Built by Maven

Apache Axis2 2.0.0 Release Notes

This release marks the transition to jakarta that has been tested with Tomcat 11 and Wildfly 32, and is expected to support EE 10 and Spring 6 / Spring Boot 3.

The Axis2 project transition to jakarta depends partly on Axiom, which has also been updated to 2.0.0.

HTTPClient has been updated to 5.x, so update your axis2.xml files from httpclient4 to httpclient5.

Previously generated sources from WSDL2Java with javax references may or may not work in the latest Tomcat / Wildfly. You may have to regenerate your sources or globably replace the required jakarta imports.

The JSON support has been updated with many bugs fixed, while the examples in the user guide have been updated to use Spring Boot 3. If you want to support native JSON with simple POJO's and no SOAP, axis2 can do that. See the new enableJSONOnly flag in axis2.xml.

For those who want to support both SOAP and JSON, the JSON support docs for the XML Stream API Base Approach have been improved.

Axis2 added two committers recently and after this big jakarta update that changed nearly every file and dependency of the project, the community can once again expect releases several times a year to fix bugs and update dependencies with CVE's.

The main purpose of the release is to upgrade everything possible to the latest, and have our Jira issues cleaned up. Many issues have been fixed.

New features that may happen in the future are HTTP/2 support and OpenAPI. Let us know on the dev list if interested.

The most likely way to get a Jira issue fixed is with a GitHub PR or patch, due to the large amount of Axis2 features that are unused by the committers and therefore difficult to test a fix.

If your Jira issue is unfixed, please reach out and work with the committers on some type of code contibution and testing as some issues are just too deep in areas that the comitters don't use ourselves.

The 2.0.0 release lacks a few features in previous releases because of a lack of adequate GitHub PR's.

These missing features include preemptive basic authentication, though there is a work around explained in the Jira issue https://issues.apache.org/jira/browse/AXIS2-6055 .

OSGI support is also missing. The state of its dependency Felix and jakarta is unclear. This feature has code that is difficult to support and lacks GitHub PR's after several attempts to gain volunteers. We hope to support OSGI again in 2.0.1.

The Eclipse plugins are broken. The docs as well as the code are outdated. If interested in contributing a fix, see Jira issue AXIS2-5955.

For those interested in Rampart - an optional implementation of WS-Sec* standards that depends on Axis2 - they can expect a Rampart 2.0.0 soon that isn't expected to add much to the recently released Rampart 1.8.0, a release that is based on the previous Axis2 version 1.8.2. Mostly, the upcoming Rampart 2.0.0 release will upgrade OpenSAML to 5.x so that it supports jakarta, while the remaining deps that need updates are few.

Apache Axis2 2.0.0 Jira issues fixed

Bug

  • [AXIS2-5689] - A Veracode security scan reports multiple severity 4 security flaws in axis2.jar
  • [AXIS2-5900] - If and else branches has the same condition
  • [AXIS2-5901] - Redundant conditions in an if statement
  • [AXIS2-5948] - Proxy settings ignored if username not specified
  • [AXIS2-5964] - AbstractJSONMessageFormatter NOT using CharSetEncoding when reding Json string Bytes
  • [AXIS2-6030] - Axis2 connections are not returned to connection pool on 1.8.0 with JAXWS
  • [AXIS2-6035] - Axis2 libraries not compatible with Tomcat 10
  • [AXIS2-6037] - Install axis2-plugin-intelliJ error
  • [AXIS2-6041] - totalDigits Facet of XSD type short incorrectly treated in databinding
  • [AXIS2-6042] - Eclipse Plugin Downloads
  • [AXIS2-6043] - StackOverflowError in org.apache.axis2.client.Options.getSoapVersionURI()
  • [AXIS2-6044] - HTTPProxyConfigurator system property takes precedence over axis configuration and message context proxy properties
  • [AXIS2-6045] - NPE after upgrade to 1.8.2
  • [AXIS2-6046] - AxisFault after upgrade to 1.8.0
  • [AXIS2-6050] - Latest Axis2 1.8.2 release not compatible with Glassfish6/J2EE9
  • [AXIS2-6057] - Special characters are not allowed in password after upgrade( from 1.7.9 to 1.8.2)
  • [AXIS2-6062] - Is such a flexibility necessary allowing LDAP (and RMI, JRMP, etc.) protocol in `JMSSender`?
  • [AXIS2-6063] - Add enableJSONOnly parameter to axis2.xml
  • [AXIS2-6064] - CVE associtate with dependency jars of axis2
  • [AXIS2-6065] - Small problem with incorrect log output in AxisServlet#processAxisFault
  • [AXIS2-6066] - Site generation/deployment is broken
  • [AXIS2-6067] - CVE with dependency jars of axis2
  • [AXIS2-6068] - ConverterUtilTest is locale-dependent
  • [AXIS2-6073] - Axis2 httpclient5 RequstImpl doesnt initialize version & protocol with https
  • [AXIS2-6075] - axis2-wsdl2code-maven-plugin documentation is stuck on version 1.7.9
  • [AXIS2-6080] - Axis2 1.8.2 Missing Libraries for Apache Tomcat 11.0.2

Improvement

  • [AXIS2-5975] - More specific Runtime Exceptions instead of just "Input values do not follow defined XSD restrictions"
  • [AXIS2-6049] - Generated Exceptions differ each generation
  • [AXIS2-6054] - when an inexistent enum value arrives, do not just throw an IllegalArgumentException without any exception
  • [AXIS2-6059] - Improve logging by default
  • [AXIS2-6069] - Disable admin console login by removing default credential values
  • [AXIS2-6071] - Add new class JSONBasedDefaultDispatcher that skips legacy SOAP code

Wish

  • [AXIS2-5953] - Upgrade javax.mail version
  • [AXIS2-6051] - Axis2 Future Roadmap in keeping up with new Java Versions

Task

  • [AXIS2-6078] - Remove Google Analytics from 5 Pages on Axis Website