Bug 780697 (SOA-3146)

Summary: Upgrade jbossws-cxf to cxf-2.4.1 to overcome signature verification regression
Product: [JBoss] JBoss Enterprise SOA Platform 5 Reporter: Gary Brown <gary.pi4tech>
Component: JBossWS, EAPAssignee: Jim Ma <ema>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: unspecifiedCC: asoldano, ema, gary.pi4tech
Target Milestone: ---   
Target Release: 5.2.0 GA, 5.2.0.ER2   
Hardware: Unspecified   
OS: Unspecified   
URL: http://jira.jboss.org/jira/browse/SOA-3146
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-11-05 08:42:10 UTC Type: Task
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Gary Brown 2011-07-04 08:26:20 UTC
project_key: SOA

Upgrade the cxf version in jbossws-cxf to 2.4.1 to overcome a regression that results in signature verification failures in the 'secure_invoke' RiftSaw example. This example works with jbossws-cxf 3.2.2.GA but fails with jbossws-cxf 3.4.0.GA and the current jboss-cxf installer included with the SOA-P 5.2 ER build.

Comment 1 Alessio Soldano 2011-07-04 13:57:01 UTC
We can't and are not going to upgrade to Apache CXF 2.4.x in JBossWS 3.4.x or lesser. The move to CXF 2.4.x requires integration changes that are in JBossWS 4.x only.
As this has been isolated into an Apache CXF issue, we need to backport the fix for that issue into our maintenance fork of the CXF version that's consumed by EAP / SOA-P as we did for other issues.

Comment 2 Gary Brown 2011-07-04 14:37:35 UTC
We can stick with jbossws-cxf 3.2.2.GA in the community, so I am fine with this just being fixed for EAP/SOA-P.


Comment 3 Jim Ma 2011-07-10 15:10:34 UTC
Link: Added: This issue relates to JBPAPP-6822


Comment 4 Jim Ma 2011-07-10 15:11:48 UTC
The fix has been ported in EAP 5.1.1 branch . Gary, do you know if the SOA 5.2 will consume EAP 5.1.1 ? Thanks. 

Comment 5 Gary Brown 2011-07-11 07:51:47 UTC
Hi Jim, as far as I am aware it will be 5.1.1 in SOA-P 5.2.

Comment 6 Jim Ma 2011-07-11 08:18:13 UTC
Thanks Gary, then I update this issue to resolved. 

Comment 7 Kevin Conner 2011-07-12 15:19:23 UTC
Did not make EAP 5.1.1, need to keep open to track

Comment 8 Kevin Conner 2011-07-13 15:33:25 UTC
Link: Added: This issue depends JBPAPP-6834


Comment 9 David Le Sage 2011-07-15 05:44:30 UTC
Release Notes Docs Status: Added: Not Yet Documented
Writer: Added: dlesage


Comment 10 Douglas Palmer 2011-08-12 22:56:31 UTC
Patch jar integrated into SOA-P for ER2.

Comment 11 David Le Sage 2011-09-27 22:29:47 UTC
Release Notes Docs Status: Removed: Not Yet Documented Added: Not Required


Comment 12 Marek Baluch 2011-11-05 08:42:10 UTC
Verified in SOA 5.2 ER6 - bpel_secure_invoke quickstart is running fine now.