santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Raul Benito" <r...@apache.org>
Subject Re: [xml-sec] Some thought about the JCE provider
Date Mon, 20 Mar 2006 17:30:39 GMT
Hi Werner,

  I have been thinking about your proposal I don't see how it's
possible to implement your second approach without changing the public
API (a see the biggest problem while verifying). But I'm sure you
already have an idea. Can you share with me?

Regards,

Raul

On 3/12/06, Werner Dittmann <Werner.Dittmann@t-online.de> wrote:
> All,
>
> currently xml-sec use two different ways to specify which provider
> to use for a specific algorithm:
>
> 1. Set the provider id is a class variable in JCEMapper. An explicit
>    check must be made to see if the provider id is set and then use it.
>
> 2. The XMLCipher uses different getInstance(...) methods to specify
>    a provider. Thus it is sort of an explicit definition.
>
> Porposal: Use only one way to specify a JCE provider. I would opt
> for the second way (definie ti explicitly). For some time we could
> declare the "old" method as deprecated.
>
> In that sens I would also propose to implement a sort of fallback
> mechanisms if the specified provider is either not avaliable or does
> not provider the required algorithm. In such a case
>
> - issue a "log.warning" message (not an error) and
>
> - fallback to a standard provider. Only if this also fails throw an
>   exception.
>
> What do you think?
>
> Regards,
> Werner
>


--
http://r-bg.com

Mime
View raw message