[ANN] Pax Web 8.0.8 released

139 views
Skip to first unread message

Grzegorz Grzybek

unread,
Sep 13, 2022, 12:42:24 PM9/13/22
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello

I'd like to announce the release of Pax Web 8.0.8 with two fixes:
  • proper TCCL configuration when starting servlets and filters added to started context[1]
  • fixed Provide-Capability header for pax-web-{jetty,tomcat,undertow}-bundle[2]
The changelog can be found here[3].

kind regards
Grzegorz Grzybek
===

Grzegorz Grzybek

unread,
Sep 14, 2022, 7:55:33 AM9/14/22
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello

Just one day after 8.0.8, I'd like to announce the release of Pax Web 8.0.9 with a fix to a problem found by Qian Weichun (thanks!) - TCCL in service methods of servlets/filters/websockets should be able to find classes of the bundle which registered given web element.

The fix for https://github.com/ops4j/org.ops4j.pax.web/issues/1759 is the only fix in Pax Web 8.0.9.

For completeness, the changelog is available here[1].

kind regards
Grzegorz Grzybek
===

Grzegorz Grzybek

unread,
Sep 14, 2022, 7:57:54 AM9/14/22
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello

I'd like to announce the release of new major version of Pax Web - version 9!

It's supposed to be a long term release being maintained in parallel with Pax Web 8.0.x, the ONLY difference is:
  • Pax Web 9 is JDK 11+ only
  • Jetty 10.x is used instead of Jetty 9.4.x
All other fixes will always go to Pax Web 8 and Pax Web 9 at the same time.

The changelog is available here[1].

kind regards
Grzegorz Grzybek
===

Dave Smith

unread,
Sep 14, 2022, 8:33:07 AM9/14/22
to op...@googlegroups.com
Awesome. How long does it take for it to be available in Maven central ?

Dave

--
--
------------------
OPS4J - http://www.ops4j.org - op...@googlegroups.com

---
You received this message because you are subscribed to the Google Groups "OPS4J" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ops4j+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ops4j/CAAdXmhqPge%3DVVm_-YrcnbOAmkF8AgUamtYzb4u3WD8mSdNA5bQ%40mail.gmail.com.

Grzegorz Grzybek

unread,
Sep 14, 2022, 8:37:59 AM9/14/22
to op...@googlegroups.com
Hello

śr., 14 wrz 2022 o 14:33 Dave Smith <dave....@candata.com> napisał(a):
Awesome. How long does it take for it to be available in Maven central ?

I expected to see it already, but there's still no 8.0.9 and 9.0.0 - please give the process ~1 hour.

regards
Grzegorz Grzybek
 

Matt Pavlovich

unread,
Sep 14, 2022, 10:57:03 AM9/14/22
to op...@googlegroups.com, ops4j-ann...@googlegroups.com, Karaf Dev

Awesome!

--

Grzegorz Grzybek

unread,
Sep 27, 2022, 6:49:51 AM9/27/22
to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
Hello

I'd like to announce new minor releases of Pax Web: 8.0.10 and 9.0.1.

There were quite a few actual bug fixes related to how TCCL is configured and how default context can be overriden.

Jetty and Tomcat runtimes are upgraded and the current versions are:
  • Jetty 9.4.49.v20220914
  • Tomcat 9.0.67
  • Undertow 2.2.19.Final
There's a new PID configuration option called "org.ops4j.pax.web.tccl.type" introduced with this issue[1]. It accepts two options:
  • "servlet" (which is the default) - TCCL inside service methods (like servlet.doGet()) is set to an OsgiServletContextClassLoader which delegates to all the bundles that are reachable for the context - this is perfect setting for a WAB scenario, however in Whiteboard scenario, TCCL doesn't delegate to bundles of the dynamically registered servlets! The problem is that each time a servlet is whiteboard-registered into a context, servlet's bundle would have to be added to the underlying list of bundles, but it causes classloader leaks due to the very JVM specification
  • "whiteboard" - TCCL is set for each service method (separately for each filter and target servlet in invocation chain) to a bundle classloader of the actual filter/servlet
The problem with TCCL is that no OSGi CMPN specification mentions TCCL at all and I simply followed the "principle of least surprise"[2].

