Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-5530

(7.0.z) Remove requirement of org.apache.cxf.impl module dependency for STS deployments

    XMLWordPrintable

    Details

    • Target Release:
    • Release Notes Text:
      Already fixed within 7.0.0.GA, duplicate of JBEAP-3465
    • Sprint:
      EAP 7.0.2

      Description

      We currently expect users deploying a WS-Trust STS endpoint to set a dependency to org.apache.cxf.impl module, to gain visibility on the org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider class as well as misc utility classes from cxf-services-sts-core.jar.
      This has the side effect of exposing impl details of the whole Apache CXF to the deployment, as well as generating a warning in the logs as that module is private.
      Moreover, should JAX-RS annotations be added to any of the jars we have in the cxf module, the STS deployment would fail due to the way jaxrs subsystem works on WildFly.

      We should hence set a dependency to an independent module which should filter the exported classes (at least we should only expose the contents of the cxf-services-sts-core and cxf-rt-ws-security jars).

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  asoldano Alessio Soldano
                  Reporter:
                  baranowb Bartosz Baranowski
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: