The Java Cryptography Extension (JCE) provider included with J2SE 1.4 does not support RSA encryption. Because the XML Encryption defined by WS-Security is typically based on RSA encryption, you must download and install a JCE provider that supports RSA encryption to use WS-Security to encrypt SOAP messages .
J2SE 5 includes a preconfigured JCE provider. With J2SE 1.4, add a JCE provider as follows:
Download and install a JCE provider JAR (Java Archive) file from one of the list of http://java.sun.com/products/jce/jce14_providers.html.
Copy the JCE provider JAR file to java-home/jre/lib/ext/.
Stop Application Server.
Application Server will not recognize the JCE provider until it is stopped and restarted.
Add the JCE provider to the the java-home/jre/lib/security/java.security properties file in any text editor.
The java.security file contains instructions to add a JCE provider. Basically, you need to add a line of the following format in a location with similar properties:
security.provider.n=provider-class-name |
In this example, n is the order of preference to be used by Application Server when evaluating security providers. Set n to 2 for the JCE provider you've just added.
For example, if you've downloaded The Legion of the Bouncy Castle JCE provider, you would add this line.
security.provider.2=org.bouncycastle.jce.provider. BouncyCastleProvider |
Make sure that the Sun security provider remains at the highest preference, with a value of 1.
security.provider.1=sun.security.provider.Sun |
Adjust the levels of the other security providers downward so that there is only one security provider at each level.
The following is an example of a java.security file that provides the necessary JCE provider and keeps the existing providers in the correct locations.
security.provider.1=sun.security.provider.Sun security.provider.2=org.bouncycastle.jce.provider. BouncyCastleProvider security.provider.3=com.sun.net.ssl.internal.ssl.Provider security.provider.4=com.sun.rsajca.Provider security.provider.5=com.sun.crypto.provider.SunJCE security.provider.6=sun.security.jgss.SunProvider |
Save and close the file.
Restart Application Server.