You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by Daniel Fisher <da...@vt.edu> on 2004/05/13 16:57:50 UTC

enveloping signatures

I've got some SPML that I'd like to send to a client with a digital signature.
Looking at the spec it seems like using an enveloping signature would be the
easiest thing to do.
This would allow me to send just one xml document, without having to use another
standard like SOAP-SEC.
The ObjectContainer only allows inserting of Nodes, however
when I try to insert my SPML I get the following exception:
WRONG_DOCUMENT_ERR: That node doesn't belong in this document.

Can anyone offer any advice on this problem?
Thanks.

--Daniel Fisher

Re: enveloping signatures

Posted by Daniel Fisher <da...@vt.edu>.

On Thu, 13 May 2004 16:58:42 +0200
Erwin van der Koogh <vd...@apache.org> wrote:

> > I've got some SPML that I'd like to send to a client with a digital
> > signature. Looking at the spec it seems like using an enveloping
> > signature would be the easiest thing to do.
> > This would allow me to send just one xml document, without having to use
> > another standard like SOAP-SEC.
> > The ObjectContainer only allows inserting of Nodes, however
> > when I try to insert my SPML I get the following exception:
> > WRONG_DOCUMENT_ERR: That node doesn't belong in this document.
> >
> > Can anyone offer any advice on this problem?
> > Thanks.
> 
> Don't make a new document for the signature when you instantiate it, but 
> use the document from your SPML.

Can you provide some sample code for doing this?
Here is what I'm doing (spml is a org.w3c.dom.Document):
      XMLSignature sig = new XMLSignature(
        spml,
        baseURI,
        XMLSignature.ALGO_ID_SIGNATURE_RSA);

      ObjectContainer obj = new ObjectContainer(spml);
      obj.setId("spml");
      sig.appendObject(obj);

If I print sig.getElement(), the <Object/> tag is empty.
I also can't get the transform to work, but one problem at a time...

Re: enveloping signatures

Posted by Erwin van der Koogh <vd...@apache.org>.

> I've got some SPML that I'd like to send to a client with a digital
> signature. Looking at the spec it seems like using an enveloping
> signature would be the easiest thing to do.
> This would allow me to send just one xml document, without having to use
> another standard like SOAP-SEC.
> The ObjectContainer only allows inserting of Nodes, however
> when I try to insert my SPML I get the following exception:
> WRONG_DOCUMENT_ERR: That node doesn't belong in this document.
>
> Can anyone offer any advice on this problem?
> Thanks.

Don't make a new document for the signature when you instantiate it, but 
use the document from your SPML.