phase4 3.0.0
phax
released this
17 Nov 22:18
·
36 commits
to master
since this release
This is the list of the collective changes for the 3.0.0 releases as already shown in the pre-releases. The changes are grouped by activities.
- Updates
- Updated to WSS4J 3.0.4
- Updated to xmlsec 3.0.5
- Updated to BouncyCastle 1.79.0
- Updated to ph-commons 11.1.10
- Updated to peppol-commons 9.6.0
- Removals
- Removed all deprecated methods marked for removal
- Removed the
phase4-spring-boot-demo
submodule in favour of https://github.com/phax/phase4-peppol-standalone - [BPC] Removed the profile
phase4-profile-bpc
submodule in favour ofphase4-profile-dbnalliance
- Backward incompatible changes
- Moved classes to different packages without changing the internal working. See Migrations for all details
- The configuration files
private-crypto.properties
andcrypto.properties
are also deprecated. Please move the properties toapplication.properties
, environment variables or Java system properties instead. - Implementations of
IAS4CryptoFactory
now need to implement ´getKeyPasswordPerAliasCharArrayinstead of
getKeyPasswordPerAlias` - Created new class
AS4CryptoFactoryConfiguration
to replaceAS4CryptoFactoryProperties
as the default AS4 crypt factory. See [[Migrations]] for all details - Deprecated classes
AS4CryptoFactoryProperties
andAS4CryptoProperties
in favour ofAS4CryptoFactoryConfiguration
- Support for a default AS4 profile inside the AS4 Profile Manager was removed in the favour of the configuration property
phase4.default.profile
(previously calledphase4.profile
) - The "as4ProfileID" field is now mandatory when using the AS4 sender builder. Defaults are provided.
- [EuCtp] Renamed class
EuCtpPullRequestBuilder
toAbstractEuCtpPullRequestBuilder
and made abstract. UsePhase4EuCtpSender.builderPullRequest ()
instead - [EuCtp] Renamed method
Phase4EuCtpSender.builder
tobuilderUserMessage
- The AS4 Timestamp manager is now limiting the precision to milliseconds to ensure safe XML serializability.
- Improvements
- Included received HTTP headers in
IAS4IncomingMessageMetadata
JSON representation - Added new class
AS4KeyStoreDescriptor
to describe the parameters of a key store - Added new class
AS4TrustStoreDescriptor
to describe the parameters of a trust store - [Peppol] Added new class
Phase4PeppolReceiverConfigurationBuilder
to buildPhase4PeppolReceiverConfiguration
objects - [Peppol] Made the AP certificate checker in the Peppol sender builder customizable
- Added new methods
IAS4IncomingMessageState.getCryptoFactorySign()
andgetCryptoFactoryCrypt()
- Added new method
IAS4IncomingMessageState.getEffectiveDecryptedSoapDocument
- Added verification of AS4 Receipt XMLDSig "Reference" objects against the ones sent out in the User Message. See #220 - thx @problemzebra2
- Added new interface
IAS4SignalMessageValidationResultHandler
to customize the result handling of DSig reference verification - The internal configuration object now needs to implement
IConfigWithFallback
instead of justIConfig
- The internal AS4 configuration is now based on the
IConfigWithFallback
interface - The AS4 sender builder no longer overwrites the PMode Resolver if an AS4 profile is set, but makes sure a PMode resolver is present
- The
AS4DefaultPModeResolver
no longer creates a default PMode if no AS4 profile is present - Class
AbstractAS4PullRequestBuilder
can now also handle a specific PMode ID - Added class
AS4IncomingProfileSelectorConstant
- Improved default handling of inbound AS4 Profile selection to automatically use the sending Profile
- Added new EdDSA algorithms to
ECryptoAlgorithmSign
- Added new key encrypt algorithms in
ECryptoKeyEncryptionAlgorithm
- Added possibility to dynamically set responder address. See #233 - thx @koes-soptim
- Added new classes
IAS4IncomingReceiverConfiguration
andAS4IncomingReceiverConfiguration
for receiver checks - [Peppol] Added a "/peppol-status" status endpoint to the demo application. See #215 - thx @RichardVanMaaren
- Added getters for nearly all sender builder properties
- If an AS4 Receipt does not contain non-repudiation information, it now contains the original user message wrapped, to stay XSD compliant
- The class
AS4ClientReceipt
can now also take an outside RefToMessageId. See #267 - thx @sywong2000 - Added new class
Ebms3UserMessageMarshaller
to solely serialize theUserMessage
object
- Included received HTTP headers in
It is recommended to run phase4 with Java 21 or later for best performance.
What's Changed
- Sywong2000 patch fix missing ref to message id non repudiation receipt by @sywong2000 in #267
- Fixes for EuCtp profile and Receipt testing by @jonrios in #275
Full Changelog: phase4-parent-pom-2.8.6...phase4-parent-pom-3.0.0
- ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.10
- ph-xsds-xmldsig 3.0.0
- ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.9
- ph-oton-io/ph-oton-audit/ph-oton-security 9.2.7
- ph-masterdata/ph-tenancy 7.0.2
- peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.6.0
- phive 10.0.2 [Peppol only]
- phive-rules-peppol 3.2.1 [Peppol only]
- peppol-reporting-api 3.0.2 [Peppol only]
- ph-xhe 4.0.1 [DBNAlliance only]
- angus-mail 2.0.3
- angus-activation 2.0.2
- httpclient 5.3.1
- BouncyCastle 1.79
- WSS4J 3.0.4
- XMLSec 3.0.5
- Servlet API 5.0.x
- JAXB 4.0.x
- SLF4J 2.0.x