Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove usage of the RSA/NONE/OAEPPADDING algorithm from WSIT. #382

Open
Tomas-Kraus opened this issue Jun 2, 2022 · 0 comments
Open

Remove usage of the RSA/NONE/OAEPPADDING algorithm from WSIT. #382

Tomas-Kraus opened this issue Jun 2, 2022 · 0 comments

Comments

@Tomas-Kraus
Copy link
Member

Sometime between update 21 and update 25 of JDK7, Oracle removed the RSA/NONE/OAEPPADDING algorithm:
http://stackoverflow.com/questions/17207491/after-update-to-java7u25-from-java7u21-jax-ws-client-of-my-program-throws-cannot

Unlike CXF, WSIT is still using this algorithm, requiring Metro users to now have to install the Bouncy Castle JAR and make both client- and service-side changes in order to bring it in: http://stackoverflow.com/a/17318843. A better solution would be for WSIT to stop using this algorithm so it's no longer necessary to download BouncyCastle.

This matter can be replicated using my metro_ut_messagelayer sample (http://www.jroller.com/gmazza/entry/usernametoken_messagelayer_encryption), runnable via the following:
1.) Clone my blogsamples at https://github.com/gmazza/blog-samples and do an mvn clean install -Dmaven.test.skip from the root folder.
2.) Navigate to metro_ut_messagelayer and run mvn tomcat7:run-war
3.) Navigate in a separate tab window to metro_ut_messagelayer/client and run mvn exec:exec. You'll see the error message quite similar to the one in the StackOverflow link above.

Affected Versions

[2.3]

Source: javaee/metro-wsit#1680
Author: glassfishrobot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant