All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.
- Support the use Elliptic Curve Diffie-Hellman Key Agreement as method to exchange the symmetric encryption key. Currently support is limited to ECDH-ES and ConcatKDF algorithms #147.
- The default Certificate Manager now has the option to retrieve the key store passwords from the runtime context, e.g. a Java system property or an environment variable.
- Debug logging in ebMS3/AS4 P-Mode finder (Thanks @martan81)
- Support for configuration of event handlers on the P-Mode level.
- New architecture for storing the meta-data and content payload which allows to use custom implementations for storage
of both the message unit meta-data as well as the payload content. The new Metadata Storage and Payload Storage
Providers are specified in the packages
org.holodeckb2b.interfaces.storage.providers - The entity classes used by the Core for storing the message meta-data have been extended with a CoreId so each message unit has a unique internal identifier making unambiguous relations between message units possible as there may exist different incoming message units with the same MessageId.
- New
org.holodeckb2b.interfaces.persistency.AlreadyChangedExceptionto indicate that a requested update of the message meta-data could not be executed because the database already contains newer data - New
org.holodeckb2b.interfaces.submit.DuplicateMessageIdExceptionto indicate that a duplicate MessageId is used in a submitted message unit. - New generic
org.holodeckb2b.interfaces.events.IMessageProcessingFailureevent as super interface of all events that indicate that there was a problem in the processing of a message - New
org.holodeckb2b.interfaces.events.IMessagePurgeFailureevent to indicate that the purge of a message unit failed - The
org.holodeckb2b.common.events.impl.ISecurityCreationFailureevent is now raised when a generic error occurred during creation of the security header - Option in the default GUI to copy the MessageId, RefToMessageId or PMode.id of a message unit on the overview screen to the system clipboard.
- Interfaces in
org.holodeckb2b.interfaces.pmodeand implementationorg.holodeckbb2b.common.pmodeto support configuration of Key Agreement for exchange of the symmetric encryption key. org.holodeckb2b.interfaces.security.IEncryptionProcessingResultandorg.holodeckb2b.common.security.results.EncryptionProcessingResultto support inclusion of Key Agreement meta-data- Replaced method
getFailures()inIMessagePurgeFailurewithgetFailureReason()and included exceptions related to problems in removing payloads of a User Message as surpressed exceptions of the exception retrieved with the new method. - Added method
getFailureReason()toIHeaderValidationFailureandICustomValidationFailureto provide information about the error that occurred during the validation of the (header of) message unit - Added method
getFailureReason()toIReceivedMessageProcessingFailureandISendMessageProcessingFailureto provide information about the error that occurred during the processing of the message unit - The Persistency Provider has been refactored to the Metadata Storage Provider and the methods of the old
IUpdateManagerinterface for updating specific meta-data attributes have been replaced by more generic create, update and delete methods that operate on the entity classes. New update methods have been added to the entity classes which indicate which meta-data the Holodeck B2B Core can change during the message processing. - Bouncy Castle is now used as JCE and JSSE provider. As a result only PKCS12 key stores are supported for TLS client certificates.
- Minimal Java version required to run Holodeck B2B is now 11
- Updated version of Axis2 and Axiom dependencies to 1.8.2 resp. 1.4.0 #135
- Updated version of WSSJ4 and Santuario to 3.0.3 resp. 3.0.5-SNAPSHOT #135
- Changed JAXB implementation to Glassfish
- Handle explicit reference from PartInfo-href to the SOAP body #148 (Thanks @gtalman)
- Purging of message units stopped in case of exception other than
PersistenceException - Handlers GenericProviderDispatcher and MustUnderstandValidationDispatcher not available #137
- Support for running Holodeck B2B on Java 1.8
org.holodeckb2b.interfaces.messagemodel.IMessageUnit.getCurrentProcessingState(). The current state is the last item from the list retrieved usingorg.holodeckb2b.interfaces.messagemodel.IMessageUnit.getProcessingStates()
- The duplicate log is now named org.holodeckb2b.msgproc.duplicates (removing .core at the end)
- Improved logging of Receipt and Error processing
- Updated example certificates
- Issue that caused orphaned payload records.
- NPE when
EncryptedKeyWSS header contains whitespace
- Submission log that contains the meta-data of successfully submitted messages.
