So I'm worried this is just my fault and I haven't researched this
enough or did something wrong, but I've been fighting a problem with
Tomcat on Mac OSX. The problem seems to boil down to Security providers
and tomcat seemingly modifying them.
So I installed Tomcat and deployed a webapp to it. This webapp uses CAS
authentication which requires the app to call back out to a https web
server to verify a ticket. Works on tomcat on Unix and Linux, but on (at
least this mac)Mac OSX 10.4 running Java 1.5 the app fails at this point
with the following error.
java.security.NoSuchAlgorithmException: Cannot find any provider
supporting RSA/ECB/PKCS1Padding
at javax.crypto.Cipher.getInstance(DashoA12275)
at com.sun.net.ssl.internal.ssl.JsseJce.getCipher(JsseJce.java:90)
....
Now, thinking maybe somehow Java on this mac was just broken and had
nothing to do with Tomcat I wrote a simple app that does something
identical to what is causing the error in Tomcat, but it works. Curious?
So I've searched the web for this error and found nothing matching this
specific problem or any related solutions. So in trying to find a
solution to this problem myself I started looking into Security
providers and the java.security file.
The java.security file lists the following providers.
security.provider.1=sun.security.provider.Sun
security.provider.2=com.apple.crypto.provider.Apple
security.provider.3=sun.security.rsa.SunRsaSign
security.provider.4=com.sun.net.ssl.internal.ssl.Provider
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider
security.provider.7=com.sun.security.sasl.Provider
So the last thing I've done that seems helpful was to list the providers
each JVM has listed at runtime.
Outside of Tomcat in a simple app I get the following list
class sun.security.provider.Sun
class com.apple.crypto.provider.Apple
class sun.security.rsa.SunRsaSign
class com.sun.net.ssl.internal.ssl.Provider
class com.sun.crypto.provider.SunJCE
class sun.security.jgss.SunProvider
class com.sun.security.sasl.Provider
But within Tomcat using the same code to get the provider list I get the
following
class sun.security.provider.Sun
class sun.security.provider.Sun
class sun.security.rsa.SunRsaSign
class sun.security.rsa.SunRsaSign
class com.sun.net.ssl.internal.ssl.Provider
class com.sun.net.ssl.internal.ssl.Provider
class sun.security.jgss.SunProvider
class sun.security.jgss.SunProvider
class com.sun.security.sasl.Provider
class com.sun.security.sasl.Provider
So why the differences? I even started to look into the code to see if
tomcat rewrote the providers or not, but at least as far as I could
find, it doesn't seem to. So any ideas?
Thank you,
Douglas Pace
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