For completeness, the changelogs is available for 8.0.10[3] and 9.0.1[4].

kind regards
Grzegorz Grzybek
===

Grzegorz Grzybek

unread,
Nov 7, 2022, 6:57:02 AM11/7/22
to Karaf Dev, ops4j-ann...@googlegroups.com, OPS4J, Martin Zukal
Hello

I'd like to announce new minor releases of Pax Web: 8.0.12 and 9.0.2.

There was one bug fixed related to non-default HttpContext and resource servlet registered in Tomcat runtime by felix.webconsole. Thanks +Martin Zukal for the report!

Non runtime updates are ASM 9.4 and BouncyCastle 1.72 (test only).

Jetty and Tomcat runtimes are upgraded and the current versions are:
  • Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
  • Tomcat 9.0.68
  • Undertow 2.2.21.Final
For completeness, the changelogs is available for 8.0.12[1] and 9.0.2[2].

kind regards
Grzegorz Grzybek
===

Grzegorz Grzybek

unread,
Nov 17, 2022, 4:56:22 AM11/17/22
to Karaf Dev, ops4j-ann...@googlegroups.com, OPS4J
Hello

I'd like to announce new minor releases of Pax Web: 8.0.12 and 9.0.2.

There are three problems resolved:
  • there was a little timing issue if a web element targeting default whiteboard context was processed before the actual context was processed by target runtime
  • there was a problem getting named dispatcher for "default" name, when a custom servlet from web.xml was using "/" mapping (thanks Prashanth Ettaboina for the report!)
  • ${karaf.etc}/jetty-web.xml was actually not processed even if declared in ${karaf.etc}/org.ops4j.pax.web.cfg (thanks Oliver F. for the report!)

Tomcat runtime is upgraded and the current versions are:
    • Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
    • Tomcat 9.0.69
    • Undertow 2.2.21.Final
    For completeness, the changelogs is available for 8.0.13[1] and 9.0.3[2].

    kind regards
    Grzegorz Grzybek
    ===

    Grzegorz Grzybek

    unread,
    Nov 25, 2022, 12:40:58 PM11/25/22
    to Karaf Dev, ops4j-ann...@googlegroups.com, OPS4J
    Hello

    I'd like to announce new minor releases of Pax Web: 8.0.14 and 9.0.4.

    There's one, quite tricky problem resolved (thanks Oliver F. for your great analysis!):
    • there was an issue when WAB was wired to a service (backend) bundle and this bundle was updated. This bundle had to register (Whiteboard or HttpService) servlets into the same context as the WAB.
    It was possible to detect it, because the WAB used "/" context path and CXF (cxf-rt-transports-http) registers "/cxf" servlet into "/" path.

    Current versions of runtimes are:
    • Jetty 9.4.49.v20220914 (8.0.x) and 10.0.12 (9.0.x)
    • Tomcat 9.0.69
    • Undertow 2.2.21.Final
    For completeness, the changelogs is available for 8.0.14[1] and 9.0.4[2].

    kind regards
    Grzegorz Grzybek
    ===

    Grzegorz Grzybek

    unread,
    Jan 6, 2023, 2:15:53 AM1/6/23
    to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
    Hello

    I'd like to announce new minor release of Pax Web: 8.0.15. It will be part of Karaf 4.4.3.
    • Kevin Schmidt helped to fix pax-web-jetty - org.eclipse.jetty.rewrite import package was missing
    • Kevan Jahanshahi found a problem with missing org.apache.xpath import package for pax-web-jsp
    All runtimes are updated:
    • Jetty 9.4.50.v20221201
    • Tomcat 9.0.70
    • Undertow 2.2.22.Final
    For completeness, the changelog is available for 8.0.15[1].

    kind regards
    Grzegorz Grzybek
    ===

    Grzegorz Grzybek

    unread,
    Feb 24, 2023, 11:26:18 AM2/24/23
    to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
    Hello

    I'd like to announce new minor releases of Pax Web: 8.0.16 and 9.0.5.