- Updated dependency of generic-utils library to fix error in security processing due to certificates not found
- Updated dependency of file-backend library to fix errors in file based delivery
- Duplicate message will generate a receipt even if the delivery failed #142
- No Receipt sent when parallel delivery is used
- Missing Leg labels in default P-Mode implementation
- Message submission rejected if P-Mode does not contain Service meta-data
- NPE when User Message is submitted using a receive only P-Mode #131
- NPE on initialisation of a delivery method when
IDeliverySpecification.getSettings()returnsnull - Missing exception trace on event processing error in the default event processor
- Processing of the
/PMode//EventHandler/ContinueProcessingelement - Documentation of the default value for
/PMode//EventHandler/ContinueProcessing
- Also acknowledge message delivery when a Receipt is received for a currently suspended User Message that was previously waiting for an acknowledgement or experienced a transport failure.
- Calculation of last retry interval. In some scenarios this was incorrectly set to 0.
- Race condition between retransmission worker and regular message processing that could trigger both a Receipt and Missing Receipt notification to the back-end #128
- Possibility to only specify the Service.type in the P-Mode and complete the Service meta-data on submission of a User Message.
- Support for the continueProcessing setting in the message processing event handler in the default P-Mode implementation. It uses true as default value, so by default all applicable event handlers are executed.
- New API for the delivery of message units to the back-end, including support for asynchronous and re-delivery. Added
interfaces:
org.holodeckb2b.interfaces.delivery.IDeliveryManagerorg.holodeckb2b.interfaces.delivery.IDeliveryMethodorg.holodeckb2b.interfaces.delivery.IDeliveryCallbackorg.holodeckb2b.interfaces.core.HolodeckB2BCoreInterface.getDeliveryManager()
- A Delivery Method that only logs meta-data of the received message unit but does not further process it. The factory
class name to configure in P-Modes is
org.holodeckb2b.common.util.LogOnlyDeliveryMethod. shutdown()method to the Persistency Provider, Event Processor, Certificate Manager and P-Mode Set to release any held resources.getPrimarySentMessageUnit()andgetPrimaryReceivedMessageUnit()toorg.holodeckb2b.interfaces.core.IMessageProcessingContextIErrorMessageEntity.getLeg()andIUpdateManager.setPModeAndLeg(IErrorMessageEntity, String, Label)to persist also the Leg on which an Error Message is exchanged.- Static method
IURLRequestParameters.get(MessageContext)to retrieve the URL parameters from the request message context - New abstract base class
org.holodeckb2b.common.handlers.AbstractConfigureHTTPTransportfor configuration of the HTTP parameters - New methods in
org.holodeckb2b.interfaces.security.trust.ICertificateManagerto allow better decoupling between the ebMS Security Provider and Certificate Manager - Support for custom parameters in the Holodeck B2B configuration file
holodeckb2b.xml. These can be retrieved by using the following callHolodeckB2BCoreInterface.getConfiguration().getParameter(String name)
- Changed
org.holodeckb2b.interfaces.delivery.IDeliverySpecificationto align with the new message delivery API. - Initialisation of the Persistency Provider, Event Processor, P-Mode storage and Certificate Manager now uses
the full Holodeck B2B configuration instead of only the home directory. As a result the following interfaces changed
by replacing the path based
initmethod as introducing a configuration based one:org.holodeckb2b.interfaces.persistency.IPersistencyProviderorg.holodeckb2b.interfaces.eventprocessing.IMessageProcessingEventProcessororg.holodeckb2b.interfaces.pmode.IPModeSetorg.holodeckb2b.interfaces.security.trust.ICertificateManager
- Refactored default P-Mode implementation to support the new message delivery API, including support for configuration of asynchronous delivery.
