[WSS-518] WSConfig static initializer attempts to modify JCE Providers fail in JVM with restrictive security policies - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.2
Fix Version/s: 2.0.3
Component/s: WSS4J Core
Labels:
None

Description

I am attempting to use WSS4j 2.0.2 to perform WS-Security x509 signatures on XML DOM objects in a restrictive Cloud based JVM environment. When I attempt to sign a document the org.apache.wss4j.dom.WSConfig class gets initialized and it has a static initializer to load several JCE libraries. Because the JVM SecurityManager has restrictive polices defined any attempts to read system properties or modify JCE providers are denied and the class fails to load. The org.apache.wss4j.common.crypto.WSProviderConfig class has a setAddJceProviders and I think the WSConfig class should honor that setting.

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Aaron Anderson

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 31/Oct/14 16:31

Updated:: 09/Feb/15 10:59

Resolved:: 03/Nov/14 10:34