phase4 2.7.4

• [Peppol] Updated to peppol-reporting 2.2.2
• [Peppol] Fixed the ErrorDetail value, if a participant is not serviced by an AP (Peppol AS4 profile section 4.4)
• [Peppol] Moved class Phase4PeppolHttpClientSettings from com.helger.phase4.peppol to com.helger.phase4.profile.peppol in module phase4-profile-peppol
• [Peppol] Added new class PeppolCRLDownloader to allow the CRL download via Apache HttpClient for easier customization
• Backported change from commit mmpaszkowski@72673b6

Full Changelog: phase4-parent-pom-2.7.3...phase4-parent-pom-2.7.4

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.3
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.7
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.3.0
• phive-engine 9.0.0
• phive-rules-peppol 3.1.6 [Peppol only]
• peppol-reporting-api 2.2.2 [Peppol only]
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.3
• BouncyCastle 1.77
• WSS4J 3.0.2
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4-parent-pom-2.7.3

• [Peppol] Updated to peppol-commons 9.3.0
• The IAS4IncomingMessageMetadata now also contains the HTTP headers of the source request
• Fixed a typo in an error message. Used that to further improve the specific error messages. See #211 - thanks @problemzebra2
• [Peppol] Extended Phase4PeppolReceiverCheckData with the SMP wildcard lookup selection mode
• [Peppol] Incoming messages can now also checked using the Wildcard lookup. Added Phase4PeppolServletConfiguration.setWildcardSelectionMode to configure this. See #209 - thanks @sakasaka19

What's Changed

• Fixed typo "containted" in SOAPHeaderElementProcessorExtractEbms3Messaging by @problemzebra2 in #211

Full Changelog: phase4-parent-pom-2.7.2...phase4-parent-pom-2.7.3

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.3
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.7
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.3.0
• phive-engine 9.0.0
• phive-rules-peppol 3.1.6 [Peppol only]
• peppol-reporting-api 2.2.1 [Peppol only]
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.77
• WSS4J 3.0.2
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 1.4.5 [backport]

• Updated to Spring Boot 2.7.18
• Updated to xmlsec to 2.3.4
• Updated to wss4j to 2.4.2
• Updated to Log4J to 2.22.1
• [Peppol] Added a signing certificate revocation check when receiving Peppol messages
• [Peppol] Via Phase4PeppolServletConfiguration.setCheckSigningCertificateRevocation(boolean) the signing certificate revocation check can be disabled globally

Full Changelog: phase4-parent-pom-1.4.4...phase4-parent-pom-1.4.5

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 10.2.5
• ph-xsds-xmldsig 2.6.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 9.7.2
• ph-oton-app/ph-oton-audit/ph-oton-html/ph-oton-security 8.4.5
• ph-css 6.5.0
• ph-masterdata/ph-tenancy 6.2.4
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 8.8.6
• phive-engine 7.2.4
• phive-rules-peppol 2.1.19
• jakarta.mail 1.6.7
• jakarta.activation 1.2.2
• httpclient 5.1.3
• BouncyCastle 1.72
• WSS4J 2.4.2
• XMLSec 2.3.4

phase4 2.7.2

• [Peppol] Updated to peppol-commons 9.2.3
• [Peppol] The default revocation check method for Peppol was changed from OCSP to CRL_BEFORE_OCSP to work around the issue mentioned at #124 (comment). Use CertificateRevocationChecker.setRevocationCheckMode (ERevocationCheckMode) to change the default value in your code.

Full Changelog: phase4-parent-pom-2.7.1...phase4-parent-pom-2.7.2

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.3
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.7
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.2.2
• phive-engine 9.0.0
• phive-rules-peppol 3.1.6 [Peppol only]
• peppol-reporting-api 2.2.1 [Peppol only]
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.77
• WSS4J 3.0.2
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.7.1

• Updated to peppol-commons 9.2.2
• Added a signing certificate revocation check when receiving Peppol messages
• Via Phase4PeppolServletConfiguration.setCheckSigningCertificateRevocation(boolean) the signing certificate revocation check can be disabled globally
• Via Phase4PeppolServletConfiguration.setCheckSBDHForMandatoryCountryC1(boolean) the check for the mandatory COUNTRY_C1 Peppol SBDH element can be disabled globally

Full Changelog: phase4-parent-pom-2.7.0...phase4-parent-pom-2.7.1

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.3
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.7
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.2.2
• phive-engine 9.0.0
• phive-rules-peppol 3.1.6 [Peppol only]
• peppol-reporting-api 2.2.1 [Peppol only]
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.77
• WSS4J 3.0.2
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.7.0

• Updated to peppol-commons 9.2.0
  • All occurrences of PeppolSBDHDocument need to be changed to PeppolSBDHData
  • The "Country C1" field is now always mandatory
• Added new AS4 profile "DBN Alliance". See #200 - thanks @ri4a
• Removed the date check for the mandatoriness of the "Country C1" field in the Peppol SBDH when sending out messages
• Fixed an invalid @Nonnull annotation at IPhase4PeppolCertificateCheckResultHandler. See #206 - thanks @Florianisme
• AS4 Error Messages are signed if possible, but it is still possible that unsigned error messages are returned. See #188 - thanks @problemzebra2; also affects Oxalis-AS4#205