ICertificateManager.getCertificate()renamed toICertificateManager.getPartnerCertificate()to clarify which kind of certificate is retrieved- Improved logging of
org.holodeckb2b.core.DeliveryManager - Perform custom validation of User Message only if its processing state is PROCESSING
- The P-Mode for an AS4 Error message without a RefToMessageId is now set to the P-Mode of the primary sent message unit
- The P-Mode on a MissingReceipt Error Message is now set to the P-Mode of the ref'd User Message
- In
org.holodeckb2b.core.axis2.HTTPWorkeralso uses theHTTPConstants.RESPONSE_CODEmessage context property to determine HTTP response code. - Refactored
org.holodeckb2b.ebms3.handlers.outflow.ConfigureHTTPTransportHandlerto use new base class org.holodeckb2b.common.testhelpers.URLRequestParamHelperfor setting URL parameters when testing services
- Encryption of Signal Messages. These were encrypted when encryption was specified for both parties in a Two-Way P-Mode
- NPE when the certificate used to sign a received message is not found
- NPE when copying BusinessInfo P-Mode meta-data that does not contain Service meta-data
- Continuation of ebMS3 message processing when there was an issue in creating the WS-Security header
- Due to refactoring of the message delivery API the following interfaces:
org.holodeckb2b.interfaces.delivery.IMessageDelivererFactoryorg.holodeckb2b.interfaces.delivery.IMessageDelivererorg.holodeckb2b.interfaces.delivery.IDeliverySpecification.getFactory()org.holodeckb2b.interfaces.core.HolodeckB2BCoreInterface.getMessageDeliverer(IDeliverySpecification)org.holodeckb2b.interfaces.core.IMessageProcessingContext.addRefdMsgUnitByError(IErrorMessage, Collection<IMessageUnitEntity>)org.holodeckb2b.interfaces.core.IMessageProcessingContext.getRefdMsgUnitByError(IErrorMessage)
- Dependency of the UI module on Geronimo Java mail implementation
- Deprecated configuration setting allowSignalBundling
- Vulnerability in log4j2, see CVE-2021-45105
- Removed ".." from directory names on Windows
- Vulnerability in log4j2 #123
- New processing state SUSPENDED to indicate that an error occurred that prevented the sending of a User Message to
the trading partner and the possibility to resume their processing by calling the
HolodeckB2BCoreInterface#resumeProcessing()method. - Option to have multiple event handlers for one event. See
IMessageProcessingEventConfiguration ISendMessageProcessingFailureis now also raised when a message unit cannot be (re)sent, i.e. before the actual send process is started.
- Improved shutdown process in
org.holodeckb2b.core.HolodeckB2BServer. Includes support for [Apache commons daemon| https://commons.apache.org/proper/commons-daemon/index.html] (using jvm mode). - Message properties are included in P-Mode matching, i.e. all properties defined in a P-Mode must be specified in the received message for a P-Mode to match. But any properties in the message not defined in the P-Mode are ignored.
- Delivery events (
IMessageDeliveredandIMessageDeliveryFailure) not raised for delivered Signal Messages. - Getting send and receive legs for 2-Way P-Mode does not work for non ebMS3 MEP bindings.
org.holodeckb2b.core.axis2.HTTPWorkerputs the request parameters included in the HTTP URL in MessageContext property "hb2b:" +org.apache.axis2.Constants.REQUEST_PARAMETER_MAP. The property value is aMap<String, String>of parameter names to values.
- Removed Core Axis2 module as default.
- Maven ArtifactId of the default ebMS3 Security Provider module to make it consistent with other module names.
- Log message when no event handlers are configured in P-Mode.
- Duplicate messages not eliminated #117
- Setting of threads available for a worker pool
- NPE when writing P-Mode XML document with retry configuration
- Management of worker pools by the Core, including the possibility for "on the fly" reconfiguration. For this purpose a
new
IWorkerPoolinterface has been introduced and methods in theHolodeckB2BCoreInterfaceandIWorkerPullConfigurationhave been added.
- Pull reconfiguration is now managed by the worker pool and configured in the pull configuration file by setting the refresh parameter
- Loading of the Event Processor, Certificate Manager, Persistency Provider and ebMS3 Security Provider has been changed to load the first available provider instead of trying to load just the first one registered
- Improved logging of unexpected errors during message processing
- Refactored code to use the generic utility classes from https://github.com/holodeck-b2b/generic-utils
- Moved
AbstractWorkerTaskclass fromorg.holodeckb2b.common.workerpooltoorg.holodeckb2b.common.workers - Renamed
org.holodeckb2b.common.workerpooltoorg.holodeckb2b.core.workerpool
org.holodeckb2b.interfaces.workerpool.IWorkerPoolConfiguration.getName()as worker pool names are now set in code
- Finding the correct P-Mode for User Messages received on response leg of a Two-Way P-Mode
- Completion of submission for Two-Way P-Modes
- Processing of a received message with more than 30 attachments fails #113
- Setting of HTTP response code in response message context
- The pullConfigWatcher as the pull configuration is now automatically refreshed by the worker pool itself
- Generic utility classes
org.holodeckb2b.common.util.Utils,org.holodeckb2b.common.util.MessageIdUtilsandorg.holodeckb2b.security.util.KeystoreUtilsas they are moved to a new, separate project.
- Multihop routing information missing in async Signal Messages #112
- Included version 1.0.1 of the file back-end which fixes in the single_xml delivery format and uses a temporary extension when writing the meta-data file to disk to prevent premature reading by the back-end application. See also the issues on the file back-end project.
- Renewed example certificates
- Updated example P-Modes to use new file delivery method name
- Backward compatibility for "relaxed" reading P-Mode XML documents.
