Versions: 4.1.0 >Reporter: Jamie Mark Goodyear >Priority: Minor > > org.apache.cxf.catalog has several classes without unit test coverage. > This card & PR intends to improve coverage. > IDEA coverage report: > org.apache.cxf.catalog: 0% class, 0% Methods, 0% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9025) Increase unit test coverage on org.apache.cxf.catalog
Jamie Mark Goodyear created CXF-9025: Summary: Increase unit test coverage on org.apache.cxf.catalog Key: CXF-9025 URL: https://issues.apache.org/jira/browse/CXF-9025 Project: CXF Issue Type: Test Components: Core Affects Versions: 4.1.0 Reporter: Jamie Mark Goodyear org.apache.cxf.catalog has several classes without unit test coverage. This card & PR intends to improve coverage. IDEA coverage report: org.apache.cxf.catalog: 0% class, 0% Methods, 0% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9016) Upgrade Spring-Framework to 5.3.34 in Apache-cxf
[ https://issues.apache.org/jira/browse/CXF-9016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9016: -- Fix Version/s: 3.5.9 4.1.0 4.0.5 3.6.4 > Upgrade Spring-Framework to 5.3.34 in Apache-cxf > > > Key: CXF-9016 > URL: https://issues.apache.org/jira/browse/CXF-9016 > Project: CXF > Issue Type: Improvement >Affects Versions: 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.6.3 >Reporter: Nikhil >Priority: Major > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > We have a high severity security issue with spring-framework :: > h2. Affected Spring Products and Versions > Spring Framework > * 6.1.0 - 6.1.5 > * 6.0.0 - 6.0.18 > * 5.3.0 - 5.3.33 > * Older, unsupported versions are also affected > > {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework > to parse an externally provided URL (e.g. through a query parameter) AND > perform validation checks on the host of the parsed URL may be vulnerable to > a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or > to a SSRF attack if the URL is used after passing validation checks. > This is the same as CVE-2024-22243 > [https://spring.io/security/cve-2024-22243] , but with different input. > > *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but > with different input. > – > All these issues were fixed in Spring-Framework *5.3.34* > > *Could you please review and update Spring-Framework as needed in CXF package > ?* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9016) Upgrade Spring-Framework to 5.3.34 in Apache-cxf
[ https://issues.apache.org/jira/browse/CXF-9016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17851059#comment-17851059 ] Andriy Redko commented on CXF-9016: --- [~somasaninikhil] All upcoming releases will be bundled with the latest versions, I have added a version labels to this issue to help you navigate, thank you. > Upgrade Spring-Framework to 5.3.34 in Apache-cxf > > > Key: CXF-9016 > URL: https://issues.apache.org/jira/browse/CXF-9016 > Project: CXF > Issue Type: Improvement >Affects Versions: 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.6.3 >Reporter: Nikhil >Priority: Major > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > We have a high severity security issue with spring-framework :: > h2. Affected Spring Products and Versions > Spring Framework > * 6.1.0 - 6.1.5 > * 6.0.0 - 6.0.18 > * 5.3.0 - 5.3.33 > * Older, unsupported versions are also affected > > {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework > to parse an externally provided URL (e.g. through a query parameter) AND > perform validation checks on the host of the parsed URL may be vulnerable to > a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or > to a SSRF attack if the URL is used after passing validation checks. > This is the same as CVE-2024-22243 > [https://spring.io/security/cve-2024-22243] , but with different input. > > *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but > with different input. > – > All these issues were fixed in Spring-Framework *5.3.34* > > *Could you please review and update Spring-Framework as needed in CXF package > ?* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CXF-9007) NullPointerException in XMLStreamDataWriter.writeNode
[ https://issues.apache.org/jira/browse/CXF-9007?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17850912#comment-17850912 ] Magnus Holm edited comment on CXF-9007 at 5/31/24 9:27 AM: --- [~reta] Sorry about the delay. Added a test-case for the issue in the original report here: https://github.com/magnho/cxf/pull/2/commits/aefcffcb0af236308cda8c2eb4186e15b8192e8d Copied in a bunch of stuff to make this as similar to our local test-case as possible. I managed to trigger the error here as well, added the test-output to the commit as well. It runs successfully 9/10 times (at least), so it's a bit of a hassle to trigger the failure. The failure in my previous post seems to be a mistake on my side. Maybe I managed to mix versions on the classpath or something, it does not fail any more. edit: Sorry for not using existing wsdls etc. couldn't get that working. edit2: Have not been able to trigger failures when running with your branch change. was (Author: maghol): [~reta] Sorry about the delay. Added a test-case for the issue in the original report here: https://github.com/magnho/cxf/pull/2/commits/aefcffcb0af236308cda8c2eb4186e15b8192e8d Copied in a bunch of stuff to make this as similar to our local test-case as possible. I managed to trigger the error here as well, added the test-output to the commit as well. It runs successfully 9/10 times (at least), so it's a bit of a hassle to trigger the failure. The failure in my previous post seems to be a mistake on my side. Maybe I managed to mix versions on the classpath or something, it does not fail any more. edit: Sorry for not using existing wsdls etc. couldn't get that working. > NullPointerException in XMLStreamDataWriter.writeNode > - > > Key: CXF-9007 > URL: https://issues.apache.org/jira/browse/CXF-9007 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.3, 4.0.4 >Reporter: Magnus Holm >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0, 4.0.5 > > Attachments: dispatch-impl-npe.txt, interceptor-npe.txt, > invoke-async-npe.txt, invoke-sync-npe.txt > > > We're encountering sporadic weird {{NullPointerException}} in various of our > tests using different client configurations with wsdls. It seems to only > occur right after initialising the client, e.g. only on the first call. I > suspect it's some kind of race-condition, but I've not been able to create a > reproducer. I was hoping maybe someone from the project would have insight > into why this could be happening by looking at the stacktraces. > The error we're hitting appears to be here: > {code} > java.lang.NullPointerException: Cannot invoke > "org.w3c.dom.Node.getOwnerDocument()" because "nd" is null > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.writeNode(XMLStreamDataWriter.java:160) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:101) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:55) > ~[cxf-core-4.0.4.jar:4.0.4] > {code} > Update: we're using cxf-rt-transports-http-hc5. > We've had this issue on 4.0.3 and 4.0.4. We might've had it on previous > versions as well, but I don't have build history going back that far. > JDK versions: Corretto 17 (17.0.8-amzn), Zulu 17 (17.0.10-zulu) ++ -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9016) Upgrade Spring-Framework to 5.3.34 in Apache-cxf
[ https://issues.apache.org/jira/browse/CXF-9016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17850982#comment-17850982 ] Nikhil commented on CXF-9016: - [~reta] Thanks for the update, could you please provide the fix version in which the spring has been upgraded for Apache CXF.. this will help us take the right build for fixing the security vulnerability. > Upgrade Spring-Framework to 5.3.34 in Apache-cxf > > > Key: CXF-9016 > URL: https://issues.apache.org/jira/browse/CXF-9016 > Project: CXF > Issue Type: Improvement >Affects Versions: 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.6.3 >Reporter: Nikhil >Priority: Major > > We have a high severity security issue with spring-framework :: > h2. Affected Spring Products and Versions > Spring Framework > * 6.1.0 - 6.1.5 > * 6.0.0 - 6.0.18 > * 5.3.0 - 5.3.33 > * Older, unsupported versions are also affected > > {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework > to parse an externally provided URL (e.g. through a query parameter) AND > perform validation checks on the host of the parsed URL may be vulnerable to > a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or > to a SSRF attack if the URL is used after passing validation checks. > This is the same as CVE-2024-22243 > [https://spring.io/security/cve-2024-22243] , but with different input. > > *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but > with different input. > – > All these issues were fixed in Spring-Framework *5.3.34* > > *Could you please review and update Spring-Framework as needed in CXF package > ?* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CXF-9007) NullPointerException in XMLStreamDataWriter.writeNode
[ https://issues.apache.org/jira/browse/CXF-9007?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17850912#comment-17850912 ] Magnus Holm edited comment on CXF-9007 at 5/31/24 6:21 AM: --- [~reta] Sorry about the delay. Added a test-case for the issue in the original report here: https://github.com/magnho/cxf/pull/2/commits/aefcffcb0af236308cda8c2eb4186e15b8192e8d Copied in a bunch of stuff to make this as similar to our local test-case as possible. I managed to trigger the error here as well, added the test-output to the commit as well. It runs successfully 9/10 times (at least), so it's a bit of a hassle to trigger the failure. The failure in my previous post seems to be a mistake on my side. Maybe I managed to mix versions on the classpath or something, it does not fail any more. edit: Sorry for not using existing wsdls etc. couldn't get that working. was (Author: maghol): [~reta] Sorry about the delay. Added a test-case for the issue in the original report here: https://github.com/magnho/cxf/pull/2/commits/aefcffcb0af236308cda8c2eb4186e15b8192e8d Copied in a bunch of stuff to make this as similar to our local test-case as possible. I managed to trigger the error here as well, added the test-output to the commit as well. It runs successfully 9/10 times (at least), so it's a bit of a hassle to trigger the failure. The failure in my previous post seems to be a mistake on my side. Maybe I managed to mix versions on the classpath or something, it does not fail any more. > NullPointerException in XMLStreamDataWriter.writeNode > - > > Key: CXF-9007 > URL: https://issues.apache.org/jira/browse/CXF-9007 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.3, 4.0.4 >Reporter: Magnus Holm >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0, 4.0.5 > > Attachments: dispatch-impl-npe.txt, interceptor-npe.txt, > invoke-async-npe.txt, invoke-sync-npe.txt > > > We're encountering sporadic weird {{NullPointerException}} in various of our > tests using different client configurations with wsdls. It seems to only > occur right after initialising the client, e.g. only on the first call. I > suspect it's some kind of race-condition, but I've not been able to create a > reproducer. I was hoping maybe someone from the project would have insight > into why this could be happening by looking at the stacktraces. > The error we're hitting appears to be here: > {code} > java.lang.NullPointerException: Cannot invoke > "org.w3c.dom.Node.getOwnerDocument()" because "nd" is null > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.writeNode(XMLStreamDataWriter.java:160) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:101) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:55) > ~[cxf-core-4.0.4.jar:4.0.4] > {code} > Update: we're using cxf-rt-transports-http-hc5. > We've had this issue on 4.0.3 and 4.0.4. We might've had it on previous > versions as well, but I don't have build history going back that far. > JDK versions: Corretto 17 (17.0.8-amzn), Zulu 17 (17.0.10-zulu) ++ -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9007) NullPointerException in XMLStreamDataWriter.writeNode
