Cardspace issues
I wasted 2 days over this Cardspace issue . Which require us to "strip whitespace from xml signatures - a need of MicroSoft's CardSpace identity selector". See the exact steps to enable this patch here.
You would also need JCE security policy to be upgraded. Here are the installation instruction:
1) Download the unlimited strength JCE policy files.
2) Uncompress and extract the downloaded file.
This will create a subdirectory called jce. This directory contains the following files:
3) Install the unlimited strength policy JAR files.
To utilize the encryption/decryption functionalities of the JCE framework without any limitation, first make a copy of the original JCE policy files (US_export_policy.jar and local_policy.jar in the standard place for JCE jurisdiction policy JAR files) in case you later decide to revert to these "strong" versions. Then replace the strong policy files with the unlimited strength versions extracted in the previous step.
The standard place for JCE jurisdiction policy JAR files is: JAVA_HOME\jre\lib\security
Other than that the JAVA_OPTS variable needs to be update in catalina.bat as below:
set JAVA_OPTS=%JAVA_OPTS% -Dorg.apache.xml.security.ignoreLineBreaks=true %LOGGING_CONFIG%
You would also need JCE security policy to be upgraded. Here are the installation instruction:
1) Download the unlimited strength JCE policy files.
2) Uncompress and extract the downloaded file.
This will create a subdirectory called jce. This directory contains the following files:
README.txt This file
COPYRIGHT.html Copyright information
local_policy.jar Unlimited strength local policy file
US_export_policy.jar Unlimited strength US export policy file
3) Install the unlimited strength policy JAR files.
To utilize the encryption/decryption functionalities of the JCE framework without any limitation, first make a copy of the original JCE policy files (US_export_policy.jar and local_policy.jar in the standard place for JCE jurisdiction policy JAR files) in case you later decide to revert to these "strong" versions. Then replace the strong policy files with the unlimited strength versions extracted in the previous step.
The standard place for JCE jurisdiction policy JAR files is: JAVA_HOME
set JAVA_OPTS=%JAVA_OPTS% -Dorg.apache.xml.security.ignoreLineBreaks=true %LOGGING_CONFIG%
Comments
Post a Comment