As of verion 1.40, bouncycastle moved the patented algorithms to a separate jar. Thus, 1.40 and newer are "ok".
That said, you should also move to the "new" groupIds: http://repo2.maven.org/maven2/org/bouncycastle/bcprov-jdk15/ and use version 1.43. Dan On Wed August 19 2009 11:20:13 am Donald Woods wrote: > Hmmm.... Didn't we have to remove bouncycastle before, due to required > IP licensing? > > <dependency> > + <groupId>bouncycastle</groupId> > + <artifactId>bcprov-jdk15</artifactId> > + <type>jar</type> > + </dependency> > > -Donald > > ga...@apache.org wrote: > > Author: gawor > > Date: Wed Aug 19 15:05:31 2009 > > New Revision: 805830 > > > > URL: http://svn.apache.org/viewvc?rev=805830&view=rev > > Log: > > Support X.509 signature and ecryption for service references with CXF. > > Based on patch from Rahul Mehta (GERONIMO-4642) > > > > Modified: > > > > geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml > > geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/g > >eronimo/cxf/client/CXFPasswordHandler.java > > geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/g > >eronimo/cxf/client/CXFPortMethodInterceptor.java > > geronimo/server/trunk/pom.xml > > > > Modified: > > geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml > > URL: > > http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/cxf/cxf/src/ma > >in/history/dependencies.xml?rev=805830&r1=805829&r2=805830&view=diff > > ========================================================================= > >===== --- > > geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml > > (original) +++ > > geronimo/server/trunk/plugins/cxf/cxf/src/main/history/dependencies.xml > > Wed Aug 19 15:05:31 2009 @@ -3,10 +3,15 @@ > > <module-id> > > <groupId>org.apache.geronimo.configs</groupId> > > <artifactId>cxf</artifactId> > > - <version>2.2-SNAPSHOT</version> > > + <version>3.0-SNAPSHOT</version> > > <type>car</type> > > </module-id> > > <dependency> > > + <groupId>bouncycastle</groupId> > > + <artifactId>bcprov-jdk15</artifactId> > > + <type>jar</type> > > + </dependency> > > + <dependency> > > <groupId>org.apache.cxf</groupId> > > <artifactId>cxf-api</artifactId> > > <type>jar</type> > > @@ -111,4 +116,14 @@ > > <artifactId>wss4j</artifactId> > > <type>jar</type> > > </dependency> > > + <dependency> > > + <groupId>xalan</groupId> > > + <artifactId>serializer</artifactId> > > + <type>jar</type> > > + </dependency> > > + <dependency> > > + <groupId>xalan</groupId> > > + <artifactId>xalan</artifactId> > > + <type>jar</type> > > + </dependency> > > </plugin-artifact> > > > > Modified: > > geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/g > >eronimo/cxf/client/CXFPasswordHandler.java URL: > > http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/cxf/geronimo-c > >xf/src/main/java/org/apache/geronimo/cxf/client/CXFPasswordHandler.java?re > >v=805830&r1=805829&r2=805830&view=diff > > ========================================================================= > >===== --- > > geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/g > >eronimo/cxf/client/CXFPasswordHandler.java (original) +++ > > geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/g > >eronimo/cxf/client/CXFPasswordHandler.java Wed Aug 19 15:05:31 2009 @@ > > -18,6 +18,8 @@ > > package org.apache.geronimo.cxf.client; > > > > import java.io.IOException; > > +import java.util.HashMap; > > +import java.util.Map; > > > > import javax.security.auth.callback.Callback; > > import javax.security.auth.callback.CallbackHandler; > > @@ -31,14 +33,17 @@ > > > > private static final Logger LOG = > > LoggerFactory.getLogger(CXFPasswordHandler.class); > > > > - private String password; > > + private Map<String, String> passwords = new HashMap<String, > > String>(); > > > > - public CXFPasswordHandler(String password) { > > - this.password = password; > > + public CXFPasswordHandler() { > > } > > > > + public void addPassword(String user, String password) { > > + passwords.put(user, password); > > + } > > + > > public void handle(Callback[] callbacks) throws