Hi
I have successfully managed to secure an Axis based Web Service with
WSS4J. During the development I used SUNs JDK1.4.2_11 and Jakarta Tomcat
5.0.30. I ran the test client and the deployed Web Service on the same
machine both running under jre1.4.2_11. This due to make sure that it
ran on the only requirement we have on the client platform, jre1.4.2 or
later. This testcases worked fine. But as the company I work for has
Websphere 5.1 as J2EE servers I started to move the Web Service to WSAD
and a Websphere 5.1 server. When doing so I ran into a problem. I know
WSS4J has a requriment on BouncyCastle so I started with updating the
java.security file under the IBM 1.4 jre Websphere 5.1 is running on. I
added the BouncyCastle provider as number 4, as number one needs to be
suns default and 2 and 3 needs to be to IBM providers as the server
would start otherwise, and started the server. I ran the
testclient(under SUNs jre 1.4.2_11) again but recieved the following
exception on the server.
"Original Exception was javax.crypto.NoSuchPaddingException: Padding:
ISO10126Padding not implemented"
A quick check on BouncyCastles website stated that ISO10126Padding is
implemented. So the BouncyCastle provider can't be correctly installed
on the Websphere 5.1 server. A google later showed that a small number
of people encountered this before, but with no description on what the
solution are, for example:
http://article.gmane.org/gmane.comp.encryption.bouncy-castle.devel/2378/match=com+ibm+security+bootstrap+jdkmessagedigest+sha1
Has anyone successfully deployed a WSS4J secured Web Service that Signs
and Encrypt both request and response with RSA keys from a keystore in a
Websphere 5.1.2? If so how did you set up your java.security file?
I am desperate for some assistance.
Thanks
Markus
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
