[
https://issues.apache.org/jira/browse/WSS-273?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13026815#comment-13026815
]
Jeremy Tadman commented on WSS-273:
-----------------------------------
On a freshly started websphere server:
==========================================================================================
Pre-Init
IBMJCE version 1.2
IBMJSSE version 1.6
IBMJSSE2 version 1.6
IBMJGSSProvider version 1.6
IBMCertPath version 1.1
IBMPKCS11Impl version 1.6
IBMCMSProvider version 1.2
IBMSPNEGO version 1.0
IBMSASL version 1.5
IBMXMLCRYPTO version 1.0
IBMXMLEnc version 1.0
Policy version 1.0
==========================================================================================
Then this happens
2011-04-29 12:16:48,503 - DEBUG security.WSSConfig - The provider BC was added
at position: 2
2011-04-29 12:16:48,506 - DEBUG security.WSSConfig - The provider XMLDSig was
added at position: 14
2011-04-29 12:16:48,508 - DEBUG security.WSSConfig - The provider STRTransform
was added at position: 15
==========================================================================================
Post-Init
IBMJCE version 1.2
BC version 1.45
IBMJSSE version 1.6
IBMJSSE2 version 1.6
IBMJGSSProvider version 1.6
IBMCertPath version 1.1
IBMPKCS11Impl version 1.6
IBMCMSProvider version 1.2
IBMSPNEGO version 1.0
IBMSASL version 1.5
IBMXMLCRYPTO version 1.0
IBMXMLEnc version 1.0
Policy version 1.0
XMLDSig version 1.44
STRTransform version 1.6
==========================================================================================
After re-starting my application
==========================================================================================
Pre-Init
IBMJCE version 1.2
BC version 1.45
IBMJSSE version 1.6
IBMJSSE2 version 1.6
IBMJGSSProvider version 1.6
IBMCertPath version 1.1
IBMPKCS11Impl version 1.6
IBMCMSProvider version 1.2
IBMSPNEGO version 1.0
IBMSASL version 1.5
IBMXMLCRYPTO version 1.0
IBMXMLEnc version 1.0
Policy version 1.0
XMLDSig version 1.44
STRTransform version 1.6
==========================================================================================
Post-Init
IBMJCE version 1.2
BC version 1.46
IBMJSSE version 1.6
IBMJSSE2 version 1.6
IBMJGSSProvider version 1.6
IBMCertPath version 1.1
IBMPKCS11Impl version 1.6
IBMCMSProvider version 1.2
IBMSPNEGO version 1.0
IBMSASL version 1.5
IBMXMLCRYPTO version 1.0
IBMXMLEnc version 1.0
Policy version 1.0
XMLDSig version 1.44
STRTransform version 1.6
==========================================================================================
Out of curiosity I checked what happens when I tell WSSConfig not to add the
providers. Result: I get java.security.NoSuchAlgorithmException: no such
algorithm:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform
for provider XMLDSig.
Which is to be expected I guess.
Haven't tried the endorsed libraries thing yet. Will probably give it a go this
afternoon sometime.
> org.apache.ws.security.transform.STRTransform causes ClassCastException when
> wss4j is running on IBM 1.6 JVM
> -------------------------------------------------------------------------------------------------------------
>
> Key: WSS-273
> URL: https://issues.apache.org/jira/browse/WSS-273
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 1.6
> Environment: Windows XP, IBM 1.6 JVM
> Reporter: Pär-Johan Lif
> Assignee: Colm O hEigeartaigh
>
> I have tried to use wss4j1.6 (alpha version) on IBM's 1.6 JVM. It works fine,
> except for when we are getting a SOAP-message where an STRTransform is used.
> Then we get the following exception below. (I should mention that it works
> on SUN's 1.6 JVM).
> java.lang.ClassCastException: org.apache.ws.security.transform.STRTransform
> incompatible with com.ibm.xml.crypto.dsig.dom.transform.TransformBase
> at
> com.ibm.xml.crypto.dsig.dom.Unmarshalling.unmarshalTransform(Unmarshalling.java:446)
> at
> com.ibm.xml.crypto.dsig.dom.Unmarshalling.unmarshalTransforms(Unmarshalling.java:422)
> at
> com.ibm.xml.crypto.dsig.dom.Unmarshalling.unmarshalReference(Unmarshalling.java:358)
> at
> com.ibm.xml.crypto.dsig.dom.Unmarshalling.unmarshalSignedInfo(Unmarshalling.java:272)
> at
> com.ibm.xml.crypto.dsig.dom.Unmarshalling.unmarshalSignature(Unmarshalling.java:196)
> at
> com.ibm.xml.crypto.dsig.dom.Unmarshalling.unmarshal(Unmarshalling.java:96)
> at
> com.ibm.xml.crypto.dsig.dom.FactoryImpl.unmarshalXMLSignature(FactoryImpl.java:217)
> at
> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:323)
> at
> org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:165)
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:303)
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:231)
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:185)
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
