ApacheXMLDSig Signature Provider Not found

Hello, Happy Friday!  It has been a heck of week or two. Finally the dust has come down and I have enjoyed a couple of relatively quiet days of coding.

During this period, this issue bothered me for a couple of days and just found a solution to it.

I am using WSSecSignature to sign SOAP request and everything works fine in Maven tests until I deployed this to Tomcat 8 under JDK8. The error I got is always something like ApacheXMLDSig not found, no matter how I tweaked it.

javax.xml.crypto.NoSuchMechanismException: java.security.NoSuchAlgorithmException: class configured for XMLSignatureFactory (provider: ApacheXMLDSig) cannot be found

I feel Tomcat is doing something funny under the hood so the default ApacheXML Digital Signer is not visible to my WSSecSignature, maybe it is due to some Classpath loader structure?

I had to eventually explicitly specify the Digital Signer as below:

System.setProperty(“jsr105Provider”, “org.jcp.xml.dsig.internal.dom.XMLDSigRI”);

This ensures I know what Signer is to be used from the Santuario package and it works without any failures in Tomcat.

Cheers!

Advertisements