[ANN] Pax Web 8.0.8 released
139 views
Skip to first unread message
Grzegorz Grzybek
Sep 13, 2022, 12:42:24 PM9/13/22
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
I'd like to announce the release of Pax Web 8.0.8 with two fixes:The changelog can be found here[3].
kind regards
Grzegorz Grzybek
===
I'd like to announce the release of Pax Web 8.0.8 with two fixes:
- proper TCCL configuration when starting servlets and filters added to started context[1]
- fixed Provide-Capability header for pax-web-{jetty,tomcat,undertow}-bundle[2]
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Sep 14, 2022, 7:55:33 AM9/14/22
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
Just one day after 8.0.8, I'd like to announce the release of Pax Web 8.0.9 with a fix to a problem found by Qian Weichun (thanks!) - TCCL in service methods of servlets/filters/websockets should be able to find classes of the bundle which registered given web element.
The fix for https://github.com/ops4j/org.ops4j.pax.web/issues/1759 is the only fix in Pax Web 8.0.9.
For completeness, the changelog is available here[1].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Sep 14, 2022, 7:57:54 AM9/14/22
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
I'd like to announce the release of new major version of Pax Web - version 9!
It's supposed to be a long term release being maintained in parallel with Pax Web 8.0.x, the ONLY difference is:
- Pax Web 9 is JDK 11+ only
- Jetty 10.x is used instead of Jetty 9.4.x
All other fixes will always go to Pax Web 8 and Pax Web 9 at the same time.
The changelog is available here[1].
kind regards
Grzegorz Grzybek
===
Dave Smith
Sep 14, 2022, 8:33:07 AM9/14/22
to op...@googlegroups.com
Awesome. How long does it take for it to be available in Maven central ?
Dave
--
--
------------------
OPS4J - http://www.ops4j.org - op...@googlegroups.com
---
You received this message because you are subscribed to the Google Groups "OPS4J" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ops4j+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ops4j/CAAdXmhqPge%3DVVm_-YrcnbOAmkF8AgUamtYzb4u3WD8mSdNA5bQ%40mail.gmail.com.
Grzegorz Grzybek
Sep 14, 2022, 8:37:59 AM9/14/22
to op...@googlegroups.com
Hello
śr., 14 wrz 2022 o 14:33 Dave Smith <dave....@candata.com> napisał(a):
Awesome. How long does it take for it to be available in Maven central ?
I expected to see it already, but there's still no 8.0.9 and 9.0.0 - please give the process ~1 hour.
regards
Grzegorz Grzybek
To view this discussion on the web visit https://groups.google.com/d/msgid/ops4j/CA%2BFCLu1O3B8KAaAY0kdwL72AL1%2Bj9K2Qze0q2vVeEjo6omrBiA%40mail.gmail.com.
Matt Pavlovich
Sep 14, 2022, 10:57:03 AM9/14/22
to op...@googlegroups.com, ops4j-ann...@googlegroups.com, Karaf Dev
Awesome!
--
Grzegorz Grzybek
Sep 27, 2022, 6:49:51 AM9/27/22
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
I'd like to announce new minor releases of Pax Web: 8.0.10 and 9.0.1.
There were quite a few actual bug fixes related to how TCCL is configured and how default context can be overriden.
Jetty and Tomcat runtimes are upgraded and the current versions are:
- Jetty 9.4.49.v20220914
- Tomcat 9.0.67
- Undertow 2.2.19.Final
- "servlet" (which is the default) - TCCL inside service methods (like servlet.doGet()) is set to an OsgiServletContextClassLoader which delegates to all the bundles that are reachable for the context - this is perfect setting for a WAB scenario, however in Whiteboard scenario, TCCL doesn't delegate to bundles of the dynamically registered servlets! The problem is that each time a servlet is whiteboard-registered into a context, servlet's bundle would have to be added to the underlying list of bundles, but it causes classloader leaks due to the very JVM specification
- "whiteboard" - TCCL is set for each service method (separately for each filter and target servlet in invocation chain) to a bundle classloader of the actual filter/servlet
The problem with TCCL is that no OSGi CMPN specification mentions TCCL at all and I simply followed the "principle of least surprise"[2].
For completeness, the changelogs is available for 8.0.10[3] and 9.0.1[4].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Nov 7, 2022, 6:57:02 AM11/7/22
to Karaf Dev, ops4j-ann...@googlegroups.com, OPS4J, Martin Zukal
Hello
I'd like to announce new minor releases of Pax Web: 8.0.12 and 9.0.2.
There was one bug fixed related to non-default HttpContext and resource servlet registered in Tomcat runtime by felix.webconsole. Thanks +Martin Zukal for the report!
Non runtime updates are ASM 9.4 and BouncyCastle 1.72 (test only).
Jetty and Tomcat runtimes are upgraded and the current versions are:
- Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
- Tomcat 9.0.68
- Undertow 2.2.21.Final
For completeness, the changelogs is available for 8.0.12[1] and 9.0.2[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Nov 17, 2022, 4:56:22 AM11/17/22
to Karaf Dev, ops4j-ann...@googlegroups.com, OPS4J
Hello
I'd like to announce new minor releases of Pax Web: 8.0.12 and 9.0.2.
There are three problems resolved:
- there was a little timing issue if a web element targeting default whiteboard context was processed before the actual context was processed by target runtime
- there was a problem getting named dispatcher for "default" name, when a custom servlet from web.xml was using "/" mapping (thanks Prashanth Ettaboina for the report!)
- ${karaf.etc}/jetty-web.xml was actually not processed even if declared in ${karaf.etc}/org.ops4j.pax.web.cfg (thanks Oliver F. for the report!)
Tomcat runtime is upgraded and the current versions are:
- Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
- Tomcat 9.0.69
- Undertow 2.2.21.Final
For completeness, the changelogs is available for 8.0.13[1] and 9.0.3[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Nov 25, 2022, 12:40:58 PM11/25/22
to Karaf Dev, ops4j-ann...@googlegroups.com, OPS4J
Hello
I'd like to announce new minor releases of Pax Web: 8.0.14 and 9.0.4.
There's one, quite tricky problem resolved (thanks Oliver F. for your great analysis!):
- there was an issue when WAB was wired to a service (backend) bundle and this bundle was updated. This bundle had to register (Whiteboard or HttpService) servlets into the same context as the WAB.
It was possible to detect it, because the WAB used "/" context path and CXF (cxf-rt-transports-http) registers "/cxf" servlet into "/" path.
Current versions of runtimes are:
- Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
- Tomcat 9.0.69
- Undertow 2.2.21.Final
For completeness, the changelogs is available for 8.0.14[1] and 9.0.4[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jan 6, 2023, 2:15:53 AM1/6/23
to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
Hello
I'd like to announce new minor release of Pax Web: 8.0.15. It will be part of Karaf 4.4.3.
- Kevin Schmidt helped to fix pax-web-jetty - org.eclipse.jetty.rewrite import package was missing
- Kevan Jahanshahi found a problem with missing org.apache.xpath import package for pax-web-jsp
All runtimes are updated:
- Jetty 9.4.50.v20221201
- Tomcat 9.0.70
- Undertow 2.2.22.Final
For completeness, the changelog is available for 8.0.15[1].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Feb 24, 2023, 11:26:18 AM2/24/23
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
For completeness, the changelogs is available for 8.0.16[1] and 9.0.5[2].
I'd like to announce new minor releases of Pax Web: 8.0.16 and 9.0.5.
Current runtime versions are:
- Jetty 9.4.50.v20221201 (8.0.x) and 10.0.13 (9.0.x)
- Tomcat 9.0.72
- Undertow 2.2.23.Final
Another corner case was solved when WAB, Whiteboard and HttpService registered web elements were registered into the same target context (a case originally called "Where is JSF Support?").
