Paul, you are correct, I mis-spoke. This is not a bug in Jersey, it's a
missing feature in some versions of Xerces.
The best solution: don't add any Xerces jars to your application's
classpath, then the JRE's built-in parser will be used instead. I can't do
that, since my project has an indirect dependency on an old version of
Xerces, and Xerces registers itself as the default parser.
By setting this property when I launch Tomcat I was able to force the use of
the built-in parser:
-Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl
This made the error go away.
Paul Sandoz wrote:
>
> Note that this is not a bug in Jersey. It is deliberate behavior that
> forces one to resolve security vulnerabilities or take responsibility
> for deployment with such vulnerabilities present.
>
> Paul.
>
--
View this message in context: http://n2.nabble.com/SAX-Feature-error-in-Jersey-1-1-4-1-tp4581700p4656688.html
Sent from the Jersey mailing list archive at Nabble.com.