[
https://issues.apache.org/jira/browse/RAMPART-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12999897#comment-12999897
]
Thilina Buddhika commented on RAMPART-323:
------------------------------------------
Hi Abhinav,
There are two main points I need to highlight.
First please make sure that your JDK is properly patch. You can simply test
this using a simple java program like
http://code.google.com/p/owasp-esapi-java/source/browse/trunk/src/test/java/org/owasp/esapi/reference/crypto/CryptoPolicy.java?r=1205.
Compile this class and run it pointing to the same JAVA_HOME. If the JDK is
properly patched, then it will print "Unlimited strength crypto IS available.".
Second point is about the Axis2 and Rampart versions you are using. I tested a
security scenario with the algorithm suite 'Basic256Sha256' with Axis2
1.5/Rampart 1.4 which failed with an 'unsupported algorithm' error. It should
be due to a limitation of the WSS4J/XMLSec versions that was shipped with that
particular Rampart version.
But this works fine with latest Rampart release , i.e. 1.5.1
(http://axis.apache.org/axis2/java/rampart/download/1.5.1/download.cgi) which
was released with Axis2 1.5.4. So it is better to migrate to the latest
versions which contains a set of new features and bug fixes.
Hope this helps.
Thanks,
Thilina
> org.apache.xml.security.encryption.XMLEncryptionException: Illegal
> key size exception
> ----------------------------------------------------------------------------------------------
>
> Key: RAMPART-323
> URL: https://issues.apache.org/jira/browse/RAMPART-323
> Project: Rampart
> Issue Type: Question
> Affects Versions: 1.4
> Environment: Windows XP service Pack2, Axis2 1.5, jdk1.5_06, rampart
> 1.4
> Reporter: Abhinav Mishra
> Assignee: Thilina Buddhika
> Priority: Blocker
> Labels: security
> Fix For: 1.4
>
> Attachments: Client.java, Multiplication2.java,
> Multiplication2CallbackHandler.java, Multiplication2Stub.java,
> PWCBHandler.java, client.jks, service.jks, services.xml
>
> Original Estimate: 504h
> Remaining Estimate: 504h
>
> I have already replaced those 2 jar files that are required to be replaced in
> $JAVA_HOME/jre/lib/security directory. Also, i have placed bcprovjdk.jar in
> $JAVA_HOME/jre/lib/ext . I have also modified
> $JAVA_HOME/jre/lib/security/java.security file to contain
> security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider. still
> I am getting the same exception every time i run my client code.
> I have got stuck here.
> Please provide some solution!!!!!
> Thanks in advance......
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
