[
https://issues.apache.org/jira/browse/CXF-1726?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp resolved CXF-1726.
------------------------------
Resolution: Fixed
Fix Version/s: 2.1.2
Assignee: Daniel Kulp
> Upgrade from CXF 2.1 to CXF 2.1.1 results in two BouncyCastle JARs being used
> -----------------------------------------------------------------------------
>
> Key: CXF-1726
> URL: https://issues.apache.org/jira/browse/CXF-1726
> Project: CXF
> Issue Type: Bug
> Reporter: Glen Mazza
> Assignee: Daniel Kulp
> Fix For: 2.1.2
>
>
> Updating this dependency:
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-ws-security</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> From CXF 2.1 to 2.1.1 results into two Bouncy Castle jars being placed into
> the web service provider's WAR-- the usual bcprov-jdk14-136.jar from CXF 2.1
> and bcprov-jdk13-132.jar. I don't know why both are being loaded--maybe
> OpenSAML (which is not in 2.1) is the culprit, or xmlsec's upgrade from 1.3
> to 1.4 or WSS4J's from 1.5.2 to 1.5.4--but either of the latter two causing
> this is rather doubtful.
> (It might be nice also to upgrade to BC's 1.5 or 1.6 library at this time.)
> Test case: Download my DoubleIt sample[1], place this dependency in the
> trunk/pom.xml, and from that run "mvn clean install" -- you'll see the two BC
> libs in the service-war/target folder.
> [1] http://glen.mazza.blog.googlepages.com/20080418DoubleIt.zip
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
