Closed msevcenko closed 1 year ago
dmatej
commented
1 year ago The reason is xmlsec, I have created a PR recently, but I was asked to split it to parts (it is a bigger step for next major version). I will get to that this week -> result will be removal of the whole dependency, so you can use any logging framework you want. See https://github.com/eclipse-ee4j/metro-wsit/pull/421
lukasj
commented
1 year ago The reason is xmlsec,
the are more reasons but it is true that xmlsec is the main one.
Possible workaround depends on the exact use-case. If no advanced features are used/required, consider using jax-ws ri directly (com.sun.xml.ws:jaxws-rt), if no advanced security features are used/required, exclusion of xmlsec dependency may be enough. If all metro features are needed, one can use either org.glassfish.metro:webservices-osgi or to get the finest control over all dependencies - org.glassfish.metro:wsit-api + org.glassfish.metro:wsit-impl. The latter artifacts are good for maven (and better if JPMS support is required), the former for Ant as they offer less files to manage (and provide no JPMS support).
msevcenko
commented
1 year ago Thanks for prompt response. Looks like that using the wsit-impl alone (with its numerous transitive dependencies) works for us ans solves the problem. Our app both consumes and exposes web services, but I don't think we use anything advanced. I checked that at least consuming web services works fine with this setup.
The webservices-rt.jar bundle contains a copy of slf4j api jar, or more precisely some version of that api.
May I ask, what is the point of such bundling, instead of declaring it as a depednecy?
The unfortunate consequences of having a copy of the jar, include:
Is there any workaround to this problem? Or is there an unbundled version of webservices-rt, not having slf4j included?