Apache CXF 2.6.3 Release Notes

1. Overview

The 2.6.x versions of Apache CXF are significant new versions of CXF 
that provides several new features and enhancements.  

New features include: 
* The big OSGi bundle used in the Karaf features.xml has been replaced 
  with the individual modules which are now all individual bundles. 
  The big OSGi bundle is still built, but some features may not be 
  available if that is used instead of the little bundles.
* New ability to configure HTTP Conduits from the OSGi config:admin service
* New ability to configure the CXF created HTTP Jetty ports from 
  config:admin service
* OAuth 2 support (new cxf-rt-rs-security-oauth2 module)
* The STS now supports the Renewal binding for SAML tokens.
* The STS also supports bulk issuing/validation/cancelling/renewal of 
  security tokens.
* The STS supports some advanced features based around Claims, such as 
  Claims Transformation, and pluggable custom Claims Parsing.
* The WS-Security module now supports replay detection by default of 
  Timestamps and UsernameToken nonces.
* New ability to register custom JAX-RS Context providers.
* New @UseAsyncMethod annotation for JAX-WS services.


Users are encourage to review the migration guide at:
http://cxf.apache.org/docs/26-migration-guide.html
for further information and requirements for upgrading to 2.6.x. In
particular, making the jars all OSGi bundles required moving some
packages around and marking many transitive dependencies as optional.
User applications may need to add additional dependencies into their
applications in order to upgrade.


2.6.3 fixes over 48 JIRA issues reported by users and the community.



2. Installation Prerequisites 

Before installing Apache CXF, make sure the following products,
with the specified versions, are installed on your system:

    * Java 5 Development Kit
    * Apache Maven 2.2.1 or 3.x to build the samples


3.  Integrating CXF Into You Application

If you use Maven to build your application, you need merely add
appropriate dependencies. See the pom.xml files in the samples.

If you don't use Maven, you'll need to add one or more jars to your
classpath. The file lib/WHICH_JARS should help you decide which 
jars you need.

4. Building the Samples

Building the samples included in the binary distribution is easy. Change to
the samples directory and follow the build instructions in the README.txt file 
included with each sample.

5. Reporting Problems

If you have any problems or want to send feedback of any kind, please e-mail the
CXF dev list, dev@cxf.apache.org.  You can also file issues in JIRA at:

http://issues.apache.org/jira/browse/CXF

6. Migration notes:

See the migration guide at:
http://cxf.apache.org/docs/26-migration-guide.html
for caveats when upgrading from CXF 2.5.x to 2.6.x.


7. Specific issues, features, and improvements fixed in this version

** Bug
    * [CXF-4475] - LoggingInInterceptor throws when pretty printing MTOM messages
    * [CXF-4476] - Content-Disposition header may be incorrectly set in MTOM under windows 
    * [CXF-4477] - [WADL2JAVA] Generate incorrect primitive parameter type 
    * [CXF-4481] - unable to generate WADL to java 
    * [CXF-4482] - AttachmentSerializer puts an extra new line
    * [CXF-4484] - Claims to SAML attribute encoding wrong
    * [CXF-4487] - cxf-codegen-plugin: Error resolving component warnings for imported types
    * [CXF-4493] - If javax.jws.Oneway annotation is specified for a SOAP interface method a NPE occurs
    * [CXF-4494] - JMSDestination need set binary mode if server send MTOM message back
    * [CXF-4496] - find of ResponseExceptionMapper do not handle runtime exceptions
    * [CXF-4499] - wrong charset encoding in FormEncodingProvider 
    * [CXF-4500] - Evaluate jaxrs:schemaLocations after jaxrs:providers
    * [CXF-4503] - TransformOutInterceptor may lose namespace declarations in some elements
    * [CXF-4505] - Invalid WS-RM messages may not be correctly rejected by WS-RM destination
    * [CXF-4507] - bug in SchemaJavascriptBuilder while deserializing an Array
    * [CXF-4508] - @Context fails to inject SearchContext into JAX-RS resource bean
    * [CXF-4511] - WS-RM Sequence header should have mustUnderstand attribute
    * [CXF-4514] - JAXRS client ignores enum properties when populating request URI from beans
    * [CXF-4517] - ClassCastException in WS-RM when RMP 200702  assertions are used
    * [CXF-4518] - CXF bundle jax-ws-catalog.xml doesn't include mapping of "http://www.w3.org/2006/03/addressing" 
    * [CXF-4520] - XMLStreamException about namespace has not been bound to a prefix with other stax implemenation
    * [CXF-4523] - Unclosed XMLStreamReader/Writer causes leaking
    * [CXF-4526] - PolicyAnnotationListener throws NPE in jar
    * [CXF-4528] - WebApplicationExceptionMapper is too shy
    * [CXF-4533] - Encoding error in CachedOutputStream when double-byte char is on 1024 byte boundary
    * [CXF-4534] - SortedMap is returned as HashMap
    * [CXF-4535] - SOAP fault XML is invalid when a details element exists
    * [CXF-4537] - XmlAdapter Not Being Used
    * [CXF-4539] - WS-Security inbound performance regression
    * [CXF-4540] - Colon character in the password is not hanled properly in AbstractHTTPDestination class
    * [CXF-4541] - idl2wsdl not finding properly scoped structure elements
    * [CXF-4542] - @XmlJavaTypeAdapter ignored on exception classes 
    * [CXF-4545] - ut_sign + sign_enc samples broken in last releases

** Improvement
    * [CXF-3813] - Possibiblity to only validate requests and/or responses
    * [CXF-4431] - Add support for OAuth2 'mac' token type
    * [CXF-4479] - Improve "No namespace on "{0}" element" error message.
    * [CXF-4485] - Provide optional support for inheriting WADL resource parameters
    * [CXF-4488] - Making importing com.sun.tools* packages by cxf-rf-databinding-jaxb optional in CXF 2.6
    * [CXF-4490] - cxf-codegen-plugin does not detect changes in WSDL loaded from classpath
    * [CXF-4495] - Extend SimpleAuthorizingInterceptor to check only configured roles
    * [CXF-4497] - Configure WSDL generation to ignore jaxb.index and ObjectFactory
    * [CXF-4501] - AtomPojoProvider should be able to get the entry content directly from POJO
    * [CXF-4506] - support to set the username and password on the wsn service configuration
    * [CXF-4515] - maven java2ws plugin address configuration
    * [CXF-4519] - Make it possible to specify schemas specific to individual types
    * [CXF-4521] - Optimization for other stax implementations
    * [CXF-4532] - Java First @Policy support bean references

** New Feature
    * [CXF-4460] - Support static claims globally and per endpoint