Dependency of Bouncy Castle FIPS release 1.0.1 with SiteMinder API 12.80.x
Article ID: 190094
CA Single Sign On Secure Proxy Server (SiteMinder)CA Single Sign On Agents (SiteMinder)CA Single Sign On Federation (SiteMinder)CA Single Sign On SOA Security Manager (SiteMinder)SITEMINDER
We're running a SDK Custom Agent 12.8 and this one has dependency to Bouncy Castle FIPS release 1.0.1. As such, we can't run that SDK Agent with WebLogic 12.2 (12c) which runs Bouncy Castle from another version and causes problem.
How can we fix this ?
Policy Server 12.8SP3 on RedHat 7
At first glance, indeed, the latest Policy Server 12.8SP3 runs Bouncy Castle Java FIPS 1.0.1.
Policy Server 12.8SP3 has :
and SDK 12.8SP3 has :
More, it seems that WebLogic Server doesn't deliver the Bouncy Castle jar to eliminate the dependencies as we can read here :
Error "java.lang.NoClassDefFoundError: org/bouncycastle/asn1/DEREncodable " Found After Applying Weblogic PSU July 2018 (Doc ID 2442820.1)
As of the April 2018 PSU, WebLogic Server has removed the Bouncy Castle jar file anymore in order to eliminate the CIE dependency on Bouncy Castle. If users are still using this jar within their own application, they need to ensure that they have their own Bouncy Castle jar file bundled with the application using it.
After the July 2018 PSU or later is installed, the bcprov-jdk16-1.45.jar is under WLS location will be zero bytes and will only contain the README.txt file. If any class from this jar file is still referenced by your application, a NoClassDefFoundError will be thrown. Bundling the Bouncy Castle jar file into the application will ensure that the Bouncy Castle classes are loaded for your application's use before WebLogic Server's version of the Bouncy Castle jar file. This will avoid any issue which was introduced by the zero-sized jar file.