You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by "Guy Rixon (JIRA)" <ji...@apache.org> on 2006/03/24 13:10:20 UTC
[jira] Created: (WSS-39) Digital signature of SOAP bodies fails
when using Axis 1.3
Digital signature of SOAP bodies fails when using Axis 1.3
----------------------------------------------------------
Key: WSS-39
URL: http://issues.apache.org/jira/browse/WSS-39
Project: WSS4J
Type: Bug
Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
Reporter: Guy Rixon
Assigned to: Davanum Srinivas
Priority: Critical
Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Commented: (WSS-39) Digital signature of SOAP bodies fails
when using Axis 1.3
Posted by "Agusti Dosaiguas (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12494212 ]
Agusti Dosaiguas commented on WSS-39:
-------------------------------------
The problem persists in WSS4J 1.51 and Axis 1.3 or 1.4.
I think it is related with this bug reported to Axis: https://issues.apache.org/jira/browse/AXIS-2497
> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
> Key: WSS-39
> URL: https://issues.apache.org/jira/browse/WSS-39
> Project: WSS4J
> Issue Type: Bug
> Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
> Reporter: Guy Rixon
> Assigned To: Davanum Srinivas
> Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Commented: (WSS-39) Digital signature of SOAP bodies fails
when using Axis 1.3
Posted by "Agusti Dosaiguas (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12494212 ]
Agusti Dosaiguas commented on WSS-39:
-------------------------------------
The problem persists in WSS4J 1.51 and Axis 1.3 or 1.4.
I think it is related with this bug reported to Axis: https://issues.apache.org/jira/browse/AXIS-2497
> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
> Key: WSS-39
> URL: https://issues.apache.org/jira/browse/WSS-39
> Project: WSS4J
> Issue Type: Bug
> Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
> Reporter: Guy Rixon
> Assigned To: Davanum Srinivas
> Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Commented: (WSS-39) Digital signature of SOAP bodies fails
when using Axis 1.3
Posted by "Agusti Dosaiguas (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12498286 ]
Agusti Dosaiguas commented on WSS-39:
-------------------------------------
What is this about 0spam.com? Is it a way to e-mail adresses from spammers?
> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
> Key: WSS-39
> URL: https://issues.apache.org/jira/browse/WSS-39
> Project: WSS4J
> Issue Type: Bug
> Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
> Reporter: Guy Rixon
> Assigned To: Davanum Srinivas
> Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Closed: (WSS-39) Digital signature of SOAP bodies fails when
using Axis 1.3
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh closed WSS-39.
----------------------------------
Resolution: Won't Fix
This appears to be an Axis issue, rather than a WSS4J issue, so closing this.
> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
> Key: WSS-39
> URL: https://issues.apache.org/jira/browse/WSS-39
> Project: WSS4J
> Issue Type: Bug
> Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
> Reporter: Guy Rixon
> Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Commented: (WSS-39) Digital signature of SOAP bodies fails
when using Axis 1.3
Posted by "verify@0spam.com (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12498266 ]
verify@0spam.com commented on WSS-39:
-------------------------------------
ATTENTION!
A message you recently sent to a 0Spam.com user with the subject "[jira] Commented: (WSS-39) Digital signature of SO..." was not delivered because they are using the 0Spam.com anti-spam service. Please click the link below to confirm that this is not spam. When you confirm, this message and all future messages you send will automatically be accepted.
http://www.0spam.com/v.cgi?user=1086966126&verify=724829
========================================
This is an automated message from 0Spam.com.
Please do not reply to this Email.
Looking for a free anti-spam service?
Visit us at http://www.0spam.com to find out more.
> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
> Key: WSS-39
> URL: https://issues.apache.org/jira/browse/WSS-39
> Project: WSS4J
> Issue Type: Bug
> Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
> Reporter: Guy Rixon
> Assigned To: Davanum Srinivas
> Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Updated: (WSS-39) Digital signature of SOAP bodies fails
when using Axis 1.3
Posted by "Davanum Srinivas (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Davanum Srinivas updated WSS-39:
--------------------------------
Assignee: (was: Davanum Srinivas)
> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
> Key: WSS-39
> URL: https://issues.apache.org/jira/browse/WSS-39
> Project: WSS4J
> Issue Type: Bug
> Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
> Reporter: Guy Rixon
> Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Commented: (WSS-39) Digital signature of SOAP bodies fails
when using Axis 1.3
Posted by "verify@0spam.com (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12498266 ]
verify@0spam.com commented on WSS-39:
-------------------------------------
ATTENTION!
A message you recently sent to a 0Spam.com user with the subject "[jira] Commented: (WSS-39) Digital signature of SO..." was not delivered because they are using the 0Spam.com anti-spam service. Please click the link below to confirm that this is not spam. When you confirm, this message and all future messages you send will automatically be accepted.
http://www.0spam.com/v.cgi?user=1086966126&verify=724829
========================================
This is an automated message from 0Spam.com.
Please do not reply to this Email.
Looking for a free anti-spam service?
Visit us at http://www.0spam.com to find out more.
> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
> Key: WSS-39
> URL: https://issues.apache.org/jira/browse/WSS-39
> Project: WSS4J
> Issue Type: Bug
> Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
> Reporter: Guy Rixon
> Assigned To: Davanum Srinivas
> Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Commented: (WSS-39) Digital signature of SOAP bodies fails
when using Axis 1.3
Posted by "Agusti Dosaiguas (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12498286 ]
Agusti Dosaiguas commented on WSS-39:
-------------------------------------
What is this about 0spam.com? Is it a way to e-mail adresses from spammers?
> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
> Key: WSS-39
> URL: https://issues.apache.org/jira/browse/WSS-39
> Project: WSS4J
> Issue Type: Bug
> Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
> Reporter: Guy Rixon
> Assigned To: Davanum Srinivas
> Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when using Axis 1.2.1: the message is signed without reported errors but the signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that the digest of the reference to the SOAP body is verified but the actual signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of an org.w3c.dom.Document, has a correct, verifiable signature on return from WSSignEnvelope.build, but an incorrect signature after it has been serialized into the MessageContext and recovered as a Document within the same Handler. I.e., this problem is not due to the client's pivot handler or to handlers in the service.
> The bytes of the signature encoded in the message seem not to be changed between successful and unsucecssful verifications. Therefore, presumably, something in Axis is disturbing the XML in the SignedInfo such that the canonicalization fails. In my test code and handler I set the properties enableNamespacePrefixOptimization to false and disablePrettyXML to true, but it makes no difference.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org