    Current runtime versions are:
    • Jetty 9.4.50.v20221201 (8.0.x) and 10.0.13 (9.0.x)
    • Tomcat 9.0.72
    • Undertow 2.2.23.Final
    Another corner case was solved when WAB, Whiteboard and HttpService registered web elements were registered into the same target context (a case originally called "Where is JSF Support?").

    A feature from Pax Web 7 is back - now both WebContainer (an extension to standard HttpService) and Whiteboard (this is new - there was no such option in Pax Web 7) can be used to register security configuration:
    • login config
    • security constraints
    • security roles

    And finally I've reviewed Pax Web 7 support for Keycloak. In Pax Web 7 it worked only in Undertow runtime (mostly due to problems on Keycloak side).
    Now there are new Karaf features that ensure that Pax Web 8/9 can integrate with Keycloak 18 (which contains something called "Fuse Adapters") and Keycloak 20 (where "Fuse Adapters" were removed). These features are:
    • pax-web-jetty-keycloak18
    • pax-web-tomcat-keycloak18
    • pax-web-undertow-keycloak18
    • pax-web-jetty-keycloak20
    • pax-web-tomcat-keycloak20
    • pax-web-undertow-keycloak20
    The "keycloak18" features are designed to work with Keycloak 18.0.x and require this feature repository: "mvn:org.keycloak/keycloak-osgi-features/18.0.3/xml/features"

    The "keycloak20" features do NOT require Keycloak features (because Keycloak 19 has them removed) and Pax Web itself repackages proper Keycloak libraries (because not all of them are proper OSGi bundles).

    If you want to know more about how I tested Pax Web with Keycloak, please look at the readme files:
    For completeness, the changelogs is available for 8.0.16[1] and 9.0.5[2].

    kind regards
    Grzegorz Grzybek
    ===

    Grzegorz Grzybek

    unread,
    Feb 27, 2023, 12:47:35 PM2/27/23
    to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
    Hello

    I'd like to announce new minor releases of Pax Web: 8.0.17 and 9.0.6. These versions are tiny improvements over previous 8.0.16 and 9.0.5 releases.

    Thanks to Maurice Betzel we've repackaged Keycloak 21 which has just been released too. So Pax Web will support / package:
    • Keycloak 18.0.x which still contains something called "Fuse Adapters" (a.k.a. Pax Web Adapters)
    • Current major upstream Keycloak upgrade which is now 21.0.0
    Current runtime versions are still:
    • Jetty 9.4.50.v20221201 (8.0.x) and 10.0.13 (9.0.x)
    • Tomcat 9.0.72
    • Undertow 2.2.23.Final
    For completeness, the changelogs is available for 8.0.17[1] and 9.0.6[2].

    kind regards
    Grzegorz Grzybek
    ===

    Grzegorz Grzybek

    unread,
    Mar 23, 2023, 1:43:06 PM3/23/23
    to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
    Hello

    I'd like to announce new minor releases of Pax Web: 8.0.18 and 9.0.7.

    Current runtime versions are:
    • Jetty 9.4.51.v20230217 (8.0.x) and 10.0.14 (9.0.x)
    • Tomcat 9.0.73
    • Undertow 2.2.23.Final
    There's new Karaf feature called "pax-web-jetty-http2-extras" which includes additional, client-side http2 Jetty bundles. And existing "pax-web-jetty-extras" feature contains two additional Jetty bundles.

    For completeness, the changelogs is available for 8.0.18[1] and 9.0.7[2].

    kind regards
    Grzegorz Grzybek
    ===

    Grzegorz Grzybek

    unread,
    Apr 6, 2023, 1:37:43 PM4/6/23
    to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
    Hello

    I'd like to announce new minor releases of Pax Web: 8.0.19 and 9.0.8.

    Current runtime versions are:
    • Jetty 9.4.51.v20230217 (8.0.x) and 10.0.14 (9.0.x)
    • Tomcat 9.0.73
    • Undertow 2.2.23.Final
    Besides single improvement (allow custom Tomcat Server implementation - thanks Mathias Schwaninger!), this release is a step toward OSGi CMPN TCK compliance.

    I was experimenting with public TCK tests from https://github.com/osgi/osgi/ project (only CPMN Web Applications specification for now) and 136 tests pass out of 138 (I've created osgi/osgi issues for the two remaining tests).

    I'm going to check Whiteboard and HttpService TCK tests soon.

    For completeness, the changelogs is available for 8.0.19[1] and 9.0.8[2].

    kind regards
    Grzegorz Grzybek
    ===

    Grzegorz Grzybek

    unread,
    Apr 19, 2023, 2:00:05 AM4/19/23
    to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
    Hello

    I'd like to announce new minor releases of Pax Web: 8.0.20 and 9.0.9.

    Current runtime versions are:
    • Jetty 9.4.51.v20230217 (8.0.x) and 10.0.15 (9.0.x)
    • Tomcat 9.0.74
    • Undertow 2.2.24.Final
    There's one important change. Johannes Utzig reported slow deployment times in real-world, complex Karaf installation. He found that WAB deployment involved "scanning" of all transitive bundles, while in fact the proper way to scan a WAB is to scan:
    • /WEB-INF/classes and /WEB-INF/*.jar of the WAB - or generally - all WAB's entries from Bundle-ClassPath manifest
    • all attached WAB OSGi bundle fragments
    • all bundles "wired" to the WAB (and its fragments) using Import-Package, Require-Bundle and "osgi.extender" namespace
    The scanning however should NOT be transitive (because otherwise we can reach thousands of bundles).

    Also, this release, together with Pax URL 2.6.14 fully passes official OSGi CMPN TCK for Web Applications specification! (OSGi CMPN chapter 128).

    For completeness, the changelogs is available for 8.0.20[1] and 9.0.9[2].

    kind regards
    Grzegorz Grzybek
    ===

    Grzegorz Grzybek

    unread,
    Jul 26, 2023, 10:48:21 AM7/26/23
    to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
    Hello

    I'd like to announce new minor releases of Pax Web: 8.0.21 and 9.0.10.

    Current runtime versions are:
      • Jetty 9.4.51.v20230217 (8.0.x) and 10.0.15 (9.0.x)
      • Tomcat 9.0.78
      • Undertow 2.2.25.Final
      For completeness, the changelogs are available for 8.0.21[1] and 9.0.10[2].

      kind regards
      Grzegorz Grzybek
      ===

      Grzegorz Grzybek

      unread,
      Jul 26, 2023, 10:49:55 AM7/26/23
      to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
      Sorry for wrong subject line (forward of previous ANN email...)

      Grzegorz Grzybek

      unread,
      Sep 1, 2023, 9:42:58 AM9/1/23
      to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
      Hello

      I'd like to announce new minor releases of Pax Web: 8.0.22 and 9.0.11.

      Current runtime versions are:
      • Jetty 9.4.52.v20230823 (8.0.x) and 10.0.16 (9.0.x)
      • Tomcat 9.0.80
      • Undertow 2.2.26.Final
      There's also a minor fix related to "secure" flag for a connector (connector WAS secure, but it was displayed as normal).

      For completeness, the changelogs are available for 8.0.22[1] and 9.0.11[2].

      kind regards
      Grzegorz Grzybek
      ===

      Grzegorz Grzybek

      unread,
      Oct 19, 2023, 12:46:43 PM10/19/23
      to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
      Hello

      I'd like to announce new minor releases of Pax Web: 8.0.23 and 9.0.12.

      Current runtime versions are:
      • Jetty 9.4.53.v20231009 (8.0.x) and 10.0.17 (9.0.x)
      • Tomcat 9.0.82
      • Undertow 2.2.28.Final
      These are important fixes related to recent CVE-2023-44487: HTTP/2 Rapid Reset Attack.

