Upgrade from CXF 2.1 to CXF 2.1.1 results in two BouncyCastle JARs being used
-----------------------------------------------------------------------------
Key: CXF-1726
URL: https://issues.apache.org/jira/browse/CXF-1726
Project: CXF
Issue Type: Bug
Reporter: Glen Mazza
Updating this dependency:
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>${cxf.version}</version>
</dependency>
>From CXF 2.1 to 2.1.1 results into two Bouncy Castle jars being placed into
>the web service provider's WAR-- the usual bcprov-jdk14-136.jar from CXF 2.1
>and bcprov-jdk13-132.jar. I don't know why both are being loaded--maybe
>OpenSAML (which is not in 2.1) is the culprit, or xmlsec's upgrade from 1.3 to
>1.4 or WSS4J's from 1.5.2 to 1.5.4--but either of the latter two causing this
>is rather doubtful.
(It might be nice also to upgrade to BC's 1.5 or 1.6 library at this time.)
Test case: Download my DoubleIt sample[1], place this dependency in the
trunk/pom.xml, and from that run "mvn clean install" -- you'll see the two BC
libs in the service-war/target folder.
[1] http://glen.mazza.blog.googlepages.com/20080418DoubleIt.zip
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
