> Shawn, is your question whether you can set this, > across the board, > for resolving things like various cryptographic > algorithms used in the > runtime?
Yes that is my question. > What you'll need to do is set the setAddJceProviders > flag to false, on > the WSSConfig class: > > WSSConfig.setAddJceProviders(false); OK, We'll give this a shot and reply back here how it works out for us. Thanks Fred and Colm for replies. --- Fred Dushin <[EMAIL PROTECTED]> wrote: > I think that may only set the provider for the > keystore creation > operations. > > Shawn, is your question whether you can set this, > across the board, > for resolving things like various cryptographic > algorithms used in the > runtime? > > I'm fairly certain there's no way to do this, and > more importantly, no > way to do it in the XMLSec libraries (I might be > wrong about the > latter, as I'm not completely familiar with that > toolkit, and its > level of configurability). > > Now, that being said, we did add support in 1.5.4 to > disable the > programmatic registration of Bouncycastle as a JCE > provider, though a > proper solution is awaiting some re-design of the > APIs, probably for > WSS4J 2.0. > > What you'll need to do is set the setAddJceProviders > flag to false, on > the WSSConfig class: > > WSSConfig.setAddJceProviders(false); > > This is a static operation, so you'll need to make > sure this gets > called before any WSS4J operations are called. > > Like I said, this is not really a proper solution in > the general case, > but we need to do some work to re-design the > lifecycle management of > some of the WSS4J objects in the WSS4J core, but > that's not planned in > the 1.5.x series, so the static hack is what you'd > have to use. > > -Fred > > On Jul 3, 2008, at 5:56 AM, O hEigeartaigh, Colm > wrote: > > > > > You could try adding this to your crypto > properties file: > > > > > org.apache.ws.security.crypto.merlin.keystore.provider=<provider > name > > here> > > > > Colm. > > > > -----Original Message----- > > From: Shawn McKinney > [mailto:[EMAIL PROTECTED] > > Sent: 02 July 2008 14:57 > > To: [email protected] > > Subject: Question on WSS4J 1.5 Crypto Provider > Configuration > > > > Hello, > > > > I have question: > > > > How do (can) we change the default crypto provider > > used by WSS4J for a particular Java runtime > instance? > > > > > > We are using WSS4J 1.5 and would like to enable > WSS4J > > to use the default crypto provider provided by Sun > or > > IBM in a Java runtime. The idea here is we want > to > > make it as easy as possible for our developers to > test > > transactions using WS-Security running in Axis. > > > > We run Axis/WSS4J in JBoss, Tomcat and Websphere > > containers and would like to be able to test using > the > > standard providers found in either JVM > implementation > > without having to configure the BouncyCastle > provider. > > > > Please note the aim here isn't to phase out or > replace > > our use of BouncyCastle provider in production as > we > > are quite happy with its capabilities. Rather we > want > > to remove a step (steamline setup) for developers > that > > want to test using our security configuration. > > > > Our default client-side configuration is to enable > > Username token, ecrypted: > > > > <parameter name="action" value="UsernameToken > Encrypt > > Timestamp"/> > > > > Thanks in advance for your reply. > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > ---------------------------- > > IONA Technologies PLC (registered in Ireland) > > Registered Number: 171387 > > Registered Address: The IONA Building, Shelbourne > Road, Dublin 4, > > Ireland > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
