Bug 50284 - Dependencies on Xalan despite documentation stating it's not required
Summary: Dependencies on Xalan despite documentation stating it's not required
Status: NEW
Alias: None
Product: Security - Now in JIRA
Classification: Unclassified
Component: Encryption (show other bugs)
Version: Java 1.4.2
Hardware: PC All
: P2 normal
Target Milestone: ---
Assignee: XML Security Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-11-17 10:17 UTC by Mark Birenbaum
Modified: 2010-11-18 06:35 UTC (History)
0 users


Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Birenbaum 2010-11-17 10:17:02 UTC 
XMLSec has dependencies on the Xalan jar.

The instance we've run into is:
XMLCipher depends on org.apache.xml.utils.URI.

The release notes for 1.3 said it wasn't necessary to put xalan on the classpath and the pom file indicates it's a "provided" dependency, which I take to mean the XSLT implementation provided by Java 5+  is good enough.
Comment 1 coheigea 2010-11-18 06:35:20 UTC 
This will be fixed in a new major release (1.5) next year, as part of the move to use JDK 1.5.

Colm.