tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From psalazar <>
Subject Re: tomcat4+jdk1.4.1+security providers
Date Mon, 21 Oct 2002 17:41:22 GMT
I believe that it's true. I have defined in the default 
providers that come in JDK1.4.1:

It appears that only SunJCE implements DES algorithm, and when I list my 
providers by running it in local shell without any hard-coded addProvider 
SunJCE, they are all listed. But, when I do the same thing but in 
tomcat environment, they all appears but the SunJCE!!!

What differences exists between SunJCE and the others? I think SunJCE it's 
the only one that has a jar in jre/lib/ext! Probably, by any feature/bug of 
tomcat, it won't run until we put hard-coded the addProvider method. One 
way to explain this is that the jar files inside jre/lib/ext are not used
inside tomcat. 

So, when this happen how should we force tomcat to load at "bootstrap 
time" the sunjce_provider.jar? It's clear that in common/lib it won't 
work... I already tried put it in server/lib/ and lib/ in tomcat 

Any suggestions?

Pedro Salazar.

On Mon, 21 Oct 2002, Jean-Francois Arcand wrote:> 
> psalazar wrote:
> >I solved my problem:
> >
> >I didn't put the sunjce_provider.jar in ${tomcat.home}/common/lib/ and
> I
> >must add the SunJCE provider hardcoded before use the DES algorithm.
> >
> >
> com.sun.crypto.provider.SunJCE());
> >
> >The cool thing would be add the SunJCE provider (or other provider!!)
> in a
> >dynamic way without any hardcoded line adding the provider! It works
> but
> >only in a shell command line (probably because jre/lib/ext classpath
> and
> >other security features not defined in tomcat environment).
> >
> What do you mean? The provider is defined in 
> jre/lib/security/ but you cannot use it directly (you have 
> to create the instance)? If that's true, then its a bug. Everything 
> defined in should be availble in Tomcat.
> -- Jeanfrancois

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message