IOException, > > UnsupportedCallbackException { WSPasswordCallback pc = > > (WSPasswordCallback) callbacks[0]; - > > pc.setPassword(this.password); > > + pc.setPassword(passwords.get(pc.getIdentifier())); > > } > > } > > > > Modified: > > geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/g > >eronimo/cxf/client/CXFPortMethodInterceptor.java URL: > > http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/cxf/geronimo-c > >xf/src/main/java/org/apache/geronimo/cxf/client/CXFPortMethodInterceptor.j > >ava?rev=805830&r1=805829&r2=805830&view=diff > > ========================================================================= > >===== --- > > geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/g > >eronimo/cxf/client/CXFPortMethodInterceptor.java (original) +++ > > geronimo/server/trunk/plugins/cxf/geronimo-cxf/src/main/java/org/apache/g > >eronimo/cxf/client/CXFPortMethodInterceptor.java Wed Aug 19 15:05:31 2009 > > @@ -41,6 +41,10 @@ > > private static final String IN_PREFIX = "wss4j.in."; > > private static final String OUT_PREFIX = "wss4j.out."; > > > > + private static final String[] ACTIONS = { > > WSHandlerConstants.USERNAME_TOKEN, + > > WSHandlerConstants.SIGNATURE, + > > WSHandlerConstants.ENCRYPT }; + > > public CXFPortMethodInterceptor(Map<Object, EndpointInfo> > > seiInfoMap) { super(seiInfoMap); > > } > > @@ -98,20 +102,27 @@ > > > > private static void updateSecurityProperties(Map<String, Object> > > properties) { String action = (String) > > properties.get(WSHandlerConstants.ACTION); - if > > (containsValue(action, WSHandlerConstants.USERNAME_TOKEN) && + if > > (containsValue(action, ACTIONS) && > > > > !properties.containsKey(WSHandlerConstants.PW_CALLBACK_CLASS)) { - > > String password = (String) properties.get("password"); - > > properties.put(WSHandlerConstants.PW_CALLBACK_REF, > > - new CXFPasswordHandler(password)); > > + CXFPasswordHandler handler = new CXFPasswordHandler(); > > + handler.addPassword( (String) properties.get("user"), > > + (String) properties.get("password") ); > > + handler.addPassword( (String) > > properties.get("signatureUser"), + > > (String) properties.get("signaturePassword") ); + > > handler.addPassword( (String) properties.get("encryptionUser"), + > > (String) properties.get("encryptionPassword") ); > > + properties.put(WSHandlerConstants.PW_CALLBACK_REF, handler); > > } > > } > > > > - private static boolean containsValue(String property, String value) > > { + private static boolean containsValue(String property, String[] > > values) { if (property != null) { > > String[] entries = property.split(" "); > > - for (String entry : entries) { > > - if (value.equals(entry)) { > > - return true; > > + for (String value : values) { > > + for (String entry : entries) { > > + if (value.equals(entry)) { > > + return true; > > + } > > } > > } > > } > > > > Modified: geronimo/server/trunk/pom.xml > > URL: > > http://svn.apache.org/viewvc/geronimo/server/trunk/pom.xml?rev=805830&r1= > >805829&r2=805830&view=diff > > ========================================================================= > >===== --- geronimo/server/trunk/pom.xml (original) > > +++ geronimo/server/trunk/pom.xml Wed Aug 19 15:05:31 2009 > > @@ -754,7 +754,13 @@ > > <dependency> > > <groupId>xalan</groupId> > > <artifactId>xalan</artifactId> > > - <version>2.7.0</version> > > + <version>2.7.1</version> > > + <exclusions> > > + <exclusion> > > + <groupId>xml-apis</groupId> > > + <artifactId>xml-apis</artifactId> > > + </exclusion> > > + </exclusions> > > </dependency> > > > > <dependency> > > @@ -1876,17 +1882,9 @@ > > <artifactId>saaj-api</artifactId> > > </exclusion> > > <exclusion> > > - <groupId>bouncycastle</groupId> > > - <artifactId>bcprov-jdk15</artifactId> > > - </exclusion> > > - <exclusion> > > <groupId>org.opensaml</groupId> > > <artifactId>opensaml</artifactId> > > </exclusion> > > - <exclusion> > > - <groupId>xalan</groupId> > > - <artifactId>xalan</artifactId> > > - </exclusion> > > </exclusions> > > </dependency> -- Daniel Kulp dk...@apache.org http://www.dankulp.com/blog