You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by Alessandro Gilardoni <a....@alice.it> on 2006/02/04 11:50:36 UTC

PLEASE HELP..........SOAPUtil.toSoapMessage Problem

Hi,
i have tried to sign a SOAPMessage with the code provided by wss4j examples.
I have a signature verification fail error when i try to verify the 
signature.
here the code i used

WSSignEnvelope builder = new WSSignEnvelope();
builder.setUserInfo("client", "security");
builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
Document doc = unsignedEnvelope.getAsDocument();  /////// IS A SOAPMessage
Document signedDoc = builder.build(doc, crypto);
Message signedMsg = (Message) toSOAPMessage(signedDoc);
signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();
verify(signedDoc);

It seems that the "Message signedMsg = (Message) 
SOAPUtil.toSOAPMessage(signedDoc); " change the body of the message 
(insert some new line) so the message differs from the one used to sign, 
and it' s natural that the signature verification must fail.

if i comment out the two lines:
Message signedMsg = (Message) toSOAPMessage(signedDoc);
signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();

and i verify the signed message after have signed it, the signature 
verification it's ok.

Alessandro Gilardoni

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org