      There's also a minor QoL improvements/fixes:
      • OSGi security (ServletContextHelper.handleSecurity()) - user was not visible in access log (thanks François de Parscau!)
      • Keycloak 19+ (up to 22) integration was not complete
      • Additional Tomcat valves (from context.xml) were removed on restart (thanks Stephan Siano!)
      • ServletContext.getServletContextName() returned wrong value for WABs (thanks Amichai Rothman!)
      For completeness, the changelogs are available for 8.0.23[1] and 9.0.12[2].

      kind regards
      Grzegorz Grzybek
      ===

      Grzegorz Grzybek

      unread,
      Oct 27, 2023, 9:26:02 AM10/27/23
      to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
      Hello

      I'd like to announce new bugfix releases of Pax Web: 8.0.24 and 9.0.13.

      Current runtime versions are:
      • Jetty 9.4.53.v20231009 (8.0.x) and 10.0.17 (9.0.x)
      • Tomcat 9.0.82
      • Undertow 2.2.28.Final
      There's one fix for a problem reported by Amichai Rothman as https://issues.apache.org/jira/browse/KARAF-7773. It is a case where
      • dynamic filters registered by ServletContextListeners are not destroyed by Jetty
      • ServletContextListeners are not removed during WAB undeployment
      For completeness, the changelogs are available for 8.0.24[1] and 9.0.13[2].

      kind regards
      Grzegorz Grzybek
      ===

      Grzegorz Grzybek

      unread,
      Jan 12, 2024, 3:42:27 AM1/12/24
      to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
      Hello

      I'd like to announce new bugfix releases of Pax Web: 8.0.25 and 9.0.14.

      Current runtime versions are:
      • Jetty 9.4.53.v20231009 (8.0.x) and 10.0.19 (9.0.x)
      • Tomcat 9.0.85
      • Undertow 2.2.28.Final
      There's one fix for a problem reported by @liao-qing-hua that "org.ops4j.pax.web.session.timeout" option was ignored.

      For completeness, the changelogs are available for 8.0.25[1] and 9.0.14[2].

      kind regards
      Grzegorz Grzybek
      ===

      Grzegorz Grzybek

      unread,
      Feb 27, 2024, 10:14:29 AM2/27/24
      to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
      Hello

      I'd like to announce new bugfix releases of Pax Web: 8.0.26 and 9.0.15.

      Current runtime versions are:
      • Jetty 9.4.54.v20240208 (8.0.x) and 10.0.20 (9.0.x)
      • Tomcat 9.0.86
      • Undertow 2.2.30.Final
      There's also one fix for a problem reported by Ivaylo Milev about non-working "org.ops4j.pax.web.session.cookie.secure" option.

      For completeness, the changelogs are available for 8.0.26[1] and 9.0.15[2].

      kind regards
      Grzegorz Grzybek
      ===

      Grzegorz Grzybek

      unread,
      Mar 25, 2024, 5:13:37 AM3/25/24
      to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
      Hello

      I'd like to announce new releases of Pax Web: 8.0.27 and 9.0.16. Only runtimes are upgraded (Tomcat and Undertow)

      Current runtime versions are:
        • Jetty 9.4.54.v20240208 (8.0.x) and 10.0.20 (9.0.x)
        • Tomcat 9.0.87
        • Undertow 2.2.31.Final
        For completeness, the changelogs are available for 8.0.27[1] and 9.0.16[2].

        kind regards
        Grzegorz Grzybek
        ===

        Grzegorz Grzybek

        unread,
        Sep 5, 2024, 6:59:09 AM9/5/24
        to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
        Hello

        I'd like to announce new releases of Pax Web: 8.0.28 and 9.0.17. We have new versions of all 3 runtimes and few bug fixes! Thanks Paul McCulloch, Peter Šuňa and Rico Neubauer for the reports.

