- We now support the InclusiveC14N policy.
- We can enforce that a Timestamp has an "Expires" Element via configuration, if desired.
- There is a slight modification to how we cache signed Timestamps, to allow for the scenario of two Signatures in a security header that sign the same Timestamp, but with different keys.
- The policy layer now allows a SupportingToken policy to have more than one token.
- A bug has been fixed in the MerlinDevice crypto provider, which is designed to work with smartcards.
- A bug has been fixed in terms of using the correct JCE provider for encryption/decryption.
Friday, May 15, 2015
Apache WSS4J 2.0.4 released
In addition to the new major release of Apache WSS4J (2.1.0), there is a new bug fix release available - Apache WSS4J 2.0.4. Here are the most important bugs that were fixed in this release: