Apache CXF 2.5.4 Release Notes 1. Overview The 2.5.x versions of Apache CXF are significant new versions of CXF that provides several new features and enhancements. New features include: * New enterprise ready Security Token Service (see sts sample) * New WS-Notification service (see ws_notification sample) * Initial WS-MedadataExchange support * WS-RM 1.1 support * Initial OAuth support for JAX-RS (see oauth sample) * New karaf command * Enhanced OSGi support include workqueue and JMX configurations Users are encourage to review the migration guide at: http://cxf.apache.org/docs/25-migration-guide.html for further information and requirements for upgrading to 2.5.x. 2.5.4 fixes over 70 JIRA issues reported by users and the community. 2. Installation Prerequisites Before installing Apache CXF, make sure the following products, with the specified versions, are installed on your system: * Java 5 Development Kit * Apache Maven 2.2.1 or 3.x to build the samples 3. Integrating CXF Into You Application If you use Maven to build your application, you need merely add appropriate dependencies. See the pom.xml files in the samples. If you don't use Maven, you'll need to add one or more jars to your classpath. The file lib/WHICH_JARS should help you decide which jars you need. 4. Building the Samples Building the samples included in the binary distribution is easy. Change to the samples directory and follow the build instructions in the README.txt file included with each sample. 5. Reporting Problems If you have any problems or want to send feedback of any kind, please e-mail the CXF dev list, dev@cxf.apache.org. You can also file issues in JIRA at: http://issues.apache.org/jira/browse/CXF 6. Migration notes: See the migration guide at: http://cxf.apache.org/docs/25-migration-guide.html for caveats when upgrading from CXF 2.4.x to 2.5.x. 7. Specific issues, features, and improvements fixed in this version ** Bug * [CXF-2450] - WSDL2java uses system encoding when generating java classes * [CXF-2937] - character encoding in cxf-codegen is wrong * [CXF-4002] - Cannot override read-only parameter: classesDirectory in goal: cxf-codegen:wsdl2java * [CXF-4118] - org.apache.cxf.tools.wadlto.jaxrs.JAXRSContainerTest.testResourceWithEPR breaks when run offline * [CXF-4191] - RM broken in synchronous Mode * [CXF-4240] - CXF WSN cannot run offline in Karaf * [CXF-4243] - RequestImpl.selectVariant() using wrong headers * [CXF-4244] - OutTransformWriter's defaultNamespace setting may not replace all default namespace declarations * [CXF-4245] - JAX-RS databinding support for JiBX * [CXF-4250] - WADL To Java Generator fails to process application level method elements * [CXF-4254] - NPE in OnlySignEntireHeadersAndBody policy validation when the STR Transform is used * [CXF-4259] - JAX-RS Set-Cookie handler needs to ignore Expires property * [CXF-4262] - oauth sample in 2.5.3 release does not build without POM changes * [CXF-4265] - Potential NPE when Soap fault has no role * [CXF-4267] - A NPE in AttatchmentDataSource could be guarded. * [CXF-4268] - WADL 2 Java doesn't respect catalogs * [CXF-4269] - In some cases, the javascript client will not output the ns declaration for wrapper element of an rpc/lit method * [CXF-4275] - Sample readme file incorrect * [CXF-4277] - STSClient does not use returned KeyInfo size when creating a secret key * [CXF-4279] - WS-Security ehcache things never shutdown * [CXF-4280] - case insensitive MetadataMap keyset * [CXF-4283] - OAuth 2-leg getAccessToken Error * [CXF-4284] - Fix JAXB-based providers to report 400 for all read-related exceptions * [CXF-4285] - WADLGenerator ignores header or query parameters when FormParam parameters are available * [CXF-4288] - SecureAnnotationsInterceptor maps roles only based on method name * [CXF-4291] - Wadl2java tool executing by cxf-wadl2java-plugin fails if run without tuning JAVA Garbage Collection * [CXF-4292] - Incorrect code generated with wadl2java tool when use JAXB binding and XML symple type with restriction. * [CXF-4293] - Some WS-RM scenarios may not run when there is no internet