Re: [rules-users] Guvnor 6.0.0.Beta2 on Tomcat 7 - should problems be reported?

Thank you for your reply! I have now tried on a local Tomcat 7 and have discovered the first exception, which may (or may not...) cause other problems. It occurs already when deploying Guvnor 6: 2013-06-06 11:11:58,246 [http-apr-8080-exec-3] ERROR Unable to encrypt org.jasypt.exceptions.EncryptionOperationNotPossibleException: *Encryption raised an exception. A possible cause is you are using strong encryption algorithms and you have not installed the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files in this Java Virtual Machine* at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.handleInvalidKeyException(StandardPBEByteEncryptor.java:999) ~[jasypt-1.9.0.jar:na] at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.encrypt(StandardPBEByteEncryptor.java:868) ~[jasypt-1.9.0.jar:na] at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.encrypt(StandardPBEStringEncryptor.java:642) ~[jasypt-1.9.0.jar:na] at org.uberfire.backend.server.config.DefaultPasswordServiceImpl.encrypt(DefaultPasswordServiceImpl.java:28) ~[uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] at org.uberfire.backend.server.config.DefaultPasswordServiceImpl$Proxy$_$$_WeldClientProxy.encrypt(DefaultPasswordServiceImpl$Proxy$_$$_WeldClientProxy.java) [uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] at org.uberfire.backend.server.config.ConfigurationFactoryImpl.newSecuredConfigItem(ConfigurationFactoryImpl.java:46) [uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] at org.uberfire.backend.server.repositories.RepositoryServiceImpl.cloneRepository(RepositoryServiceImpl.java:93) [uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] at org.uberfire.backend.server.repositories.RepositoryServiceImpl$Proxy$_$$_WeldClientProxy.cloneRepository(RepositoryServiceImpl$Proxy$_$$_WeldClientProxy.java) [uberfire-backend-server-0.1.3.Final.jar:0.1.3.Final] at org.kie.guvnor.backend.server.AppSetup.assertPlayground(AppSetup.java:69) [AppSetup.class:na] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_17] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_17] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_17] at java.lang.reflect.Method.invoke(Method.java:601) ~[na:1.7.0_17] at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:267) [weld-core-1.1.8.Final.jar:2012-04-29 10:45] ... Indeed I have found the same exception now in the Jelastic logs. The error message makes sense: I am not in the USA and neither is our Jelastic hosting provider (we are in Switzerland). My local Tomcat is running with a current Oracle JDK (jdk1.7.0_17). But "Unlimited Strength Jurisdiction Policy Files" sounds like something the USA does not like to share with the rest of the world :-) But I am just guessing. I see now that I could download the missing files <http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-43... and it would be legal to use unlimited strength cryptography in most countries. But I don't think it is a good idea if I try to fix this on my side, because I cannot change it in Jelastic. Is it really necessary to use unlimited encryption for Guvnor? Maybe this helps: I found this little program that lists the supported crypto algorithms and providers <http://stackoverflow.com/questions/3683302/how-to-find-out-what-algorithm... . Here is the output for the JDK I am using with Tomcat, so these would be the algorithms available in every country of the world: Provider: SUN Algorithm: SHA1PRNG Algorithm: SHA1withDSA Algorithm: NONEwithDSA Algorithm: DSA Algorithm: MD2 Algorithm: MD5 Algorithm: SHA Algorithm: SHA-256 Algorithm: SHA-384 Algorithm: SHA-512 Algorithm: DSA Algorithm: DSA Algorithm: DSA Algorithm: X.509 Algorithm: JKS