Web Services Stack distributes the Bouncy Castle JCE provider. It is required by the security module (Rampart) for retrieving cryptographic algorithms implementation used in encryption and/or signing of messages.

The Bouncy Castle provider is added to the runtime list of Java security providers (when required for the first time).

The Bouncy Castle provider might not be available to other web application if Web Services Stack is deployed in a servlet container and the Bouncy Castle classes are loaded from the Web Services Stack web application classloader. After it is added to the global list of security providers, no other application running in the same virtual machine will be able to add it again. In this case, if the Bouncy Castle is required by other web application in the servlet container, place the Bouncy Castle JAR in a common/shared lib directory of the servlet container and ensure it is loaded from there and not by a web application classloader.