A library to send and receive AS4 messages. Licensed under the Apache 2 License!
It consists of the following sub-projects:
- phase4-lib - basic data structures for AS4 handling, sending and receiving
- phase4-profile-cef - AS4 profile for CEF/eSENS as well as the PMode and the respective validation
- phase4-profile-entsog - AS4 profile for ENTSOG as well as the PMode and the respective validation
- phase4-profile-peppol - AS4 profile for Peppol as well as the PMode and the respective validation
- phase4-test - integration test project
- phase4-server-webapp - Standalone AS4 server for demo purposes
- phase4-dynamic-discovery - a shared library that contains common stuff for dynamic discovery using SML and SMP
- phase4-cef-client - a specific client to send messages using the CEF profile
- phase4-entsog-client - a specific client to send messages using the ENTSOG profile
- phase4-peppol-client - a specific client to send messages to Peppol
- phase4-peppol-servlet - a specific servlet that can be used to receive messages from Peppol
- phase4-peppol-server-webapp - a simple standalone Peppol AS4 server for demo purposes
- phase4-spring-boot-demo - an example how to integrate phase4 with Spring Boot
Note: to the reader the documentation you are reading refers to version 1.x. For previous version documentation, please refer to the appropriate tag
This solution is CEF compliant. See the test report at https://ec.europa.eu/cefdigital/wiki/download/attachments/82773297/phase4%20AS4%20test%20runs.zip?version=1&modificationDate=1565683321725&api=v2
This solution is Peppol compliant. See the test report at https://github.com/phax/phase4/blob/master/docs/Peppol/TestBedReport-POP000306-20190906T103327.pdf
Some known users of phase4 - mostly in the context of Peppol - are (in alphabetical order):
- A-Cube S.r.l. (IT) - https://acubeapi.com/
- Bundesrechenzentrum / Federal Computing Center (AT) - https://www.brz.gv.at/
- DE4A (EU project) - http://www.de4a.eu/
- ecosio GmbH (AT) - https://ecosio.com/
- Fitek AS (EE) - https://fitek.com/
- Formware GmbH (DE) - https://www.formware.de/
- GHX LLC (UK) - https://www.ghx.com/
- Qvalia Group AB (SE) - https://qvalia.com/
- Storecove (Global) - https://www.storecove.com/
- Strands (ES) - https://strands.com/
- T-Systems Multimedia Solutions GmbH (DE) - https://www.t-systems-mms.com
- Telema AS (EE) - https://telema.com/
- TOOP4EU (EU project) - http://toop.eu/
- unifiedpost group (BE) - https://www.unifiedpost.com/
If you are a phase4 user and want to be listed here, write me an email to phase4[at]helger[dot]com
The primary configuration file for phase4 is called phase4.properties
.
It contains both the phase4 specific configuration items as well as the WSS4J ones (see https://ws.apache.org/wss4j/config.html).
The resolution of the configuration properties is not bound to the configuration file - system properties and environment variables can also be used. See https://github.com/phax/ph-commons/wiki/ph-config for details.
Upon resolution of configuration values, Java system properties have the highest priority (400), before environment variables (300), the file phase4.properties
(203), the file private-application.json
(195), the file private-application.properties
(190), the file application.json
(185), the file application.properties
(180) and finally the file reference.properties
(1).
Note: programmatic access to the configuration is solely achieved via class com.helger.phase4.config.AS4Configuration
.
Note: the descriptions and the default values are taken from WSS4J.
-
org.apache.wss4j.crypto.provider
: WSS4J specific provider used to create Crypto instances. Defaults toorg.apache.wss4j.common.crypto.Merlin
. -
org.apache.wss4j.crypto.merlin.keystore.type
: the keystore type. Usually one ofJKS
orPKCS12
. Defaults tojava.security.KeyStore.getDefaultType()
. -
org.apache.wss4j.crypto.merlin.keystore.file
: the path to the keystore. Can be an entry in the class path, a URL or an absolute file path. -
org.apache.wss4j.crypto.merlin.keystore.password
: the password to the whole keystore. -
org.apache.wss4j.crypto.merlin.keystore.alias
: the alias of the key to be used inside the keystore. Hint case sensitivity may be important here. -
org.apache.wss4j.crypto.merlin.keystore.private.password
: the password to access the key only. May be different from the keystore password. -
org.apache.wss4j.crypto.merlin.load.cacerts
: Whether or not to load the CA certificates in${java.home}/lib/security/cacerts
(default isfalse
). -
org.apache.wss4j.crypto.merlin.truststore.provider
: The provider used to load truststores. By default it’s the same as the keystore provider. Set to an empty value to force use of the JRE’s default provider. -
org.apache.wss4j.crypto.merlin.truststore.type
: The truststore type. Usually one ofJKS
orPKCS12
. Defaults tojava.security.KeyStore.getDefaultType()
. -
org.apache.wss4j.crypto.merlin.truststore.file
: The location of the truststore. Can be an entry in the class path, a URL or an absolute file path. -
org.apache.wss4j.crypto.merlin.truststore.password
: The truststore password. Defaults tochangeit
.
Note: for Peppol users the key store must contain the AccessPoint private key and the truststore must contain the Peppol truststore.
