Hello Guys, I am using apache cxf for web service and using WS-SecureConverstationToken for security. But when I try to use it with normal jce which comes by default with jdk, I get the exception.
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters Then I used the JCE with unlimited strength and it worked. But there are some legal obligations with JCE with unlimited strength. Some countries don't allow such encryption. In that perspective, I cant use this security module for my project. My question is: Is it mandatory to use JCE unlimited strength with WS-SecureConverstationToken + CXF? If not how can I leverage default JCE which shipped with JRE 6. Thank you very much in advance -- View this message in context: http://old.nabble.com/Encryption-issue-tp28459661p28459661.html Sent from the cxf-user mailing list archive at Nabble.com.
