Kuali Rice Development
  1. Kuali Rice Development
  2. KULRICE-8472

Include information on CXF upgrade in release notes

    Details

    • Type: Task Task
    • Status: Closed Closed
    • Priority: Critical Critical
    • Resolution: Complete
    • Affects Version/s: None
    • Fix Version/s: 2.1.3, 2.2
    • Component/s: Development
    • Security Level: Public (Public: Anyone can view)
    • Labels:
      None
    • Similar issues:
      KULRICE-6019Update Database Upgrade information in Release Notes
      KULRICE-3377Upgrade CXF version from 2.1.3 to 2.1.5 for KS
      KULRICE-6036Update KRMS information in Release Notes
      KULRICE-5109Upgrade Apache CXF from 2.3.8 to 2.7.0 and wss4j from 1.5.x to 1.6.7
      KULRICE-11051Add database upgrade paths link to release notes
      KULRICE-12169Generate Release Notes for security patches
      KULRICE-4124Ensure that the final database upgrade scripts are up to date with final versions for both MySQL and Oracle.
      KULRICE-1629Ensure Upgrade Procedure is accurate in Rice 0.9.2 release notes.
      KULRICE-11622Create 2.3.5 and 2.4 Release Notes
      KULRICE-8479Upgrade Jetty from Apache CXF 2.7.0 upgrade
    • Rice Module:
      KSB
    • KAI Review Status:
      Not Required
    • KTI Review Status:
      Not Required

      Description

      Here's the summary:

      • Apache CXF has been upgraded from 2.3.8 to 2.7.0, this includes changes to wss4j and xmlschema libraries - Note, there are impacting dependency changes here! Details below:
        • wss4j-1.5.12.jar -> wss4j-1.6.7.jar
        • XmlSchema-1.4.7.jar -> xmlschema-core-2.0.3.jar
        • ADDED -> javax.ws.rs-api-2.0-m10.jar
        • jaxb-impl-2.1.13.jar -> jaxb-impl-2.2.6.jar
        • jettison-1.3.jar -> REMOVED
        • neethi-2.0.5.jar -> neethi-3.0.2.jar
        • ADDED -> opensaml-2.5.1-1.jar
        • ADDED -> openws-1.4.2-1.jar
        • woodstox-core-asl-4.1.1.jar -> woodstox-core-asl-4.1.4.jar
        • xmlsec-1.4.4.jar -> xmlsec-1.5.2.jar
        • ADDED -> xmltooling-1.3.2-1.jar
        • cxf-api-2.3.8.jar -> cxf-api-2.7.0.jar
        • cxf-rt-bindings-soap-2.3.8.jar -> cxf-rt-bindings-soap-2.7.0.jar
        • cxf-rt-bindings-xml-2.3.8.jar -> cxf-rt-bindings-xml-2.7.0.jar
        • cxf-rt-core-2.3.8.jar -> cxf-rt-core-2.7.0.jar
        • cxf-rt-databinding-aegis-2.3.8.jar -> cxf-rt-databinding-aegis-2.7.0.jar
        • cxf-rt-databinding-jaxb-2.3.8.jar -> cxf-rt-databinding-jaxb-2.7.0.jar
        • cxf-rt-frontend-jaxrs-2.3.8.jar -> cxf-rt-frontend-jaxrs-2.7.0.jar
        • cxf-rt-frontend-jaxws-2.3.8.jar -> cxf-rt-frontend-jaxws-2.7.0.jar
        • cxf-rt-frontend-simple-2.3.8.jar -> cxf-rt-frontend-simple-2.7.0.jar
        • cxf-rt-transports-http-2.3.8.jar -> cxf-rt-transports-http-2.7.0.jar
        • cxf-rt-ws-addr-2.3.8.jar -> cxf-rt-ws-addr-2.7.0.jar
        • cxf-rt-ws-security-2.3.8.jar -> cxf-rt-ws-security-2.7.0.jar
        • ADDED -> cxf-rt-ws-policy-2.7.0.jar
        • cxf-common-schemas-2.3.8.jar -> REMOVED
        • cxf-common-utilities-2.3.8.jar -> REMOVED
        • cxf-rt-transports-common-2.3.8.jar -> REMOVED
        • cxf-tools-common-2.3.8.jar -> REMOVED
      • wss4j has been upgraded from 1.5.12 to 1.6.7 (as per above)
      • Note that, by default, Apache CXF 2.7.0 depends on jaxb-impl-2.2.5 instead of jaxb-impl-2.2.6. The 2.2.6 version should be explicitly included (or the version forced using the depedencyManagement section of the pom). The reason being that if this is not done then the org.apache.cxf:cxf-java2ws-plugin might fail when running java2ws on JDK 1.7 if you are using @XmlEnum on any of your web service objects in which case you would get an error like the following when the plugin attempts to generate the WSDL:
        java.lang.ClassCastException: com.sun.xml.bind.v2.model.impl.RuntimeEnumLeafInfoImpl cannot be cast to com.sun.xml.bind.v2.model.impl.ClassInfoImpl
      • The Logging interceptors now log using service specific categories/loggers instead of just LoggingInInterceptor/LoggingOutInterceptor. The names of the logger that is used is org.apache.cxf.services.ServiceName.PortName.PortTypeName. This allows the user to configure specific per service filters and formatters in their logging configuration. In KSB, these interceptors are added to exported services automatically. Because of that, existing Rice apps might use a log4j setting like the following to prevent SOAP message logging noise:
        log4j.logger.org.apache.cxf.interceptor=WARN
        

