You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2014/11/03 11:34:33 UTC
[jira] [Resolved] (WSS-518) WSConfig static initializer attempts to
modify JCE Providers fail in JVM with restrictive security policies
[ https://issues.apache.org/jira/browse/WSS-518?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved WSS-518.
-------------------------------------
Resolution: Fixed
> WSConfig static initializer attempts to modify JCE Providers fail in JVM with restrictive security policies
> ------------------------------------------------------------------------------------------------------------
>
> Key: WSS-518
> URL: https://issues.apache.org/jira/browse/WSS-518
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Affects Versions: 2.0.2
> Reporter: Aaron Anderson
> Assignee: Colm O hEigeartaigh
> Fix For: 2.0.3
>
>
> I am attempting to use WSS4j 2.0.2 to perform WS-Security x509 signatures on XML DOM objects in a restrictive Cloud based JVM environment. When I attempt to sign a document the org.apache.wss4j.dom.WSConfig class gets initialized and it has a static initializer to load several JCE libraries. Because the JVM SecurityManager has restrictive polices defined any attempts to read system properties or modify JCE providers are denied and the class fails to load. The org.apache.wss4j.common.crypto.WSProviderConfig class has a setAddJceProviders and I think the WSConfig class should honor that setting.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org