Commit b1e8db19 authored by cdanger's avatar cdanger

prepared changelog for release

parent cb0700e8
# Change log
All notable changes to this project are documented in this file following the [Keep a CHANGELOG](http://keepachangelog.com) conventions.
## 3.8.1
### Fixed
- Removed use of SAXON StandardURIChecker for validating anyURI XACML AttributeValues causing "possible memory leak" errors in Tomcat, as confirmed by: https://sourceforge.net/p/saxon/mailman/message/27043134 and https://sourceforge.net/p/saxon/mailman/saxon-help/thread/4F9E683E.8060001@saxonica.com/. Although XACML 3.0 still refers to XSD 1.0 which has a stricter definition of anyURI than XSD 1.1, the fix consisted to use XSD 1.1 anyURI definition for XACML anyURI AttributeValues. In this definition, anyURI and string datatypes have same value space (refer to XSD 1.1 Datatypes document or SAXON note http://www.saxonica.com/html/documentation9.4/changes/intro93/xsd11-93.html or mailing list: https://sourceforge.net/p/saxon/mailman/saxon-help/thread/4F9E683E.8060001@saxonica.com/) , therefore anyURI-specific validation is removed and anyURI values are accepted like string values by the program. However, this does not affect XML schema validation of Policy/PolicySet/Request documents against OASIS XACML 3.0 schema, where the XSD 1.0 definition of anyURI still applies.
## 3.8.0
### Changed
- PDP XML schema: maxVariableRefDepth and maxPolicyRefDepth attributes made optional (instead of required)
......@@ -31,7 +36,7 @@ All notable changes to this project are documented in this file following the [K
## 3.6.0
### Added
- Support all [XACML 3.0 conformance tests](https://lists.oasis-open.org/archives/xacml-comment/201404/msg00001.html) published by AT&T on XACML mailing list in March 2014, except IIA010, IIA012, IIA024, IID029, IID030, III.C.2, III.C.3, IIIE301, IIIE303, II.G.2-6 (see also [README](src\test\resources\conformance\xacml-3.0-from-2.0-ct\README.md) ); with specific adaptations and anhancements:
- Support all [XACML 3.0 conformance tests](https://lists.oasis-open.org/archives/xacml-comment/201404/msg00001.html) published by AT&T on XACML mailing list in March 2014, except IIA010, IIA012, IIA024, IID029, IID030, III.C.2, III.C.3, IIIE301, IIIE303, II.G.2-6 (see also [README](src\test\resources\conformance\xacml-3.0-from-2.0-ct\README.md) ); with specific adaptations and enhancements:
1. XACML 3.0 Schema validation in all conformance tests (original files are not all compliant with XACML 3.0).
1. The original conformance test folder contains hundreds of files; for better readability and management, the folder is split in *mandatory* folder for tests on supported mandatory features (XACMl 3.0 core), *optional* folder for supported optional features (XACML 3.0 core and profiles), and *unsupported* for unsupported features.
1. For tests requiring a custom attribute finder, added a file with suffix `AttributeProvider.xml` that configures the `TestAttributeProviderModule`. This configuration file must contain a list of `Attributes` elements defining the attributes that this attribute provider is able to provide, with their constant values.
......