        Current runtime versions are:
        • Jetty 9.4.56.v20240826 (8.0.x) and 10.0.24 (9.0.x)
        • Tomcat 9.0.93
        • Undertow 2.2.35.Final
        For completeness, the changelogs are available for 8.0.28[1] and 9.0.17[2].

        kind regards
        Grzegorz Grzybek
        ===

        Grzegorz Grzybek

        unread,
        Oct 19, 2024, 9:58:41 AM10/19/24
        to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
        Hello

        I'd like to announce new releases of Pax Web: 8.0.29 and 9.0.18. We have new versions of 23 runtimes and one bug fix. Thanks Jakub Herkel for the report!

        Current runtime versions are:
          • Jetty 9.4.56.v20240826 (8.0.x) and 10.0.24 (9.0.x)
          • Tomcat 9.0.96
          • Undertow 2.2.37.Final
          For completeness, the changelogs are available for 8.0.29[1] and 9.0.18[2].

          kind regards
          Grzegorz Grzybek
          ===

          Grzegorz Grzybek

          unread,
          Jan 16, 2025, 9:00:15 AMJan 16
          to Karaf Dev, OPS4J, ops4j-ann...@googlegroups.com
          Hello

          I'd like to announce new releases of Pax Web: 8.0.30 and 9.0.19. We have new versions of 2 runtimes and one bug fix.

          Current runtime versions are:
          • Jetty 9.4.57.v20241219 (8.0.x) and 10.0.24 (9.0.x)
          • Tomcat 9.0.98
          • Undertow 2.2.37.Final
          There was a TLS handshake buffer misconfiguration in Undertow and it's now fixed.

          For completeness, the changelogs are available for 8.0.30[1] and 9.0.19[2].

          kind regards
          Grzegorz Grzybek
          ===

          Grzegorz Grzybek

          unread,
          Feb 24, 2025, 8:30:56 AMFeb 24
          to OPS4J, ops4j-ann...@googlegroups.com, Karaf Dev
          Hello

          I'd like to announce new releases of Pax Web: 8.0.31 and 9.0.20. We have new versions of Tomcat runtime, one improvement and one bug fix.

          Current runtime versions are:
            • Jetty 9.4.57.v20241219 (8.0.x) and 10.0.24 (9.0.x)
            • Tomcat 9.0.100
            • Undertow 2.2.37.Final
            Thanks to @sdybiec, we now handle web resources correctly when dir-based bundles are used (Equinox, Eclipse).
            Additionally, with Pax Web Undertow, when undertow.xml was used to configure listeners using XML, access log handler wasn't activated when "
            org.ops4j.pax.web.log.ncsa.enabled" option was set. This is now fixed.

            For completeness, the changelogs are available for 8.0.31[1] and 9.0.20[2].

            kind regards
            Grzegorz Grzybek
            ===

            Grzegorz Grzybek

            unread,
            Jun 5, 2025, 3:14:33 AMJun 5
            to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
            Hello

            I'd like to announce new releases of Pax Web: 8.0.32 and 9.0.21. We have new version of Tomcat runtime and minor fixes.

            I would like to highlight that these are probably last releases from 8.0.x and 9.0.x branches. The reason is that I'll be releasing:
            • Pax Web 10 - same as Pax Web 8 in terms of supporting JakartaEE 8 and javax.servlet namespace, but with JDK17 baseline and Jetty 9 replaced by Jetty 12 (ee8 libraries). Jetty 9, 10 and 11 are no longer upported!
            • Pax Web 11 - the new release based on JakartaEE 9+ and jakarta.servlet namespace. Also JDK 17 is the baseline. This is a full move from javax.servlet to jakarta.servlet and new runtime versions will be:
              • Jetty 12
              • Tomcat 11
              • Undertow 2.3
            Current runtime versions are:
              • Jetty 9.4.57.v20241219 (8.0.x) and 10.0.24 (9.0.x)
              • Tomcat 9.0.105
              • Undertow 2.2.37.Final
              I have also fixed some issue during web element unregistration which resulted in "Servlet with reference "xxx"  was never registered by <bundle>" log entries.

