No, I would have thought that should be enough. Do you have access to a debugger? If so can you see if the BouncyCastle parsing code is being called in Merlin? Failing that if you have a test-case I can take a look.
Colm. On Fri, Nov 10, 2017 at 3:10 PM, <[email protected]> wrote: > I saw that comment in the source code but didn't get the full picture. > > I tried this version of bouncy. > > <!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on > --> > <dependency> > <groupId>org.bouncycastle</groupId> > <artifactId>bcprov-jdk15on</artifactId> > <version>1.58</version> > </dependency> > > With this CXF but it didn't seem to pick it up. Is there any other config > that I missed? > > Thank you! This would be a big lifesaver if it is working. > > <apache.cxf.version>3.2.0</apache.cxf.version> > > <dependency> > <groupId>org.apache.cxf</groupId> > <artifactId>cxf-spring-boot-starter-jaxws</artifactId> > <version>${apache.cxf.version}</version> > </dependency> > <!-- https://mvnrepository.com/artifact/org.apache.cxf/cxf- > rt-ws-security --> > > <dependency> > <groupId>org.apache.cxf</groupId> > <artifactId>cxf-rt-ws-security</artifactId> > <version>${apache.cxf.version}</version> > </dependency> > <dependency> > <groupId>org.apache.cxf</groupId> > <artifactId>cxf-rt-frontend-jaxws</artifactId> > <version>${apache.cxf.version}</version> > </dependency> > > <dependency> > <groupId>org.apache.cxf</groupId> > <artifactId>cxf-rt-transports-http</artifactId> > <version>${apache.cxf.version}</version> > </dependency> > > > -----Original Message----- > From: Colm O hEigeartaigh [mailto:[email protected]] > Sent: Friday, November 10, 2017 4:51 AM > To: [email protected] > Subject: Re: .Net and CXF Incompatibility > > Apache WSS4J has special support to use BouncyCastle to parse the > IssuerName, if BouncyCastle is available. See the comment here: > > https://github.com/apache/wss4j/blob/b8d4f1b29e98c53edeb0ffdf1dc4a9 > 0382e9fd9e/ws-security-common/src/main/java/org/apache/ > wss4j/common/crypto/Merlin.java#L943 > > So if BouncyCastle is added to your classpath it should hopefully work. > > Colm. > > On Thu, Nov 9, 2017 at 5:23 PM, <[email protected]> wrote: > > > Hi, > > > > > > > > I am integrating WCF client with CXF web service using JAX-WS. > > > > > > > > A certificate with issuer that includes an email option > > "[email protected] <mailto:[email protected]> " is sent from the > > client to the server with the issue name as part of the security > > header in the message. > > > > > > > > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > > > > <o:SecurityTokenReference> > > > > <X509Data> > > > > <X509IssuerSerial> > > > > <X509IssuerName>[email protected] <mailto:[email protected]> > > .. > > </X509IssuerName> > > > > > > > > But X500Princpal.Java currently does not accept E as a valid type so > > the request fails throwing an exception in X500Principal.java > > > > > > > > java.io.IOException: Invalid keyword "E" > > > > > > > > ..NET WCF does not replace the issuer name in the header with an RDN - > > 1.2.840.113549.1.9.1 if it did that it should work. > > > > > > > > But I am looking for a work around here. Has anyone ran into this issue? > > > > > > > > Mark > > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
