We went with a different JCE algorithm earlier; but for Beta3 we use PBEWithMD5AndDES (which is part of the standard JCE files and listed in your email).
I'd recommend you therefore try with Beta3.... On 6 June 2013 12:00, kappert <[email protected]> wrote: > Thank you for your reply! > I have now tried on a local Tomcat 7 and have discovered the first > exception, which may (or may not...) cause other problems. It occurs > already > when deploying Guvnor 6: > > 2013-06-06 11:11:58,246 [http-apr-8080-exec-3] ERROR Unable to encrypt > org.jasypt.exceptions.EncryptionOperationNotPossibleException: *Encryption > raised an exception. A possible cause is you are using strong encryption > algorithms and you have not installed the Java Cryptography Extension (JCE) > Unlimited Strength Jurisdiction Policy Files in this Java Virtual Machine* > at > > org.jasypt.encryption.pbe.StandardPBEByteEncryptor.handleInvalidKeyException(StandardPBEByteEncryptor.java:999) > ~[jasypt-1.9.0.jar:na] > at > > org.jasypt.encryption.pbe.StandardPBEByteEncryptor.encrypt(StandardPBEByteEncryptor.java:868) > ~[jasypt-1.9.0.jar:na] > at > > org.jasypt.encryption.pbe.StandardPBEStringEncryptor.encrypt(StandardPBEStringEncryptor.java:642) > ~[jasypt-1.9.0.jar:na] > at > > org.uberfire.backend.server.config.DefaultPasswordServiceImpl.encrypt(DefaultPasswordServiceImpl.java:28) > ~[uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] > at > > org.uberfire.backend.server.config.DefaultPasswordServiceImpl$Proxy$_$$_WeldClientProxy.encrypt(DefaultPasswordServiceImpl$Proxy$_$$_WeldClientProxy.java) > [uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] > at > > org.uberfire.backend.server.config.ConfigurationFactoryImpl.newSecuredConfigItem(ConfigurationFactoryImpl.java:46) > [uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] > at > > org.uberfire.backend.server.repositories.RepositoryServiceImpl.cloneRepository(RepositoryServiceImpl.java:93) > [uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] > at > > org.uberfire.backend.server.repositories.RepositoryServiceImpl$Proxy$_$$_WeldClientProxy.cloneRepository(RepositoryServiceImpl$Proxy$_$$_WeldClientProxy.java) > [uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] > at > org.kie.guvnor.backend.server.AppSetup.assertPlayground(AppSetup.java:69) > [AppSetup.class:na] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > ~[na:1.7.0_17] > at > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > ~[na:1.7.0_17] > at > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > ~[na:1.7.0_17] > at java.lang.reflect.Method.invoke(Method.java:601) ~[na:1.7.0_17] > at > > org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:267) > [weld-core-1.1.8.Final.jar:2012-04-29 10:45] > ... > > > Indeed I have found the same exception now in the Jelastic logs. > > The error message makes sense: I am not in the USA and neither is our > Jelastic hosting provider (we are in Switzerland). My local Tomcat is > running with a current Oracle JDK (jdk1.7.0_17). But "Unlimited Strength > Jurisdiction Policy Files" sounds like something the USA does not like to > share with the rest of the world :-) But I am just guessing. > > I see now that I could download the missing files > < > http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html > > > and it would be legal to use unlimited strength cryptography in most > countries. But I don't think it is a good idea if I try to fix this on my > side, because I cannot change it in Jelastic. > > Is it really necessary to use unlimited encryption for Guvnor? > > Maybe this helps: I found this little program that lists the supported > crypto algorithms and providers > < > http://stackoverflow.com/questions/3683302/how-to-find-out-what-algorithm-encryption-are-supported-by-my-jvm > > > . Here is the output for the JDK I am using with Tomcat, so these would be > the algorithms available in every country of the world: > > Provider: SUN > Algorithm: SHA1PRNG > Algorithm: SHA1withDSA > Algorithm: NONEwithDSA > Algorithm: DSA > Algorithm: MD2 > Algorithm: MD5 > Algorithm: SHA > Algorithm: SHA-256 > Algorithm: SHA-384 > Algorithm: SHA-512 > Algorithm: DSA > Algorithm: DSA > Algorithm: DSA > Algorithm: X.509 > Algorithm: JKS > Algorithm: CaseExactJKS > Algorithm: JavaPolicy > Algorithm: JavaLoginConfig > Algorithm: PKIX > Algorithm: PKIX > Algorithm: LDAP > Algorithm: Collection > Algorithm: com.sun.security.IndexedCollection > Provider: SunRsaSign > Algorithm: RSA > Algorithm: RSA > Algorithm: MD2withRSA > Algorithm: MD5withRSA > Algorithm: SHA1withRSA > Algorithm: SHA256withRSA > Algorithm: SHA384withRSA > Algorithm: SHA512withRSA > Provider: SunEC > Algorithm: EC > Algorithm: EC > Algorithm: NONEwithECDSA > Algorithm: SHA1withECDSA > Algorithm: SHA256withECDSA > Algorithm: SHA384withECDSA > Algorithm: SHA512withECDSA > Algorithm: EC > Algorithm: ECDH > Provider: SunJSSE > Algorithm: RSA > Algorithm: RSA > Algorithm: MD2withRSA > Algorithm: MD5withRSA > Algorithm: SHA1withRSA > Algorithm: MD5andSHA1withRSA > Algorithm: SunX509 > Algorithm: NewSunX509 > Algorithm: SunX509 > Algorithm: PKIX > Algorithm: TLSv1 > Algorithm: TLSv1.1 > Algorithm: TLSv1.2 > Algorithm: Default > Algorithm: PKCS12 > Provider: SunJCE > Algorithm: RSA > Algorithm: DES > Algorithm: DESede > Algorithm: DESedeWrap > Algorithm: PBEWithMD5AndDES > Algorithm: PBEWithMD5AndTripleDES > Algorithm: PBEWithSHA1AndRC2_40 > Algorithm: PBEWithSHA1AndDESede > Algorithm: Blowfish > Algorithm: AES > Algorithm: AESWrap > Algorithm: RC2 > Algorithm: ARCFOUR > Algorithm: DES > Algorithm: DESede > Algorithm: Blowfish > Algorithm: AES > Algorithm: RC2 > Algorithm: ARCFOUR > Algorithm: HmacMD5 > Algorithm: HmacSHA1 > Algorithm: HmacSHA256 > Algorithm: HmacSHA384 > Algorithm: HmacSHA512 > Algorithm: DiffieHellman > Algorithm: DiffieHellman > Algorithm: DiffieHellman > Algorithm: DiffieHellman > Algorithm: DES > Algorithm: DESede > Algorithm: PBE > Algorithm: PBEWithMD5AndDES > Algorithm: PBEWithMD5AndTripleDES > Algorithm: PBEWithSHA1AndDESede > Algorithm: PBEWithSHA1AndRC2_40 > Algorithm: Blowfish > Algorithm: AES > Algorithm: RC2 > Algorithm: OAEP > Algorithm: DiffieHellman > Algorithm: DES > Algorithm: DESede > Algorithm: PBEWithMD5AndDES > Algorithm: PBEWithMD5AndTripleDES > Algorithm: PBEWithSHA1AndDESede > Algorithm: PBEWithSHA1AndRC2_40 > Algorithm: PBKDF2WithHmacSHA1 > Algorithm: HmacMD5 > Algorithm: HmacSHA1 > Algorithm: HmacSHA256 > Algorithm: HmacSHA384 > Algorithm: HmacSHA512 > Algorithm: HmacPBESHA1 > Algorithm: SslMacMD5 > Algorithm: SslMacSHA1 > Algorithm: JCEKS > Algorithm: SunTlsPrf > Algorithm: SunTls12Prf > Algorithm: SunTlsMasterSecret > Algorithm: SunTlsKeyMaterial > Algorithm: SunTlsRsaPremasterSecret > Provider: SunJGSS > Algorithm: 1.2.840.113554.1.2.2 > Algorithm: 1.3.6.1.5.5.2 > Provider: SunSASL > Algorithm: DIGEST-MD5 > Algorithm: NTLM > Algorithm: GSSAPI > Algorithm: EXTERNAL > Algorithm: PLAIN > Algorithm: CRAM-MD5 > Algorithm: CRAM-MD5 > Algorithm: GSSAPI > Algorithm: DIGEST-MD5 > Algorithm: NTLM > Provider: XMLDSig > Algorithm: http://www.w3.org/2002/06/xmldsig-filter2 > Algorithm: http://www.w3.org/2000/09/xmldsig#enveloped-signature > Algorithm: http://www.w3.org/2001/10/xml-exc-c14n#WithComments > Algorithm: http://www.w3.org/2001/10/xml-exc-c14n# > Algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments > Algorithm: DOM > Algorithm: http://www.w3.org/2006/12/xml-c14n11 > Algorithm: http://www.w3.org/2000/09/xmldsig#base64 > Algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315 > Algorithm: http://www.w3.org/TR/1999/REC-xpath-19991116 > Algorithm: http://www.w3.org/TR/1999/REC-xslt-19991116 > Algorithm: http://www.w3.org/2006/12/xml-c14n11#WithComments > Algorithm: DOM > Provider: SunPCSC > Algorithm: PC/SC > Provider: SunMSCAPI > Algorithm: Windows-PRNG > Algorithm: Windows-MY > Algorithm: Windows-ROOT > Algorithm: NONEwithRSA > Algorithm: SHA1withRSA > Algorithm: SHA256withRSA > Algorithm: SHA384withRSA > Algorithm: SHA512withRSA > Algorithm: MD5withRSA > Algorithm: MD2withRSA > Algorithm: RSA > Algorithm: RSA > Algorithm: RSA/ECB/PKCS1Padding > > > > -- > View this message in context: > http://drools.46999.n3.nabble.com/Guvnor-6-0-0-Beta2-on-Tomcat-7-should-problems-be-reported-tp4024142p4024167.html > Sent from the Drools: User forum mailing list archive at Nabble.com. > _______________________________________________ > rules-users mailing list > [email protected] > https://lists.jboss.org/mailman/listinfo/rules-users >
_______________________________________________ rules-users mailing list [email protected] https://lists.jboss.org/mailman/listinfo/rules-users