              For completeness, the changelogs are available for 8.0.32[1] and 9.0.21[2].

              kind regards
              Grzegorz Grzybek
              ===

              Grzegorz Grzybek

              unread,
              Jun 5, 2025, 3:50:37 AMJun 5
              to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
              Hello!

              Almost 5 years after the release of JakartaEE 9 with its disruptive switch from "javax." to "jakarta." namespace, I'm happy and proud to announce Pax Web 10 and Pax Web 11!

              OSGi CMPN 8.0 specification has 3 web-related specs (still based on javax.servlet API):
              First Pax Web releases were based on Chapter 102 (org.osgi.service.http.HttpService).
              Then some clever things in Pax Web (before I even learned what OSGi is) inspired Http Whiteboard Specification.

              With OSGi CMPN 8.1 which partially embraces javax → jakarta transition, we have these important changes impacting the landscape and Pax Web itself:
              The main goal for Pax Web 10 (I'll write about Pax Web 11 in a moment) was simple - move from javax.servlet to jakarta.servlet.

              `s/javax.servlet/jakarta.servlet/g` was the easy part. The problems started when upgrading Jetty, Tomcat and Undertow to versions based on jakarta.servlet API.
              While Tomcat and Undertow were good citizens here, Jetty was the rebel (in the end - in positive way).

              Jetty 12 stood against the same problem we all had/have in Java - should we support javax AND jakarta or do the Spring Boot 3 move to forget about javax? Jetty chose the BOTH approach.
              This lead to full refactoring of Jetty internals and Pax Web had to use many tricks to switch the implementation (ee8, ee9, ee10 parts of Jetty 12). But we did it!

              Because Jetty 9, 10 and 11 are no longer supported AND because Jetty 12 supports ee8 (javax.servlet) we had a suggestion (https://github.com/ops4j/org.ops4j.pax.web/issues/2031) that maybe we should upgrade "old" Pax Web 8 to Jetty 12?
              So I decided to do the BIG release named as Pax Web 11 and replace Pax Web 8 (Jetty 9) and 9 (Jetty 10) with Pax Web 10 (Jetty 12).

              Let me proudly present:
                • Pax Web 10 - same as Pax Web 8 in terms of supporting JakartaEE 8 and javax.servlet namespace, but with JDK17 baseline and Jetty 9 replaced by Jetty 12 (ee8 libraries).
                • Pax Web 11 - the new release based on JakartaEE 9+ and jakarta.servlet namespace. Also JDK 17 is the baseline. This is a full move from javax.servlet to jakarta.servlet and new runtime versions will be:
                  • Jetty 12
                  • Tomcat 11
                  • Undertow 2.3
                  Current runtime versions are:
                  • Jetty 12.0.22
                  • Tomcat 9.0.105 (Pax Web 10) and 11.0.7 (Pax Web 11)
                  • Undertow 2.2.37.Final (Pax Web 10) and 2.3.18.Final (Pax Web 11)
                  Additionally Pax Web 11 passes almost all Whiteboard TCK tests with few minor exceptions. See https://github.com/ops4j/org.ops4j.pax.web/issues/1803

                  For completeness, the changelogs are available for 10.0.0[1] and 11.0.0[2].

                  kind regards
                  Grzegorz Grzybek
                  ===

                  Grzegorz Grzybek

                  unread,
                  Jul 29, 2025, 1:34:21 PMJul 29
                  to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
                  Hello

                  I'd like to announce new release of Pax Web: 8.0.33. We have new version of Tomcat runtime and few stability fixes.