[ https://issues.apache.org/jira/browse/CXF-9007?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17850912#comment-17850912 ] Magnus Holm commented on CXF-9007: -- [~reta] Sorry about the delay. Added a test-case for the issue in the original report here: https://github.com/magnho/cxf/pull/2/commits/aefcffcb0af236308cda8c2eb4186e15b8192e8d Copied in a bunch of stuff to make this as similar to our local test-case as possible. I managed to trigger the error here as well, added the test-output to the commit as well. It runs successfully 9/10 times (at least), so it's a bit of a hassle to trigger the failure. The failure in my previous post seems to be a mistake on my side. Maybe I managed to mix versions on the classpath or something, it does not fail any more. > NullPointerException in XMLStreamDataWriter.writeNode > - > > Key: CXF-9007 > URL: https://issues.apache.org/jira/browse/CXF-9007 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.3, 4.0.4 >Reporter: Magnus Holm >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0, 4.0.5 > > Attachments: dispatch-impl-npe.txt, interceptor-npe.txt, > invoke-async-npe.txt, invoke-sync-npe.txt > > > We're encountering sporadic weird {{NullPointerException}} in various of our > tests using different client configurations with wsdls. It seems to only > occur right after initialising the client, e.g. only on the first call. I > suspect it's some kind of race-condition, but I've not been able to create a > reproducer. I was hoping maybe someone from the project would have insight > into why this could be happening by looking at the stacktraces. > The error we're hitting appears to be here: > {code} > java.lang.NullPointerException: Cannot invoke > "org.w3c.dom.Node.getOwnerDocument()" because "nd" is null > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.writeNode(XMLStreamDataWriter.java:160) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:101) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:55) > ~[cxf-core-4.0.4.jar:4.0.4] > {code} > Update: we're using cxf-rt-transports-http-hc5. > We've had this issue on 4.0.3 and 4.0.4. We might've had it on previous > versions as well, but I don't have build history going back that far. > JDK versions: Corretto 17 (17.0.8-amzn), Zulu 17 (17.0.10-zulu) ++ -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9024) Increase unit test coverage on org.apache.cxf.binding
[ https://issues.apache.org/jira/browse/CXF-9024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17850697#comment-17850697 ] Jamie Mark Goodyear commented on CXF-9024: -- PR [https://github.com/apache/cxf/pull/1902] This PR supplies a concreate impl from which we test the AbstractBindFactory. > Increase unit test coverage on org.apache.cxf.binding > - > > Key: CXF-9024 > URL: https://issues.apache.org/jira/browse/CXF-9024 > Project: CXF > Issue Type: Test > Components: Core >Affects Versions: 4.1.0 >Reporter: Jamie Mark Goodyear >Priority: Minor > > org.apache.cxf.binding has several classes without unit test coverage. > This card & PR intends to improve coverage. > IDEA coverage report: > org.apache.cxf.binding: 0% class, 0% Methods, 0% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9024) Increase unit test coverage on org.apache.cxf.binding
[ https://issues.apache.org/jira/browse/CXF-9024?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jamie Mark Goodyear updated CXF-9024: - Flags: Patch > Increase unit test coverage on org.apache.cxf.binding > - > > Key: CXF-9024 > URL: https://issues.apache.org/jira/browse/CXF-9024 > Project: CXF > Issue Type: Test > Components: Core >Affects Versions: 4.1.0 >Reporter: Jamie Mark Goodyear >Priority: Minor > > org.apache.cxf.binding has several classes without unit test coverage. > This card & PR intends to improve coverage. > IDEA coverage report: > org.apache.cxf.binding: 0% class, 0% Methods, 0% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9024) Increase unit test coverage on org.apache.cxf.binding
Jamie Mark Goodyear created CXF-9024: Summary: Increase unit test coverage on org.apache.cxf.binding Key: CXF-9024 URL: https://issues.apache.org/jira/browse/CXF-9024 Project: CXF Issue Type: Test Components: Core Affects Versions: 4.1.0 Reporter: Jamie Mark Goodyear org.apache.cxf.binding has several classes without unit test coverage. This card & PR intends to improve coverage. IDEA coverage report: org.apache.cxf.binding: 0% class, 0% Methods, 0% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (CXF-9023) Increase unit test coverage on org.apache.cxf.bus
[ https://issues.apache.org/jira/browse/CXF-9023?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17850473#comment-17850473 ] Jamie Mark Goodyear edited comment on CXF-9023 at 5/29/24 7:14 PM: --- With patch, IDEA coverage report: org.apache.cxf.bus: 98% class, 72% Methods, 61% Lines. was (Author: jgoodyear): IDEA coverage report: org.apache.cxf.bus: 98% class, 72% Methods, 61% Lines. > Increase unit test coverage on org.apache.cxf.bus > - > > Key: CXF-9023 > URL: https://issues.apache.org/jira/browse/CXF-9023 > Project: CXF > Issue Type: Test > Components: Bus >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0 > > > org.apache.cxf.bus has several classes without unit test coverage. > This card & PR intends to improve coverage. > IDEA coverage report: > org.apache.cxf.bus: 84% class, 58% Methods, 54% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9023) Increase unit test coverage on org.apache.cxf.bus
[ https://issues.apache.org/jira/browse/CXF-9023?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jamie Mark Goodyear updated CXF-9023: - Flags: Patch > Increase unit test coverage on org.apache.cxf.bus > - > > Key: CXF-9023 > URL: https://issues.apache.org/jira/browse/CXF-9023 > Project: CXF > Issue Type: Test > Components: Bus >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0 > > > org.apache.cxf.bus has several classes without unit test coverage. > This card & PR intends to improve coverage. > IDEA coverage report: > org.apache.cxf.bus: 84% class, 58% Methods, 54% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9023) Increase unit test coverage on org.apache.cxf.bus
[ https://issues.apache.org/jira/browse/CXF-9023?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17850473#comment-17850473 ] Jamie Mark Goodyear commented on CXF-9023: -- IDEA coverage report: org.apache.cxf.bus: 98% class, 72% Methods, 61% Lines. > Increase unit test coverage on org.apache.cxf.bus > - > > Key: CXF-9023 > URL: https://issues.apache.org/jira/browse/CXF-9023 > Project: CXF > Issue Type: Test > Components: Bus >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0 > > > org.apache.cxf.bus has several classes without unit test coverage. > This card & PR intends to improve coverage. > IDEA coverage report: > org.apache.cxf.bus: 84% class, 58% Methods, 54% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9023) Increase unit test coverage on org.apache.cxf.bus
Jamie Mark Goodyear created CXF-9023: Summary: Increase unit test coverage on org.apache.cxf.bus Key: CXF-9023 URL: https://issues.apache.org/jira/browse/CXF-9023 Project: CXF Issue Type: Test Components: Bus Reporter: Jamie Mark Goodyear Fix For: 4.1.0 org.apache.cxf.bus has several classes without unit test coverage. This card & PR intends to improve coverage. IDEA coverage report: org.apache.cxf.bus: 84% class, 58% Methods, 54% Lines. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9022) HTTP 500 handling
[ https://issues.apache.org/jira/browse/CXF-9022?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Christoph Schulz updated CXF-9022: -- Description: when a server responds with http 500 without a body (e.g. .NET on IIS), CXF throws the exception below. while not tested on newest CXF (yet), [the source code suggest|https://github.com/apache/cxf/blob/5079fe1194eeb0f006c997797a476d98a2137518/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java#L1673] it also occurs on latest versions. {code:java} org.apache.cxf.binding.soap.SoapFault: Error reading XMLStreamReader: Unexpected EOF in prolog at [row,col {unknown-source}]: [1,0] at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:303) at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:70) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:921) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1725) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1591) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1388) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:688) at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:63) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:441) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:356) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:140) {code} was: when a server responds with http 500 without a body (e.g. .NET on IIS), CXF throws while not tested on newest CXF (yet), [the source code suggest|https://github.com/apache/cxf/blob/5079fe1194eeb0f006c997797a476d98a2137518/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java#L1673] it also occurs on latest versions. {code:java} org.apache.cxf.binding.soap.SoapFault: Error reading XMLStreamReader: Unexpected EOF in prolog at [row,col {unknown-source}]: [1,0] at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:303) at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:70) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:921) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1725) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1591) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1388) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:688) at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:63) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:441) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:356) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:140) {code} > HTTP 500 handling > - > > Key: CXF-9022 > URL: https://issues.apache.org/jira/browse/CXF-9022 > Project: CXF > Issue Type: Improvement >Affects Versions: 3.5.8 >Reporter: Christoph Schulz >Priority: Major > > when a server responds with http 500 without a body (e.g. .NET on IIS), CXF > throws the exception below. > while not tested on newest CXF (yet), [the
[jira] [Created] (CXF-9022) HTTP 500 handling
Christoph Schulz created CXF-9022: - Summary: HTTP 500 handling Key: CXF-9022 URL: https://issues.apache.org/jira/browse/CXF-9022 Project: CXF Issue Type: Improvement Affects Versions: 3.5.8 Reporter: Christoph Schulz when a server responds with http 500 without a body (e.g. .NET on IIS), CXF throws while not tested on newest CXF (yet), [the source code suggest|https://github.com/apache/cxf/blob/5079fe1194eeb0f006c997797a476d98a2137518/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java#L1673] it also occurs on latest versions. {code:java} org.apache.cxf.binding.soap.SoapFault: Error reading XMLStreamReader: Unexpected EOF in prolog at [row,col {unknown-source}]: [1,0] at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:303) at org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor.handleMessage(ReadHeadersInterceptor.java:70) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:921) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1725) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1591) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1388) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:688) at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:63) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:441) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:356) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:140) {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9021) Warning "Could not resolve Schema for datatypes.dtd" when file was found
