On Wed December 2 2009 2:55:30 am Bruce Li wrote: > Hi all, > > We want to use CXF 2.1.4 in our product but we are told not to use > Bouncy Castle. I'm new to CXF so my question is, is Bouncy Castle only > used for https and WS-Security? Could I remove it if we do not have > such requirements, or replace it with other components?
It's actually only used for WS-Security, not https. Thus, if you aren't using ws-security, you should be all set to remove it. If you ARE using WS-Security, you MAY be able to remove it if you are using Java 6 with the strong encryption pack. Many (but not all) of the algorithms required are in the JDK. Thus, you may or may not be able to remove it with WS-Security. -- Daniel Kulp [email protected] http://www.dankulp.com/blog
