Red Hat Summit 红帽全球峰会支持控制台(Console)开发人员开始试用联系人

此内容没有您所选择的语言版本。

Chapter 8. Apache CXF Issues

8.1. Apache CXF 3.1 Migration
复制链接

Overview
复制链接

JBoss Fuse 6.3 uses Apache CXF 3.1. This introduces some issues that you sould be aware of before migrating.

Main Changes
复制链接

  • CXF 3.1 no longer supports Java 6. You must use Java 7 or Java 8.
  • The JAX-WS/Simple frontend ServerFactoryBean will automatically call reset() at the end of the create() call. This allows resources to be cleaned up and garbage collected sooner. However, it also prevents multiple calls to create() from sharing the same ServerInfo/EndpointInfo objects, as they would in older versions. That sharing has caused many problems in the past due to sharing of properties, such as token caches, that are stored on those objects. The new behavior is more correct, but it is different from previous versions so care must be taken when upgrading.
  • The Karaf features.xml file for CXF 3.1 no longer installs spring or spring-dm when installing the cxf feature. If you require spring/spring-dm, you must install those features prior to installing the CXF feature.
  • Starting with CXF 3.1.2, the default JSONProvider class provided by cxf-rt-rs-extension-providers has preference over registered JSON provider classes. This changes the sorting order for selecting the JSON provider class and can cause an incorrect JSON provider class to be used. To suppress the new default provider, set the skip.default.json.provider.registration property to true on the CXF bus.
    Before CXF 3.1.2, if a customMessageBodyReader or MessageBodyWriter object matches the read or write selection criteria for a registered JSON provider then default providers were not checked. For example, default providers were not checked if a MessageBodyWriter object's Consumes field matched the content type and MessageBodyWriter.isReadable() method returned true.
    With CXF 3.1.2, custom providers are selected only if no higher priority matching default provider is available. CXF 3.1.2 sorts the customMessageBodyReader, MessageBodyWriter and ExceptionMapper providers together with default providers. For example, consider a custom StringReader object that is not typed by String but by Object. The CXF 3.1.2 default provider, which is typed by String, has a higher precedence. To ensure that a custom String provider has precedence, you would have to type the StringReader by String.
    To prevent registration of default JSON providers and to ensure correct selection of a JSON provider, set the skip.default.json.provider.registration property to true, for example: 
    <core:bus bus="myBus">
     <core:properties>
          <entry key="skip.default.json.provider.registration" value="true"/>
     </core:properties>
</core:bus>
<cxf:rsServer id="myId" address="${address}"/>
<serviceClass="com.redhat.VehicleDetailsLookupService" bus="CxfBus">
     <cxf:providers>
          <bean id="jacksonJaxbJsonProvider" class="com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider"/>
     </cxf:providers>
</cxf:rsServer>
    Copy to Clipboard Toggle word wrap

Security changes
复制链接

  • The STS (Security Token Service) now issues tokens using the RSA-SHA256 signature algorithm by default, and the SHA-256 digest algorithm . Previously it used RSA-SHA1 and SHA-1 respectively.
  • Some security configuration tags have been renamed from ws-security.* to security.*, as they are now shared with some of the JAX-RS stack. The old tags will continue to work as before however without any change. See the Security Configuration page for more information.
  • The SAML/XACML functionality previously available in the cxf-rt-security module is now in the cxf-rt-security-saml module.
  • If you are explicitly specifying the SAML version in a SAML CallbackHandler, then this is changed in CXF 3.1 due to the migration to use OpenSAML 3.1. The version is now set on the SAMLCallback using an org.apache.wss4j.common.saml.bean.Version class. Previously there was a dependency on OpenSAML's SAMLVersion class.
  • It is now possible to plug in custom WS-SecurityPolicy validators if you want to change the default validation logic for a particular policy.

New Features
复制链接

  • The CXF JAX-WS code generator has a new option, seiSuper, that can be used to specify additional super interfaces for the SEI. This makes the code nonportable to other JAX-WS containers. The primary use would be to add AutoCloseable to the interface to allow use of the clients in Java7 try with resource blocks.
  • New metrics feature for collecting metrics about a CXF services. Codahale/DropWizard based collector included.
  • New throttling feature for easily throttling CXF services. Sample included that uses the metrics component to help make the throttling decisions.
  • New logging feature for more advanced logging than the logging available in cxf-core.
  • New metadata service for SAML SSO to allow you to publish SAML SSO metadata for your service provider.
  • The cxf frontend to the JAX-WS code generator, -fe cxf now generates code that is more Java7-friendly as the return type of the getPort(...) calls is a sub-interface of the SEI that also implements AutoCloseable, BindingProvider, and Client. Code that used to look like: 
    (AddNumbersPortType port = service.getAddNumbersPort();
    ((BindingProvider)port).getRequestContext()
            .put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, address);
    port.addNumbers3(-1, 2);
    ((Closeable)port).close();
    Copy to Clipboard Toggle word wrap
    can be replaced with: 
    try (AddNumbersPortTypeProxy port = service.getAddNumbersPort()) {
        port.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, address);
        port.addNumbers3(-1, 2);
    }
    Copy to Clipboard Toggle word wrap

Major Dependency Changes
复制链接

  • The Jetty based HTTP transport has been updated to support Jetty 9 as well as Jetty 8. However, support for Jetty 7 has been dropped.
  • Due to the Jetty upgrade, support for running Jetty based endpoints in Karaf 2.3.x has been dropped.
  • Support for using JAX-WS 2.1 based API jars has been removed. Java 7 (now required) includes JAX-WS 2.2 so this should not be an issue.
  • WSS4J 2.1 is included, which in turn includes OpenSAML 3.0.
返回顶部
Red Hat logoGithubredditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。 了解我们当前的更新.

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

Theme

© 2025 Red Hat