The properties have the following meaning
-
global.debug
: enable or disable the global debugging mode in the system. It is recommended to have this always set tofalse
except you are developing with the components. Valid values aretrue
andfalse
. -
global.production
: enable or disable the global production mode in the system. It is recommended to have this set totrue
when running an instance in a production like environment to improve performance and limit internal checks. Valid values aretrue
andfalse
. -
global.nostartupinfo
: disable the logging of certain internals upon server startup when set totrue
. Valid values aretrue
andfalse
. -
global.datapath
: the writable directory where the server stores data. It is recommended to be an absolute path (starting with/
). The default value is the relative directoryconf
. -
phase4.manager.inmemory
: if this property is set totrue
than phase4 will not create persistent data for PModes ands other domain objects. The default value istrue
. -
phase4.wss4j.syncsecurity
: if this property is set totrue
all signing, encryption, signature verification and decryption is linearized in an artificial lock. This should help working around the https://issues.apache.org/jira/browse/WSS-660 bug if one Java runtime needs to contain multiple instances of phase4. Note: this flag is still experimental. Note: this is only a work-around if only phase4 based applications run in the same Java runtime - if other WSS4J applications (like e.g. Oxalis) are also run, this switch does not solve the issue. Defaults tofalse
. -
phase4.profile
: a specific AS4 profile ID that can be used to validate incoming messages. Only needed in specific circumstances. Not present by default. -
phase4.incoming.duplicatedisposal.minutes
: the number of minutes a message is kept for duplication check. After that time, the same message can be retrieved again. Valid values are integer numbers ≥ 0. The default value is10
. -
phase4.dump.path
: the base path where dumps of incoming and outgoing files should be created, if the respective dumpers are activated. The default value isphase4-dumps
relative to the current working directory. -
phase4.endpoint.address
: the public URL of this AS4 server to send responses to. This value is optional. This value is checked by the underlying profile.- In the case of Peppol and CEF, this value needs to have the
https
protocol (except the global debug mode is enabled in which case thehttp
protocol is also allowed) - In the case of ENTSOG this value needs to be
http
orhttps
- In the case of Peppol and CEF, this value needs to have the
To handle common parts of AS4 PModes this project uses so called "profiles". Currently the following profiles are provided out of the box:
- CEF with ID
cef
in submodulephase4-profile-cef
- see https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eDelivery+AS4+-+1.14 for the full specification - Peppol with ID
peppol
in submodulephase4-profile-peppol
- see https://docs.peppol.eu/edelivery/as4/specification/ for the full specification - ENTSOG with ID
entsog
in submodulephase4-profile-entsog
- see https://www.entsog.eu/interoperability-and-data-exchange-nc for the full specification
To use one of these profiles, the respective Maven artifacts must be added as dependencies to your project as in
<dependency>
<groupId>com.helger</groupId>
<artifactId>phase4-profile-cef</artifactId>
<version>x.y.z</version>
</dependency>
or
<dependency>
<groupId>com.helger</groupId>
<artifactId>phase4-profile-peppol</artifactId>
<version>x.y.z</version>
</dependency>
or
<dependency>
<groupId>com.helger</groupId>
<artifactId>phase4-profile-entsog</artifactId>
<version>x.y.z</version>
</dependency>
If you want to create your own profile, you need to provide an SPI implementation of the phase4-lib
interface com.helger.phase4.profile.IAS4ProfileRegistrarSPI
. See the above mentioned submodules as examples on how to do that.
Peppol is an international eDelivery network. Read more on https://peppol.eu
To perform testing with Peppol you MUST have a valid Peppol certificate. Testing with a self-signed certificate does not work. Only certificates that are based on the Peppol AP PKI will be accepted. You may read https://peppol.helger.com/public/locale-en_US/menuitem-docs-peppol-pki for more information on the Peppol PKI. To retrieve a Peppol certificate, you must be a member of OpenPEPPOL AISBL - see https://peppol.eu/get-involved/join-openpeppol/ for details.
OASIS AS4 is a profile of OASIS EBMS v3. CEF AS4 is a profile of OASIS AS4. Peppol AS4 is a profile of CEF AS4. Find the Peppol specification document at https://docs.peppol.eu/edelivery/as4/specification/
Peppol has a very limited use of AS4. Some highlights are:
- It uses only one-way push
- TLS certificates must have SSL labs test grade "A" - that means e.g. no TLS 1.0 or 1.1 support
- Signing and encryption rules follow the CEF AS4 profile requirements (AES 128 CGM, SHA-256)
- It allows only for one payload
- You have to use MIME encoding for the payload - and are not allowed to add it into the SOAP body
- The payload is always an SBD envelope (Standard Business Document; mostly wrongly addressed as SBDH - Standard Business Document Header) - same as for Peppol AS2
- Compression must be supported but can be chosen on the senders discretion
This subproject is your entry point for sending messages into the Peppol eDelivery network.
The contained project contains a class called Phase4PeppolSender.Builder
(accessible via factory method Phase4PeppolSender.builder()
) - it contains all the parameters with some example values so that you can start easily. Alternatively the class Phase4PeppolSender.SBDHBuilder
(accessible via factory method Phase4PeppolSender.sbdhBuilder()
) offers a build class where you can add your pre-build StandardBusinessDocument, which implies that no implicit validation of the business document takes place. This class contains utility methods to explicitly validate the payload.
