Google Git
Sign in
apache/axis-axis2-java-rampart/HEAD
  1. b2cce44 RAMPART-44 / RAMPART-252: add a dedicated algorithm-downgrade test by Robert Lazarski · 2 days ago master
  2. 0770108 RAMPART-44 / RAMPART-252: enforce the policy algorithm suite on inbound messages by Robert Lazarski · 2 days ago
  3. 205ae0c RAMPART-431: skip signing SignedParts headers that are absent from the message by Robert Lazarski · 2 days ago
  4. e9ccb68 RAMPART-411: add regression test for signing the BinarySecurityToken by Robert Lazarski · 2 days ago
  5. c8071ba Address RAMPART-427 review: document init trade-off, guard config parsing by Robert Lazarski · 2 days ago
  6. 8ce0aeb RAMPART-427: add the CLIENT_SIDE marker parameter race-free by Robert Lazarski · 2 days ago
  7. 977e51f RAMPART-428: harden the test XML parser against XXE by Robert Lazarski · 2 days ago
  8. 5346d2f RAMPART-428: apply the signed-element identity check to headers too by Robert Lazarski · 2 days ago
  9. 9d0abc1 RAMPART-428: validate the signed SOAP Body by identity, not by name by Robert Lazarski · 2 days ago
  10. e73ba38 RAMPART-371: cover the null-QName assertion case in RahasModuleTest by Robert Lazarski · 2 days ago
  11. 1c36bd0 RAMPART-371: rahas must report support for WS-SecurityPolicy assertions by Robert Lazarski · 2 days ago
  12. 8a43eb5 RAMPART-337: also retire expired tokens on SimpleTokenStore.update() by Robert Lazarski · 2 days ago
  13. 9b92fcd Add .claude to .gitignore by Robert Lazarski · 2 days ago
  14. cb60b2e CI: skip snapshot Deploy step when Nexus credentials are absent by Robert Lazarski · 2 days ago
  15. da0ff64 RAMPART-337: retire expired tokens from SimpleTokenStore to bound memory by Robert Lazarski · 2 days ago
  16. 62ffbcd Reconcile legal/ license files with the actual binary distribution by Robert Lazarski · 3 days ago
  17. c34fe61 Remove unused OWASP ESAPI dependency from rampart-trust by Robert Lazarski · 3 days ago
  18. eb70efe Release prep: refresh 2.0.0 release notes and NOTICE copyright year by Robert Lazarski · 3 days ago
  19. c2db725 Address Gemini review nits: enforcer comment + failIfNoTests safety net by Robert Lazarski · 3 days ago
  20. 08fd2e3 Use released Axis2 2.0.1, fix JDK 25 build, bump dependencies by Robert Lazarski · 3 days ago
  21. 772da3f Remove unverified WSS4J CVE IDs from history section by Robert Lazarski · 11 days ago
  22. b6065af Fix incorrect path for RampartUsernameTokenValidator by Robert Lazarski · 11 days ago
  23. f09f237 Address Gemini review findings for Glasswing threat model by Robert Lazarski · 11 days ago
  24. ffe2ef2 Add security threat model and AGENTS.md for Glasswing scan by Robert Lazarski · 11 days ago
  25. 4a54f02 Merge pull request #26 from apache/infrastructure-ruleset-bot/default-branch-protection by robertlazarski · 4 weeks ago
  26. 7280acc Set up default protection ruleset for default and release branches by The Apache Software Foundation · 4 weeks ago infrastructure-ruleset-bot/default-branch-protection
  27. 9164fac RAMPART-454 Document security / maintenance assumptions flagged by review by Robert Lazarski · 9 weeks ago
  28. 2f9f8a5 RAMPART-454 Align GitHub Actions CI with axis2-java-core by Robert Lazarski · 9 weeks ago
  29. d24a319 RAMPART-454 Refresh stale POM comment about OpenSAML xacml-saml pin by Robert Lazarski · 9 weeks ago
  30. bfe8f04 RAMPART-454 Refresh site docs for the 2.0.0 release by Robert Lazarski · 9 weeks ago
  31. 353ec6e RAMPART-454 Put servlet-api on the aggregator Javadoc classpath by Robert Lazarski · 9 weeks ago
  32. 50c80d3 RAMPART-454 Fix rampart-dist lib/ layout for OpenSAML 5 by Robert Lazarski · 9 weeks ago
  33. 8e4a0ca RAMPART-454 Bump build to JDK 17 baseline; refresh plugin and library versions by Robert Lazarski · 9 weeks ago
  34. 55f3274 RAMPART-454 Finish OpenSAML 5 / Axis2 2.0.x API migration in trust/integration by Robert Lazarski · 9 weeks ago