- P-Modes and certificates are now refreshed when switching tabs in the GUI #108
- Non AS4 P-Modes evaluated for AS4 messages #111
- A default user interface that supports basic monitoring of a running Holodeck B2B instance. The UI is available both using a command line and GUI application.
- Support for asynchronous Two-Way AS4 P-Modes.
- Support for additional P-Mode validators for the same type of P-Mode. P-Mode validators are now loaded using the Java
SPI mechanism and all applicable validators are used to check a P-Mode before loading it. Two new methods were added
in
org.holodeckb2b.interfaces.pmode.validation.IPModeValidatorto support the new mechanism. - Configuration parameter to indicate whether the Holodeck B2B Core should fall back to default Event Processor implementation in case the custom implementation cannot be loaded/initialised.
- New interfaces related to trust validation of certificates in
org.holodeckb2b.interfaces.security.trust. Notably the new specification of the Holodeck B2B Certificate Manager which is now a separate component independent of the Security Provider. Also new interfaces and methods are defined to communicate the results of trust validation checks between components including the newISignatureVerifiedWithWarningevent to signal trust issues on signature verification. - Signature policy check in Core Processing that received User Messages are signed when indicated in P-Mode that they should be. Violation of this rule will generate an PolicyNonCompliance error.
- On submission of User Message a check that the provided payload Content-Id values do not contain invalid characters.
- Added new message processing events to indicate delivery or failure of a message unit to the back-end application.
- When an (unexpected) error occurs during the processing of a message unit a
ISendMessageProcessingFailureorIReceiveMessageFailureis raised. org.holodeckb2b.interfaces.core.IMessageProcessingContextinterface which can be used in extension APIs to provide access to the HB2B message processing context.- Custom implementation of the Axis2
TransportListenerinterface which can use a Service specified Message Builder. - Option to add HTTP response headers to an empty response by setting a property named
HTTPConstants.RESPONSE_HEADERSon the request MessageContext containing Map of name and value of headers to set. org.holodeckb2b.interfaces.core.HolodeckB2BCoreInterface.getVersion()method andorg.holodeckb2b.interfaces.general.IVersionInfointerface to provide information about the version of the Holodeck B2B instance.org.holodeckb2b.interfaces.core.HolodeckB2BCoreInterface.getModule(String)method to access an active Axis2 Module on the Holodeck B2B instance. This can be used by extensions to get access to "their" module.org.holodeckb2b.common.messagemodel.MessageUnit.copyOf(IMessageUnit)to create a copy of the message unit data in an object of the common message model implementation.- Default implementation of the new
ICertificateManagerandIValidationResulttrust interface to the security module. - Option to configure the directory where the Holodeck B2B message database should be stored through the
HB2B_DB_DIRenvironment variable.
- P-Modes are now by default stored in the
repository/pmodesdirectory. - The Axis2 configuration has been merged into the
holodeckb2b.xmlconfiguration file. - The default key transport algorithms have been upgraded to RSA-OAEP and MGF1 with SHA256.
- Reception Awareness is now a generic feature not bound to AS4. As a result the
getReceptionAwareness()method has moved toorg.holodeckb2b.interfaces.pmode.ILegand classIReceptionAwarenesshas moved to theorg.holodeckb2b.interfaces.pmodepackage. - Split the
IMessageDeliveryandIMessageTransferevents into two separate events for success and failure. - Startup sequence now checks that the server is correctly started and aborts startup if not.
- The Security Provider,Persistency Provider, P-Mode storage and Event Processor are now loaded using the Java Service Provider Interface mechanism.
- Refactored the interfaces of the Persistency Provider. The
IDAOFactoryinterface has been removed and its methods are now defined directly in thePersistencyProviderinterface. - The security provider interface now use the new
org.holodeckb2b.interfaces.core.IMessageProcessingContextinterface to provide access to the processing context. - Restructured the project's modules to create a better separation of Core and protocol specific code. This includes renaming of Axis2 phases to reflect the difference between Core and protocol specific processing.
- Split the security module into two sub modules; one to implement the new default Certificate Manager and one to implement the Security Provider. Both implementations are refactored version of the old Security Provider classes.
- Refactored the default P-Mode implementation so it also supports setting of parameters and serialization to XML.
- Refactored send process to make it more flexible and use PMode.MEPBinding to select the Axis2 Service to use for sending. This removes the need for coded Services and specialised senders or sender workers when implementing an additional messaging protocol.
- Refactored the
OutOptInAxisOperationso it will also use the Service specified Message Builder for building the response message. - Renamed abstract worker implementations to include Abstract prefix.