<?xml version="1.0"?>
<!-- This is an example configuration file. Many of the options included here are defaults, and do not need to be specified in a real configuration file. They are provided for convenience of editing, so
it is easy to set up a configuration file with non-default options. For documentation on the contents of a Saxon configuration file, see http://www.saxonica.com/documentation/index/configuration-file.html -->
<!-- WARNING: 1) for AuthZForce compatibility, do not set xInclude property here (do not even set xInclude="false")
This would cause an error with XACML Request Attributes/Content XML parsing:
net.sf.saxon.s9api.SaxonApiException: Selected XML parser javax.xml.bind.util.JAXBSource$1 does not recognize request for XInclude processing
at net.sf.saxon.s9api.DocumentBuilder.build(DocumentBuilder.java:374) ~[Saxon-HE-9.6.0-5.jar:na]
at org.ow2.authzforce.core.XACMLParsers$FullJaxbXACMLAttributesParserFactory$FullJaxbXACMLAttributesParser.parseContent(XACMLParsers.java:909) ~[classes/:na]
-->
<!-- This is an example configuration file. Many of the options included here are defaults, and do not need to be specified in a real configuration file. They are provided for convenience of editing, so
it is easy to set up a configuration file with non-default options. For documentation on the contents of a Saxon configuration file, see http://www.saxonica.com/documentation9.6/index.html#!configuration/configuration-file -->
<!-- WARNING: 1) for AuthZForce compatibility, do not set xInclude property here (do not even set xInclude="false") This would cause an error with XACML Request Attributes/Content XML parsing: net.sf.saxon.s9api.SaxonApiException:
Selected XML parser javax.xml.bind.util.JAXBSource$1 does not recognize request for XInclude processing at net.sf.saxon.s9api.DocumentBuilder.build(DocumentBuilder.java:374) ~[Saxon-HE-9.6.0-5.jar:na]
at org.ow2.authzforce.core.XACMLParsers$FullJaxbXACMLAttributesParserFactory$FullJaxbXACMLAttributesParser.parseContent(XACMLParsers.java:909) ~[classes/:na] -->
<configuration
edition="HE"
xmlns="http://saxon.sf.net/ns/configuration"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://saxon.sf.net/ns/configuration config.xsd">
<global
dtdValidation="false"
dtdValidationRecoverable="true"
lineNumbering="true"
treeModel="tinyTree"
stripSpace="all"
expandAttributeDefaults="true"
versionOfXml="1.0"
preferJaxpParser="true"
sourceResolver=""
uriResolver="net.sf.saxon.lib.StandardURIResolver"
collectionUriResolver="net.sf.saxon.lib.StandardCollectionURIResolver"
defaultCollection="file:///e:/temp"
recognizeUriQueryParameters="true"
useTypedValueCache="false"
parser=""
timing="false"
allowExternalFunctions="false"
traceExternalFunctions="false"
optimizationLevel="10"
traceOptimizerDecisions="false"
collationUriResolver="net.sf.saxon.lib.StandardCollationURIResolver"
lazyConstructionMode="false"
preEvaluateDoc="false"
serializerFactory=""
errorListener="net.sf.saxon.lib.StandardErrorListener"
traceListener="net.sf.saxon.trace.XSLTTraceListener"
usePiDisableOutputEscaping="false"
validationWarnings="true" />
<serialization
method="xml"
indent="yes" />
<collations>
<collation
uri="http://codepoint/"
class="net.sf.saxon.expr.sort.CodepointCollator" />
<collation
uri="http://www.microsoft.com/collation/caseblind"
lang="en"
ignore-case="yes" />
</collations>
<localizations
defaultLanguage="en"
defaultCountry="US">
<localization
lang="da"
class="net.sf.saxon.option.local.Numberer_da" />
<localization
lang="de"
class="net.sf.saxon.option.local.Numberer_de" />
<localization
lang="en"
class="net.sf.saxon.expr.number.Numberer_en" />
<localization
lang="fr"
class="net.sf.saxon.option.local.Numberer_fr" />
<localization
lang="fr-BE"
class="net.sf.saxon.option.local.Numberer_frBE" />
<localization
lang="it"
class="net.sf.saxon.option.local.Numberer_it" />
<localization
lang="nl"
