All, currently xml-sec use two different ways to specify which provider to use for a specific algorithm:
1. Set the provider id is a class variable in JCEMapper. An explicit check must be made to see if the provider id is set and then use it. 2. The XMLCipher uses different getInstance(...) methods to specify a provider. Thus it is sort of an explicit definition. Porposal: Use only one way to specify a JCE provider. I would opt for the second way (definie ti explicitly). For some time we could declare the "old" method as deprecated. In that sens I would also propose to implement a sort of fallback mechanisms if the specified provider is either not avaliable or does not provider the required algorithm. In such a case - issue a "log.warning" message (not an error) and - fallback to a standard provider. Only if this also fails throw an exception. What do you think? Regards, Werner
