Versions Compared

Old Version 10

changes.mady.by.user Colm O hEigeartaigh

Saved on

compared with

New Version Current

changes.mady.by.user Daniel Kulp

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The STS (Security Token Service) now issues tokens using the RSA-SHA256 signature algorithm by default (previously RSA-SHA1), and the SHA-256 digest algorithm (previously SHA-1).
  • Some security configuration tags have been renamed from "ws-security.*" to "security.*", as they are now shared with (some of) the JAX-RS stack. The old tags will continue to work as before however without any change. See the Security Configuration page for more information.
  • The SAML/XACML functionality previously available in the cxf-rt-security module is now in the cxf-rt-security-saml module.
  • If you are explicitly specifying the SAML version in a SAML CallbackHandler, then this is changed in CXF 3.1 due to the migration to use OpenSAML 3.1. The version is now set on the SAMLCallback using a org.apache.wss4j.common.saml.bean.Version class. Previously there was a dependency on OpenSAML's SAMLVersion class.
  • It is now possible to "plug in" custom WS-SecurityPolicy validators if you wish to change the default validation logic for a particular policy.

New Features

  • The CXF JAX-WS code generator has a new option "seiSuper" that can be used to specify additional super interfaces for the SEI.  This makes the code nonportable to other JAX-WS containers.   The primary use would be to add AutoCloseable to the interface to allow use of the clients in Java7 try with resource blocks.
  • New Metrics feature for collecting metrics about a CXF services.   Codahale/DropWizard based collector included.
  • New Throttling feature for easily throttling CXF services.  Sample included that uses the Metrics component to help make the throttling decisions.
  • New Logging feature for more advanced logging than the logging available in cxf-core
  • New Metadata service for SAML SSO to allow you to publish SAML SSO metadata for your service provider.

  • The "cxf" frontend to the JAX-WS code generator (-fe cxf) now generates code that is a bit more "Java7" friendly as the return type of the getPort(...) calls is a sub-interface of the SEI that also implements AutoCloseable, BindingProvider, and Client.   Code that used to look like:

    Code Block
    java
    languagejava
    (AddNumbersPortType port = service.getAddNumbersPort();
((BindingProvider)port).getRequestContext()
        .put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, address);
port.addNumbers3(-1, 2);
((Closeable)port).close();

    can be replaced with:

    Code Block
    java
    java
    try (AddNumbersPortTypeProxy port = service.getAddNumbersPort()) {
    port.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, address);
    port.addNumbers3(-1, 2);
}

...