  35. aceacfe RAMPART-454 Upgrade OpenSAML from 4.3.2 to 5.2.1 by Robert Lazarski · 9 weeks ago
  36. 34f6918 RAMPART-454 Upgrade to Axis2 2.0.1-SNAPSHOT + Axiom 2.0.0 (Jakarta) by Robert Lazarski · 9 weeks ago
  37. 93e0883 Merge pull request #23 from apache/cortlepp/unify-log4j-deps by Christian Ortlepp · 9 weeks ago
  38. 8f5b196 chore: unify log4j deps and update them by Christian Ortlepp · 9 weeks ago cortlepp/unify-log4j-deps
  39. bf158ea Merge remote-tracking branch 'origin/dependabot/maven/modules/distribution/org.apache.logging.log4j-log4j-core-2.25.3' into cortlepp/unify-log4j-deps by Christian Ortlepp · 9 weeks ago
  40. 771370d Merge remote-tracking branch 'origin/dependabot/maven/org.apache.logging.log4j-log4j-core-2.25.3' into cortlepp/unify-log4j-deps by Christian Ortlepp · 9 weeks ago
  41. 43d0528 Merge pull request #22 from apupier/patch-1 by Christian Ortlepp · 9 weeks ago
  42. 91d0fcc Use new shibboleth Maven repository URL by Aurélien Pupier · 10 weeks ago
  43. 47c186f Bump org.apache.logging.log4j:log4j-core from 2.18.0 to 2.25.3 by dependabot[bot] · 6 months ago
  44. 24370d4 Bump org.apache.logging.log4j:log4j-core in /modules/distribution by dependabot[bot] · 6 months ago
  45. ec1727a Fix github actions by Robert Lazarski · 7 months ago
  46. 89f9758 Merge pull request #19 from apache/dependabot/maven/commons-fileupload-commons-fileupload-1.6.0 by robertlazarski · 7 months ago
  47. 47a984d Big update to fix samples 1 thru 9. Also fix or remove a bunch of old http links by Robert Lazarski · 7 months ago
  48. 74b1038 Add release notes for 2.0.0 by Robert Lazarski · 8 months ago
  49. 6b137e2 Bump commons-fileupload:commons-fileupload from 1.5 to 1.6.0 by dependabot[bot] · 11 months ago
  50. c69ea97 release doc updates by Robert Lazarski · 1 year, 4 months ago
  51. 77a6e2a Release documentation updates by Robert Lazarski · 1 year, 6 months ago
  52. 7add69c [maven-release-plugin] prepare for next development iteration by Robert Lazarski · 1 year, 6 months ago
  53. d0546ce [maven-release-plugin] prepare release v1.8.0 by Robert Lazarski · 1 year, 6 months ago v1.8.0
  54. f7c31c7 dev guide updates by Robert Lazarski · 1 year, 6 months ago
  55. 69449bc Update legal dir by Robert Lazarski · 1 year, 6 months ago
  56. fea0391 Update legal dir, and some dev guide updates by Robert Lazarski · 1 year, 6 months ago
  57. 35297c2 Update legal dir, and some dev guide updates by Robert Lazarski · 1 year, 6 months ago
  58. 463f7b2 Release prep by Robert Lazarski · 1 year, 6 months ago
  59. 1ded480 site-deploy is not finding our JavaDoc, so fix that with some maven-resources-plugin config by Robert Lazarski · 1 year, 7 months ago
  60. 5ff658f More release cleanup by Robert Lazarski · 1 year, 7 months ago
  61. 5ffdf8b Release cleanup and docs, link to JavaDoc via apidocs needs to be fixed still by Robert Lazarski · 1 year, 7 months ago
  62. 50b0f02 Release cleanup and docs, link to JavaDoc via apidocs needs to be fixed still by Robert Lazarski · 1 year, 7 months ago
  63. 3348434 Update Ant to latest by Robert Lazarski · 1 year, 7 months ago
  64. 3a74327 RampartEngine fixes by Robert Lazarski · 1 year, 7 months ago
  65. add45b8 Release notes update by Robert Lazarski · 1 year, 7 months ago
  66. 32f00ce RAMPART-234 Allow custom https listeners to populate the client certificate chain in the message context by Robert Lazarski · 1 year, 7 months ago
  67. f8dcc74 RAMPART-234 Allow custom https listeners to populate the client certificate chain in the message context by Robert Lazarski · 1 year, 7 months ago
  68. b0f0096 RAMPART-335 X509V3 KeyIdentifier cannot be set dynmaically by Robert Lazarski · 1 year, 7 months ago
  69. 1d69f56 RAMPART-261 Ability to Toggle mustUnderstand flag in security header by Robert Lazarski · 1 year, 7 months ago