A feature from Pax Web 7 is back - now both WebContainer (an extension to standard HttpService) and Whiteboard (this is new - there was no such option in Pax Web 7) can be used to register security configuration:
- login config
- security constraints
- security roles
A new whiteboard-security sample was added here: https://github.com/ops4j/org.ops4j.pax.web/tree/web-8.0.16/samples/samples-whiteboard/whiteboard-security
And finally I've reviewed Pax Web 7 support for Keycloak. In Pax Web 7 it worked only in Undertow runtime (mostly due to problems on Keycloak side).
Now there are new Karaf features that ensure that Pax Web 8/9 can integrate with Keycloak 18 (which contains something called "Fuse Adapters") and Keycloak 20 (where "Fuse Adapters" were removed). These features are:
- pax-web-jetty-keycloak18
- pax-web-tomcat-keycloak18
- pax-web-undertow-keycloak18
- pax-web-jetty-keycloak20
- pax-web-tomcat-keycloak20
- pax-web-undertow-keycloak20
The "keycloak18" features are designed to work with Keycloak 18.0.x and require this feature repository: "mvn:org.keycloak/keycloak-osgi-features/18.0.3/xml/features"
The "keycloak20" features do NOT require Keycloak features (because Keycloak 19 has them removed) and Pax Web itself repackages proper Keycloak libraries (because not all of them are proper OSGi bundles).
If you want to know more about how I tested Pax Web with Keycloak, please look at the readme files:
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Feb 27, 2023, 12:47:35 PM2/27/23
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
I'd like to announce new minor releases of Pax Web: 8.0.17 and 9.0.6. These versions are tiny improvements over previous 8.0.16 and 9.0.5 releases.
Thanks to Maurice Betzel we've repackaged Keycloak 21 which has just been released too. So Pax Web will support / package:
- Keycloak 18.0.x which still contains something called "Fuse Adapters" (a.k.a. Pax Web Adapters)
- Current major upstream Keycloak upgrade which is now 21.0.0
Current runtime versions are still:
- Jetty 9.4.50.v20221201 (8.0.x) and 10.0.13 (9.0.x)
- Tomcat 9.0.72
- Undertow 2.2.23.Final
For completeness, the changelogs is available for 8.0.17[1] and 9.0.6[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Mar 23, 2023, 1:43:06 PM3/23/23
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
Current runtime versions are:
For completeness, the changelogs is available for 8.0.18[1] and 9.0.7[2].
I'd like to announce new minor releases of Pax Web: 8.0.18 and 9.0.7.
- Jetty 9.4.51.v20230217 (8.0.x) and 10.0.14 (9.0.x)
- Tomcat 9.0.73
- Undertow 2.2.23.Final
There's new Karaf feature called "pax-web-jetty-http2-extras" which includes additional, client-side http2 Jetty bundles. And existing "pax-web-jetty-extras" feature contains two additional Jetty bundles.
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Apr 6, 2023, 1:37:43 PM4/6/23
to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
Hello
Current runtime versions are:
I'd like to announce new minor releases of Pax Web: 8.0.19 and 9.0.8.
- Jetty 9.4.51.v20230217 (8.0.x) and 10.0.14 (9.0.x)
- Tomcat 9.0.73
- Undertow 2.2.23.Final
Besides single improvement (allow custom Tomcat Server implementation - thanks Mathias Schwaninger!), this release is a step toward OSGi CMPN TCK compliance.
I was experimenting with public TCK tests from https://github.com/osgi/osgi/ project (only CPMN Web Applications specification for now) and 136 tests pass out of 138 (I've created osgi/osgi issues for the two remaining tests).
I'm going to check Whiteboard and HttpService TCK tests soon.
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Apr 19, 2023, 2:00:05 AM4/19/23
to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
Hello
Current runtime versions are:
Also, this release, together with Pax URL 2.6.14 fully passes official OSGi CMPN TCK for Web Applications specification! (OSGi CMPN chapter 128).
For completeness, the changelogs is available for 8.0.20[1] and 9.0.9[2].
I'd like to announce new minor releases of Pax Web: 8.0.20 and 9.0.9.
- Jetty 9.4.51.v20230217 (8.0.x) and 10.0.15 (9.0.x)
- Tomcat 9.0.74
- Undertow 2.2.24.Final
There's one important change. Johannes Utzig reported slow deployment times in real-world, complex Karaf installation. He found that WAB deployment involved "scanning" of all transitive bundles, while in fact the proper way to scan a WAB is to scan:
- /WEB-INF/classes and /WEB-INF/*.jar of the WAB - or generally - all WAB's entries from Bundle-ClassPath manifest
- all attached WAB OSGi bundle fragments
- all bundles "wired" to the WAB (and its fragments) using Import-Package, Require-Bundle and "osgi.extender" namespace
The scanning however should NOT be transitive (because otherwise we can reach thousands of bundles).
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jul 26, 2023, 10:48:21 AM7/26/23
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
Current runtime versions are:
I'd like to announce new minor releases of Pax Web: 8.0.21 and 9.0.10.
- Jetty 9.4.51.v20230217 (8.0.x) and 10.0.15 (9.0.x)
- Tomcat 9.0.78
- Undertow 2.2.25.Final
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jul 26, 2023, 10:49:55 AM7/26/23
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Sorry for wrong subject line (forward of previous ANN email...)
Grzegorz Grzybek
Sep 1, 2023, 9:42:58 AM9/1/23
to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
Hello
Current runtime versions are:
I'd like to announce new minor releases of Pax Web: 8.0.22 and 9.0.11.
- Jetty 9.4.52.v20230823 (8.0.x) and 10.0.16 (9.0.x)
- Tomcat 9.0.80
- Undertow 2.2.26.Final
For completeness, the changelogs are available for 8.0.22[1] and 9.0.11[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Oct 19, 2023, 12:46:43 PM10/19/23
to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
Hello
Current runtime versions are:
There's also a minor QoL improvements/fixes:
I'd like to announce new minor releases of Pax Web: 8.0.23 and 9.0.12.
- Jetty 9.4.53.v20231009 (8.0.x) and 10.0.17 (9.0.x)
- Tomcat 9.0.82
- Undertow 2.2.28.Final
These are important fixes related to recent CVE-2023-44487: HTTP/2 Rapid Reset Attack.
- OSGi security (ServletContextHelper.handleSecurity()) - user was not visible in access log (thanks François de Parscau!)
- Keycloak 19+ (up to 22) integration was not complete
- Additional Tomcat valves (from context.xml) were removed on restart (thanks Stephan Siano!)
- ServletContext.getServletContextName() returned wrong value for WABs (thanks Amichai Rothman!)
For completeness, the changelogs are available for 8.0.23[1] and 9.0.12[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Oct 27, 2023, 9:26:02 AM10/27/23
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
I'd like to announce new bugfix releases of Pax Web: 8.0.24 and 9.0.13.
- Jetty 9.4.53.v20231009 (8.0.x) and 10.0.17 (9.0.x)
- Tomcat 9.0.82
- Undertow 2.2.28.Final
There's one fix for a problem reported by Amichai Rothman as https://issues.apache.org/jira/browse/KARAF-7773. It is a case where
- dynamic filters registered by ServletContextListeners are not destroyed by Jetty
- ServletContextListeners are not removed during WAB undeployment
For completeness, the changelogs are available for 8.0.24[1] and 9.0.13[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jan 12, 2024, 3:42:27 AM1/12/24
to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
Hello
Current runtime versions are:
There's one fix for a problem reported by @liao-qing-hua that "org.ops4j.pax.web.session.timeout" option was ignored.
I'd like to announce new bugfix releases of Pax Web: 8.0.25 and 9.0.14.
- Jetty 9.4.53.v20231009 (8.0.x) and 10.0.19 (9.0.x)
- Tomcat 9.0.85
- Undertow 2.2.28.Final
For completeness, the changelogs are available for 8.0.25[1] and 9.0.14[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Feb 27, 2024, 10:14:29 AM2/27/24
to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
Hello
Current runtime versions are:
There's also one fix for a problem reported by Ivaylo Milev about non-working "org.ops4j.pax.web.session.cookie.secure" option.
I'd like to announce new bugfix releases of Pax Web: 8.0.26 and 9.0.15.
- Jetty 9.4.54.v20240208 (8.0.x) and 10.0.20 (9.0.x)
- Tomcat 9.0.86
- Undertow 2.2.30.Final
For completeness, the changelogs are available for 8.0.26[1] and 9.0.15[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Mar 25, 2024, 5:13:37 AM3/25/24
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
Current runtime versions are:
I'd like to announce new releases of Pax Web: 8.0.27 and 9.0.16. Only runtimes are upgraded (Tomcat and Undertow)
- Jetty 9.4.54.v20240208 (8.0.x) and 10.0.20 (9.0.x)
- Tomcat 9.0.87
- Undertow 2.2.31.Final
For completeness, the changelogs are available for 8.0.27[1] and 9.0.16[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Sep 5, 2024, 6:59:09 AM9/5/24
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
Current runtime versions are:
I'd like to announce new releases of Pax Web: 8.0.28 and 9.0.17. We have new versions of all 3 runtimes and few bug fixes! Thanks Paul McCulloch, Peter Šuňa and Rico Neubauer for the reports.
- Jetty 9.4.56.v20240826 (8.0.x) and 10.0.24 (9.0.x)
- Tomcat 9.0.93
- Undertow 2.2.35.Final
For completeness, the changelogs are available for 8.0.28[1] and 9.0.17[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Oct 19, 2024, 9:58:41 AM10/19/24
to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
Hello
Current runtime versions are:
I'd like to announce new releases of Pax Web: 8.0.29 and 9.0.18. We have new versions of 23 runtimes and one bug fix. Thanks Jakub Herkel for the report!
- Jetty 9.4.56.v20240826 (8.0.x) and 10.0.24 (9.0.x)
- Tomcat 9.0.96
- Undertow 2.2.37.Final
For completeness, the changelogs are available for 8.0.29[1] and 9.0.18[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jan 16, 2025, 9:00:15 AMJan 16
to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
Hello
Current runtime versions are:
I'd like to announce new releases of Pax Web: 8.0.30 and 9.0.19. We have new versions of 2 runtimes and one bug fix.
- Jetty 9.4.57.v20241219 (8.0.x) and 10.0.24 (9.0.x)
- Tomcat 9.0.98
- Undertow 2.2.37.Final
There was a TLS handshake buffer misconfiguration in Undertow and it's now fixed.
For completeness, the changelogs are available for 8.0.30[1] and 9.0.19[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Feb 24, 2025, 8:30:56 AMFeb 24
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello
Current runtime versions are:
I'd like to announce new releases of Pax Web: 8.0.31 and 9.0.20. We have new versions of Tomcat runtime, one improvement and one bug fix.
- Jetty 9.4.57.v20241219 (8.0.x) and 10.0.24 (9.0.x)
- Tomcat 9.0.100
- Undertow 2.2.37.Final
Thanks to @sdybiec, we now handle web resources correctly when dir-based bundles are used (Equinox, Eclipse).
Additionally, with Pax Web Undertow, when undertow.xml was used to configure listeners using XML, access log handler wasn't activated when "
org.ops4j.pax.web.log.ncsa.enabled" option was set. This is now fixed.
org.ops4j.pax.web.log.ncsa.enabled" option was set. This is now fixed.
For completeness, the changelogs are available for 8.0.31[1] and 9.0.20[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jun 5, 2025, 3:14:33 AMJun 5
to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
Hello
Current runtime versions are:
I'd like to announce new releases of Pax Web: 8.0.32 and 9.0.21. We have new version of Tomcat runtime and minor fixes.
I would like to highlight that these are probably last releases from 8.0.x and 9.0.x branches. The reason is that I'll be releasing:
- Pax Web 10 - same as Pax Web 8 in terms of supporting JakartaEE 8 and javax.servlet namespace, but with JDK17 baseline and Jetty 9 replaced by Jetty 12 (ee8 libraries). Jetty 9, 10 and 11 are no longer upported!
- Pax Web 11 - the new release based on JakartaEE 9+ and jakarta.servlet namespace. Also JDK 17 is the baseline. This is a full move from javax.servlet to jakarta.servlet and new runtime versions will be:
- Jetty 12
- Tomcat 11
- Undertow 2.3
- Jetty 9.4.57.v20241219 (8.0.x) and 10.0.24 (9.0.x)
- Tomcat 9.0.105
- Undertow 2.2.37.Final
For completeness, the changelogs are available for 8.0.32[1] and 9.0.21[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jun 5, 2025, 3:50:37 AMJun 5
to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
Hello!
Almost 5 years after the release of JakartaEE 9 with its disruptive switch from "javax." to "jakarta." namespace, I'm happy and proud to announce Pax Web 10 and Pax Web 11!
OSGi CMPN 8.0 specification has 3 web-related specs (still based on javax.servlet API):
- Chapter 102: Http Service Specification: https://docs.osgi.org/specification/osgi.cmpn/8.0.0/service.http.html
- Chapter 128: Web Applications Specification: https://docs.osgi.org/specification/osgi.cmpn/8.0.0/service.war.html
- Chapter 140: Http Whiteboard Specification: https://docs.osgi.org/specification/osgi.cmpn/8.0.0/service.http.whiteboard.html
First Pax Web releases were based on Chapter 102 (org.osgi.service.http.HttpService).
Then some clever things in Pax Web (before I even learned what OSGi is) inspired Http Whiteboard Specification.
With OSGi CMPN 8.1 which partially embraces javax → jakarta transition, we have these important changes impacting the landscape and Pax Web itself:
- Chapter 102 is gone - we no longer have "org.osgi.service.http.HttpService" interface
- Chapter 128 still mentions javax.servlet packages
- Chapter 140 is renamed to "Whiteboard Specification for Jakarta™ Servlet": https://docs.osgi.org/specification/osgi.cmpn/8.1.0/service.servlet.html
The main goal for Pax Web 10 (I'll write about Pax Web 11 in a moment) was simple - move from javax.servlet to jakarta.servlet.
`s/javax.servlet/jakarta.servlet/g` was the easy part. The problems started when upgrading Jetty, Tomcat and Undertow to versions based on jakarta.servlet API.
While Tomcat and Undertow were good citizens here, Jetty was the rebel (in the end - in positive way).
Jetty 12 stood against the same problem we all had/have in Java - should we support javax AND jakarta or do the Spring Boot 3 move to forget about javax? Jetty chose the BOTH approach.
This lead to full refactoring of Jetty internals and Pax Web had to use many tricks to switch the implementation (ee8, ee9, ee10 parts of Jetty 12). But we did it!
Because Jetty 9, 10 and 11 are no longer supported AND because Jetty 12 supports ee8 (javax.servlet) we had a suggestion (https://github.com/ops4j/org.ops4j.pax.web/issues/2031) that maybe we should upgrade "old" Pax Web 8 to Jetty 12?
So I decided to do the BIG release named as Pax Web 11 and replace Pax Web 8 (Jetty 9) and 9 (Jetty 10) with Pax Web 10 (Jetty 12).
Let me proudly present:
- Pax Web 10 - same as Pax Web 8 in terms of supporting JakartaEE 8 and javax.servlet namespace, but with JDK17 baseline and Jetty 9 replaced by Jetty 12 (ee8 libraries).
- Pax Web 11 - the new release based on JakartaEE 9+ and jakarta.servlet namespace. Also JDK 17 is the baseline. This is a full move from javax.servlet to jakarta.servlet and new runtime versions will be:
- Jetty 12
- Tomcat 11
- Undertow 2.3
- Jetty 12.0.22
- Tomcat 9.0.105 (Pax Web 10) and 11.0.7 (Pax Web 11)
- Undertow 2.2.37.Final (Pax Web 10) and 2.3.18.Final (Pax Web 11)
Additionally Pax Web 11 passes almost all Whiteboard TCK tests with few minor exceptions. See https://github.com/ops4j/org.ops4j.pax.web/issues/1803
For completeness, the changelogs are available for 10.0.0[1] and 11.0.0[2].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jul 29, 2025, 1:34:21 PMJul 29
to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
Hello
I'd like to announce new release of Pax Web: 8.0.33. We have new version of Tomcat runtime and few stability fixes.