As a prerequisite, the file phase4.properties
must be filled out correctly and your Peppol AP certificate must be provided (the default configured name is test-ap.p12
).
See the folder https://github.com/phax/phase4/tree/master/phase4-peppol-client/src/test/java/com/helger/phase4/peppol for different examples on how to send messages via the Peppol AS4 client.
The client side validation of outgoing business documents is implemented using PHIVE (Philip Helger Integrative Validation Engine).
This subproject is your entry point for receiving messages from the Peppol eDelivery network using the well known Servlet technology.
It assumes you are running an Application server like Apache Tomcat or Eclipse Jetty to handle incoming connections. Integrations into other application servers like vertx or even the deployment as an AWS Lambda is possible but needs a bit more handcrafting.
Register the Servlet com.helger.phase4.peppol.servlet.Phase4PeppolServlet
in your application.
Then implement the SPI interface com.helger.phase4.peppol.servlet.IPhase4PeppolIncomingSBDHandlerSPI
to handle incoming Peppol messages. See Introduction to the Service Providers Interface if you are not familiar with the Java concept of SPI.
Sample setup for WEB-INF/web.xml
:
<servlet>
<servlet-name>Phase4PeppolServlet</servlet-name>
<servlet-class>com.helger.phase4.peppol.servlet.Phase4PeppolServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Phase4PeppolServlet</servlet-name>
<url-pattern>/as4</url-pattern>
</servlet-mapping>
By default the "receiver checks" are enabled. They are checking if an incoming message is targeted for the correct Access Point and if not will reject the message. That is done by performing an SMP lookup on the receiver/document type/process ID and check if the resulting values match the preconfigured values. That of course requires that the preconfigured values need to be set, before a message can be received. That needs to be done via the static methods in class Phase4PeppolServletConfiguration
. Alternatively you can disable the receiver checks using the setReceiverCheckEnabled
method in said class.
Additionally before you can start, an IAS4CryptoFactory
MUST be set. An implementation of this interface provides the keystore as well as the private key for doing signing and/or encryption services in phase4. Default implementations shipping with phase4 are AS4CryptoFactoryProperties
and AS4CryptoFactoryInMemoryKeyStore
. To change that configuration use the extended constructor of AS4XServletHandler
that itself is instantiated in the Phase4PeppolServlet
- therefore a custom Servlet class is required, where Phase4PeppolServlet
should be used as the "copy-paste template" (and don't forget to reference the new servlet class from the WEB-INF/web.xml
mentioned above).
This subproject shows how to a simple standalone Peppol AS4 server could look like.
It is a demo implementation and does not do anything with the payload except storing it on disk.
Use this as the basis for implementing your own solution - don't take it "as is".
It takes incoming requests via HTTP POST at the URL /as4
.
Upon startup it checks that a valid Peppol Access Point (AP) certificate is installed.
It stores all incoming requests on disk based on the incoming date time.
- The full incoming message is stored with extension
.as4in
- The SOAP document is stored with extension
.soap
- The (decrypted) Peppol payload (SBD Document) is stored with extension
.sbd
- The returned receipt is stored with extension
.response
To configure your certificate, modify the file phase4.properties
. Usually there is no need to alter the truststore - it's the Peppol default truststore and considered to be constant.
Note: this application uses the property smp.url
in configuration file phase4.properties
to locate it's home SMP for cross checking if the incoming request is targeted for itself.
To start it from within your IDE you may run the test class com.helger.phase4.peppol.server.standalone.RunInJettyPHASE4PEPPOL
- it will spawn on http://localhost:8080`.
For IntelliJ users: make sure the folder phase4-peppol-server-webapp
is the startup directory.
If you want to use phase4 with Maven I suggest the following way:
- add the BOM into your
<dependencyManagement>
section and - add the main artefacts without version in the
<dependency>
block to have a consistent versioning:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
...
<dependencyManagement>
<dependencies>
...
<!-- step 1 -->
<dependency>
<groupId>com.helger.phase4</groupId>
<artifactId>phase4-parent-pom</artifactId>
<version>x.y.z</version>
<type>pom</type>
<scope>import</scope>
</dependency>
...
</dependencies>
</dependencyManagement>
...
<dependencies>
...
<!-- step 2 -->
<dependency>
<groupId>com.helger.phase4</groupId>
<artifactId>phase4-lib</artifactId>
</dependency>
<dependency>
<groupId>com.helger.phase4</groupId>
<artifactId>phase4-profile-peppol</artifactId>
</dependency>
...
</dependencies>
...
</project>
Apache Maven needed 3.6 or later and Java JDK 8 or later is required.
To build the whole package on the commandline use mvn clean install -U
.
If you are importing this into your IDE and you get build errors, it maybe necessary to run mvn process-sources
once in the phase4-lib
subproject. Afterwards the folder target/generated-sources/xjc
must be added to the source build path. When building only on the commandline, this is done automatically.
Per now the following known limitations exist:
- The SMP lookup part does not work with Java 17 out of the box, because the Peppol SMP enforces the usage of SHA-1 as the signature method and digest method
- phase4 is not a standalone project but a library that you need to manually integrate into your system
- Multi-hop is not implemented
- Split and join is not implemented
Any voluntary help on this project is welcome. If you want to write documentation or test the solution - I'm glad for every help. Just write me an email - see pom.xml for my email address
If you like the project, a star on GitHub is always appreciated.
