<Logger name="org.openrepose.commons.utils.servlet.http.HttpServletResponseWrapper_addHeaderWarning" level="off"/>
Bug Fix | REP-7608 - Fixed bug where Repose was acting like it was sending content when the body was empty and chunked encoding was on.
Bug Fix | REP-7663 - Fixed a file contention issue between Repose processes in the EAR unpacking logic.
Enhancement | REP-7391 - Updated dependencies:
Jetty: 9.4.8.v20171121 → 9.4.14.v20181114
Enhancement | REP-7150 - Added OWASP security dependency checking to the build.
Akka: 2.3.12 → 2.4.20
Apache Commons: 3.3.2 → 3.8.1
Apache Thrift: 0.9.2 → 0.10.0
API Checker: 2.6.1 → 2.7.0
Groovy: 2.4.3 → 2.4.15
Guava: 18.0 → 27.0.1-jre
Jackson: 2.8.9 → 2.9.8
JRuby: 1.7.24 → Removed
Jython: 2.7.0 → 2.7.1
Scala Reflect: Undetermined → 2.11.12
Spring: 4.1.4.RELEASE → 4.3.21.RELEASE
Enhancement | REP-7775 - Move completely to the Jayway JSON Path library and away from the abandoned
Jayway JSONPath: 2.2.0 → 2.4.0
Enhancement | REP-7539 - Updated Docker containers to use the built packages instead of depending on the package repo.
Enhancement | REP-7534 - Updated all repository references to the new location.
Enhancement | Breaking Change | REP-6663 - Added support for forwarding the response status line reason phrase from the origin service.
Redesigned the HTTP Client Service API.
http.connection.max-status-line-garbage configuration attribute.
Updated HTTP Components dependencies:
httpclient: 4.5.3 → 4.5.6
httpcore: 4.4.6 → 4.4.10
Migrated deprecated client parameter configuration to client builder configuration.
Instrumented HTTP clients to report certain metrics via the Metrics Service.
Added caching functionality to the HTTP Client Service.
Removed part of the
Moved the HTTP request method check to the beginning of processing rather than just before proxying the request. As a result, Repose will reject requests with an unsupported HTTP method before any filter processing can occur.
Updated the HTTP response status code returned for a request with an unsupported method from a
500 to a
Enhancement | Breaking Change | REP-7231 - Switching over to new filter, filter chain, and servlet classes.
Many unused and deprecated classes have been removed.
The Scripting Filter has been moved from the
repose-experimental-filter-bundle to the
Filter activation has been made more dynamic.
Headers are no longer automatically split.
Headers with an empty value are now supported and will not be removed from requests/responses.
When querying rate limits via the the Rate Limiting Filter, an
Accept header with an empty value will now result in a
406 response rather than a response of the default
A bug causing multiple OpenTracing headers (i.e.,
uber-trace-id) with potentially different values to be forwarded on the request to the origin service has been fixed.
Now only a single OpenTracing header will be forwarded.
Enhancement | Breaking Change | REP-7490 - Cleaning up some log messages in pursuit of more meaningful logging.
org.eclipse.jetty logger level from
warn in the default
log4j2.xml configuration file.
Removing a log event with a message including
Repose Devs might care about this trace by the
Changing the log level of events relating to unpacking artifacts by the
org.openrepose.commons.utils.classloader.EarClassProvider logger from
Breaking Change | REP-7201 - The Rackspace Auth User, SAML Policy Translation, and Attribute Mapping Policy Validation filters were removed and placed in their own bundle.
Breaking Change | REP-7338 - The WAR deployment was removed as an option.
Cache timeouts are now defined in seconds rather than milliseconds.
Breaking Change | REP-4993 - Flush output filter was removed.
Breaking Change | REP-7486 - Removed the Response Messaging Service and documented a replacement solution.
REP-7135 - Improved the artifact deployment strategy to handle multiple Repose instances running concurrently.
REP-7096 - Updated the
ReposeRoutingServlet to be able to actually route requests.
REP-7128 - Updated the performance tests so that they have a more standard layout, and more fully allow integration in the IDE.
REP-7009 - Updated the
intrafilter-logging debugging mechanism in preparation for v184.108.40.206 changes.
REP-6038 - Created the
ReposeFilterChain this will eventually replace the
PowerFilterChain and allow dynamic determination of the filter chain.
REP-7008 - Created the
ReposeServlet which will eventually replace the
EmptyServlet and allow routing to be done by the servlet rather than the filter chain.
REP-7081 - Added OpenTracing Support to the
REP-7064 - Fixed the behavior of the Valkyrie Authorization filter where only the last device permission was considered when determining the authorization status of a request. Now all device permissions are considered.
REP-7054 - IP User filter - support to use X-Forwarded-For header for X-PP-Groups
REP-6858 - Updated Log4j to a version that allows setting of file permissions
REP-6508 - Simplified the deployment directory scheme to reduce disk usage in certain cases.
REP-6977 - Fixed the atom feed service, now it actually works.
REP-6974 - Fixed reverse read option in the atom feed service, now it actually works.
REP-6674 - Minor internal update to increase logging performance.
REP-6655 - Adding required configuration files to the examples directory. Also, example configurations will now be replaced on upgrade.