[ https://issues.apache.org/jira/browse/CXF-9021?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Kroll updated CXF-9021: --- Estimated Complexity: Moderate (was: Unknown) > Warning "Could not resolve Schema for datatypes.dtd" when file was found > > > Key: CXF-9021 > URL: https://issues.apache.org/jira/browse/CXF-9021 > Project: CXF > Issue Type: Bug > Components: Core >Affects Versions: 4.0.4 >Reporter: Michael Kroll >Priority: Major > > Assuming you have > - system property {{javax.xml.accessExternalDTD}} set to {{all}} or {{file}} > - enabled {{out}} validation > - an xsd that references a DTD > And fire a request, the following log appears: > {quote} > WARN [org.apa.cxf.ws.add.EndpointReferenceUtils] Could not resolve Schema for > ../dtd/XMLSchema.dtd > {quote} > The request is then correctly validated, despite the warning. Tested with > both valid and invalid equests. > Looking at the code: > {code:java|org.apache.cxf.ws.addressing.EndpointReferenceUtils.SchemaLSResourceResolver#resolveResource} > if (impl == null) { > [...] // if found in schemas map: > return impl; > if (systemId != null) { > [...] // if found by systemId: > return impl; > } > if (namespaceURI != null) { > [...] // if found by namespaceURI: > return impl; > } > [...] > if (systemId == null) { > systemId = publicId; > } > if (systemId != null) { > InputSource source = resolver.resolve(systemId, baseURI); > if (source != null) { > impl = new LSInputImpl(); > impl.setByteStream(source.getByteStream()); > impl.setSystemId(source.getSystemId()); > impl.setPublicId(source.getPublicId()); > +### the code above is run, source is found, impl is set > +### i miss a 'return impl;' here, to match the code above > } > } > LOG.warning("Could not resolve Schema for " + systemId); > } > return impl; > {code} > I added two inline 'comments', starting with ### to mark the place where i > miss a return statement. > Reasoning: > # all of the above happens in an if block: {{if (impl==null)}} > # it seems that with different searches eg. via {{namespaceURI}} and > {{systemId}}, the variable {{impl}} should be filled and then returned > # the warning in the last line says 'Could not resolve Schema' > # but the code directly above it may indeed find a {{source}} and fill > {{impl}} > # so the schema (in my case a DTD) is found. I can verify that by looking > into debug values. And the validation then takes place, with expected > outcomes. > # first finding the schema and then printing that it could not be found is > misleading > proposed solution: > - either a {{return impl;}} statement like mentioned above > - or guard the warning with {{if (impl==null)}} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9021) Warning "Could not resolve Schema for datatypes.dtd" when file was found
Michael Kroll created CXF-9021: -- Summary: Warning "Could not resolve Schema for datatypes.dtd" when file was found Key: CXF-9021 URL: https://issues.apache.org/jira/browse/CXF-9021 Project: CXF Issue Type: Bug Components: Core Affects Versions: 4.0.4 Reporter: Michael Kroll Assuming you have - system property {{javax.xml.accessExternalDTD}} set to {{all}} or {{file}} - enabled {{out}} validation - an xsd that references a DTD And fire a request, the following log appears: {quote} WARN [org.apa.cxf.ws.add.EndpointReferenceUtils] Could not resolve Schema for ../dtd/XMLSchema.dtd {quote} The request is then correctly validated, despite the warning. Tested with both valid and invalid equests. Looking at the code: {code:java|org.apache.cxf.ws.addressing.EndpointReferenceUtils.SchemaLSResourceResolver#resolveResource} if (impl == null) { [...] // if found in schemas map: return impl; if (systemId != null) { [...] // if found by systemId: return impl; } if (namespaceURI != null) { [...] // if found by namespaceURI: return impl; } [...] if (systemId == null) { systemId = publicId; } if (systemId != null) { InputSource source = resolver.resolve(systemId, baseURI); if (source != null) { impl = new LSInputImpl(); impl.setByteStream(source.getByteStream()); impl.setSystemId(source.getSystemId()); impl.setPublicId(source.getPublicId()); +### the code above is run, source is found, impl is set +### i miss a 'return impl;' here, to match the code above } } LOG.warning("Could not resolve Schema for " + systemId); } return impl; {code} I added two inline 'comments', starting with ### to mark the place where i miss a return statement. Reasoning: # all of the above happens in an if block: {{if (impl==null)}} # it seems that with different searches eg. via {{namespaceURI}} and {{systemId}}, the variable {{impl}} should be filled and then returned # the warning in the last line says 'Could not resolve Schema' # but the code directly above it may indeed find a {{source}} and fill {{impl}} # so the schema (in my case a DTD) is found. I can verify that by looking into debug values. And the validation then takes place, with expected outcomes. # first finding the schema and then printing that it could not be found is misleading proposed solution: - either a {{return impl;}} statement like mentioned above - or guard the warning with {{if (impl==null)}} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-8828) Support Jakarta EE 11
[ https://issues.apache.org/jira/browse/CXF-8828?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-8828: -- Description: Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) Minimum JDK requirement - JDK-17 Specs updates: * [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891] * Jakarta Annotations 3.0 ([https://jakarta.ee/specifications/annotations/3.0/)] * Jakarta Authorization 3.0 ([https://jakarta.ee/specifications/authorization/3.0/)] * Jakarta Contexts and Dependency Injection 4.1 ([https://jakarta.ee/specifications/cdi/4.1/)] * Jakarta Expression Language 6.0 ([https://jakarta.ee/specifications/expression-language/6.0/)] * Jakarta Interceptors 2.2 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta RESTful Web Services 4.0 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta Persistence 3.2 (https://jakarta.ee/specifications/persistence/3.2/), Jakarta Validation 3.1 (https://jakarta.ee/specifications/bean-validation/3.1/) and Jakarta WebSocket 2.2 (https://jakarta.ee/specifications/websocket/2.2/) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) was: Support Jakarta EE 11 (https://jakarta.ee/specifications/platform/11/) Minimum JDK requirement - JDK-17 Jakarta Interceptors 2.2* [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] Jakarta Persistence 3.2 (https://github.com/apache/cxf/pull/1891) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) > Support Jakarta EE 11 > - > > Key: CXF-8828 > URL: https://issues.apache.org/jira/browse/CXF-8828 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.2.0 > > > Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) > Minimum JDK requirement - JDK-17 > > Specs updates: > * [Jakarta Validation 3.1 > (|https://jakarta.ee/specifications/bean-validation/3.1/] > [https://github.com/apache/cxf/pull/1889)] > * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891] > * Jakarta Annotations 3.0 > ([https://jakarta.ee/specifications/annotations/3.0/)] > * Jakarta Authorization 3.0 > ([https://jakarta.ee/specifications/authorization/3.0/)] > * Jakarta Contexts and Dependency Injection 4.1 > ([https://jakarta.ee/specifications/cdi/4.1/)] > * Jakarta Expression Language 6.0 > ([https://jakarta.ee/specifications/expression-language/6.0/)] > * Jakarta Interceptors 2.2 > ([https://jakarta.ee/specifications/restful-ws/4.0/)] > * Jakarta RESTful Web Services 4.0 > ([https://jakarta.ee/specifications/restful-ws/4.0/)] > * Jakarta Persistence 3.2 > (https://jakarta.ee/specifications/persistence/3.2/), Jakarta Validation 3.1 > (https://jakarta.ee/specifications/bean-validation/3.1/) and Jakarta > WebSocket 2.2 (https://jakarta.ee/specifications/websocket/2.2/) > Updates required: > - Tomcat 11 > ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) > - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) > - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-8828) Support Jakarta EE 11
[ https://issues.apache.org/jira/browse/CXF-8828?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-8828: -- Description: Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) Minimum JDK requirement - JDK-17 Specs updates: * [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891, |https://github.com/apache/cxf/pull/1891] [https://jakarta.ee/specifications/persistence/3.2/)|https://jakarta.ee/specifications/persistence/3.2/] * Jakarta Annotations 3.0 ([https://jakarta.ee/specifications/annotations/3.0/)] * Jakarta Authorization 3.0 ([https://jakarta.ee/specifications/authorization/3.0/)] * Jakarta Contexts and Dependency Injection 4.1 ([https://jakarta.ee/specifications/cdi/4.1/)] * Jakarta Expression Language 6.0 ([https://jakarta.ee/specifications/expression-language/6.0/)] * Jakarta Interceptors 2.2 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta RESTful Web Services 4.0 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta Validation 3.1 ([https://jakarta.ee/specifications/bean-validation/3.1/]) * Jakarta WebSocket 2.2 ([https://jakarta.ee/specifications/websocket/2.2/]) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) was: Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) Minimum JDK requirement - JDK-17 Specs updates: * [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891] * Jakarta Annotations 3.0 ([https://jakarta.ee/specifications/annotations/3.0/)] * Jakarta Authorization 3.0 ([https://jakarta.ee/specifications/authorization/3.0/)] * Jakarta Contexts and Dependency Injection 4.1 ([https://jakarta.ee/specifications/cdi/4.1/)] * Jakarta Expression Language 6.0 ([https://jakarta.ee/specifications/expression-language/6.0/)] * Jakarta Interceptors 2.2 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta RESTful Web Services 4.0 ([https://jakarta.ee/specifications/restful-ws/4.0/)] * Jakarta Persistence 3.2 (https://jakarta.ee/specifications/persistence/3.2/), Jakarta Validation 3.1 (https://jakarta.ee/specifications/bean-validation/3.1/) and Jakarta WebSocket 2.2 (https://jakarta.ee/specifications/websocket/2.2/) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) > Support Jakarta EE 11 > - > > Key: CXF-8828 > URL: https://issues.apache.org/jira/browse/CXF-8828 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.2.0 > > > Support Jakarta EE 11 ([https://jakarta.ee/specifications/platform/11/]) > Minimum JDK requirement - JDK-17 > > Specs updates: > * [Jakarta Validation 3.1 > (|https://jakarta.ee/specifications/bean-validation/3.1/] > [https://github.com/apache/cxf/pull/1889)] > * Jakarta Persistence 3.2 ([https://github.com/apache/cxf/pull/1891, > |https://github.com/apache/cxf/pull/1891] > [https://jakarta.ee/specifications/persistence/3.2/)|https://jakarta.ee/specifications/persistence/3.2/] > * Jakarta Annotations 3.0 > ([https://jakarta.ee/specifications/annotations/3.0/)] > * Jakarta Authorization 3.0 > ([https://jakarta.ee/specifications/authorization/3.0/)] > * Jakarta Contexts and Dependency Injection 4.1 > ([https://jakarta.ee/specifications/cdi/4.1/)] > * Jakarta Expression Language 6.0 > ([https://jakarta.ee/specifications/expression-language/6.0/)] > * Jakarta Interceptors 2.2 > ([https://jakarta.ee/specifications/restful-ws/4.0/)] > * Jakarta RESTful Web Services 4.0 > ([https://jakarta.ee/specifications/restful-ws/4.0/)] > * Jakarta Validation 3.1 > ([https://jakarta.ee/specifications/bean-validation/3.1/]) > * Jakarta WebSocket 2.2 ([https://jakarta.ee/specifications/websocket/2.2/]) > Updates required: > - Tomcat 11 > ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) > - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) > - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9017) Regression in proxy-based restful client
[ https://issues.apache.org/jira/browse/CXF-9017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17849716#comment-17849716 ] Andriy Redko commented on CXF-9017: --- It seems like, thanks [~iiliev2] , I am closing it as a duplicate > Regression in proxy-based restful client > > > Key: CXF-9017 > URL: https://issues.apache.org/jira/browse/CXF-9017 > Project: CXF > Issue Type: Bug >Reporter: Ivan Iliev >Priority: Critical > > The memory leak fix introduced in > https://issues.apache.org/jira/browse/CXF-8946 breaks the way the > ClientProxyImpl works. It passes its ClientConfiguration down to sub-proxies. > When those sub-proxies get garbage collected, that configuration gets closed. > One of the objects that are closed is AbstractConduitSelector -> conduits. > After that, any newly created sub-proxies will have misconfigured clients. > For example, we are configuring TLSClientParameters on the conduit of the > root, which gets wiped out and therefore the new child clients can no longer > connect. > {code:java} > API api = JAXRSClientFactory.create(endpoint, , getCxfProviders(), > true); // root proxy > configure(api);//add TLSClientParameters > SomeResource s = api.getSomeResource(); // sub-proxy > > > SomeOtherResource s2 = api.get(); //broken{code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9017) Regression in proxy-based restful client
