cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (JIRA)" <>
Subject [jira] Commented: (CXF-1726) Upgrade from CXF 2.1 to CXF 2.1.1 results in two BouncyCastle JARs being used
Date Mon, 11 Aug 2008 19:34:46 GMT


Daniel Kulp commented on CXF-1726:


I just tried this and I'm not seeing a duplicate jar with either 2.1.1 or 2.1.2-SNAPSHOT.

dkulp@dilbert ~/tmp/DoubleIt/trunk/service-war/target/doubleit/WEB-INF/lib $ ls
FastInfoset-1.2.2.jar                       geronimo-stax-api_1.0_spec-1.0.1.jar
XmlSchema-1.4.2.jar                         geronimo-ws-metadata_2.0_spec-1.1.2.jar
activation-1.1.jar                          jaxb-api-2.1.jar
aopalliance-1.0.jar                         jaxb-impl-2.1.7.jar
asm-2.2.3.jar                               jaxb-xjc-2.1.7.jar
avalon-framework-4.1.3.jar                  log4j-1.2.12.jar
bcprov-jdk14-136.jar                        logkit-1.0.1.jar
commons-lang-2.4.jar                        neethi-2.0.4.jar
commons-logging-1.1.jar                     opensaml-1.1.jar
cxf-api-2.1.2-SNAPSHOT.jar                  saaj-api-1.3.jar
cxf-common-schemas-2.1.2-SNAPSHOT.jar       saaj-impl-1.3.jar
cxf-common-utilities-2.1.2-SNAPSHOT.jar     servlet-api-2.3.jar
cxf-rt-bindings-soap-2.1.2-SNAPSHOT.jar     spring-beans-2.0.8.jar
cxf-rt-bindings-xml-2.1.2-SNAPSHOT.jar      spring-context-2.0.8.jar
cxf-rt-core-2.1.2-SNAPSHOT.jar              spring-core-2.0.8.jar
cxf-rt-databinding-jaxb-2.1.2-SNAPSHOT.jar  spring-web-2.0.8.jar
cxf-rt-frontend-jaxws-2.1.2-SNAPSHOT.jar    stax-api-1.0-2.jar
cxf-rt-frontend-simple-2.1.2-SNAPSHOT.jar   velocity-1.4.jar
cxf-rt-transports-http-2.1.2-SNAPSHOT.jar   velocity-dep-1.4.jar
cxf-rt-ws-addr-2.1.2-SNAPSHOT.jar           wsdl4j-1.6.2.jar
cxf-rt-ws-security-2.1.2-SNAPSHOT.jar       wss4j-1.5.4.jar
cxf-tools-common-2.1.2-SNAPSHOT.jar         wstx-asl-3.2.4.jar
geronimo-activation_1.1_spec-1.0.2.jar      xalan-2.7.0.jar
geronimo-annotation_1.0_spec-1.1.1.jar      xml-resolver-1.2.jar
geronimo-javamail_1.4_spec-1.3.jar          xmlsec-1.4.0.jar

Is it possible you didn't do a "clean" between switching from 2.1 to 2.1.1?

> Upgrade from CXF 2.1 to CXF 2.1.1 results in two BouncyCastle JARs being used
> -----------------------------------------------------------------------------
>                 Key: CXF-1726
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>            Reporter: Glen Mazza
> Updating this dependency:
> <dependency>
>    <groupId>org.apache.cxf</groupId>
>    <artifactId>cxf-rt-ws-security</artifactId>
>    <version>${cxf.version}</version>
> </dependency>
> From CXF 2.1 to 2.1.1 results into two Bouncy Castle jars being placed into the web service
provider's WAR-- the usual bcprov-jdk14-136.jar from CXF 2.1 and bcprov-jdk13-132.jar.  I
don't know why both are being loaded--maybe OpenSAML (which is not in 2.1) is the culprit,
or xmlsec's upgrade from 1.3 to 1.4 or WSS4J's from 1.5.2 to 1.5.4--but either of the latter
two causing this is rather doubtful.
> (It might be nice also to upgrade to BC's 1.5 or 1.6 library at this time.)
> Test case:  Download my DoubleIt sample[1], place this dependency in the trunk/pom.xml,
and from that run "mvn clean install" -- you'll see the two BC libs in the service-war/target
> [1]

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message