Doc and release notes updates for 2.0.0

Author: robertlazarski

src/site/markdown/release-notes/2.0.0.md

@@ -2,23 +2,34 @@ Apache Axis2 2.0.0 Release Notes
 --------------------------------
 
 This release marks the transition to jakarta that has been tested with Tomcat 11
-and Wildfly 32, and is expected to support EE 10 and Spring 6 / Spring Boot 3.
+and Wildfly 32 and above, and is expected to support EE 10 and Spring 6 / Spring Boot 3.
 
 The Axis2 project transition to jakarta depends partly on Axiom, which has also been updated to 2.0.0.
 
+The JSON support has been updated with many bugs fixed, while the examples have
+been updated to use Spring Boot 3. Axis2 isn't just for SOAP anymore, as some committers currently only use JSON in their own projects and not SOAP at all.
+
 The main purpose of the release is to upgrade everything possible to the latest,
-and have our Jira issues cleaned up.
+and have our Jira issues cleaned up. Many issues have been fixed. 
+
+New features that may happen in the future are HTTP/2 support and OpenAPI. Let us
+know on the dev list if interested.
 
-The most likely way to get a Jira issue fixed is with a GitHub PR, due to 
+The most likely way to get a Jira issue fixed is with a GitHub PR or patch, due to 
 the large amount of Axis2 features that are unused by the committers and therefore
 difficult to test a fix.
 
+If your Jira issue is unfixed, please reach out and work with the committers on
+some type of code contibution and testing as some issues are just too deep in areas that the comitters don't use ourselves.
+
 The 2.0.0 release lacks a few features in previous releases because of a lack of 
 adequate GitHub PR's.
 
 These missing features include preemptive basic authentication, though there is a work around explained in the Jira issue https://issues.apache.org/jira/browse/AXIS2-6055 .
 
-OSGI support is also missing. The state of its dependency Felix and jakarta is unclear. This feature has code that is difficult to support and lacks GitHub PR's after several attempts
-to gain volunteers. We hope to support oSGI again in 2.0.1.
+OSGI support is also missing. The state of its dependency Felix and jakarta is unclear. This feature has code that is difficult to support and lacks GitHub PR's after several attempts to gain volunteers. We hope to support OSGI again in 2.0.1.
+
+For those interested in Rampart - an optional implementation of WS-Sec* standards that depends on Axis2 - they can expect a Rampart 2.0.0 soon that isn't expected to add much to the recently released Rampart 1.8.0 which is based on the previous Axis2 version, 1.8.2. Mostly that Rampart 2.0.0 release will upgrade OpenSAML to 5.x that supports jakarta, while the remaining deps that need updates are few.
 
-For those interested in Rampart - an optional implementation of WS-Sec* standards that depends on Axis2 - they can expect a Rampart 2.0.0 soon that isn't expected to add much to the recently released Rampart 1.8.0 which is based on the previous Axis2 version, 1.8.2. 
+Axis2 added two committers recently and after this big jakarta update, the community
+can once again expect releases several times a year to fix bugs and resolve deps with CVE's.

src/site/xdoc/docs/http-transport.xml

@@ -118,7 +118,7 @@ set the cached httpclient object when your application starts up
 (before any actual axis request). You can set the relevant property
 as shown below by using HTTPConstants.CACHED_HTTP_CLIENT.  </p>
 
-<p>The following code was testing Axis2 on Wildfly 20, the cert was obtained by
+<p>The following code was tested with Axis2 on Wildfly 32, the cert was obtained by
 'openssl s_client -connect myserver:8443 -showcerts' </p>
 
 <pre>
@@ -136,20 +136,15 @@ as shown below by using HTTPConstants.CACHED_HTTP_CLIENT.  </p>
             throw new Exception("Unexpected default trust managers:" + Arrays.toString(trustManagers));
         }
 
-        SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
+        SSLContext sslContext = SSLContext.getInstance("TLSv1.3");
         sslContext.init(null, trustManagers, new SecureRandom());
 
 	// NoopHostnameVerifier to trust self-singed cert
         SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
 
-        Registry&lt;ConnectionSocketFactory&gt; socketFactoryRegistry = RegistryBuilder.&lt;ConnectionSocketFactory&gt;create().register("https", sslsf).build();
+	HttpClientConnectionManager connManager = PoolingHttpClientConnectionManagerBuilder.create().setSSLSocketFactory(sslsf).setMaxConnTotal(100).setMaxConnPerRoute(100).build();
 
-	// This code is taken from HTTPSenderImpl, from 200 connections to 20
-        HttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
-        ((PoolingHttpClientConnectionManager)connManager).setMaxTotal(20);
-        ((PoolingHttpClientConnectionManager)connManager).setDefaultMaxPerRoute(20);
-
-        HttpClient httpClient = HttpClientBuilder.create().setConnectionManager(connManager).setConnectionManagerShared(true).build();
+        HttpClient httpclient = HttpClients.custom().setConnectionManager(connManager.setConnectionManagerShared(true).build();
 	Options options = new Options();
         options.setTo("myurl");
         options.setTransportInProtocol(Constants.TRANSPORT_HTTP);
@@ -291,6 +286,10 @@ options.setProperty(HttpConstants.PROXY, proxyProperties);
 
 <h2>Basic, Digest and NTLM Authentication</h2>
 
+<p>Note: Basic preemptive authentication requires a work around described in 
+https://issues.apache.org/jira/browse/AXIS2-6055 until a proper fix is contributed by
+the community as we lack committers who use it. </p>
+
 <p>HttpClient supports three different types of HTTP authentication schemes:
 Basic, Digest and NTLM. Based on the challenge provided by the server,
 HttpClient automatically selects the authentication scheme with which the