class="net.sf.saxon.option.local.Numberer_nl" />
<localization
lang="nl-BE"
class="net.sf.saxon.option.local.Numberer_nlBE" />
<localization
lang="sv"
class="net.sf.saxon.option.local.Numberer_sv" />
</localizations>
<xslt
recoveryPolicy="recoverWithWarnings"
version="2.0"
versionWarning="false"
schemaAware="false"
messageReceiver=""
errorListener="net.sf.saxon.StandardErrorListener"
outputUriResolver=""
stylesheetParser="">
</xslt>
<xquery
version="1.1"
allowUpdate="false"
errorListener="net.sf.saxon.StandardErrorListener"
moduleUriResolver="net.sf.saxon.lib.StandardModuleURIResolver"
inheritNamespaces="true"
preserveNamespaces="true"
constructionMode="preserve"
defaultFunctionNamespace="http://www.w3.org/2005/xpath-functions"
defaultElementNamespace=""
preserveBoundarySpace="false"
requiredContextItemType="document-node()"
emptyLeast="true" />
edition="HE"
xmlns="http://saxon.sf.net/ns/configuration"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://saxon.sf.net/ns/configuration config.xsd">
<global
dtdValidation="false"
dtdValidationRecoverable="true"
lineNumbering="true"
treeModel="tinyTree"
stripSpace="all"
expandAttributeDefaults="true"
versionOfXml="1.0"
preferJaxpParser="true"
sourceResolver=""
uriResolver="net.sf.saxon.lib.StandardURIResolver"
collectionUriResolver="net.sf.saxon.lib.StandardCollectionURIResolver"
defaultCollection="file:///e:/temp"
recognizeUriQueryParameters="true"
useTypedValueCache="false"
parser=""
timing="false"
allowExternalFunctions="false"
traceExternalFunctions="false"
optimizationLevel="10"
traceOptimizerDecisions="false"
collationUriResolver="net.sf.saxon.lib.StandardCollationURIResolver"
lazyConstructionMode="false"
preEvaluateDoc="false"
serializerFactory=""
errorListener="net.sf.saxon.lib.StandardErrorListener"
traceListener="net.sf.saxon.trace.XSLTTraceListener"
usePiDisableOutputEscaping="false"
validationWarnings="true" />
<serialization
method="xml"
indent="yes" />
<collations>
<collation
uri="http://codepoint/"
class="net.sf.saxon.expr.sort.CodepointCollator" />
<collation
uri="http://www.microsoft.com/collation/caseblind"
lang="en"
ignore-case="yes" />
</collations>
<localizations
defaultLanguage="en"
defaultCountry="US">
<localization
lang="da"
class="net.sf.saxon.option.local.Numberer_da" />
<localization
lang="de"
class="net.sf.saxon.option.local.Numberer_de" />
<localization
lang="en"
class="net.sf.saxon.expr.number.Numberer_en" />
<localization
lang="fr"
class="net.sf.saxon.option.local.Numberer_fr" />
<localization
lang="fr-BE"
class="net.sf.saxon.option.local.Numberer_frBE" />
<localization
lang="it"
class="net.sf.saxon.option.local.Numberer_it" />
<localization
lang="nl"
class="net.sf.saxon.option.local.Numberer_nl" />
<localization
lang="nl-BE"
class="net.sf.saxon.option.local.Numberer_nlBE" />
<localization
lang="sv"
class="net.sf.saxon.option.local.Numberer_sv" />
</localizations>
<xslt
recoveryPolicy="recoverWithWarnings"
version="2.0"
versionWarning="false"
schemaAware="false"
messageReceiver=""
errorListener="net.sf.saxon.StandardErrorListener"
outputUriResolver=""
stylesheetParser="">
</xslt>
<xquery
version="1.1"
allowUpdate="false"
errorListener="net.sf.saxon.StandardErrorListener"
moduleUriResolver="net.sf.saxon.lib.StandardModuleURIResolver"
inheritNamespaces="true"
preserveNamespaces="true"
constructionMode="preserve"
defaultFunctionNamespace="http://www.w3.org/2005/xpath-functions"
defaultElementNamespace=""
preserveBoundarySpace="false"
requiredContextItemType="document-node()"
emptyLeast="true" />
<!-- XSD occurrenceLimits property is not considered valid by SAXON 9.6 although it is in the doc:
http://www.saxonica.com/documentation9.6/index.html#!configuration/configuration-file/config-xsd
Bug reported here: https://saxonica.plan.io/issues/2731
-->
<xsd
version="1.1" />
</configuration>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment