Hi Werner, I have been thinking about your proposal I don't see how it's possible to implement your second approach without changing the public API (a see the biggest problem while verifying). But I'm sure you already have an idea. Can you share with me?
Regards, Raul On 3/12/06, Werner Dittmann <[EMAIL PROTECTED]> wrote: > All, > > currently xml-sec use two different ways to specify which provider > to use for a specific algorithm: > > 1. Set the provider id is a class variable in JCEMapper. An explicit > check must be made to see if the provider id is set and then use it. > > 2. The XMLCipher uses different getInstance(...) methods to specify > a provider. Thus it is sort of an explicit definition. > > Porposal: Use only one way to specify a JCE provider. I would opt > for the second way (definie ti explicitly). For some time we could > declare the "old" method as deprecated. > > In that sens I would also propose to implement a sort of fallback > mechanisms if the specified provider is either not avaliable or does > not provider the required algorithm. In such a case > > - issue a "log.warning" message (not an error) and > > - fallback to a standard provider. Only if this also fails throw an > exception. > > What do you think? > > Regards, > Werner > -- http://r-bg.com