        Because of the changes made to CXF, these should be changed to the following:

        log4j.logger.org.apache.cxf.services=WARN
        

        Issue Links

          Activity

          Hide
          Gayathri Athreya added a comment - - edited

          Eric, is there a reason the following
          cxf-common-schemas-2.3.8.jar -> REMOVED
          cxf-common-utilities-2.3.8.jar -> REMOVED
          cxf-rt-transports-common-2.3.8.jar -> REMOVED
          cxf-tools-common-2.3.8.jar -> REMOVED

          have been removed? I just tried to upgrade CXF locally to 2.7 and was having trouble with it because I could not find the right common-schemas version to go with it, there is no 2.7.0. Is that part of the reason why you removed them?

          Show
          Gayathri Athreya added a comment - - edited Eric, is there a reason the following cxf-common-schemas-2.3.8.jar -> REMOVED cxf-common-utilities-2.3.8.jar -> REMOVED cxf-rt-transports-common-2.3.8.jar -> REMOVED cxf-tools-common-2.3.8.jar -> REMOVED have been removed? I just tried to upgrade CXF locally to 2.7 and was having trouble with it because I could not find the right common-schemas version to go with it, there is no 2.7.0. Is that part of the reason why you removed them?
          Hide
          Eric Westfall added a comment -

          These are marked as removed because the cxf project combined some of their modules together. So you just need to make sure you remove any direct dependencies you might have listed in your pom to those.

          Show
          Eric Westfall added a comment - These are marked as removed because the cxf project combined some of their modules together. So you just need to make sure you remove any direct dependencies you might have listed in your pom to those.
          Hide
          Peter Giles (Inactive) added a comment -

          Jessica, I'm assigning this to you although I suspect it will end up on Grant's plate.

          Show
          Peter Giles (Inactive) added a comment - Jessica, I'm assigning this to you although I suspect it will end up on Grant's plate.
          Hide
          Jessica Coltrin (Inactive) added a comment -

          added to both 2.2 and 2.1.3 release notes since 2.2 will be released before 2.1.3.

          Show
          Jessica Coltrin (Inactive) added a comment - added to both 2.2 and 2.1.3 release notes since 2.2 will be released before 2.1.3.

            People

            • Assignee:
              Unassigned
              Reporter:
              Eric Westfall
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Structure Helper Panel