[ https://issues.apache.org/jira/browse/CXF-9017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9017. --- Resolution: Duplicate > Regression in proxy-based restful client > > > Key: CXF-9017 > URL: https://issues.apache.org/jira/browse/CXF-9017 > Project: CXF > Issue Type: Bug >Reporter: Ivan Iliev >Priority: Critical > > The memory leak fix introduced in > https://issues.apache.org/jira/browse/CXF-8946 breaks the way the > ClientProxyImpl works. It passes its ClientConfiguration down to sub-proxies. > When those sub-proxies get garbage collected, that configuration gets closed. > One of the objects that are closed is AbstractConduitSelector -> conduits. > After that, any newly created sub-proxies will have misconfigured clients. > For example, we are configuring TLSClientParameters on the conduit of the > root, which gets wiped out and therefore the new child clients can no longer > connect. > {code:java} > API api = JAXRSClientFactory.create(endpoint, , getCxfProviders(), > true); // root proxy > configure(api);//add TLSClientParameters > SomeResource s = api.getSomeResource(); // sub-proxy > > > SomeOtherResource s2 = api.get(); //broken{code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9017) Regression in proxy-based restful client
[ https://issues.apache.org/jira/browse/CXF-9017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17849633#comment-17849633 ] Ivan Iliev commented on CXF-9017: - Yes, it seems like it, although in that bug they are not using the proxy-based client. Looks like all types of clients are impacted then. > Regression in proxy-based restful client > > > Key: CXF-9017 > URL: https://issues.apache.org/jira/browse/CXF-9017 > Project: CXF > Issue Type: Bug >Reporter: Ivan Iliev >Priority: Critical > > The memory leak fix introduced in > https://issues.apache.org/jira/browse/CXF-8946 breaks the way the > ClientProxyImpl works. It passes its ClientConfiguration down to sub-proxies. > When those sub-proxies get garbage collected, that configuration gets closed. > One of the objects that are closed is AbstractConduitSelector -> conduits. > After that, any newly created sub-proxies will have misconfigured clients. > For example, we are configuring TLSClientParameters on the conduit of the > root, which gets wiped out and therefore the new child clients can no longer > connect. > {code:java} > API api = JAXRSClientFactory.create(endpoint, , getCxfProviders(), > true); // root proxy > configure(api);//add TLSClientParameters > SomeResource s = api.getSomeResource(); // sub-proxy > > > SomeOtherResource s2 = api.get(); //broken{code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9015. --- Resolution: Fixed > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Affects Versions: 3.5.8, 3.6.3, 4.0.4 >Reporter: Craig Perkins >Priority: Minor > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9020) Websockets for the CXF Server Side
[ https://issues.apache.org/jira/browse/CXF-9020?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9020. --- Resolution: Fixed > Websockets for the CXF Server Side > -- > > Key: CXF-9020 > URL: https://issues.apache.org/jira/browse/CXF-9020 > Project: CXF > Issue Type: Wish >Reporter: Mehmet Can Cömert >Assignee: Andriy Redko >Priority: Trivial > > I have seen on the documentation page, it is said Web Sockets are only > available on the 3.x Snapshot. > [https://cxf.apache.org/docs/websocket.html] > However with the Ticket: > https://issues.apache.org/jira/browse/CXF-5604 > I can see that it is already merged. > Is banner on documentation page outdated or Websockets not fully supported by > CXF? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9020) Websockets for the CXF Server Side
[ https://issues.apache.org/jira/browse/CXF-9020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17849550#comment-17849550 ] Andriy Redko commented on CXF-9020: --- The documentation [1]has been updated. [1] https://cwiki.apache.org/confluence/display/CXF20DOC/WebSocket > Websockets for the CXF Server Side > -- > > Key: CXF-9020 > URL: https://issues.apache.org/jira/browse/CXF-9020 > Project: CXF > Issue Type: Wish >Reporter: Mehmet Can Cömert >Assignee: Andriy Redko >Priority: Trivial > > I have seen on the documentation page, it is said Web Sockets are only > available on the 3.x Snapshot. > [https://cxf.apache.org/docs/websocket.html] > However with the Ticket: > https://issues.apache.org/jira/browse/CXF-5604 > I can see that it is already merged. > Is banner on documentation page outdated or Websockets not fully supported by > CXF? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-8828) Support Jakarta EE 11
[ https://issues.apache.org/jira/browse/CXF-8828?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-8828: -- Description: Support Jakarta EE 11 (https://jakarta.ee/specifications/platform/11/) Minimum JDK requirement - JDK-17 Jakarta Interceptors 2.2* [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/] [https://github.com/apache/cxf/pull/1889)] Jakarta Persistence 3.2 (https://github.com/apache/cxf/pull/1891) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) was: Support Jakarta EE 11 Minimum JDK requirement - JDK-17 Jakarta Interceptors 2.2* [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/]https://github.com/apache/cxf/pull/1889) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) > Support Jakarta EE 11 > - > > Key: CXF-8828 > URL: https://issues.apache.org/jira/browse/CXF-8828 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.2.0 > > > Support Jakarta EE 11 (https://jakarta.ee/specifications/platform/11/) > Minimum JDK requirement - JDK-17 > > Jakarta Interceptors 2.2* > [Jakarta Validation 3.1 > (|https://jakarta.ee/specifications/bean-validation/3.1/] > [https://github.com/apache/cxf/pull/1889)] > Jakarta Persistence 3.2 (https://github.com/apache/cxf/pull/1891) > > Updates required: > - Tomcat 11 > ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) > - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) > - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9019) Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package.
[ https://issues.apache.org/jira/browse/CXF-9019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9019. --- Resolution: Fixed > Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package. > --- > > Key: CXF-9019 > URL: https://issues.apache.org/jira/browse/CXF-9019 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0, 4.0.5 > > > Existing unit test coverage for jaxws spi package is low (mostly focussed on > W3CEpr in providerImpl). I've written an exploratory patch to help increase > coverage to most methods in the package. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9019) Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package.
[ https://issues.apache.org/jira/browse/CXF-9019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9019: -- Affects Version/s: 4.0.4 > Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package. > --- > > Key: CXF-9019 > URL: https://issues.apache.org/jira/browse/CXF-9019 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0 > > > Existing unit test coverage for jaxws spi package is low (mostly focussed on > W3CEpr in providerImpl). I've written an exploratory patch to help increase > coverage to most methods in the package. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9019) Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package.
[ https://issues.apache.org/jira/browse/CXF-9019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9019: -- Fix Version/s: 4.0.5 > Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package. > --- > > Key: CXF-9019 > URL: https://issues.apache.org/jira/browse/CXF-9019 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0, 4.0.5 > > > Existing unit test coverage for jaxws spi package is low (mostly focussed on > W3CEpr in providerImpl). I've written an exploratory patch to help increase > coverage to most methods in the package. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (CXF-9020) Websockets for the CXF Server Side
[ https://issues.apache.org/jira/browse/CXF-9020?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko reassigned CXF-9020: - Assignee: Andriy Redko > Websockets for the CXF Server Side > -- > > Key: CXF-9020 > URL: https://issues.apache.org/jira/browse/CXF-9020 > Project: CXF > Issue Type: Wish >Reporter: Mehmet Can Cömert >Assignee: Andriy Redko >Priority: Trivial > > I have seen on the documentation page, it is said Web Sockets are only > available on the 3.x Snapshot. > [https://cxf.apache.org/docs/websocket.html] > However with the Ticket: > https://issues.apache.org/jira/browse/CXF-5604 > I can see that it is already merged. > Is banner on documentation page outdated or Websockets not fully supported by > CXF? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9020) Websockets for the CXF Server Side
[ https://issues.apache.org/jira/browse/CXF-9020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17849271#comment-17849271 ] Andriy Redko commented on CXF-9020: --- Thanks for highlighting that, Websockets are fully supported by CXF (as per https://issues.apache.org/jira/browse/CXF-5604), the documentation will be updated shortly, thank you. > Websockets for the CXF Server Side > -- > > Key: CXF-9020 > URL: https://issues.apache.org/jira/browse/CXF-9020 > Project: CXF > Issue Type: Wish >Reporter: Mehmet Can Cömert >Priority: Trivial > > I have seen on the documentation page, it is said Web Sockets are only > available on the 3.x Snapshot. > [https://cxf.apache.org/docs/websocket.html] > However with the Ticket: > https://issues.apache.org/jira/browse/CXF-5604 > I can see that it is already merged. > Is banner on documentation page outdated or Websockets not fully supported by > CXF? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9020) Websockets for the CXF Server Side
Mehmet Can Cömert created CXF-9020: -- Summary: Websockets for the CXF Server Side Key: CXF-9020 URL: https://issues.apache.org/jira/browse/CXF-9020 Project: CXF Issue Type: Wish Reporter: Mehmet Can Cömert I have seen on the documentation page, it is said Web Sockets are only available on the 3.x Snapshot. [https://cxf.apache.org/docs/websocket.html] However with the Ticket: https://issues.apache.org/jira/browse/CXF-5604 I can see that it is already merged. Is banner on documentation page outdated or Websockets not fully supported by CXF? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-8828) Support Jakarta EE 11
[ https://issues.apache.org/jira/browse/CXF-8828?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-8828: -- Description: Support Jakarta EE 11 Minimum JDK requirement - JDK-17 Jakarta Interceptors 2.2* [Jakarta Validation 3.1 (|https://jakarta.ee/specifications/bean-validation/3.1/]https://github.com/apache/cxf/pull/1889) Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) was: Support Jakarta EE 11 Minimum JDK requirement - JDK-17 Jakarta Interceptors 2.2* Updates required: - Tomcat 11 ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) > Support Jakarta EE 11 > - > > Key: CXF-8828 > URL: https://issues.apache.org/jira/browse/CXF-8828 > Project: CXF > Issue Type: Improvement >Reporter: Andriy Redko >Assignee: Andriy Redko >Priority: Major > Fix For: 4.2.0 > > > Support Jakarta EE 11 > Minimum JDK requirement - JDK-17 > > Jakarta Interceptors 2.2* > [Jakarta Validation 3.1 > (|https://jakarta.ee/specifications/bean-validation/3.1/]https://github.com/apache/cxf/pull/1889) > > Updates required: > - Tomcat 11 > ([https://www.mail-archive.com/announce@apache.org/msg07789.html]) > - Arquillian Weld Container 4.x ([https://github.com/apache/cxf/pull/1621]) > - Apache ActiveMQ 6 ([https://activemq.apache.org/activemq-600-release]) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9019) Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package.