- v1.3.5 - 2021-12-21
- Updated to Log4J 2.17.0 for security reasons (CVE-2021-45105) - see https://logging.apache.org/log4j/2.x/security.html
- v1.3.4 - 2021-12-14
- Updated to Log4J 2.16.0 for security reasons (CVE-2021-45046) - see https://www.lunasec.io/docs/blog/log4j-zero-day/
- v1.3.3 - 2021-12-10
- Updated to Log4J 2.15.0 for security reasons (CVE-2021-44228) - see https://www.lunasec.io/docs/blog/log4j-zero-day/
- Updated to WSS4J 2.4.0
- Updated to xmlsec 2.3.0
- Fixed a typo in method name of class
AbstractPeppolUserMessageBuilder
(missingp
ofendpoint
) - Fixed the interface name from
IPhase4PeppolValidatonResultHandler
toIPhase4PeppolValidationResultHandler
(see issue #68) - Updated the Maven JAXB2 plugin so that it also build with Java 17
- v1.3.2 - 2021-09-27
- Updated to ph-web 9.6.1
- Updated to phive-rules 2.1.7
- Updated to xmlsec 2.2.3 (security fix)
- Allowing to set the "RefToMessageId" in the client sender builders
- Improved the error handling of
ISOAPHeaderElementProcessor
invocations (see issue #52)
- v1.3.1 - 2021-05-21
- Updated to xmlsec 2.2.2
- Added the possibility to provide the content ID in the Peppol AS4 sender
- Changed the layout of the default, random Content-IDs to match RFC 822
- The error handling of the SPI invocations was improved
AS4MessageProcessorResult.createFailure
now also takes empty arguments- Extended the internal API of
AS4XServletHandler
to make calls from the outside simpler - Added a new class
AS4DumpReader
that can be helpful in reading dumped ".as4in" messages at a later point in time
- v1.3.0 - 2021-05-02
- Updated to ph-commons 10.1
- Moved the classes
AS4IncomingDumperFileBased
,AS4OutgoingDumperFileBased
andAS4RawResponseConsumerWriteToFile
from packagecom.helger.phase4.servlet.dump
to packagecom.helger.phase4.dump
. The old classes remain there, but deprecated. IAS4IncomingDumper.onEndRequest
is only called ifonNewRequest
returned a non-null stream- Improved logging in case of failed sending prerequisites
- Changed from
Offset(Date|Time|DateTime)
toXMLOffset(Date|Time|DateTime)
where the message exchange is affected - The JAXB implementation must now explicitly be added to an application
pom.xml
e.g. like this:
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-impl</artifactId>
</dependency>
- v1.2.0 - 2021-03-28
- Added the response AS4 Message ID as parameter to
IAS4ServletMessageProcessorSPI.processAS4ResponseMessage
- Renamed class
EAS4IncomingMessageMode
toEAS4MessageMode
- Extended
IAS4OutgoingDumper
API with anEAS4MessageMode
param - Extended the
IAS4MessageState
with "ref to message ID" and "message timestamp"
- Added the response AS4 Message ID as parameter to
- v1.1.1 - 2021-03-23
- Made the AS4 message ID suffix customizable (see issue #50) using
MessageHelperMethods.setCustomMessageIDSuffix(String)
- Made the AS4 message ID suffix customizable (see issue #50) using
- v1.1.0 - 2021-03-22
- Updated to ph-commons 10
- Changed from
Local(Date|Time|DateTime)
toOffset(Date|Time|DateTime)
where the message exchange is affected
- v1.0.0 - 2021-03-10
- v1.0.0-rc1 - 2021-02-17
- Updated to peppol-commons 8.4.0
- The configuration files
private-crypto.properties
,crypto.properties
,private-as4.properties
andas4.properties
are no longer read - The configuration properties
server.debug
,server.production
,server.nostartupinfo
,server.datapath
,server.profile
,server.incoming.duplicatedisposal.minutes
andserver.address
are no longer supported - Removed all deprecated elements
- Extended the API of
ESimpleUserMessageSendResult
- Added
AbstractAS4UserMessageBuilder.sendMessageAndCheckForReceipt
overload with an exception consumer (see issue #48)
- v0.14.0 - 2021-01-27
- Changed the default directory structure of the incoming and outgoing dumper as well as the raw response consumer to have subdirectories for year, month and day of month
- Extended
Phase4OutgoingAttachment
to also have aCharset
parameter. Thanks to @pavelrotek for pointing this out. Phase4OutgoingAttachment
can now work onbyte[]
andFile
.- Added support for the ENTSOG AS4 profile (see issue #46). Therefore the new submodules
phase4-profile-entsog
as well asphase4-entsog-client
were added. Thanks to @pavelrotek for providing it. - Removed all elements deprecated in 0.13.x or earlier
- v0.13.2 - 2021-01-22
- Fixed an error that an empty
MessageProperties
element is created which would not be XSD compliant. Thanks to Amish Regmi for pointing this out.