- Moved classes in
org.holodeckb2b.common.messagemodel.utilto generic utility packageorg.holodeckb2b.common.util. - Moved PModeWatcher worker to the
org.holodeckb2b.common.pmodepackage as it's directly related to the XML P-Mode implementation contained in this package. - Constructor of
org.holodeckb2b.interfaces.submit.MessageSubmitExceptionnow acceptsThrowableinstead ofException. - The classes of the common message model implementation are now
Serializable. - Switched to Log4J2 logging in handlers.
- Generated Content-Id results in signature failure #99.
- NPE when white space is contained between the
ds:Signatureandds:SignedInfoelements of a received message #100 - Error descriptions longer than 255 characters are not saved.
- NPE occurs on event handlers with no parameters #102
- Invalid SOAPFault included with ebMS Error using SOAP 1.2 #103
- Inconsistency in reception awareness #104
- NPE for submitted UserMessage without CollaborationInfo #105
- Message processing events which names ended on Event.
- Setter methods in
org.holodeckb2b.interfaces.general.IAgreement. - The configuration parameter (
IConfiguation.useStrictErrorRefCheck()) to apply a strict validation on the references in the Error signal. - The following configuration parameters (as defined in
IConfiguration) have been removed:- Related to the keystores used in WS-Security processing and certificate management.
- P-Mode validator class (now loaded through SPI mechanism)
- Security Provider class (now loaded through SPI mechanism)
- Persistency Provider class (now loaded through SPI mechanism)
- P-Mode set storage class (now loaded through SPI mechanism)
- The msh URL path for receiving messages.
- Split the file based back-end integration into a separate project (see File-backend). However this back-end is still included in the default distribution.
org.holodeckb2b.interfaces.config.IConfiguration.getAxisConfigurationContext()method, as extensions should not need access to internal Axis configuration.org.holodeckb2b.interfaces.entities.IMessageUnitEntity.getLeg(), as the leg can be calculated based on the P-Mode.- Deprecated methods from
IReceptionAwarness
- Incorrectly generated IDs within WS-Security header #98
- Misleading result of PullRequest submission #91
- NPE on first initialization of pull workers #92
- Disk resource leakage when submission fails #94
- Trusted certificate with name constraints extension results in failed processing #97
- The default security provider now uses version 2.2.2 and 2.1.2 of WSS4J and Apache Santuario (xml-sec)
org.holodeckb2b.interfaces.submit.IMessageSubmitterFactoryinterface
- Support for sending selective pull requests using simple selection items as described in section 5.1 of the
ebMS 3 Part 2 (Advanced Features) specification.
NOTE: In version 4.1.0 the support is limited to sending of selective pull requests with "simple selection items" as described in the specification. Selection criteria are not used when processing received pull requests. - Added two generic events to indicate that a problem occurred during the processing of a received message
(IReceivedMessageProcessingFailure) or a message to be sent (ISendMessageProcessingFailure). These events are intended for use as "filters" when configuring the event handling. Specific events are available for specific errors. Using the generic events the error reporting defined by the P-Mode parameters
PMode.ErrorHandling.Report.ProcessErrorNotifyProducer and PMode.ErrorHandling.Report.ProcessErrorNotifyConsumer can be implemented. - Added a new event (
org.holodeckb2b.interfaces.events.IMessageSubmission) to indicate that a User Message or Pull Request message unit was submitted to the Holodeck B2B Core - Added a new event (
org.holodeckb2b.interfaces.events.IHeaderValidationFailure) to indicate that the validation of the message header failed - New interfaces for all message processing events without the Event suffix. The old interfaces are still available for backward compatibility, but should not be used anymore (see also below).
- Option to register "global event handlers" in the Holodeck B2B Core. These handlers will be used to process events if the P-Mode does not specify one.
- A Holodeck B2B specific message processing context that holds all information about the message that is processed in the current processing pipeline. Refactored all handler classes to use new context.
- When a pulled User Message cannot be matched to a P-Mode it is assigned to the P-Mode of the Pull Request.
- When no MPC is specified in either P-Mode or submission the default MPC is used for the Pull Request. If an MPC is specified in both the one in the submission must be a sub-channel of the one in the P-Mode.
- The
mpcattribute is not included in a Pull Request when the default MPC is pulled. - Generalised the header validation handler so it can be more easily reused for other protocols.
- Removed check on empty ConversationId when submitting a User Message to the Core.
- All event implementation classes to use the new event interface names.
- Split handling of errors generated during processing of a received message in two handlers, one bundling the individual errors into Error Signals and one for determining how to report the Error Signals. Allows for re-use of "bundling" handler in different messaging protocols.
- Moved common classes from core to the common module.