Algorithm: CaseExactJKS Algorithm: JavaPolicy Algorithm: JavaLoginConfig Algorithm: PKIX Algorithm: PKIX Algorithm: LDAP Algorithm: Collection Algorithm: com.sun.security.IndexedCollection Provider: SunRsaSign Algorithm: RSA Algorithm: RSA Algorithm: MD2withRSA Algorithm: MD5withRSA Algorithm: SHA1withRSA Algorithm: SHA256withRSA Algorithm: SHA384withRSA Algorithm: SHA512withRSA Provider: SunEC Algorithm: EC Algorithm: EC Algorithm: NONEwithECDSA Algorithm: SHA1withECDSA Algorithm: SHA256withECDSA Algorithm: SHA384withECDSA Algorithm: SHA512withECDSA Algorithm: EC Algorithm: ECDH Provider: SunJSSE Algorithm: RSA Algorithm: RSA Algorithm: MD2withRSA Algorithm: MD5withRSA Algorithm: SHA1withRSA Algorithm: MD5andSHA1withRSA Algorithm: SunX509 Algorithm: NewSunX509 Algorithm: SunX509 Algorithm: PKIX Algorithm: TLSv1 Algorithm: TLSv1.1 Algorithm: TLSv1.2 Algorithm: Default Algorithm: PKCS12 Provider: SunJCE Algorithm: RSA Algorithm: DES Algorithm: DESede Algorithm: DESedeWrap Algorithm: PBEWithMD5AndDES Algorithm: PBEWithMD5AndTripleDES Algorithm: PBEWithSHA1AndRC2_40 Algorithm: PBEWithSHA1AndDESede Algorithm: Blowfish Algorithm: AES Algorithm: AESWrap Algorithm: RC2 Algorithm: ARCFOUR Algorithm: DES Algorithm: DESede Algorithm: Blowfish Algorithm: AES Algorithm: RC2 Algorithm: ARCFOUR Algorithm: HmacMD5 Algorithm: HmacSHA1 Algorithm: HmacSHA256 Algorithm: HmacSHA384 Algorithm: HmacSHA512 Algorithm: DiffieHellman Algorithm: DiffieHellman Algorithm: DiffieHellman Algorithm: DiffieHellman Algorithm: DES Algorithm: DESede Algorithm: PBE Algorithm: PBEWithMD5AndDES Algorithm: PBEWithMD5AndTripleDES Algorithm: PBEWithSHA1AndDESede Algorithm: PBEWithSHA1AndRC2_40 Algorithm: Blowfish Algorithm: AES Algorithm: RC2 Algorithm: OAEP Algorithm: DiffieHellman Algorithm: DES Algorithm: DESede Algorithm: PBEWithMD5AndDES Algorithm: PBEWithMD5AndTripleDES Algorithm: PBEWithSHA1AndDESede Algorithm: PBEWithSHA1AndRC2_40 Algorithm: PBKDF2WithHmacSHA1 Algorithm: HmacMD5 Algorithm: HmacSHA1 Algorithm: HmacSHA256 Algorithm: HmacSHA384 Algorithm: HmacSHA512 Algorithm: HmacPBESHA1 Algorithm: SslMacMD5 Algorithm: SslMacSHA1 Algorithm: JCEKS Algorithm: SunTlsPrf Algorithm: SunTls12Prf Algorithm: SunTlsMasterSecret Algorithm: SunTlsKeyMaterial Algorithm: SunTlsRsaPremasterSecret Provider: SunJGSS Algorithm: 1.2.840.113554.1.2.2 Algorithm: 1.3.6.1.5.5.2 Provider: SunSASL Algorithm: DIGEST-MD5 Algorithm: NTLM Algorithm: GSSAPI Algorithm: EXTERNAL Algorithm: PLAIN Algorithm: CRAM-MD5 Algorithm: CRAM-MD5 Algorithm: GSSAPI Algorithm: DIGEST-MD5 Algorithm: NTLM Provider: XMLDSig Algorithm: http://www.w3.org/2002/06/xmldsig-filter2 Algorithm: http://www.w3.org/2000/09/xmldsig#enveloped-signature Algorithm: http://www.w3.org/2001/10/xml-exc-c14n#WithComments Algorithm: http://www.w3.org/2001/10/xml-exc-c14n# Algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments Algorithm: DOM Algorithm: http://www.w3.org/2006/12/xml-c14n11 Algorithm: http://www.w3.org/2000/09/xmldsig#base64 Algorithm: http://www.w3.org/TR/2001/REC-xml-c14n-20010315 Algorithm: http://www.w3.org/TR/1999/REC-xpath-19991116 Algorithm: http://www.w3.org/TR/1999/REC-xslt-19991116 Algorithm: http://www.w3.org/2006/12/xml-c14n11#WithComments Algorithm: DOM Provider: SunPCSC Algorithm: PC/SC Provider: SunMSCAPI Algorithm: Windows-PRNG Algorithm: Windows-MY Algorithm: Windows-ROOT Algorithm: NONEwithRSA Algorithm: SHA1withRSA Algorithm: SHA256withRSA Algorithm: SHA384withRSA Algorithm: SHA512withRSA Algorithm: MD5withRSA Algorithm: MD2withRSA Algorithm: RSA Algorithm: RSA Algorithm: RSA/ECB/PKCS1Padding -- View this message in context: http://drools.46999.n3.nabble.com/Guvnor-6-0-0-Beta2-on-Tomcat-7-should-p... Sent from the Drools: User forum mailing list archive at Nabble.com.