cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Glen Mazza (JIRA)" <j...@apache.org>
Subject [jira] Created: (CXF-1726) Upgrade from CXF 2.1 to CXF 2.1.1 results in two BouncyCastle JARs being used
Date Tue, 29 Jul 2008 01:00:34 GMT
Upgrade from CXF 2.1 to CXF 2.1.1 results in two BouncyCastle JARs being used
-----------------------------------------------------------------------------

                 Key: CXF-1726
                 URL: https://issues.apache.org/jira/browse/CXF-1726
             Project: CXF
          Issue Type: Bug
            Reporter: Glen Mazza


Updating this dependency:

<dependency>
   <groupId>org.apache.cxf</groupId>
   <artifactId>cxf-rt-ws-security</artifactId>
   <version>${cxf.version}</version>
</dependency>

>From CXF 2.1 to 2.1.1 results into two Bouncy Castle jars being placed into the web service
provider's WAR-- the usual bcprov-jdk14-136.jar from CXF 2.1 and bcprov-jdk13-132.jar.  I
don't know why both are being loaded--maybe OpenSAML (which is not in 2.1) is the culprit,
or xmlsec's upgrade from 1.3 to 1.4 or WSS4J's from 1.5.2 to 1.5.4--but either of the latter
two causing this is rather doubtful.

(It might be nice also to upgrade to BC's 1.5 or 1.6 library at this time.)

Test case:  Download my DoubleIt sample[1], place this dependency in the trunk/pom.xml, and
from that run "mvn clean install" -- you'll see the two BC libs in the service-war/target
folder.

[1] http://glen.mazza.blog.googlepages.com/20080418DoubleIt.zip


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message