You are viewing a plain text version of this content. The canonical link for it is here.

Posted to wss4j-dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2008/09/19 12:30:44 UTC

[jira] Updated: (WSS-128) Use xml-sec 1.4.1 version

     [ https://issues.apache.org/jira/browse/WSS-128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh updated WSS-128:
------------------------------------

    Fix Version/s: 1.5.5

> Use xml-sec 1.4.1 version
> -------------------------
>
>                 Key: WSS-128
>                 URL: https://issues.apache.org/jira/browse/WSS-128
>             Project: WSS4J
>          Issue Type: Improvement
>            Reporter: Nandana Mihindukulasooriya
>            Assignee: Ruchith Udayanga Fernando
>             Fix For: 1.5.5
>
>
> WSS4J uses xml-sec 1.4.0 and xml-sec 1.4.1 is out. According to Apache xml-sec project
> "Version 1.4.1 of the Java library has been released. This a bugfix release that contains a major bugfix to the canonicalization engine introduced in the 1.4 release. It is recommended that 1.4 users upgrade to the new version as signatures containing non ascii characters created by this library are not according to the standard, and will be only validated by 1.4 library. "
> The problem is xml-sec 1.4.1 is not available in the central maven repository. If we can get it in to central repo, I think it is better to use that one in WSS4J. In Rampart we use xml-sec 1.4.1 with WSS4J and it seems fully compatible.  (An unsigned jar is there is ws zones repository - http://ws.zones.apache.org/repository2/org/apache/santuario/xmlsec/1.4.1/).

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org