[ https://issues.apache.org/jira/browse/CXF-9019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jamie Mark Goodyear updated CXF-9019: - Flags: Patch > Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package. > --- > > Key: CXF-9019 > URL: https://issues.apache.org/jira/browse/CXF-9019 > Project: CXF > Issue Type: Test >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0 > > > Existing unit test coverage for jaxws spi package is low (mostly focussed on > W3CEpr in providerImpl). I've written an exploratory patch to help increase > coverage to most methods in the package. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9019) Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package.
Jamie Mark Goodyear created CXF-9019: Summary: Increase unit test coverage on cxf-rt-frontend-jaxws jaxws spi package. Key: CXF-9019 URL: https://issues.apache.org/jira/browse/CXF-9019 Project: CXF Issue Type: Test Reporter: Jamie Mark Goodyear Fix For: 4.1.0 Existing unit test coverage for jaxws spi package is low (mostly focussed on W3CEpr in providerImpl). I've written an exploratory patch to help increase coverage to most methods in the package. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9018) CXF loggingFeature might disturb the input stream and cause com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in entity reference
[ https://issues.apache.org/jira/browse/CXF-9018?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848697#comment-17848697 ] John Yin commented on CXF-9018: --- Another piece of information that may help to narrow down the cause of this issue. If I do not use loggingFeature but use the following instead, the error never occurs: {code:java} {code} > CXF loggingFeature might disturb the input stream and cause > com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in entity reference > - > > Key: CXF-9018 > URL: https://issues.apache.org/jira/browse/CXF-9018 > Project: CXF > Issue Type: Bug > Components: WS-* Components >Affects Versions: 4.0.4 >Reporter: John Yin >Priority: Major > > This happens intermittently, therefore, it is hard to provide a sample > program to reproduce it. > When the following is used, > > {code:java} > > > > > > > > {code} > Intermittently, the response of calling a SOAP webservice may cause a > "com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in entity reference". If > the loggingFeature is removed from the bus, the error never occurs. > Here is the stacktrace: > {code:java} > Stacktrace > --- > org.apache.camel.CamelExecutionException: Exception occurred during execution > on the exchange: Exchange[] > at > org.apache.camel.CamelExecutionException.wrapCamelExecutionException(CamelExecutionException.java:45) > ~[camel-api-4.4.0.jar:4.4.0] > at > org.apache.camel.support.ExchangeHelper.extractResultBody(ExchangeHelper.java:676) > ~[camel-support-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.DefaultProducerTemplate.extractResultBody(DefaultProducerTemplate.java:591) > ~[camel-base-engine-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.DefaultProducerTemplate.extractResultBody(DefaultProducerTemplate.java:587) > ~[camel-base-engine-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.DefaultProducerTemplate.requestBodyAndHeaders(DefaultProducerTemplate.java:440) > ~[camel-base-engine-4.4.0.jar:4.4.0] > at > org.codehaus.groovy.vmplugin.v8.IndyInterface.selectMethod(IndyInterface.java:355) > ~[groovy-4.0.19.jar:4.0.19] > at > org.codehaus.groovy.vmplugin.v8.IndyInterface.fromCache(IndyInterface.java:321) > ~[groovy-4.0.19.jar:4.0.19] > at GetVzInventoryProc.process(GetVzInventoryProcScript.groovy:69) ~[?:?] > at > org.apache.camel.support.processor.DelegateSyncProcessor.process(DelegateSyncProcessor.java:65) > ~[camel-support-4.4.0.jar:4.4.0] > at > org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.doRun(RedeliveryErrorHandler.java:840) > ~[camel-core-processor-4.4.0.jar:4.4.0] > at > org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.run(RedeliveryErrorHandler.java:746) > ~[camel-core-processor-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.doRun(DefaultReactiveExecutor.java:199) > [camel-base-engine-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.executeReactiveWork(DefaultReactiveExecutor.java:189) > [camel-base-engine-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.tryExecuteReactiveWork(DefaultReactiveExecutor.java:166) > [camel-base-engine-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:148) > [camel-base-engine-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:59) > [camel-base-engine-4.4.0.jar:4.4.0] > at org.apache.camel.processor.Pipeline.process(Pipeline.java:163) > [camel-core-processor-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.CamelInternalProcessor.processNonTransacted(CamelInternalProcessor.java:354) > [camel-base-engine-4.4.0.jar:4.4.0] > at > org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:330) > [camel-base-engine-4.4.0.jar:4.4.0] > at > org.apache.camel.component.timer.TimerConsumer.sendTimerExchange(TimerCon
[jira] [Created] (CXF-9018) CXF loggingFeature might disturb the input stream and cause com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in entity reference
John Yin created CXF-9018: - Summary: CXF loggingFeature might disturb the input stream and cause com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in entity reference Key: CXF-9018 URL: https://issues.apache.org/jira/browse/CXF-9018 Project: CXF Issue Type: Bug Components: WS-* Components Affects Versions: 4.0.4 Reporter: John Yin This happens intermittently, therefore, it is hard to provide a sample program to reproduce it. When the following is used, {code:java} {code} Intermittently, the response of calling a SOAP webservice may cause a "com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in entity reference". If the loggingFeature is removed from the bus, the error never occurs. Here is the stacktrace: {code:java} Stacktrace --- org.apache.camel.CamelExecutionException: Exception occurred during execution on the exchange: Exchange[] at org.apache.camel.CamelExecutionException.wrapCamelExecutionException(CamelExecutionException.java:45) ~[camel-api-4.4.0.jar:4.4.0] at org.apache.camel.support.ExchangeHelper.extractResultBody(ExchangeHelper.java:676) ~[camel-support-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.DefaultProducerTemplate.extractResultBody(DefaultProducerTemplate.java:591) ~[camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.DefaultProducerTemplate.extractResultBody(DefaultProducerTemplate.java:587) ~[camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.DefaultProducerTemplate.requestBodyAndHeaders(DefaultProducerTemplate.java:440) ~[camel-base-engine-4.4.0.jar:4.4.0] at org.codehaus.groovy.vmplugin.v8.IndyInterface.selectMethod(IndyInterface.java:355) ~[groovy-4.0.19.jar:4.0.19] at org.codehaus.groovy.vmplugin.v8.IndyInterface.fromCache(IndyInterface.java:321) ~[groovy-4.0.19.jar:4.0.19] at GetVzInventoryProc.process(GetVzInventoryProcScript.groovy:69) ~[?:?] at org.apache.camel.support.processor.DelegateSyncProcessor.process(DelegateSyncProcessor.java:65) ~[camel-support-4.4.0.jar:4.4.0] at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.doRun(RedeliveryErrorHandler.java:840) ~[camel-core-processor-4.4.0.jar:4.4.0] at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.run(RedeliveryErrorHandler.java:746) ~[camel-core-processor-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.doRun(DefaultReactiveExecutor.java:199) [camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.executeReactiveWork(DefaultReactiveExecutor.java:189) [camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.tryExecuteReactiveWork(DefaultReactiveExecutor.java:166) [camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:148) [camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:59) [camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.processor.Pipeline.process(Pipeline.java:163) [camel-core-processor-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.CamelInternalProcessor.processNonTransacted(CamelInternalProcessor.java:354) [camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:330) [camel-base-engine-4.4.0.jar:4.4.0] at org.apache.camel.component.timer.TimerConsumer.sendTimerExchange(TimerConsumer.java:293) [camel-timer-4.4.0.jar:4.4.0] at org.apache.camel.component.timer.TimerConsumer$1.doRun(TimerConsumer.java:164) [camel-timer-4.4.0.jar:4.4.0] at org.apache.camel.component.timer.TimerConsumer$1.run(TimerConsumer.java:136) [camel-timer-4.4.0.jar:4.4.0] at java.util.TimerThread.mainLoop(Timer.java:566) [?:?] at java.util.TimerThread.run(Timer.java:516) [?:?] Caused by: org.apache.cxf.interceptor.Fault: [com.ctc.wstx.exc.WstxLazyException] Unexpected EOF in entity reference at [row,col {unknown-source}]: [1,49151] at org.apache.cxf.interceptor.LoggingInInterceptor.logInputStream(LoggingInInterceptor.java:230) ~[cxf-core-4.0.4.jar:4.0.4] at org.apache.cxf.interceptor.LoggingInInterceptor.logging(LoggingInInterceptor.java:161) ~[cxf-core-4.0.4.jar:4.0.4] at org.apache.cxf.interceptor.LoggingInInterceptor.handleMessage(LoggingInInterceptor.java:82) ~[cxf-core-4.0.4.jar:4.0.4] at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) ~[cxf-core-4.0.4.jar:4.0.4] at org.apache.cxf.endpoint.ClientImpl
[jira] [Commented] (CXF-9007) NullPointerException in XMLStreamDataWriter.writeNode
[ https://issues.apache.org/jira/browse/CXF-9007?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848413#comment-17848413 ] Andriy Redko commented on CXF-9007: --- Thank you [~maghol] , looking forward to test cases. > NullPointerException in XMLStreamDataWriter.writeNode > - > > Key: CXF-9007 > URL: https://issues.apache.org/jira/browse/CXF-9007 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.3, 4.0.4 >Reporter: Magnus Holm >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0, 4.0.5 > > Attachments: dispatch-impl-npe.txt, interceptor-npe.txt, > invoke-async-npe.txt, invoke-sync-npe.txt > > > We're encountering sporadic weird {{NullPointerException}} in various of our > tests using different client configurations with wsdls. It seems to only > occur right after initialising the client, e.g. only on the first call. I > suspect it's some kind of race-condition, but I've not been able to create a > reproducer. I was hoping maybe someone from the project would have insight > into why this could be happening by looking at the stacktraces. > The error we're hitting appears to be here: > {code} > java.lang.NullPointerException: Cannot invoke > "org.w3c.dom.Node.getOwnerDocument()" because "nd" is null > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.writeNode(XMLStreamDataWriter.java:160) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:101) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:55) > ~[cxf-core-4.0.4.jar:4.0.4] > {code} > Update: we're using cxf-rt-transports-http-hc5. > We've had this issue on 4.0.3 and 4.0.4. We might've had it on previous > versions as well, but I don't have build history going back that far. > JDK versions: Corretto 17 (17.0.8-amzn), Zulu 17 (17.0.10-zulu) ++ -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9007) NullPointerException in XMLStreamDataWriter.writeNode