- Fixed an error that an empty
- v0.13.1 - 2021-01-20
- Updated to WSS4J 2.3.1
- Updated to ph-web 9.5.2 updating the U-NAPTR lookup code for BDXL lookups
- Added new class
EbmsError
to implementIEbmsError
next toEEbmsError
- The
AS4RequestHandler
received aSoapProcessingFinalizedCallback
to be able to get notified on asynchronous processing finalization - Extended
IAS4IncomingProfileSelector
to allow to disable the AS4 profile validation of PModes - Remembering the MessageID earlier in the process, so that error messages can always use the
RefToMessageId
properly - Fine-tuned the CEF and Peppol PMode checks a bit
- v0.13.0 - 2020-12-11
- Extended exception API to that constructors with only another exception are present
- Extended the Peppol demo server to store the attachments by default, even if the payload check does not work
- Updated to peppol-commons 8.3.1 that fixes the Peppol SBDH
TypeVersion
check - The Peppol client builder no longer sets an invalid default
TypeVersion
in the SBDH - Added new interface
IAS4SenderInterrupt
to allow all sender builders to interrupt sending at a late stage - The HTTP retry settings are now assembled in the class
HttpRetrySettings
AbstractAS4Client
is no longer derived fromBasicHttpPoster
but instead has a customizable member that is responsible for the sending. This allows for exchanging the underlying HTTP engine.- The UserMessage builder now has a simplified
sendMessageAndCheckForReceipt
method that does all the success/error checks internally - Extended the
AS4ClientSentMessage
to also contain the HTTP response status line and the response HTTP headers - Added a new interface
IAS4IncomingProfileSelector
to make profile selection customizable - Renamed interface
IIncomingAttachmentFactory
toIAS4IncomingAttachmentFactory
- Added new abstract base class
AbstractAS4RawResponseConsumer
to customize handling of status line and http headers AS4RawResponseConsumerWriteToFile
now logs the status line and the response headers by default (backward incompatible change)- The default filenames created from
AS4RawResponseConsumerWriteToFile
now use the extension.as4response
instead of-response.xml
because they are no longer pure XML - Moved method
readCryptoPropertiesFromFile
fromAS4CryptoFactoryPropertiesFile
toAS4CryptoFactoryProperties
- v0.12.6 - 2020-11-25
- Updated from "ph-bdve*" to "phive*" - see https://github.com/phax/phive and https://github.com/phax/phive-rules for details
- v0.12.5 - 2020-11-25
- Updated to peppol-commons 8.3.0
- v0.12.4 - 2020-11-18
- Remembering the original compression state of incoming attachments
- Updated to ph-bdve-rules 1.0.14 including Peppol Fall 2020 release corrigendum
- v0.12.3 - 2020-11-06
- The
phase4-server-webapp
project now also stores all incoming messages to the dump path - Ensure the incoming dumper
AS4IncomingDumperFileBased
creates a unique filename by default - Allow an empty AS4 Conversation ID in a UserMessage
- Ensuring that outgoing messages can be dumped, even if retries is set to 0 (see issue #43)
- The
- v0.12.2 - 2020-10-05
- Extended the
IPhase4PeppolIncomingSBDHandlerSPI
interface to be able to reject messages on the AS4 layer - Updated to ph-bdve-rules 1.0.8
- Extended the
- v0.12.1 - 2020-09-28
- Updated to peppol-commons 8.2.4
- Made the value checks when reading Peppol SBDH documents customizable via
Phase4PeppolServletConfiguration.setPerformSBDHValueChecks
- Extended the Peppol client sender API to easily send special binary and text payload
- v0.12.0 - 2020-09-22
- Extended the
IPModeResolver
to also contain the agreementRef value (for ENTSOG) - backwards incompatible change - Added support for custom "Part properties" in
IAS4Attachment
(for ENTSOG) - The sending date and time of the AS4 message can now be configured in the client
- Made class
PMode
more static (see issue #41) PModeValidationException
is now a subclass ofPhase4Exception
- Added setters to some PMode related domain classes
- A default serialization of the PMode objects as JSON is available (see issue #40)
- The internal interface
IAS4MessageState
is now standalone - Made the incoming message metadata in class
AS4XServletHandler
easily customizable. - Made truststore accessible through
IAS4CryptoFactory
- Added new interface
IAS4UserMessageConsumer
- Extended API to make PullRequest sending simpler
- Moved shared fields from
AbstractAS4UserMessageBuilder
toAbstractAS4MessageBuilder
- Added new sanity builder for AS4 Pull Requests using
Phase4Sender.builderPullRequest()
- Changed
PMode IAS4ServletPullRequestProcessorSPI.processAS4UserMessage
toIPMode IAS4ServletPullRequestProcessorSPI.findPMode
- Extended the
- v0.11.1 - 2020-09-17
- Updated to Jakarta JAXB 2.3.3
- Updated to ph-sbdh 4.1.1
- Updated to peppol-commons 8.2.2
- v0.11.0 - 2020-09-08
- Extracted new enum
ECryptoKeyIdentifierType
to make the key information type customizable - Reworked the configuration so that system properties and environment variables can also be used
- The class
AS4Configuration
is now the primary source for configuration stuff - Class
