Sun Java System Access Manager 7 2005Q4 Release Notes

Document how to enable XML encryption (6275563)

To enable XML encryption for either Access Manager or Federation Manager using the Bouncy Castle JAR file to generate a transport key, follow these steps:

  1. If you are using a JDK version earlier than JDK 1.5, download the Bouncy Castle JCE provider from the Bouncy Castle site ( For example, for JDK 1.4, download the bcprov-jdk14-131.jar file.

  2. If you downloaded a JAR file in the previous step, copy the file to the jdk_root/jre/lib/ext directory.

  3. For the domestic version of the JDK, download the JCE Unlimited Strength Jurisdiction Policy Files from the site ( for your version of the JDK. For IBM WebSphere, go to the corresponding IBM site to download the required files.

  4. Copy the downloaded US_export_policy.jar and local_policy.jar files to the jdk_root/jre/lib/security directory.

  5. If you are using a JDK version earlier than JDK 1.5, edit the jdk_root/jre/lib/security/ file and add Bouncy Castle as one of the providers. For example:

  6. Set the following property in the file to true:

  7. Restart the Access Manager web container.

For more information, refer to problem ID 5110285 (XML encryption requires Bouncy Castle JAR file).