connection available * [CXF-4294] - Exception Cache ws-security.timestamp.cache.instance already exists or Cache ws-security.nonce.cache.instance already exists * [CXF-4296] - Setting a namespaceMap on JSONProvider does not affect the way JAXB generates prefixes * [CXF-4297] - WS-RM destination should update ack-ranges in RMStore before sending out acks * [CXF-4298] - MTOM-streaming regression: Worked 2.3.1, no longer works 2.6.0. * [CXF-4299] - wsdl2java cannot create code * [CXF-4300] - feature cxf-core does not install on karaf 3 snapshot * [CXF-4303] - WS-RM fails when the GZIP feature is enabled * [CXF-4305] - FIQL only gives nullpointerexception. @Context SearchContext does not seem to work. * [CXF-4306] - Mixing up FormParam and Multipart annotations cause exceptions when some parts contain the binary payload * [CXF-4307] - The inbound Cookie header should be parsed using a semicolon separator by default * [CXF-4312] - JAX-WS clients set executor to a "thread per async request" version * [CXF-4313] - Hourly GC Caused by Framework - Unable to GC tune application if using framework. * [CXF-4315] - CXF does not read decoupled destination parameters from a config file * [CXF-4316] - Support EndorsingSupportingToken SignedElements with the Transport binding * [CXF-4321] - NPE in MEXInInterceptor * [CXF-4334] - Schema validation does not validate elements in soap header * [CXF-4336] - org.apache.cxf.bus.blueprint.ConfigurerImpl may get IllegalStateException: Execution container has not been set * [CXF-4342] - NullPointerException in CachedOutputStream * [CXF-4349] - JAXRS frontend should report the actual method request and response types to providers ** Improvement * [CXF-4145] - Add the ability to restrict what algorithms were used for encryption/signature * [CXF-4146] - Add the ability to use the same Encryption/Signature algorithms as was received * [CXF-4248] - DocLiteralInInterceptor throws NPE if oneWay operation sends non-empty response * [CXF-4249] - Add to RMTxStore configuration options for schema name and datasource * [CXF-4252] - cxf:list-endpoints karaf command should also have a busid column * [CXF-4256] - Improve the optional generation of enum classes by WADL generator * [CXF-4257] - Should catch RejectedExecutionException in WS-Addr's rebaseReponse as done in OneWayProcessorInterceptor * [CXF-4270] - Store bus-id with the endpoint name in WS-RM's RMTxStore to correctly recover two endpoints with the same endpoint name * [CXF-4274] - Support useReqSigCert for encrypting the responses from JAX-RS endpoints * [CXF-4276] - Make WS-RM's default store instance RMTxStore to be shareable * [CXF-4282] - Make additional properties of WS-RM's RMTxStore configurable using spring and blueprint namespace handlers * [CXF-4290] - Allow user-specified classloader for JAXRSClientFactory * [CXF-4304] - Complete WSA support for STS client configuration via EPR * [CXF-4308] - Add option for disabling STS client WS-MEX invocation using WSA EPR address * [CXF-4311] - WADL to Java generator should try to create unique method names when no method ids are available * [CXF-4314] - Introduce a search bean which can hold properties with different names * [CXF-4322] - Update RequestDispatcherProvider to do the basic discovery of view handlers based on the current class name * [CXF-4326] - Remove the XPathFactory.newInstance from XPathUtils' constructor to improve the performance a bit * [CXF-4327] - Add blueprint support on the cxf-clustering * [CXF-4328] - Add spring schema for cxf clustering * [CXF-4338] - config option to allow suppression of server version display in http response headers * [CXF-4345] - Allow user-specified feature for JAXRSClientFactory * [CXF-4346] - Support to set the messageType from the jms URI ** Task * [CXF-4247] - Add cache for not found wrapper class to avoid trying load them for many times ** Test * [CXF-4126] - Can override built-in action on WSS4JOutInterceptor but seems impossible to add a new custom action on WSS4JOutInterceptor * [CXF-4335] - WSSecTest use some unecessary properties for WSS4JInterceptor configuration