AS4ServerConfiguration
was deleted - Extracted the class
AS4CryptoFactoryProperties
as the base class forAS4CryptoFactoryPropertiesFile
- Deprecated class
AS4CryptoFactoryPropertiesFile
in favour ofAS4CryptoFactoryProperties
- The file
crypto.properties
is considered deprecated. All values should be placed now inphase4.properties
. - By default the "in memory" managers are enabled. To disable this, add
phase4.manager.inmemory=false
in your configuration. - Dumping interfaces no longer implement
Serializable
- Added missing
onEndRequest
call to the outgoing dumper when sending responses
- Extracted new enum
- v0.10.6 - 2020-09-03
- The CEF client now has support for OASIS BDXR SMP v2
- The signature canonicalization method can now be customized
- Created new submodule
phase4-dynamic-discovery
that contains the shared parts used for dynamic discovery with SML and SMP phase4-peppol-client
andphase4-cef-client
use the classes fromphase4-dynamic-discovery
- backwards incompatible change
- v0.10.5 - 2020-08-30
- Updated to ph-commons 9.4.7
- Updated to ph-oton 8.2.6
- Updated to peppol-commons 8.1.7
- Replaced
AS4WorkerPool
withPhotonWorkerPool
- Improved validation of Peppol requirements for incoming messages, if the correct AS4 Profile "peppol" is selected
- Using Java 8 date and time classes for JAXB created classes
- v0.10.4 - 2020-07-22
- Extracted
IAS4ProfileManager
interface - Added profile manager to the
IManagerFactory
interface - Reworked the WSS4J initialization code to try to avoid the WSS-660 issue
- Extracted
- v0.10.3 - 2020-07-15
- Updated to ph-commons 9.4.6
- Added
AS4ServerInitializer.shutdownAS4Server
to gracefully unschedule all jobs - Improved customizability of the
Phase4CEFSender
to define if the@type
attribute should be emitted or not - Fixed an invalid
Content-Type
parsing issue, if an empty parameter is contained
- v0.10.2 - 2020-07-07
- Fixed an UnsupportedOperationException when AS4 HTTP Debugging was enabled AND an outgoing dumper was registered (see issue #39)
- Extended Peppol SBDH based builder to set the identifiers from the SBDH (see issue #22)
- Moved the
HttpClientFactory
setting one class up fromAbstractAS4UserMessageBuilder
toAbstractAS4MessageBuilder
- Improved the configurability of the dumpers
- v0.10.1 - 2020-06-24
- Added the possibility to provide a custom VESRegistry to the Peppol client to provide additional validation rules
- Changed the method
IAS4DuplicateManager
methodfindFirst
togetItemOfMessageID
to be implementable in different ways - Updated to WSS4J 2.3.0 and XMLSec 2.2.0
- Using
ph-xsds-xlink
andph-xsds-xml
for a shared "XLink" JAXB artefact
- v0.10.0 - 2020-06-08
- Updated to ph-bdve 6.0.0
- Merged
phase4-servlet
intophase4-lib
; therefore droppedphase4-servlet
submodule - Moved internal classes to new packages:
BasicHttpPoster
,AS4BidirectionalClientHelper
- Added a new class
Phase4Sender
that does offer sending capabilities with the builder pattern - All the client builders were unified - that creates incompatible name changes to
Phase4PeppolSender
(as insetSenderPartyID
→senderPartyID
) - Extracted
IAS4TimestampManager
to be able to provide custom timestamps
- v0.9.17 - 2020-05-27
- Changed Maven groupId to
com.helger.phase4
- Updated to ph-commons 9.4.4
- Changed Maven groupId to
- v0.9.16 - 2020-05-20
- Becoming more specific in thrown exceptions. Avoiding all "throws Exception"
- Fixed a potential concurrency error in
IPModeManager
implementations when calling "createOrUpdatePMode" - Fixed a potential concurrency error in
AS4CryptoFactoryPropertiesFile.getDefaultInstance()
- Added new class
Phase4OutgoingAttachment
for easier creation of outgoing attachments - Extended the
Phase4CEFSender
to handle multiple attachments. - Extended the
Phase4CEFSender
to allow overriding "Action" and "Service"
- v0.9.15 - 2020-05-19
- Increased customizability of
AS4XServletHandler
- Added a new submodule
phase4-cef-client
for easy sending using the CEF profile - Note: this version had a problem when deploying to Maven Central - so it's binary representation is broken
- Increased customizability of
- v0.9.14 - 2020-04-28
- Updated to WSS4J 2.2.5
- Updated to ph-commons 9.4.1
- Improved configurability of
MetaAS4Manager
- Moved callback interface
IPhase4PeppolResponseConsumer
toIAS4RawResponseConsumer
inphase4-lib
- Moved callback interface
IPhase4PeppolSignalMessageConsumer
toIAS4SignalMessageConsumer
inphase4-lib
- Moved
Phase4PeppolSender.parseSignalMessage
to classAS4IncomingHandler
inphase4-servlet
- Removed the check for the
refToMessageInError
attribute when receiving "Error SignalMessages"
- v0.9.13 - 2020-03-17
- Moved
originalSender
andfinalRecipient
tests to the CEF and Peppol profiles (see issue #33) - Added new class
AS4ProfileSelector
for more flexible profile selection - Added possibility for dumping the created SBDH in
Phase4PeppolSender.Builder
(see issue #34) - Made the setter of
Phase4PeppolServletMessageProcessorSPI
chainable - Extracted class
Phase4PeppolReceiverCheckData
to make the consistency check more flexible.