  70. 7cc7075 RAMPART-396 NullPointerException using STS, Trust and entropy by Robert Lazarski · 1 year, 7 months ago
  71. 01a401c RAMPART-396 NullPointerException using STS, Trust and entropy by Robert Lazarski · 1 year, 7 months ago
  72. 5bef642 RAMPART-420 Allow WS-Security timestamps to be spoofed and BSP checking disabled by Robert Lazarski · 1 year, 7 months ago
  73. f7d0025 RAMPART-420 Allow WS-Security timestamps to be spoofed and BSP checking disabled by Robert Lazarski · 1 year, 7 months ago
  74. fef676d RAMPART-420 Allow WS-Security timestamps to be spoofed and BSP checking disabled by Robert Lazarski · 1 year, 7 months ago
  75. 6d85d98 RAMPART-437 SHA256 not supported for DigestAlgorithm for TransportBinding when specified correctly in policy.xml by Robert Lazarski · 1 year, 7 months ago
  76. 5136d7b RAMPART-205, RAMPART-361, RAMPART-432, RAMPART-435 Add some customization to WSS4J RequestData via optional parameters in Options and RampartConfig by Robert Lazarski · 1 year, 7 months ago
  77. a41a08e RAMPART-205, RAMPART-361, RAMPART-432, RAMPART-435 Add some customization to WSS4J RequestData via optional parameters in Options and RampartConfig by Robert Lazarski · 1 year, 7 months ago
  78. 206965a RAMPART-448 NullPointerException in RampartUtil.setKeyIdentifierType() when signing response by Robert Lazarski · 1 year, 7 months ago
  79. 0c00063 RAMPART-448 NullPointerException in RampartUtil.setKeyIdentifierType() when signing response by Robert Lazarski · 1 year, 7 months ago
  80. c6d3aa3 RAMPART-325 NullPointerException with UsernameToken Policy and MTOM Policy without Rampart Config in WSDL by Robert Lazarski · 1 year, 7 months ago
  81. c1f7692 RAMPART-425 Links not found by Robert Lazarski · 1 year, 7 months ago
  82. 3f457fe RAMPART-432 Add disableBSPEnforcement to RampartConfig docs by Robert Lazarski · 1 year, 7 months ago
  83. c4371bf RAMPART-432 Add a client and server way to set the WSS4J param disableBSPEnforcement. I need community help on a unit test, or more time to figure out one in a subsequent release by Robert Lazarski · 1 year, 7 months ago
  84. 36e84d7 Fix pom.xml scm and distributionManagement tags by Robert Lazarski · 1 year, 8 months ago
  85. a8f4591 Dep updates by Robert Lazarski · 1 year, 8 months ago
  86. 4d779c5 Dep updates by Robert Lazarski · 1 year, 8 months ago
  87. 4bf1c82 RAMPART-441 community patch on docs by Robert Lazarski · 1 year, 8 months ago
  88. d53fe1b Test code cleanup by Robert Lazarski · 1 year, 8 months ago
  89. 373ffca Sample typos by Robert Lazarski · 1 year, 8 months ago
  90. fa2cae1 Fix source control links in developer-guide.xml by Robert Lazarski · 1 year, 8 months ago
  91. a9bd8b1 RAMPART-451 remove unmaintained xalan dep by Robert Lazarski · 1 year, 8 months ago
  92. 69e24ef Add release notes for 1.8.0, which will be expanded with fixed issues once some Jira clean up has been done by Robert Lazarski · 1 year, 8 months ago
  93. c6c53b4 Include xmlsec as a dep to fix the samples by Robert Lazarski · 1 year, 8 months ago
  94. ddff746 Fix some JKS / pkcs12 mismatches from a previous commit by Robert Lazarski · 1 year, 8 months ago
  95. 65c3c48 Update some more deps by Robert Lazarski · 1 year, 8 months ago
  96. 6b1e7c1 Update wss4j is to latest, 3.0.3 by Robert Lazarski · 1 year, 8 months ago
  97. 07fd82e AXIS2-6066 fix site build, upgrade to latest maven-site-plugin by Robert Lazarski · 1 year, 8 months ago
  98. 69cb19a Update maven-fluido-skin to latest, getting the site-deploy Maven task closer to working by Robert Lazarski · 1 year, 8 months ago
  99. 56911ff Remove some certs recently created that ended up not being used by Robert Lazarski · 1 year, 8 months ago
  100. 99dbae2 Use JSK 11 as a compile target since that is what axis2 uses by Robert Lazarski · 1 year, 8 months ago