What's Changed

• Add DBNAlliance profile by @ri4a in #200

New Contributors

• @ri4a made their first contribution in #200

Full Changelog: phase4-parent-pom-2.6.0...phase4-parent-pom-2.7.0

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.3
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.7
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.2.1
• phive-engine 9.0.0
• phive-rules-peppol 3.1.6 [Peppol only]
• peppol-reporting-api 2.2.1 [Peppol only]
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.77
• WSS4J 3.0.2
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.6.0

• Updated to peppol-reporting 2.2.0
• For the BDEW profile the ping messages are now passed into the custom SPI handler. See #175 - thanks @problemzebra2
• Added a new parameter to IPhase4PeppolIncomingSBDHandlerSPI.handleIncomingSBD to be able to provide better error messages. (backward incompatible change) See #196
• Improved the internal error handling, so that EBMS errors are propagated with more details. (backward incompatible change) See #198 - thx @arj03

What's Changed

• Log info message only if profile does not invoke custom handlers by @problemzebra2 in #197

Full Changelog: phase4-parent-pom-2.5.2...phase4-parent-pom-2.6.0

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.3
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.1.2
• phive-engine 9.0.0
• phive-rules-peppol 3.1.6 [Peppol only]
• peppol-reporting-api 2.2.0 [Peppol only]
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.77
• WSS4J 3.0.2
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.5.2

• Updated to BouncyCastle 1.77. See #192 - thanks @problemzebra2
• Updated to peppol-reporting 2.1.6 containing the updated Schematron rules for EUSR and TSR
• Updated to WSS4J 3.0.2
• Improved the BDEW PMode validator etc. See #187 and #190 - thanks @koes-soptim
• The classes AbstractAS4IncomingDumperWithHeaders and AbstractAS4OutgoingDumperWithHeaders can now configure if headers should be dumped or not

What's Changed

• BDEWCompatibilityValidator: extended validation of PMode by @koes-soptim in #187
• BDEWCompatibilityValidator: extended validation of UserMessages by @koes-soptim in #190

Full Changelog: phase4-parent-pom-2.5.1...phase4-parent-pom-2.5.2

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.3
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.1.0
• phive-engine 9.0.0
• phive-rules-peppol 3.1.5
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.77
• WSS4J 3.0.2
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.5.1

• Added a parameter to enforce the packaging in MIME messages, even if no attachment is present. See #186 - thanks @problemzebra2
• Fixed an error that if no payload is present no encryption will be performed

Full Changelog: phase4-parent-pom-2.5.0...phase4-parent-pom-2.5.1

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.2
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.8
• phive-engine 9.0.0
• phive-rules-peppol 3.1.2
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.76
• WSS4J 3.0.1
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x

phase4 2.5.0

• Updated to peppol-reporting 2.1.4 containing the updated Schematron rules for EUSR and TSR
• Added the missing call to IAS4ProfileValidator.validateSignalMessage
• Fixed the ID type for BDEW participants. See #178 - thanks @problemzebra2
• Made the payload check for BDEW optional. See #180 - thanks @problemzebra2
• Added new SPI interface com.helger.phase4.incoming.spi.IAS4IncomingMessageProcessingStatusSPI to be used as a callback for incoming message processing start and end
• Added a possibility to verify the TLS client certificate via the AS4 profile. See #182 - thanks @problemzebra2
• Extended the API of IAS4SignalMessageConsumer.handleSignalMessage with IAS4IncomingMessageMetadata. (backward incompatible change) See #177 - thanks @sopgreg
• Extended the API of IAS4UserMessageConsumer.handleUserMessage with IAS4IncomingMessageMetadata for consistency. (backward incompatible change)

What's Changed

• Wrong PartyId type for DVGW and GLN code numbers #178 by @problemzebra2 in #179
• Bump org.apache.santuario:xmlsec from 3.0.2 to 3.0.3 by @dependabot in #185
• Not possible to send BDEW path switch messages because a payload is a… by @problemzebra2 in #181
• IAS4ProfileValidator: new validation, relates to #182 by @koes-soptim in #183

New Contributors

• @koes-soptim made their first contribution in #183

Full Changelog: phase4-parent-pom-2.4.0...phase4-parent-pom-2.5.0

Dependencies required:

• ph-bc/ph-collection/ph-commons/ph-dao/ph-datetime/ph-jaxb/ph-json/ph-scopes/ph-security/ph-settings/ph-xml 11.1.2
• ph-xsds-xmldsig 3.0.0
• ph-http/ph-httpclient/ph-mail/ph-network/ph-servlet/ph-useragent/ph-web 10.1.5
• ph-oton-io/ph-oton-audit/ph-oton-security 9.2.1
• ph-masterdata/ph-tenancy 7.0.1
• peppol-commons/peppol-id/peppol-sbdh/peppol-smp-client 9.0.8
• phive-engine 9.0.0
• phive-rules-peppol 3.1.2
• angus-mail 2.0.2
• angus-activation 2.0.1
• httpclient 5.2.1
• BouncyCastle 1.76
• WSS4J 3.0.1
• XMLSec 3.0.3
• Servlet API 5.0.x
• JAXB 4.0.x
• SLF4J 2.0.x