Sun Java System Access Manager 7.1 Release Notes

Document how to enable XML encryption (6275563)

To enable XML encryption for either Access Manager or Federation Manager using the Bouncy Castle JAR file to generate a transport key, follow these steps:

  1. If you are using a JDK version earlier than JDK 1.5, download the Bouncy Castle JCE provider from the Bouncy Castle site ( For example, for JDK 1.4, download the bcprov-jdk14-131.jar file.

  2. If you downloaded a JAR file in the previous step, copy the file to the jdk_root/jre/lib/ext directory.

  3. For the domestic version of the JDK, download the JCE Unlimited Strength Jurisdiction Policy Files from the Sun site ( for your version of the JDK. For IBM WebSphere, go to the corresponding IBM site to download the required files.

  4. Copy the downloaded US_export_policy.jar and local_policy.jar files to the jdk_root/jre/lib/security directory.

  5. If you are using a JDK version earlier than JDK 1.5, edit the jdk_root/jre/lib/security/ file and add Bouncy Castle as one of the providers. For example:

  6. Set the following property in the file to true:

  7. Restart the Access Manager web container.

For more information, refer to problem ID 5110285 (XML encryption requires Bouncy Castle JAR file).