[
https://issues.apache.org/jira/browse/WSS-128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh updated WSS-128:
------------------------------------
Fix Version/s: 1.5.5
> Use xml-sec 1.4.1 version
> -------------------------
>
> Key: WSS-128
> URL: https://issues.apache.org/jira/browse/WSS-128
> Project: WSS4J
> Issue Type: Improvement
> Reporter: Nandana Mihindukulasooriya
> Assignee: Ruchith Udayanga Fernando
> Fix For: 1.5.5
>
>
> WSS4J uses xml-sec 1.4.0 and xml-sec 1.4.1 is out. According to Apache
> xml-sec project
> "Version 1.4.1 of the Java library has been released. This a bugfix release
> that contains a major bugfix to the canonicalization engine introduced in the
> 1.4 release. It is recommended that 1.4 users upgrade to the new version as
> signatures containing non ascii characters created by this library are not
> according to the standard, and will be only validated by 1.4 library. "
> The problem is xml-sec 1.4.1 is not available in the central maven
> repository. If we can get it in to central repo, I think it is better to use
> that one in WSS4J. In Rampart we use xml-sec 1.4.1 with WSS4J and it seems
> fully compatible. (An unsigned jar is there is ws zones repository -
> http://ws.zones.apache.org/repository2/org/apache/santuario/xmlsec/1.4.1/).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
