Hello, the release notes for CXF 2.1.5[1] state a need to externally download BouncyCastle 1.4 for WSS, but no mention of BouncyCastle is given in the Release Notes in CXF 2.2.1[2]. I've also noticed that BouncyCastle 1.5 is already available in both the CXF 2.1.5 and the CXF 2.2.1 downloads (lib folder).
[The 2.1.5 Notes say: "To use the WS-Security features of CXF, you need to obtain a JCE crypto provider that implements the algorithms that you plan to use. One option is to download the Bouncy Castle jar from: http://bouncycastle.org/download/bcprov-jdk14-136.jar and add that to the lib directory or classpath."] I'm not sure what (if anything) to read into the fact that the above text is not there for CXF 2.2. Was it omitted to say that no external JCE provider is needed anymore with WS-Security (perhaps the Sun defaults are now sufficient), or was it omitted simply because it should have been omitted earlier, i.e., no special download is needed because it's already in CXF's lib folder? Thanks, Glen [1] http://cxf.apache.org/apache-cxf-215-release-notes.html [2] http://cxf.apache.org/apache-cxf-221-release-notes.html -- View this message in context: http://www.nabble.com/BouncyCastle-dependency-change-between-CXF-2.1.x-and-2.2.x--tp23788306p23788306.html Sent from the cxf-user mailing list archive at Nabble.com.