- Core submission function now first checks whether the specified payloads can be copied/moved to internal storage before saving the message meta-data. This allows back-end applications to re-submit messages in case there is an error in moving the payloads.
- The interfaces for the message processing events with the Event suffix. They are replaced with interfaces without suffix to shorten the event names and prevent duplication of "event" in the qualified class name.
- Description of processing states could not be saved due to missing API. (In Holodeck B2B 4.0.0.)
- Name of the log used for reporting errors generated during processing of incoming messages included null instead of the message protocol name.
- When no retry configuration is available for a message but a Receipt is expected a MissingReceipt ebMS Error is generated and reported [as configured in the P-Mode] to the business application instead of only logging an error message.
- Integration tests were not executed when running them from the IDE with the
JAVA_HOMEsystem environment variable not set. Now the JVM used by the IDE is used. - Strict validation of the AgreementRef being a URI in case no type has been specified.
- Exceptions in processing User Messages without payloads.
- Check that P-Mode specified for a submitted Pull Request supports pulling and that there is no conflict in the MPCs specified in both P-Mode and submission.
- _UnsupportedException_s in
org.holodeckb2b.security.results.SignedPartMetadata.TransformMetadatawhen getting algorithm and parameters. - Issue in finding P-Mode for User Messages when message received could be matched to a P-Mode configured for sending messages based on pull.
- NPE in file delivery of Receipt without content (will only occur when used for non-AS4 Receipts)
- NPE when ebMS3 message is received that contains a WS-Security Signature which does not sign the ebMS message header
(i.e. there is no
ds:Referenceelement for theeb3:Messagingelement)
- More flexible retry configuration of the AS4 Reception Feature where it is now possible to specify each interval
separately. See refactored
org.holodeckb2b.interfaces.as4.pmode.IReceptionAwareness. - Option to apply strict validation of ebMS header meta-data. By default Holodeck B2B only validates
that it is able to process the message. When applying strict validation mode it will check that the header
meta-data conforms to all requirements as stated in the ebMS Specifications.
The use of the strict validation mode can be configured both globally on Holodeck B2B instance level
(
IConfiguation.useStrictHeaderValidation()) or on a per P-Mode basis (IPMode.useStrictHeaderValidation()) - It is now possible to perform custom validations of User Message message units before delivery to
the Consumer. Depending on the configuration validation problems may result in rejection of the message
unit and return an ebMS Error Signal to the sender of the message. The configuration of the custom validation
is done in the User Message flow of the P-Mode, see
org.holodeckb2b.interfaces.pmode.IUserMessageFlow.getCustomValidationConfiguration() - Check on the correct combination of Service and Action meta-data values when when triggering a "ping test" as defined in the ebMS V3 Core Specification.
- Interfaces for separation of Core functionality and processing of the WS-Security headers in a message by introducing the Holodeck B2B Security Provider concept.
- A default security provider implementation. Similar to the older versions based on the WSS4J libraries but now using seperate keystores for encryption and signature verification certificates.
- Message processing events for delivery attempts of message units and security processing, e.g. signature creation and validation, en-/decryption, etc.
- Option to indicate that a problem in delivery of the message is permanent and an ebMS Error can be returned to the sender of the message.
- Added 'IMessageProcessingState.getDescription()' method so an additional description on the processing state of a message unit can be stored. NOTE: This description is introduced for future use, the Holodeck B2B Core does not yet use it!
- Added optional parameter to
IQueryManager.getMessageUnitsWithId()to indicate that only message units flowing in a specific direction should be returned - Added default initialization method to
IPModeSetto pass the Holodeck B2B home directory as parameter on creation of the P-Mode storage implementation.
- The default URL path where Holodeck B2B receives AS4 messages and which needs to be used by the Sending MSH has been changed to /holodeckb2b/as4. For backward compatibility the old path msh can still be used, its use however isn't recommended!
- When multiple P-Modes match to a received message this is now considered as "no match found" and no result is returned instead of the first matching P-Mode.
- Refactored the validation of the ebMS header meta-data validation classes and handler to align with custom validation classes.