- Moved
- v0.9.12 - 2020-03-09
- Fixed potential NPE in error case (see issue #32)
- Fixed the setting of the
originalSender
and thefinalRecipient
message properties for Peppol. Thetype
attribute must contain the identifier scheme.
- v0.9.11 - 2020-03-03
- Updated to ph-web 9.1.10
- Propagating processing errors to the client (see issue #30) - thanks to https://github.com/RovoMe
- Replaced the unchecked
AS4BadRequestException
with the checkedPhase4Exception
(backwards incompatible change)
- v0.9.10 - 2020-02-16
- Fixed a stupid error in the demo code that prohibits the correct receiver check activation - see https://github.com/phax/phase4/commit/796c054d972562d31fe33597b8f7938081b8183e for the resolution
- Invoking the
AS4RequestHandler
error consumer also on asynchronous processing - Extended the error consumer interface of
AS4RequestHandler
fromConsumer
toIAS4RequestHandlerErrorConsumer
(backwards incompatible change) - Extended the message metadata class
AS4IncomingMessageMetadata
- Updated to ph-web 9.1.9
- v0.9.9 - 2020-02-09
- Removed the methods deprecated in v0.9.8
- Updated to peppol-commons 8.x
- Extended
Phase4PeppolEndpointDetailProviderSMP
API - Added new subproject
phase4-peppol-server-webapp
with a demo server for receiving messages via Peppol - Extended
IAS4IncomingDumper
API with an "end request" notifier - The asynchronous response now also uses the outgoing dumper
- Merged two methods in class
IAS4ResponseAbstraction
into one (backwards incompatible change) - Invoking the outgoing dumper also for responses sent for incoming messages
- v0.9.8 - 2020-01-29
- Added possibility to use external message ID in Peppol client
- Added new classes
AS4IncomingDumperSingleUse
andAS4OutgoingDumperSingleUse
for easier per-call dumping - Peppol client now has an additional callback to retrieve the AS4 URL where the message is send to
- No longer throwing an exception if
phase4.properties
is not available. Changed to a warning. - Added new class
AS4IncomingMessageMetadata
to hold metadata for each incoming message - The
IAS4ServletMessageProcessorSPI
API was modified to now includeIAS4IncomingMessageMetadata
(backwards incompatible change) - The
IPhase4PeppolIncomingSBDHandlerSPI
API was modified to now includeIAS4IncomingMessageMetadata
as well asPeppolSBDHDocument
,Ebms3UserMessage
andIAS4MessageState
(backwards incompatible change) - The
IAS4IncomingDumper
API was modified to now includeIAS4IncomingMessageMetadata
(backwards incompatible change) - Added the original (potentially encrypted) SOAP document into
IAS4MessageState
- Renamed type
ESOAPVersion
toESoapVersion
(backwards incompatible change) - Method names in
IAS4ClientBuildMessageCallback
changed to useSoap
instead ofSOAP
- Extended
IAS4ServletMessageProcessorSPI
with a possibility to process the response message send out - Renamed
AS4CryptoFactory
toAS4CryptoFactoryPropertiesFile
(backwards incompatible change)
- v0.9.7 - 2020-01-20
- Removed the default configuration files from
phase4-peppol-client
- Added the new submodule
phase4-peppol-servlet
with the Peppol specific receiving stuff - Extracted interface
IAS4Attachment
fromWSS4JAttachment
for read-only access - Fixed NPE when receiving an attachment without a "Content-ID"
- Removed all deprecated and unused methods from previous versions
- Extracted
IAS4CryptoFactory
interface for broader usage - Added possibility to use a preconfigured receiver AP certificate and endpoint URL for the Peppol client
- Changed
IPhase4PeppolValidatonResultHandler
to be an empty interface andPhase4PeppolValidatonResultHandler
is the default implementation - The base class of
Phase4PeppolException
changed fromException
toPhase4Exception
- Incoming messages are checked via against the values configured in class
Phase4PeppolServletConfiguration
- For security reasons the dependency to the XML pull parser "woodstox" was removed
- For security reasons the dependency to the DNS library "dnsjava" was removed
- Added the new class
AS4CryptoFactoryInMemoryKeyStore
that takes an in-memory key store and trust store (see issue #28) - Updated to peppol-commons 7.0.6 with more flexible SMP client API
SOAPHeaderElementProcessorRegistry
is no longer a singleton- The Peppol client can now handle Receipts that are MIME encoded
- The Peppol client now verifies the signatures of the response messages
- The Peppol client now honours the "incoming dumper" for the response messages
- Removed the default configuration files from
- v0.9.6 - 2019-12-12
- Removed the "ExceptionCallback" from
Phase4PeppolSender
- Changed the data types of "ResponseConsumer" and "SignalMsgConsumer" from
Phase4PeppolSender
to be able to throw exception (binary incompatible change) - Added the possibility to configure the keystore without the need of having the
crypto.properties
file - Extracted interface
IMPCManager
fromMPCManager
and using it internally - Extracted interface
IPModeManager
fromPModeManager
and using it internally - The method
IPModeManager.validatePMode
now throws a checkedPModeValidationException