[ https://issues.apache.org/jira/browse/CXF-9007?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17848129#comment-17848129 ] Magnus Holm commented on CXF-9007: -- [~reta] Sorry for the delay, struggling to find time. I built your branch and re-ran tests and found out the potential fix causes a consistent failure for another test which relates to large response processing/chunking. I will set aside some time and provide you with both test-cases some time this week. Have to unwrap the setup from some internal frameworking. The new failure: {code} org.apache.cxf.binding.soap.SoapFault: Problems creating SAAJ object model at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:261) ~[cxf-rt-bindings-soap-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:81) ~[cxf-rt-bindings-soap-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) [cxf-core-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:808) [cxf-core-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1726) [cxf-rt-transports-http-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream$1.run(HTTPConduit.java:1210) [cxf-rt-transports-http-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:413) [cxf-core-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) [?:?] at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) [?:?] at org.apache.cxf.workqueue.AutomaticWorkQueueImpl$AWQThreadFactory$1.run(AutomaticWorkQueueImpl.java:346) [cxf-core-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at java.base/java.lang.Thread.run(Thread.java:833) [?:?] Caused by: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF; was expecting a close tag for element at [row,col {unknown-source}]: [1,16320] at com.ctc.wstx.sr.StreamScanner.throwUnexpectedEOF(StreamScanner.java:701) ~[woodstox-core-6.6.2.jar:6.6.2] at com.ctc.wstx.sr.BasicStreamReader.throwUnexpectedEOF(BasicStreamReader.java:5607) ~[woodstox-core-6.6.2.jar:6.6.2] at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2811) ~[woodstox-core-6.6.2.jar:6.6.2] at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1122) ~[woodstox-core-6.6.2.jar:6.6.2] at org.apache.cxf.staxutils.StaxUtils.copy(StaxUtils.java:776) ~[cxf-core-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] at org.apache.cxf.binding.soap.saaj.SAAJInInterceptor.handleMessage(SAAJInInterceptor.java:244) ~[cxf-rt-bindings-soap-4.0.1-SNAPSHOT.jar:4.0.1.SNAPSHOT] ... 10 more {code} > NullPointerException in XMLStreamDataWriter.writeNode > - > > Key: CXF-9007 > URL: https://issues.apache.org/jira/browse/CXF-9007 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.3, 4.0.4 >Reporter: Magnus Holm >Assignee: Andriy Redko >Priority: Major > Fix For: 4.1.0, 4.0.5 > > Attachments: dispatch-impl-npe.txt, interceptor-npe.txt, > invoke-async-npe.txt, invoke-sync-npe.txt > > > We're encountering sporadic weird {{NullPointerException}} in various of our > tests using different client configurations with wsdls. It seems to only > occur right after initialising the client, e.g. only on the first call. I > suspect it's some kind of race-condition, but I've not been able to create a > reproducer. I was hoping maybe someone from the project would have insight > into why this could be happening by looking at the stacktraces. > The error we're hitting appears to be here: > {code} > java.lang.NullPointerException: Cannot invoke > "org.w3c.dom.Node.getOwnerDocument()" because "nd" is null > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.writeNode(XMLStreamDataWriter.java:160) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:101) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.databinding.source.XMLStreamDataWriter.write(XMLStreamDataWriter.java:55) &
[jira] [Updated] (CXF-9009) Async operations fail in concurrent calls
[ https://issues.apache.org/jira/browse/CXF-9009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9009: -- Fix Version/s: 3.5.9 4.1.0 4.0.5 3.6.4 > Async operations fail in concurrent calls > - > > Key: CXF-9009 > URL: https://issues.apache.org/jira/browse/CXF-9009 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.5.8, 3.6.3, 4.0.4 >Reporter: Julio J. Gomez Diaz >Assignee: Andriy Redko >Priority: Major > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > Attachments: spring-soap.zip > > > An exception occurs when a SOAP client is used concurrently in async > operations, the exception is as follows: > > > {code:java} > org.apache.cxf.interceptor.Fault: Could not send Message. > at > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:434) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:412) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.jaxws.JaxWsClientProxy.invokeAsync(JaxWsClientProxy.java:326) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at jdk.proxy2/jdk.proxy2.$Proxy95.countAsync(Unknown Source) ~[na:na] > at > com.example.demo.rest.RestController.lambda$async$1(RestController.java:25) > ~[classes/:na] > at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) > ~[na:na] > at java.base/java.lang.Thread.run(Thread.java:1583) ~[na:na] > Caused by: io.netty.channel.StacklessClosedChannelException: null > at > io.netty.channel.AbstractChannel$AbstractUnsafe.ensureOpen(ChannelPromise)(Unknown > Source) ~[netty-transport-4.1.109.Final.jar:4.1.109.Final]{code} > > I created an reproducer application (find attached "spring-soap.zip") that > acts as client and server, and this publishes the following operations: > * [http://localhost:8080/async] -> it uses a soap client to call > concurrently using an async operation (this {*}fails with the exception > previously described{*}) > * [http://localhost:8080/sync] -> it uses a soap client to call concurrently > using an ordinary operation (ends without errors) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9009) Async operations fail in concurrent calls
[ https://issues.apache.org/jira/browse/CXF-9009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9009: -- Affects Version/s: 3.6.3 3.5.8 > Async operations fail in concurrent calls > - > > Key: CXF-9009 > URL: https://issues.apache.org/jira/browse/CXF-9009 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 3.5.8, 3.6.3, 4.0.4 >Reporter: Julio J. Gomez Diaz >Assignee: Andriy Redko >Priority: Major > Attachments: spring-soap.zip > > > An exception occurs when a SOAP client is used concurrently in async > operations, the exception is as follows: > > > {code:java} > org.apache.cxf.interceptor.Fault: Could not send Message. > at > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:434) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:412) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.jaxws.JaxWsClientProxy.invokeAsync(JaxWsClientProxy.java:326) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at jdk.proxy2/jdk.proxy2.$Proxy95.countAsync(Unknown Source) ~[na:na] > at > com.example.demo.rest.RestController.lambda$async$1(RestController.java:25) > ~[classes/:na] > at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) > ~[na:na] > at java.base/java.lang.Thread.run(Thread.java:1583) ~[na:na] > Caused by: io.netty.channel.StacklessClosedChannelException: null > at > io.netty.channel.AbstractChannel$AbstractUnsafe.ensureOpen(ChannelPromise)(Unknown > Source) ~[netty-transport-4.1.109.Final.jar:4.1.109.Final]{code} > > I created an reproducer application (find attached "spring-soap.zip") that > acts as client and server, and this publishes the following operations: > * [http://localhost:8080/async] -> it uses a soap client to call > concurrently using an async operation (this {*}fails with the exception > previously described{*}) > * [http://localhost:8080/sync] -> it uses a soap client to call concurrently > using an ordinary operation (ends without errors) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9009) Async operations fail in concurrent calls
[ https://issues.apache.org/jira/browse/CXF-9009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17847413#comment-17847413 ] Andriy Redko commented on CXF-9009: --- {noformat} May 17, 2024 2:52:39 P.M. io.netty.channel.ChannelInitializer exceptionCaughtWARNING: Failed to initialize a channel. Closing: [id: 0xe5e4c70d]java.lang.IllegalStateException: complete already: DefaultChannelPromise@1876fa2c(success) at io.netty.util.concurrent.DefaultPromise.setSuccess(DefaultPromise.java:100) at io.netty.channel.DefaultChannelPromise.setSuccess(DefaultChannelPromise.java:78) at org.apache.cxf.transport.http.netty.client.NettyHttpClientPipelineFactory.initChannel(NettyHttpClientPipelineFactory.java:187) at io.netty.channel.ChannelInitializer.initChannel(ChannelInitializer.java:129) at io.netty.channel.ChannelInitializer.handlerAdded(ChannelInitializer.java:112) at io.netty.channel.AbstractChannelHandlerContext.callHandlerAdded(AbstractChannelHandlerContext.java:1130) at io.netty.channel.DefaultChannelPipeline.callHandlerAdded0(DefaultChannelPipeline.java:609) at io.netty.channel.DefaultChannelPipeline.access$100(DefaultChannelPipeline.java:46) at io.netty.channel.DefaultChannelPipeline$PendingHandlerAddedTask.execute(DefaultChannelPipeline.java:1463) at io.netty.channel.DefaultChannelPipeline.callHandlerAddedForAllHandlers(DefaultChannelPipeline.java:1115) at io.netty.channel.DefaultChannelPipeline.invokeHandlerAddedIfNeeded(DefaultChannelPipeline.java:650) at io.netty.channel.AbstractChannel$AbstractUnsafe.register0(AbstractChannel.java:514) at io.netty.channel.AbstractChannel$AbstractUnsafe.access$200(AbstractChannel.java:429) at io.netty.channel.AbstractChannel$AbstractUnsafe$1.run(AbstractChannel.java:486) at io.netty.util.concurrent.AbstractEventExecutor.runTask(AbstractEventExecutor.java:173) at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:166) at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:470) at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:569) at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base/java.lang.Thread.run(Thread.java:833) {noformat} For the record, this is the real cause of the issue. > Async operations fail in concurrent calls > - > > Key: CXF-9009 > URL: https://issues.apache.org/jira/browse/CXF-9009 > Project: CXF > Issue Type: Bug > Components: JAX-WS Runtime >Affects Versions: 4.0.4 >Reporter: Julio J. Gomez Diaz >Assignee: Andriy Redko >Priority: Major > Attachments: spring-soap.zip > > > An exception occurs when a SOAP client is used concurrently in async > operations, the exception is as follows: > > > {code:java} > org.apache.cxf.interceptor.Fault: Could not send Message. > at > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:67) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:434) > ~[cxf-core-4.0.4.jar:4.0.4] > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:412) > ~[cxf-core-4.0.4.jar:4.0.4] > at > org.apache.cxf.jaxws.JaxWsClientProxy.invokeAsync(JaxWsClientProxy.java:326) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138) > ~[cxf-rt-frontend-jaxws-4.0.4.jar:4.0.4] > at jdk.proxy2/jdk.proxy2.$Proxy95.countAsync(Unknown Source) ~[na:na] > at > com.example.demo.rest.RestController.lambda$async$1(RestController.java:25) > ~[classes/:na] > at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) > ~[na:na] > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) > ~[na:na] > at java.base/java.lang.Thread.run(Thread.java:1583) ~[na:na] > Caused by: io.netty.channel.StacklessClosedChannelException: null > at > io.netty.channel.AbstractChannel$AbstractUnsafe.ensur
[jira] [Resolved] (CXF-9002) JAXRSMultithreadedClientTest test cases failing on IBM JDK.