- Added the Holodeck B2B home directory as parameter to the
org.holodeckb2b.interfaces.persistency.IPersistencyProvider.init()method - Renamed method
org.holodeckb2b.interfaces.pmode.validation.IPModeValidator.isPModeValid()toorg.holodeckb2b.interfaces.pmode.validation.IPModeValidator.validatePMode() - Extracted
Directionenumeration fromIMessageUnitinto stand alone - The ebMS Error returned to the sender in case the signature of a User Message does not include all payloads of the message has been changed from ValueInconsistent to PolicyNonCompliance
- Moved classes in
org.holodeckb2b.interfaces.pmode.securitytoorg.holodeckb2b.interfaces.pmode - Refactored package structure of message processing events related interfaces: The definition of all events is done
using interfaces in the
org.holodeckb2b.interfaces.eventsand subpackages. Interfaces related to the processing of events are inorg.holodeckb2b.interfaces.eventprocessing - Refactored
IQueryManager.isAlreadyDelivered()toIQueryManager.isAlreadyProcessed()to also take failed message units into account when determining if a user message is already processed and should be considered a duplicate. - Changed the API specification of the query methods in
IQueryManagerto return empty collections instead ofnullwhen no matching message units have been found - Changed argument of the
IQueryManager.isAlreadyProcessed()to full message unit instead of just the messageId - Updated to Axis2 version 1.7.7 and Bouncy Castle version 1.59
- The log name for message processing now includes indication of the message protocol being processed. The message protocol is retrieved from the HandledMessagingProtocol parameter of the engaged Holodeck B2B module.
- Renamed the Axis2 phases that include the handlers for processing the messages to more generic protocolInPhase and protocolOutPhase making easier to install extensions for other messaging protocols.
- Refactored the logging to have clear separation of details logged at the different levels. Using INFO level provides enough information to see all messages which are processed. Going to DEBUG add information of process steps and TRACE provides most detailed logging.
- In case of exception when logging an invalid SOAP message, a error message is written to SOAP log
- Use 'exec' to start the Java program, instead of forking the process to simplify management of the Java process.
- Updated the example certificates and key stores to extend validity of certificates
- Checking of references in Error Signal has been corrected so Error with the reference contained only in the Errors is not rejected.
- Exception when processing an invalid SOAP message #15
- Updated README regarding certificate management in
repository/certsfolder to include also the keystore with the certificates of trusted certificate authorities. - Severity attributes should be "warning" or "failure" not "WARNING" or "FAILURE" #89
- The configuration parameter (
IConfiguation.allowSignalBundling()) which was used to indicate that it was allowed to bundle multiple Signal message units of the same type in one message. This goes beyond the ebMS V3 Core and AS4 Specifications and this option is therefore removed. - The configuration parameter (
IConfiguation.useStrictErrorRefCheck()) to apply a strict validation on the references in the Error signal is replaced by the generic strict header validation mode. - The configuration parameters (as defined in
IConfiguration) related to the keystores used in WS-Security processing. By enabling compatability mode in the new default security provider the functionality of the old version is still supported. - The methods
getMaxRetries()andgetRetryInterval()inorg.holodeckb2b.interfaces.as4.pmode.IReceptionAwarenessas they are superseded by the newgetWaitIntervals()method which allows both fixed and flexible retry configuration. Older implementations of this interface can still be used in this version as it provides default implementations to convert to the new interface. - The msh URL path for receiving messages. The new /holodeckb2b/as4 path should be used.
- Method
IMessageSubmitter.submitMessage(IUserMessage)and corresponding implementation. - Method
IPModeSet.listPModeIds()and corresponding implementation.
- Test for
org.holodeckb2b.ebms3.workers.SubmitFromFileworker has been changed due to refactoring
- Skipped MMD files ignored until gateway restart #86
- Notification includes original Receipt content #82
- Incorrect root element in single XML file delivery #83
- No XML schema provided for single XML delivery #84
- Support for the type attribute of both Message and Part Properties. See also issue #2 in the OASIS ebMS TC's issue tracker
- Added the default temp directory to the distribution
- Support for continuously running workers
- Packaged the Holodeck B2B msh service as Axis2 aar file
- Included the Holodeck B2B module meta-data in the Core jar file
- Sending of Pull Requests is now done by the
SenderWorkerinstead ofPullWorker
- Reverted back to version 2.0.4 of Apache Santuario library to fix unknown method issue in case an exception occurs in the XML security processing
- StringIndexOutOfBoundsException when eb:Timestamp does not contain 'Z' indicator #78
- Issue in Receipt processing when the referenced message was not completely loaded from storage but previous processing states need to be evaluated
- Pull Requests directly submitted to the Core are never sent
- Non closed output streams and incorrect flushing of data in file delivery methods
- Refactored database configuration in default persistency module
- Removed database related code from other modules
- Confusing log message in SubmitFromFile worker when MMD file can not be renamed #69
- Body payload(s) not encrypted when message also contains other payloads #70
- P-Mode validation feature which separates the validation of P-Modes from both their internal and external storage
- The direction and processing states of a message unit are now available through the interfaces
- Unit tests to improve test coverage
- Integration tests. These tests set up two Holodeck B2B instances and execute both a push and a pull exchange to check that everything works on run time
- A default implementation of the message model interface (in Common module)
- Interfaces for separation of Core functionality and storage of message unit meta-data
- Default persistency provider implementation
- Extended
IMessageSubmitter.submitMessage(IUserMessage)method with parameter to indicate whether to delete the original payload files on message submission
- Refactored the validation of received message units into separate validation classes and handler
- Refactored Core module to use new persistency interfaces
- Moved XML message meta-data implementation and ProductId classes to Common module
- It is now possible to not only configure whether Error Signals should be logged but also if all signals
should be logged or only the ones that contain an Error with severity failure (see
log4j2.xmlfor more info)
- The single parameter version of the
IMessageSubmitter.submitMessage(IUserMessage)method has been deprecated. The new version with the additional parameter to indicate whether payload files should be deleted should be used.