                  As with Pax Web 8.0.32, I would like to highlight that this is probably the last release from 8.0.x branch. The reason is that we already have Pax Web 10 and Pax Web 11 released. As reminder:
                  • Pax Web 10 - same as Pax Web 8 in terms of supporting JakartaEE 8 and javax.servlet namespace, but with JDK17 baseline and Jetty 9 replaced by Jetty 12 (ee8 libraries). Jetty 9, 10 and 11 are no longer supported!
                  • Pax Web 11 - the new release based on JakartaEE 9+ and jakarta.servlet namespace. Also JDK 17 is the baseline. This is a full move from javax.servlet to jakarta.servlet and new runtime versions will be:
                    • Jetty 12
                    • Tomcat 11
                    • Undertow 2.3
                    Current runtime versions for Pax Web 8 are:
                    • Jetty 9.4.57.v20241219
                    • Tomcat 9.0.107
                    • Undertow 2.2.37.Final
                    This release includes stability fixes related to:
                    • quick re-registration (for example related to PID change) of HttpService runtime
                    • mixing WAB and Whiteboard registrations (potential deadlock)
                    • duplicate internal listeners being involved
                    For completeness, the changelog is available for 8.0.33[1].

                    kind regards
                    Grzegorz Grzybek
                    ===

                    Grzegorz Grzybek

                    unread,
                    Jul 30, 2025, 3:07:32 AMJul 30
                    to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
                    Hello

                    I'd like to announce new release of Pax Web: 9.0.22 which matches yesterday's release of Pax Web 8.0.33. We have new version of Tomcat runtime and few stability fixes.

                    As with Pax Web 9.0.21, I would like to highlight that this is probably the last release from 9.0.x branch. The reason is that we already have Pax Web 10 and Pax Web 11 released. As reminder:
                    • Pax Web 10 - same as Pax Web 9 in terms of supporting JakartaEE 8 and javax.servlet namespace, but with JDK17 baseline and Jetty 10 replaced by Jetty 12 (ee8 libraries). Jetty 9, 10 and 11 are no longer supported!
                    • Pax Web 11 - the new release based on JakartaEE 9+ and jakarta.servlet namespace. Also JDK 17 is the baseline. This is a full move from javax.servlet to jakarta.servlet and new runtime versions will be:
                      • Jetty 12
                      • Tomcat 11
                      • Undertow 2.3
                      Current runtime versions for Pax Web 9 are:
                      • Jetty 10.0.24
                      • Tomcat 9.0.107
                      • Undertow 2.2.37.Final
                      This release includes stability fixes related to:
                      • quick re-registration (for example related to PID change) of HttpService runtime
                      • mixing WAB and Whiteboard registrations (potential deadlock)
                      • duplicate internal listeners being involved
                      For completeness, the changelog is available for 9.0.22[1].

                      kind regards
                      Grzegorz Grzybek
                      ===

                      Grzegorz Grzybek

                      unread,
                      Jul 30, 2025, 3:37:38 AMJul 30
                      to ops4j-ann...@googlegroups.com, OPS4J, Karaf Dev
                      Hello

                      I'd like to announce new releases of Pax Web: 10.0.1 and 11.0.1. These are the main branches we support now, where:
                      • Pax Web 10 should replace Pax Web 8 and 9 - it's still based on JakartaEE 8 and `javax.servlet` API, but using supported Jetty 12 version (ee8 modules)
                      • Pax Web 11 is the single modern version based on latest runtimes and JakartaEE 11 (`jakarta.servlet` API)
                      Current runtime versions are:
                      • Jetty 12.0.23
                      • Tomcat 11.0.9 (Pax Web 11) and Tomcat 9.0.107 (Pax Web 10)
                      • Undertow 2.3.18.Final (Pax Web 11) and Undertow 2.2.37.Final (Pax Web 10)
                      We've fixed some instability issues related to:
                      • quick configuration changes
                      • duplicate internal ServerListeners
                      • deadlock between WAB and Whiteboard registrations
                      Additionally for Pax Web 11 we support wider range for `org.slf4j` package import and we've lifted a restriction on Whiteboard servlet/filter name being unique (passing two more TCK tests).

                      The Whiteboard name uniqueness restriction prevented installation of Felix Healthcheck bundles which now work fine (thanks Jonathan Wright!).

                      For completeness, the changelogs are available for 10.0.1[1] and 11.0.1[2].

                      kind regards
                      Grzegorz Grzybek
                      ===
                      Reply all
                      Reply to author
                      Forward
                      0 new messages