exception (incompatible change) - Added the possibility to customize the outgoing dumper in class
Phase4PeppolSender
- Added specific
Phase4PeppolSMPException
for SMP lookup errors (incompatible change) - Extracted interface
IAS4DuplicateManager
fromAS4DuplicateManager
and using it internally - Added the possibility to send pre-build SBDH messages (see issue #22) (binary incompatible change)
- Added support for creating in-memory managers only, using the system property
phase4.manager.inmemory
- Parameter type of
IAS4IncomingDumper.onNewRequest
changed toHttpHeaderMap
(incompatible change) - Made
AS4RequestHandler
usage more flexible to not solely rely on the Servlet API - New logo thanks to Maria Petritsopoulou - http://stirringpixels.com/
- Removed the "ExceptionCallback" from
- v0.9.5 - 2019-11-27
- Enforcing the usage of
Phase4PeppolSender.builder()
by making the main sending method private - Updated to peppol-commons 7.0.4 (moved classes
PeppolCerticateChecker
andEPeppolCertificateCheckResult
there) (incompatible change) - Replaced the Peppol client "certificate consumer" type to be
IPhase4PeppolCertificateCheckResultHandler
(incompatible change)
- Enforcing the usage of
- v0.9.4 - 2019-11-20
- Updated to ph-commons 9.3.8
- Added OCSP/CLR check for Peppol certificates
- Added support for validation of outgoing Peppol messages using the default Peppol Schematrons
- Extended the Peppol client API a bit for client side validation (see issue #19)
- Outgoing messages now have the User-Agent HTTP header set (see issue #20)
- Fixed a typo in the short name of
EBMS_FAILED_DECRYPTION
(see issue #21) - Added a new
Builder
class for the Peppol AS4 client - usePhase4PeppolSender.builder()
to get started
- v0.9.3 - 2019-11-05
- Updated to peppol-commons 7.0.3
- Added new subproject
phase4-peppol-client
to easily send AS4 messages to Peppol - Fixed default initiator URL (see issue #18)
- v0.9.2 - 2019-10-07
- Fixed an invalid assumption in the Peppol PMode validator.
- v0.9.1 - 2019-09-06 - Peppol conformant
- Ignored WSS4J dependency "ehcache" to create smaller deployments
- Added new subproject
phase4-profile-peppol
for the Peppol AS4 profile - From Party ID type and To Party ID type can now be set in the client
- The service type can now be set in a PMode
- Requires ph-commons 9.3.6
- Requires ph-web 9.1.3
- This is the first version passing the Peppol Testbed v1
- v0.9.0 - 2019-08-08 - CEF conformant
- The GitHub repository was officially renamed to phase4
- All Maven artifact IDs were renamed from
ph-as4-*
tophase4-*
- The package names changes from
com.helger.as4.*
tocom.helger.phase4.*
- Updated to WSS4J 2.2.4
- Updated to ph-oton 8.2.0
- Updated to peppol-commons 7.0.0
- Updated to ph-commons 9.3.5
- The submodule
ph-as4-esens
was renamed tophase4-profile-cef
- The AS4 message handler now have a chance to access the received HTTP headers
- Renamed
ph-as4-server-webapp-test
tophase4-test
- Improved Crypto stuff configurability
- Renamed
AS4ResourceManager
toAS4ResourceHelper
- Renamed
AS4Handler
toAS4RequestHandler
- Reworked client API so that it can be used chainable
- Added retry support to clients
- Added possibility to dump incoming and outgoing requests using
AS4DumpManager
- This version passes the CEF "AS4 Basic Connectivity Tests"
- This version passes the CEF "AS4 Common Profile Test Assertions"
- This version passes the CEF "AS4 Four Corner Profile Enhancement Test Assertions"
- v0.8.2 - 2019-02-27
- Adoptions for integration into TOOP
- v0.8.1 - 2018-11-26
- The web application now uses LOG4J 2.x
- Requires at least ph-commons 9.2.0
- Added
@type
-fix from https://issues.oasis-open.org/projects/EBXMLMSG/issues/EBXMLMSG-2
- v0.8.0 - 2018-06-21
- Updated to ph-commons 9.1.2
- Updated to BouncyCastle 1.59
- Updated to WSS4J 2.2.2
- Successfully send test messages to AS4.NET and Holodeck 3.x
- v0.7.0 - 2017-07-24
- Added HTTP retry for client
- Added server duplicate message detection for incoming messages
MessageInfo/Timestamp
uses UTC - thanks Sander- Added two-way handling
- Fixed bug that Receipt is not signed (if desired)
- Removed
PModeConfig
in favor of redundantPMode
objects - Removed partner handling - not needed anymore
- To be on the safe side, delete all previously created
as4-*.xml
files as there were incompatible changes. - Added a second webapp - one for demo, one for testing
- v0.6.0 - 2017-01-26
- Extracted subproject
ph-as4-servlet
with only the AS4Servlet - Unified the namespaces across the sub-projects
- Requires ph-web 8.7.2 or higher
- Renamed
ph-as4-server
toph-as4-server-webapp-demo
- Extracted subproject
- v0.5.0 - 2017-01-18
- Initial release
- Has everything needs for sending and receiving using the eSENS P-Mode profiles
- Basic compatibility with Holodeck 2.1.2 is provided
- Supports signed messages
- Supports encrypted messages
- Supports compressed messages
- Targets to be easily integrateable into existing solutions
- Requires Java 8 for building and execution
My personal Coding Styleguide | On Twitter: @philiphelger | Kindly supported by YourKit Java Profiler