As with Pax Web 8.0.32, I would like to highlight that this is probably the last release from 8.0.x branch. The reason is that we already have Pax Web 10 and Pax Web 11 released. As reminder:
- Pax Web 10 - same as Pax Web 8 in terms of supporting JakartaEE 8 and javax.servlet namespace, but with JDK17 baseline and Jetty 9 replaced by Jetty 12 (ee8 libraries). Jetty 9, 10 and 11 are no longer supported!
- Pax Web 11 - the new release based on JakartaEE 9+ and jakarta.servlet namespace. Also JDK 17 is the baseline. This is a full move from javax.servlet to jakarta.servlet and new runtime versions will be:
- Jetty 12
- Tomcat 11
- Undertow 2.3
- Jetty 9.4.57.v20241219
- Tomcat 9.0.107
- Undertow 2.2.37.Final
- quick re-registration (for example related to PID change) of HttpService runtime
- mixing WAB and Whiteboard registrations (potential deadlock)
- duplicate internal listeners being involved
For completeness, the changelog is available for 8.0.33[1].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jul 30, 2025, 3:07:32 AMJul 30
to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
Hello
I'd like to announce new release of Pax Web: 9.0.22 which matches yesterday's release of Pax Web 8.0.33. We have new version of Tomcat runtime and few stability fixes.
As with Pax Web 9.0.21, I would like to highlight that this is probably the last release from 9.0.x branch. The reason is that we already have Pax Web 10 and Pax Web 11 released. As reminder:
- Pax Web 10 - same as Pax Web 9 in terms of supporting JakartaEE 8 and javax.servlet namespace, but with JDK17 baseline and Jetty 10 replaced by Jetty 12 (ee8 libraries). Jetty 9, 10 and 11 are no longer supported!
- Pax Web 11 - the new release based on JakartaEE 9+ and jakarta.servlet namespace. Also JDK 17 is the baseline. This is a full move from javax.servlet to jakarta.servlet and new runtime versions will be:
- Jetty 12
- Tomcat 11
- Undertow 2.3
- Jetty 10.0.24
- Tomcat 9.0.107
- Undertow 2.2.37.Final
This release includes stability fixes related to:
- quick re-registration (for example related to PID change) of HttpService runtime
- mixing WAB and Whiteboard registrations (potential deadlock)
- duplicate internal listeners being involved
For completeness, the changelog is available for 9.0.22[1].
kind regards
Grzegorz Grzybek
===
Grzegorz Grzybek
Jul 30, 2025, 3:37:38 AMJul 30
to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
Hello
Current runtime versions are:
I'd like to announce new releases of Pax Web: 10.0.1 and 11.0.1. These are the main branches we support now, where:
- Pax Web 10 should replace Pax Web 8 and 9 - it's still based on JakartaEE 8 and `javax.servlet` API, but using supported Jetty 12 version (ee8 modules)
- Pax Web 11 is the single modern version based on latest runtimes and JakartaEE 11 (`jakarta.servlet` API)
- Jetty 12.0.23
- Tomcat 11.0.9 (Pax Web 11) and Tomcat 9.0.107 (Pax Web 10)
- Undertow 2.3.18.Final (Pax Web 11) and Undertow 2.2.37.Final (Pax Web 10)
We've fixed some instability issues related to:
- quick configuration changes
- duplicate internal ServerListeners
- deadlock between WAB and Whiteboard registrations
Additionally for Pax Web 11 we support wider range for `org.slf4j` package import and we've lifted a restriction on Whiteboard servlet/filter name being unique (passing two more TCK tests).
The Whiteboard name uniqueness restriction prevented installation of Felix Healthcheck bundles which now work fine (thanks Jonathan Wright!).
For completeness, the changelogs are available for 10.0.1[1] and 11.0.1[2].
kind regards
Grzegorz Grzybek
===
Reply all
Reply to author
Forward
0 new messages