Hi,
I checked out a latest copy for xml security Java from svn trunk(1.4.3). But
ant test showed a few failures and it took me quite some time to figure them
out.
Here are a summary of issues I identified:
1. dependency on Sun JVM. javax.xml.crypto.test.KeySelectors use two
internal classes: sun.security.x509.X500Name and sun.security.util.DerValue.
The former can be replaced by public X500Principal, but there is no easy
replacement for the latter. Ideally, these tests should run with other JVMs,
such as IBM.
2. dependency on JVM version. There are quite a few tests relying on
providers for certain algorithms, such as AES 256. As XML security claims to
support Java 1.4.2, some high security may not be available, such as SHA256.
Or they are not turned on by default, such as AES 256(for Sun Java5, you
have to manually download *Unlimited Strength Jurisdiction Policy*). I would
suggest to check if desired algorithms are available or not before running
these tests. If not, tests may be skipped.
3. dependency on system properties. Some test setup will read system
properties( mainly look for xml files and others in data sub-directory).
This will make running individual test in IDE hard. It would be better to
remove dependency on environment. One way is to replace
System.getProperty("basedir") with Class.getResource(), or the like in a
helper class/method.
With the issues above, now I can only run tests successfully in Sun Java 5
with downloaded policy plus command window. I have not tried to make them
run with other versions yet.
What is your opinion?
Eric
