Hello comunity,
I'm trying to use this solution to create WSSec decrypt and encrypt policies in Apigee: DinoChiesa/Apigee-Java-WsSec-RsaEncryption: a configurable custom policy for Apigee, which performs ...
But I'm having an error because the jar can't be loaded.
Example of error:
Failed to instantiate the JavaCallout Class com.google.apigee.callouts.wsseccrypto.Decrypt |
Maybe the problem is similar to this one: Solved: Implementation of a Java callout that performs WS-... - Google Cloud Community. I suspect it because I was having the same problem with signing/validation until I found this thread and applied the suggested solution.
Example of policy:
Solved! Go to Solution.
Thank you for the support.
I've already contacted the internal team so we can start the conversation with apigee support, although we're using apigee X so I don't think it'll be possible.
Anyway, I've found a patched version of xmlenc here that doesn't cause any security error, and I suppose I can keep it from here at least to finish the MVP. I'll need to address this issue, though, as this version is quite old, some encrypting algorithms are not supported, and it may have some undesirable xploits.
I've prepared a branch with Signature + Encryption+Patched XmlEnc together here: Farenheith/Apigee-Java-WsSec-Signature-2 at merge-encryption-patchedxmlenc
@dchiesa1 It'd be nice to later compatibilize your separate packages, though. I'll open a PR later for RsaEncryption, addressing the XmlUtils conflict to contribute.