You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Aaron Anderson (JIRA)" <ji...@apache.org> on 2014/10/31 17:32:34 UTC
[jira] [Created] (WSS-518) WSConfig static initializer attempts to
modify JCE Providers fail in JVM with restrictive security policies
Aaron Anderson created WSS-518:
----------------------------------
Summary: WSConfig static initializer attempts to modify JCE Providers fail in JVM with restrictive security policies
Key: WSS-518
URL: https://issues.apache.org/jira/browse/WSS-518
Project: WSS4J
Issue Type: Improvement
Components: WSS4J Core
Affects Versions: 2.0.2
Reporter: Aaron Anderson
Assignee: Colm O hEigeartaigh
I am attempting to use WSS4j 2.0.2 to perform WS-Security x509 signatures on XML DOM objects in a restrictive Cloud based JVM environment. When I attempt to sign a document the org.apache.wss4j.dom.WSConfig class gets initialized and it has a static initializer to load several JCE libraries. Because the JVM SecurityManager has restrictive polices defined any attempts to read system properties or modify JCE providers are denied and the class fails to load. The org.apache.wss4j.common.crypto.WSProviderConfig class has a setAddJceProviders and I think the WSConfig class should honor that setting.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org