[ https://issues.apache.org/jira/browse/CXF-9002?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9002. --- Resolution: Fixed > JAXRSMultithreadedClientTest test cases failing on IBM JDK. > --- > > Key: CXF-9002 > URL: https://issues.apache.org/jira/browse/CXF-9002 > Project: CXF > Issue Type: Test > Components: JAX-RS >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Major > > JAXRSMultithreadedClientTest test cases failing on IBM JDK (Semeru 17). > There is a JAXRS system test failure for {{JAXRSMultithreadedClientTest}} > test cases: > JAXRSMultithreadedClientTest.testStatefulWebClientThreadLocalWithCopy > JAXRSMultithreadedClientTest.testStatefulWebClientWithCopy > JAXRSMultithreadedClientTest.testThreadSafeProxyWithCopy > The commonality between these tests are \{{threadSafe }}is set to false, > which triggers a copy of existing client with WebClient.fromClient. > The error traces contains the following shape: > {code:java} > Exception in thread "pool-12-thread-2" java.lang.AssertionError: > WebClientWorker thread failed for 10,value10 at > org.junit.Assert.fail(Assert.java:89) at > org.apache.cxf.systest.jaxrs.JAXRSMultithreadedClientTest$WebClientWorker.run(JAXRSMultithreadedClientTest.java:208) > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) > at java.base/java.lang.Thread.run(Thread.java:857) at > org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponse(HttpClientHTTPConduit.java:751) > at > org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponseCode(HttpClientHTTPConduit.java:760) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.doProcessResponseCode(HTTPConduit.java:1653) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1684) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1626) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1420) > ... 19 more Caused by: java.lang.InterruptedException at > java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:386) > at > java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2096) > at > org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponse(HttpClientHTTPConduit.java:731) > ... 24 more Exception in thread "pool-12-thread-4" java.lang.AssertionError: > WebClientWorker thread failed for 8,value8 at > org.junit.Assert.fail(Assert.java:89) at > org.apache.cxf.systest.jaxrs.JAXRSMultithreadedClientTest$WebClientWorker.run(JAXRSMultithreadedClientTest.java:208) > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) > at java.base/java.lang.Thread.run(Thread.java:857) {code} > When this suite is run on Hotspot based JVMs, the test cases pass.This is > reproducible by changing directory to systests/jaxrs, then executing: > ` > {{mvn clean install -Dtest=JAXRSMultithreadedClientTest}} > {{`}} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9002) JAXRSMultithreadedClientTest test cases failing on IBM JDK.
[ https://issues.apache.org/jira/browse/CXF-9002?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17847265#comment-17847265 ] Jamie Mark Goodyear commented on CXF-9002: -- Returning to check this branch - the JAXRSMultithreadedClientTest suite is now passing builds on IBM Java. > JAXRSMultithreadedClientTest test cases failing on IBM JDK. > --- > > Key: CXF-9002 > URL: https://issues.apache.org/jira/browse/CXF-9002 > Project: CXF > Issue Type: Test > Components: JAX-RS >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Major > > JAXRSMultithreadedClientTest test cases failing on IBM JDK (Semeru 17). > There is a JAXRS system test failure for {{JAXRSMultithreadedClientTest}} > test cases: > JAXRSMultithreadedClientTest.testStatefulWebClientThreadLocalWithCopy > JAXRSMultithreadedClientTest.testStatefulWebClientWithCopy > JAXRSMultithreadedClientTest.testThreadSafeProxyWithCopy > The commonality between these tests are \{{threadSafe }}is set to false, > which triggers a copy of existing client with WebClient.fromClient. > The error traces contains the following shape: > {code:java} > Exception in thread "pool-12-thread-2" java.lang.AssertionError: > WebClientWorker thread failed for 10,value10 at > org.junit.Assert.fail(Assert.java:89) at > org.apache.cxf.systest.jaxrs.JAXRSMultithreadedClientTest$WebClientWorker.run(JAXRSMultithreadedClientTest.java:208) > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) > at java.base/java.lang.Thread.run(Thread.java:857) at > org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponse(HttpClientHTTPConduit.java:751) > at > org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponseCode(HttpClientHTTPConduit.java:760) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.doProcessResponseCode(HTTPConduit.java:1653) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1684) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1626) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1420) > ... 19 more Caused by: java.lang.InterruptedException at > java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:386) > at > java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2096) > at > org.apache.cxf.transport.http.HttpClientHTTPConduit$HttpClientWrappedOutputStream.getResponse(HttpClientHTTPConduit.java:731) > ... 24 more Exception in thread "pool-12-thread-4" java.lang.AssertionError: > WebClientWorker thread failed for 8,value8 at > org.junit.Assert.fail(Assert.java:89) at > org.apache.cxf.systest.jaxrs.JAXRSMultithreadedClientTest$WebClientWorker.run(JAXRSMultithreadedClientTest.java:208) > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) > at java.base/java.lang.Thread.run(Thread.java:857) {code} > When this suite is run on Hotspot based JVMs, the test cases pass.This is > reproducible by changing directory to systests/jaxrs, then executing: > ` > {{mvn clean install -Dtest=JAXRSMultithreadedClientTest}} > {{`}} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9017) Regression in proxy-based restful client
[ https://issues.apache.org/jira/browse/CXF-9017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17847258#comment-17847258 ] Andriy Redko commented on CXF-9017: --- [~iiliev2] is it the duplicate of https://issues.apache.org/jira/browse/CXF-8992 (same cause)? thank you > Regression in proxy-based restful client > > > Key: CXF-9017 > URL: https://issues.apache.org/jira/browse/CXF-9017 > Project: CXF > Issue Type: Bug >Reporter: Ivan Iliev >Priority: Critical > > The memory leak fix introduced in > https://issues.apache.org/jira/browse/CXF-8946 breaks the way the > ClientProxyImpl works. It passes its ClientConfiguration down to sub-proxies. > When those sub-proxies get garbage collected, that configuration gets closed. > One of the objects that are closed is AbstractConduitSelector -> conduits. > After that, any newly created sub-proxies will have misconfigured clients. > For example, we are configuring TLSClientParameters on the conduit of the > root, which gets wiped out and therefore the new child clients can no longer > connect. > {code:java} > API api = JAXRSClientFactory.create(endpoint, , getCxfProviders(), > true); // root proxy > configure(api);//add TLSClientParameters > SomeResource s = api.getSomeResource(); // sub-proxy > > > SomeOtherResource s2 = api.get(); //broken{code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9016) Upgrade Spring-Framework to 5.3.34 in Apache-cxf
[ https://issues.apache.org/jira/browse/CXF-9016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9016. --- Resolution: Information Provided It was done already > Upgrade Spring-Framework to 5.3.34 in Apache-cxf > > > Key: CXF-9016 > URL: https://issues.apache.org/jira/browse/CXF-9016 > Project: CXF > Issue Type: Improvement >Affects Versions: 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.6.3 >Reporter: Nikhil >Priority: Major > > We have a high severity security issue with spring-framework :: > h2. Affected Spring Products and Versions > Spring Framework > * 6.1.0 - 6.1.5 > * 6.0.0 - 6.0.18 > * 5.3.0 - 5.3.33 > * Older, unsupported versions are also affected > > {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework > to parse an externally provided URL (e.g. through a query parameter) AND > perform validation checks on the host of the parsed URL may be vulnerable to > a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or > to a SSRF attack if the URL is used after passing validation checks. > This is the same as CVE-2024-22243 > [https://spring.io/security/cve-2024-22243] , but with different input. > > *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but > with different input. > – > All these issues were fixed in Spring-Framework *5.3.34* > > *Could you please review and update Spring-Framework as needed in CXF package > ?* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9017) Regression in proxy-based restful client
Ivan Iliev created CXF-9017: --- Summary: Regression in proxy-based restful client Key: CXF-9017 URL: https://issues.apache.org/jira/browse/CXF-9017 Project: CXF Issue Type: Bug Reporter: Ivan Iliev The memory leak fix introduced in https://issues.apache.org/jira/browse/CXF-8946 breaks the way the ClientProxyImpl works. It passes its ClientConfiguration down to sub-proxies. When those sub-proxies get garbage collected, that configuration gets closed. One of the objects that are closed is AbstractConduitSelector -> conduits. After that, any newly created sub-proxies will have misconfigured clients. For example, we are configuring TLSClientParameters on the conduit of the root, which gets wiped out and therefore the new child clients can no longer connect. {code:java} API api = JAXRSClientFactory.create(endpoint, , getCxfProviders(), true); // root proxy configure(api);//add TLSClientParameters SomeResource s = api.getSomeResource(); // sub-proxy SomeOtherResource s2 = api.get(); //broken{code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9016) Upgrade Spring-Framework to 5.3.34 in Apache-cxf
[ https://issues.apache.org/jira/browse/CXF-9016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil updated CXF-9016: Description: We have a high severity security issue with spring-framework :: h2. Affected Spring Products and Versions Spring Framework * 6.1.0 - 6.1.5 * 6.0.0 - 6.0.18 * 5.3.0 - 5.3.33 * Older, unsupported versions are also affected {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22243 [https://spring.io/security/cve-2024-22243] , but with different input. *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but with different input. – All these issues were fixed in Spring-Framework *5.3.34* *Could you please review and update Spring-Framework as needed in CXF package ?* was: We have a high severity security issue with spring-framework which is affected the below spring-framework versions :: {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22243 [https://spring.io/security/cve-2024-22243] , but with different input. *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but with different input. -- All these issues were fixed in Spring-Framework *5.3.34* Could you please review and update Spring-Framework as needed in CXF package ? > Upgrade Spring-Framework to 5.3.34 in Apache-cxf > > > Key: CXF-9016 > URL: https://issues.apache.org/jira/browse/CXF-9016 > Project: CXF > Issue Type: Improvement >Affects Versions: 3.5.5, 3.5.6, 3.5.7, 3.5.8, 3.6.3 >Reporter: Nikhil >Priority: Major > > We have a high severity security issue with spring-framework :: > h2. Affected Spring Products and Versions > Spring Framework > * 6.1.0 - 6.1.5 > * 6.0.0 - 6.0.18 > * 5.3.0 - 5.3.33 > * Older, unsupported versions are also affected > > {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework > to parse an externally provided URL (e.g. through a query parameter) AND > perform validation checks on the host of the parsed URL may be vulnerable to > a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or > to a SSRF attack if the URL is used after passing validation checks. > This is the same as CVE-2024-22243 > [https://spring.io/security/cve-2024-22243] , but with different input. > > *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but > with different input. > – > All these issues were fixed in Spring-Framework *5.3.34* > > *Could you please review and update Spring-Framework as needed in CXF package > ?* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9016) Upgrade Spring-Framework to 5.3.34 in Apache-cxf
