You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by "Agusti Dosaiguas (JIRA)" <ji...@apache.org> on 2007/05/08 10:39:15 UTC

[jira] Commented: (WSS-39) Digital signature of SOAP bodies fails when using Axis 1.3

    [ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12494212 ] 

Agusti Dosaiguas commented on WSS-39:
-------------------------------------

The problem persists in WSS4J 1.51 and Axis 1.3 or 1.4.
I think it is related with this bug reported to Axis: https://issues.apache.org/jira/browse/AXIS-2497

> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
>                 Key: WSS-39
>                 URL: https://issues.apache.org/jira/browse/WSS-39
>             Project: WSS4J
>          Issue Type: Bug
>         Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
>            Reporter: Guy Rixon
>         Assigned To: Davanum Srinivas
>            Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org