REP-6862 - Updated dependencies:
Attribute Mapper: 2.2.0 → 2.2.1
REP-6588 - Updated the
commitToResponse method of the
HttpServletResponseWrapper to avoid writing headers or the body when an error has been sent.
This should fix an issue with certain servlet containers where an
IllegalStateException is thrown when calling
commitToResponse after both writing to the output stream and calling
sendError on the wrapped response.
REP-6628 - Updated dependencies:
REP-6448 - Updated the Simple RBAC filter to support Multi-Tenant.
REP-6470 - Updated dependencies:
API Checker: 2.5.1 → 2.6.0
Multi-Tenant support is currently not supported when the mask rax roles feature is enabled.
Jetty: 9.2.0.v20140526 → 9.4.8.v20171121
Gradle: 3.4 → 4.5
JSONPath: 2.4.0 → 2.5.0
REP-5401 - Added support for environment variable substitution in configuration files.
REP-6382 - Lots of little versioned docs updates.
REP-6186 - Updated the automated Release Verification to force the use of Java 8 since some GNU/Linux distributions are already providing Java 9 by default.
REP-6162 - Updated the Keystone v2 get IDP call to support the field name change from
REP-5939 - Added support for, and began publishing, a CentOS-based Docker image.
REP-5766 - Updated Dockerfile to run Repose as the
REP-5767 - Updated Dockerfiles to simplify usage of
REP-5985 - Updated the Jackson version from v2.4.0 to v2.8.9 to correct some library mismatch issues.
REP-5315 - Updated Spring-managed bean names in JMX to be consistent with metric beans.
REP-5885 - Fixed the bug where an
Error during processing would result in a
200 response from Repose.
REP-6050 - Update Contact Us page information across all the documentation.
REP-5261 - Confirmed the Translation filter will allow 100,000 Entity Expansions and updated the documentation accordingly.
REP-6098 - Updated the SAML Policy Translation filter to allow multiple locations for default values in an effort to support multiple Identity Providers (IDP’s).
REP-6001 - Updated dependencies:
REP-5727 - Extracted trace ID logging to its own named logger.
REP-5737 - Updated the following filters to correct a typo that would prevent proper configuration schema validation.
As part of this correction, any configurations that were taking advantage of this lack of validation will cease to function.
REP-5617 - Updated the the internal HTTP Servlet Response Wrapper to log a WARNING when addHeader, addIntHeader, addDateHeader, or appendHeader is called after the response has been committed.
This message is logged to a separate logger and can be disabled by adding the following to the
REP-5757 - Updated the SAML Policy Translation Filter to utilize YAML policy files.
attribute-mapper library from v1.1.1 to v1.2.0 to bring in the YAML updates made in REP-5632
REP-5592 - Updated the Attribute Mapping Policy Validation Filter to only work for YAML bodies.
REP-5347 - Updated the Attribute Mapping library from v1.0.2 to v1.1.1.
REP-5595 - Updated the Attribute Mapping Policy Validation Filter to utilize new Attribute Mapping library features for cleaner JSON validation.
REP-5343 - Updated the Keystone v2 Filter to support the new Apply RCN Roles feature of Rackspace Keystone v2 Identity. Converted the old Keystone v2 Filter documentation over to the new versioned docs.
REP-5345 - The Attribute Mapping Policy Validation Filter has been released!
REP-5221 - Updated the API Checker library from v2.1.1 to v2.2.1.
This brings the bulk metadata feature to the API Validator filter.
REP-3901 - The Debian and RPM Repose Valve and WAR artifacts will now create the
repose user and group even if the configuration files are already present.
REP-5130 - Rackspace Auth User Filter now gives a more specific and quieter log message when it runs into a non-xml or non-json content type.
REP-4725 - Repose will no longer add a
Server header to responses from neither the main endpoint nor the Dist-Datastore endpoint.
As part of the upgrade, some metric names reported by various components have been changed. Furthermore, all metrics reported to JMX via the Metrics Service now follow a new naming scheme. Due to a technical issue with the new version of the metric library, EHCache metrics are no longer being reported, but there is planned work to restore them. See Metrics Service for details on the metrics currently being reported.
REP-5214 - The
Via header configuration has been expanded in a backwards compatible way.
However, there were some internal contract changes with the Via and Location header builders, but they should not affect any custom filters.
REP-4465 - Certain enums provided by Repose have been replaced by classes holding the same constant values.
REP-5101 - SAML Policy Translation Filter now allows un-encoded
application/xml requests in addition to the previous
REP-4653 - The Rackspace Auth User Filter updated to read request body of Forgot Password request to get the username and the Highly Efficient Record Processor (HERP) Filter was updated to get
X-User-Name from response headers.
REP-4841 - A more unique ID will be used for User Access Events (UAE) in support of Cloud Auditing Data Federation (CADF).
REP-4954 - Added support for Form Encoded requests (
REP-4880 - Internal utility classes JCharSequence and MessageDigester were removed.
REP-4892 - Versioned searching of these docs has been fixed.
REP-4999 - Leading and trailing whitespace in directory values in the container.cfg.xml file are now ignored.
sendError in the response wrapper will now call
sendError on the underlying response when appropriate.