santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <sean.mul...@oracle.com>
Subject Re: Issue Endorsing Santuario
Date Thu, 03 Nov 2011 15:41:03 GMT
On 11/3/11 11:28 AM, Chad La Joie wrote:
> Okay, so, I think the question is still the same.  Do we, or not, want
> to have to requirement the logging library on the classpath.
> 
> As an aside, given the choice between endorsing the library and editing
> the java.security file and adding the lib to the ext directory, I think
> endorsement is still the better option.  Who knows if the deployer will
> have the ability to edit the java.security config.

Yeah I hear you, but in this case, endorsement is really a hack and is not being
used for the right reasons [1]. The org.jcp APIs are not standard APIs. It just
happens to work because the implementation packages are named the same.

--Sean

[1]: http://download.oracle.com/javase/1.5.0/docs/guide/standards/index.html

> 
> On 11/3/11 11:22 AM, Colm O hEigeartaigh wrote:
>> Hi Chad,
>>
>> Yep that's pretty much correct I think. One clarification to the first
>> method, is that you would need to install the provider before the
>> XMLDSig provider in JDK 1.6+ to use the Santuario provider, or
>> explicitly name the provider when instantiating XMLSignatureFactory
>> etc.
>>
>> Colm.
>>
>> On Thu, Nov 3, 2011 at 2:44 PM, Chad La Joie <lajoie@itumi.biz> wrote:
>>> Colm, can you describe how you'd install the provider?  My understanding
>>> is that there are two possible ways in which one could this.
>>>
>>> 1. You make code modifications to explicitly add the provider via the
>>> Provider API.  So, as long as the logging libs are on your classpath
>>> before you do this, everything works okay.
>>>
>>> 2. You register the provider via the java.security config file and drop
>>> the library in the $JAVA_HOME/lib/ext directory.  This method has the
>>> benefit of not having to modify code but the drawback that you'd still
>>> have to put the logging jar in the ext directory and you'd still end up
>>> "polluting" the classpath.
>>>
>>> On 11/3/11 10:32 AM, Colm O hEigeartaigh wrote:
>>>> There is no longer any need to endorse anything, as it's a simple
>>>> matter of installing the JSR-105 provider that ships with Santuario
>>>> before the JDK XMLDSig provider, if you want to use the Santuario
>>>> implementation.
>>>
>>>
>>> --
>>> Chad La Joie
>>> www.itumi.biz
>>> trusted identities, delivered
>>>
>>
>>
>>
> 

Mime
View raw message