Nikhil created CXF-9016: --- Summary: Upgrade Spring-Framework to 5.3.34 in Apache-cxf Key: CXF-9016 URL: https://issues.apache.org/jira/browse/CXF-9016 Project: CXF Issue Type: Improvement Affects Versions: 3.6.3, 3.5.8, 3.5.7, 3.5.6, 3.5.5 Reporter: Nikhil We have a high severity security issue with spring-framework which is affected the below spring-framework versions :: {*}Summary{*}: Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect [https://cwe.mitre.org/data/definitions/601.html] attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22243 [https://spring.io/security/cve-2024-22243] , but with different input. *Note:* This is the same as *CVE-2024-22259* and {*}CVE-2024-22243{*}, but with different input. -- All these issues were fixed in Spring-Framework *5.3.34* Could you please review and update Spring-Framework as needed in CXF package ? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Freeman Yue Fang resolved CXF-9014. --- Fix Version/s: 4.1.0 Resolution: Fixed > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Assignee: Freeman Yue Fang >Priority: Minor > Fix For: 4.1.0 > > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9013) Move performance benchmark to distribution samples folder
[ https://issues.apache.org/jira/browse/CXF-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9013: -- Fix Version/s: 4.1.0 > Move performance benchmark to distribution samples folder > - > > Key: CXF-9013 > URL: https://issues.apache.org/jira/browse/CXF-9013 > Project: CXF > Issue Type: Improvement >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0 > > > Add JAX-RS suite to benchmarks. > CXF's benchmark performance suite currently includes JAX-WS based SOAP HTTP > Doc Lit. It would be nice to have a simple JAX-RS suite for rest verbs. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9013) Move performance benchmark to distribution samples folder
[ https://issues.apache.org/jira/browse/CXF-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9013: -- Summary: Move performance benchmark to distribution samples folder (was: Add JAX-RS performance suite to benchmarks) > Move performance benchmark to distribution samples folder > - > > Key: CXF-9013 > URL: https://issues.apache.org/jira/browse/CXF-9013 > Project: CXF > Issue Type: Improvement >Reporter: Jamie Mark Goodyear >Priority: Minor > > Add JAX-RS suite to benchmarks. > CXF's benchmark performance suite currently includes JAX-WS based SOAP HTTP > Doc Lit. It would be nice to have a simple JAX-RS suite for rest verbs. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (CXF-9013) Move performance benchmark to distribution samples folder
[ https://issues.apache.org/jira/browse/CXF-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko resolved CXF-9013. --- Resolution: Fixed > Move performance benchmark to distribution samples folder > - > > Key: CXF-9013 > URL: https://issues.apache.org/jira/browse/CXF-9013 > Project: CXF > Issue Type: Improvement >Reporter: Jamie Mark Goodyear >Priority: Minor > Fix For: 4.1.0 > > > Add JAX-RS suite to benchmarks. > CXF's benchmark performance suite currently includes JAX-WS based SOAP HTTP > Doc Lit. It would be nice to have a simple JAX-RS suite for rest verbs. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17846667#comment-17846667 ] Freeman Yue Fang commented on CXF-9014: --- PR is https://github.com/apache/cxf/pull/1875 > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Assignee: Freeman Yue Fang >Priority: Minor > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Freeman Yue Fang reassigned CXF-9014: - Assignee: Freeman Yue Fang > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Assignee: Freeman Yue Fang >Priority: Minor > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17846625#comment-17846625 ] Freeman Yue Fang commented on CXF-9014: --- Thanks [~jgoodyear] for the confirmation, I will send PR soon Freeman > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17846589#comment-17846589 ] Jamie Mark Goodyear commented on CXF-9014: -- Verified the artifacts on PPC64LE: Red Hat OpenJDK 17 IBM Semeru 17 Eclipse Adoptium 17 Looks good to me :) Thank you [~ffang] > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9015: -- Affects Version/s: 3.6.3 3.5.8 > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Affects Versions: 3.5.8, 3.6.3, 4.0.4 >Reporter: Craig Perkins >Priority: Minor > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9015: -- Affects Version/s: 4.0.4 > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.4 >Reporter: Craig Perkins >Priority: Minor > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andriy Redko updated CXF-9015: -- Fix Version/s: 3.5.9 4.1.0 4.0.5 3.6.4 > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Affects Versions: 4.0.4 >Reporter: Craig Perkins >Priority: Minor > Fix For: 3.5.9, 4.1.0, 4.0.5, 3.6.4 > > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Craig Perkins updated CXF-9015: --- Description: The JsonMapObjectReaderWriter class maintains a list of [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] which includes special characters that need to be escaped like the newline (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't find any links to official documentation about this character needing to be escaped. According to this [SO post|https://stackoverflow.com/a/27516892] which details escaped characters in JSON, it does not include `\h` in this list. Issue in OpenSearch where this issue is discussed: [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] PR to address the issue with more details: [https://github.com/apache/cxf/pull/1872] was: The JsonMapObjectReaderWriter class maintains a list of [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] which includes special characters that need to be escaped line the newline (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't find any links to official documentation about this character needing to be escaped. According to this [SO post|https://stackoverflow.com/a/27516892] which details escaped characters in JSON, it also does not include `\h` in this list. Issue in OpenSearch where this issue is discussed: [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] PR to address the issue with more details: https://github.com/apache/cxf/pull/1872 > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Reporter: Craig Perkins >Priority: Minor > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped like the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it does not include `\h` in this list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > [https://github.com/apache/cxf/pull/1872] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9015) Typo JsonMapObjectReaderWriter treats \h as a special character instead of \n
Craig Perkins created CXF-9015: -- Summary: Typo JsonMapObjectReaderWriter treats \h as a special character instead of \n Key: CXF-9015 URL: https://issues.apache.org/jira/browse/CXF-9015 Project: CXF Issue Type: Bug Reporter: Craig Perkins The JsonMapObjectReaderWriter class maintains a list of [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] which includes special characters that need to be escaped line the newline (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't find any links to official documentation about this character needing to be escaped. According to this [SO post|https://stackoverflow.com/a/27516892] which details escaped characters in JSON, it also does not include `\h` in this list. Issue in OpenSearch where this issue is discussed: [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] PR to address the issue with more details: https://github.com/apache/cxf/pull/1872 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9015) Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n
[ https://issues.apache.org/jira/browse/CXF-9015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Craig Perkins updated CXF-9015: --- Summary: Typo in JsonMapObjectReaderWriter treats \h as a special character instead of \n (was: Typo JsonMapObjectReaderWriter treats \h as a special character instead of \n) > Typo in JsonMapObjectReaderWriter treats \h as a special character instead of > \n > > > Key: CXF-9015 > URL: https://issues.apache.org/jira/browse/CXF-9015 > Project: CXF > Issue Type: Bug >Reporter: Craig Perkins >Priority: Minor > > The JsonMapObjectReaderWriter class maintains a list of > [ESCAPED_CHARS|https://github.com/apache/cxf/blob/main/rt/rs/extensions/json-basic/src/main/java/org/apache/cxf/jaxrs/json/basic/JsonMapObjectReaderWriter.java#L45-L56] > which includes special characters that need to be escaped line the newline > (`\n`) and tab (`\t`) characters. This list also includes `\h`, but I can't > find any links to official documentation about this character needing to be > escaped. > According to this [SO post|https://stackoverflow.com/a/27516892] which > details escaped characters in JSON, it also does not include `\h` in this > list. > Issue in OpenSearch where this issue is discussed: > [https://github.com/opensearch-project/security/issues/2531#issuecomment-2111309193] > > PR to address the issue with more details: > https://github.com/apache/cxf/pull/1872 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Freeman Yue Fang updated CXF-9014: -- Attachment: bob-modified.jks request-with-comment.xml request-with-trailing-whitespace.xml > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17846455#comment-17846455 ] Freeman Yue Fang commented on CXF-9014: --- Hi [~jgoodyear], Thanks for reporting this, I believe this is because in bob-modified.jks(used in SignatureWhitespaceTest) it use Subject Public Key Algorithm: 1024-bit RSA key (weak) and isn't allowed in modern JDK versions. So I regenerated bob-modified.jks with with RSA 2048/sha256. Please see attached affected files, could you please override the those in systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action folder and retest it? Thanks! Freeman > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > Attachments: bob-modified.jks, request-with-comment.xml, > request-with-trailing-whitespace.xml > > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
[ https://issues.apache.org/jira/browse/CXF-9014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jamie Mark Goodyear updated CXF-9014: - Affects Version/s: 4.0.4 > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK > > > Key: CXF-9014 > URL: https://issues.apache.org/jira/browse/CXF-9014 > Project: CXF > Issue Type: Test >Affects Versions: 4.0.4 >Reporter: Jamie Mark Goodyear >Priority: Minor > > org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH > OpenJDK. > In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will > fail when built on RH OpenJDK. > Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CXF-9014) org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK
Jamie Mark Goodyear created CXF-9014: Summary: org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK Key: CXF-9014 URL: https://issues.apache.org/jira/browse/CXF-9014 Project: CXF Issue Type: Test Reporter: Jamie Mark Goodyear org.apache.cxf.systest.ws.action.SignatureWhitespaceTest test fail on RH OpenJDK. In a full build of CXF 4.1.x (main) the SignatureWhitespaceTest suite will fail when built on RH OpenJDK. Likely due to certs/algorithms supported by RH (see CXF-9006). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9013) Add JAX-RS performance suite to benchmarks
[ https://issues.apache.org/jira/browse/CXF-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17846329#comment-17846329 ] Jamie Mark Goodyear commented on CXF-9013: -- Conversation on CXF slack & PR comments: Move benchmarks to distribution samples folder as an end user tool. > Add JAX-RS performance suite to benchmarks > -- > > Key: CXF-9013 > URL: https://issues.apache.org/jira/browse/CXF-9013 > Project: CXF > Issue Type: Improvement >Reporter: Jamie Mark Goodyear >Priority: Minor > > Add JAX-RS suite to benchmarks. > CXF's benchmark performance suite currently includes JAX-WS based SOAP HTTP > Doc Lit. It would be nice to have a simple JAX-RS suite for rest verbs. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CXF-9013) Add JAX-RS performance suite to benchmarks
[ https://issues.apache.org/jira/browse/CXF-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17846012#comment-17846012 ] Jamie Mark Goodyear commented on CXF-9013: -- Work in progress branch https://github.com/jgoodyear/cxf/tree/CXF-9013 > Add JAX-RS performance suite to benchmarks > -- > > Key: CXF-9013 > URL: https://issues.apache.org/jira/browse/CXF-9013 > Project: CXF > Issue Type: Improvement >Reporter: Jamie Mark Goodyear >Priority: Minor > > Add JAX-RS suite to benchmarks. > CXF's benchmark performance suite currently includes JAX-WS based SOAP HTTP > Doc Lit. It would be nice to have a simple JAX-RS suite for rest verbs. -- This message was sent by Atlassian Jira (v8.20.10#820010)