santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From torsten.reinh...@gi-de.com
Subject JDK6 and xmlsec-1.4.2 issue (unsupported signature algorithm)
Date Wed, 27 May 2009 15:33:46 GMT
Hi, 

I migrated my application from JDK5 (with external xmlsec-1.4.2.jar) to 
JDK6 (where xmlsec is included now).

After that I got 
javax.xml.crypto.MarshalException: unsupported signature algorithm: 
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
                 at 
org.jcp.xml.dsig.internal.dom.DOMSignatureMethod.unmarshal(DOMSignatureMethod.java:86)
                 at 
org.jcp.xml.dsig.internal.dom.DOMSignedInfo.<init>(DOMSignedInfo.java:122)
                 at 
org.jcp.xml.dsig.internal.dom.DOMXMLSignature.<init>(DOMXMLSignature.java:119)
                 at 
org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshal(DOMXMLSignatureFactory.java:152)
                 at 
org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory.unmarshalXMLSignature(DOMXMLSignatureFactory.java:116)

so I tried the lib\endorsed workaround, and put xmlsec-1.4.2 and 
commons-logging into that folder. 
That worked fine for me - but not for my collegues.

They than run into "NoClassDefFoundError" from different points - one were 
missing the Log4J Logger class implementation (could be resolved by 
putting log4j.jar to lib\endorsed), the others had trouble with WSS4J and 
so on.

I wouldn´t like to put all our libraries in the lib\endorsed folder - is 
there another way to use xmlsec-1.4.2 in JDK6.0 ? 
Is there a plan to include xmlsec-1.4.2 in one of the next JDK patches 
(>=1.6.0_14) ?

And - by the way - why is so many code (JAXB, xmlsec, ....) going into the 
JDK where it is now more difficult to drop against another version?

Thanx a lot for any help!

Torsten
Mime
View raw message