- Exceptions
org.holodeckb2b.common.exceptions.DatabaseExceptionandorg.holodeckb2b.common.exceptions.DuplicateMessageIdErrorwhich were bound to the specific persistency implementation of previous versions
- ebMS errors are only logged when log level is ERROR #35
- Exceptions in processing of WSS header not handled correctly #36
- NPE in CreateSOAPEnvelopeHandler when sending async Error with unknown P-Mode #45
- NPE in purge operation when payload location is not available #46
- P-Mode finding does not take into account MPC defined in PullRequesFlow #47
- NPE in P-Mode finding process when only declaring SecurityConfiguration for a TradingPartner #48
- Server starts with error message if Holodeck B2B directory name includes space #54
- Unable to start on Windows when using very long base path #64
- Resolved build issues in unit tests on Windows platform
- Support for the AS4 Multi-hop feature as specified in section 4 of the AS4 OASIS Standard.
- Event framework to enable additional notification to external components about events that occur during message
processing. See
org.holodeckb2b.interface.eventsfor the new interfaces. - Default implementation of message purging. This default implementation will remove all meta-data (including payload data for User Messages) after a configurable number of days has passed since the last change to the message unit's processing state.
- Events for creation of a Receipt (see
org.holodeckb2b.interfaces.events.types.IReceiptCreatedEvent), creation of a signature for a User Message (seeorg.holodeckb2b.interfaces.events.types.ISignatureCreatedEvent) and for the removal of an "expired" User Message (seeorg.holodeckb2b.interfaces.events.types.IMessageUnitPurgedEvent). - A trust store to hold the certificates of trusted Certificate Authorities that are used to validate the certificates used for signing a message. This trust store should be used for certificates not directly related to a trading partner.
- Possibility to configure the Pull Worker Pool from outside the Holodeck B2B Core through the new
HolodeckB2BCoreInterface.setPullWorkerPoolConfigurationmethod. - When a received Error signal does not reference a sent message unit a ValueInconsistent error is generated. Note that this can be caused by either an invalid or missing reference in the Error signal.
- The addition of the event framework resulted in changes to the Holodeck B2B Core and P-Modes interfaces to get access to the event processor and enable configuration of event handlers.
- The XML P-Mode implementation was changed to add the event handler configuration, see the new version of the schema in pmode.xsd.
- Pull Requests are now also submitted to the Core. This required a change in the
IMessageSubmitterinterface that now also acceptsIPullRequestobjects for submission. Together with the new ability to configure the pull worker pool it allows extensions to set-up a custom mechanism for triggering the pulling. - Received ebMS Error signals are now logged to the special error log
org.holodeckb2b.msgproc.errors.receivedregardless whether they can be processed completely or need to be notified to the Producer application. - Messages without attachments are now sent as single part messages, i.e. not using the SOAP with Attachments feature.
- The bundling of Signal Messages is disabled because it can cause problems in multi-hop exchanges and it is also not widely interop tested. Disabling the bundling is done by removing the handlers that add the signals to the message from the processing flow in the configuration of the Holodeck B2B module. Bundling will be enabled again in a future version.
- PathWatcher does not honour system home directory #19. Thanks @phax.
- Problem with renaming mmd file to result extension if a file with the same name already exists.
- Payload with MIME type "application/gzip" is not decompressed #24.
- Rejected submission when multiple PartyIds were specified in both submission and P-Mode.
Philip Helger for various general code improvements.
- Include derived refToMessageId in Error signal when notifying business application about the error #12.
- PartyId can not be set on submission when security is used #13
- Long error descriptions can not be stored in the database #14
- Identification of Holodeck B2B in User-Agent and Server HTTP headers