You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by Gonzalo Vasquez <gv...@altiuz.cl> on 2014/10/09 21:08:51 UTC
Using XML Security Component
Hi everyone,
I need to sign an xml using the "enveloped" method, but haven't been able to realize what to do with the needed keyAccessor parameter. I'm aware of default available implementation, buy haven't been able to found documentation and/or examples using it and how to configure it. I might me also capable of writing my own, but also no hints on what to do.
The scenario is as follows: I have several PFX files with certificates (protected by passwords), which will be used for the XML signing process, and I'll have to choose amongst them using an attribute from the XML message to be signed. (I think I'll have to import them into a KeyStore perhaps).
Can anyone provide hints on how to solve this?
This is my endpoint declaration:
<camel:to uri="xmlsecurity:sign://enveloped?keyAccessor=#myKeyAccessor&parentLocalName=notaDebito" />
"notaDebito" is the root node of the incoming XML message, which is OK in this case
I also had a bean like this, but it was of no use (probably need more initialization that just the default:
<bean id="myKeyAccessor" class="cl.altiuz.reports.KeyAccesor" />
As it shows this stacktrace:
org.apache.camel.component.xmlsecurity.api.XmlSignatureException: javax.xml.crypto.dsig.XMLSignatureException: the keySelector did not find a signing key
at org.apache.camel.component.xmlsecurity.processor.XmlSignerProcessor.sign(XmlSignerProcessor.java:307)
at org.apache.camel.component.xmlsecurity.processor.XmlSignerProcessor.process(XmlSignerProcessor.java:217)
at org.apache.camel.component.xmlsecurity.XmlSignatureProducer.process(XmlSignatureProducer.java:39)
at org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)
Regards,
Gonzalo Vásquez Sáez
Gerente Investigación y Desarrollo (R&D)
Altiuz Soluciones Tecnológicas de Negocios Ltda.
Av. Nueva Tajamar 555 Of. 802, Las Condes - CP 7550099
+56 2 335 2461
gvasquez@altiuz.cl
http://www.altiuz.cl
http://www.altiuzreports.com
Re: Using XML Security Component
Posted by Colm O hEigeartaigh <co...@apache.org>.
What does "cl.altiuz.reports.KeyAccesor" look like? Ultimately, the
"getKeySelector" method of this implementation is returning null. You could
look at the test source for some examples:
https://git-wip-us.apache.org/repos/asf?p=camel.git;a=blob_plain;f=components/camel-xmlsecurity/src/test/java/org/apache/camel/component/xmlsecurity/XmlSignatureTest.java;hb=HEAD
Colm.
On Thu, Oct 9, 2014 at 8:08 PM, Gonzalo Vasquez <gv...@altiuz.cl> wrote:
> Hi everyone,
>
> I need to sign an xml using the "enveloped" method, but haven't been able
> to realize what to do with the needed keyAccessor parameter. I'm aware of
> default available implementation, buy haven't been able to found
> documentation and/or examples using it and how to configure it. I might me
> also capable of writing my own, but also no hints on what to do.
>
> The scenario is as follows: I have several PFX files with certificates
> (protected by passwords), which will be used for the XML signing process,
> and I'll have to choose amongst them using an attribute from the XML
> message to be signed. (I think I'll have to import them into a KeyStore
> perhaps).
>
> Can anyone provide hints on how to solve this?
>
> This is my endpoint declaration:
>
> <camel:to
> uri="xmlsecurity:sign://enveloped?keyAccessor=#myKeyAccessor&parentLocalName=notaDebito"
> />
>
> "notaDebito" is the root node of the incoming XML message, which is OK in
> this case
>
> I also had a bean like this, but it was of no use (probably need more
> initialization that just the default:
>
> <bean id="myKeyAccessor" class="cl.altiuz.reports.KeyAccesor" />
>
> As it shows this stacktrace:
>
> org.apache.camel.component.xmlsecurity.api.XmlSignatureException:
> javax.xml.crypto.dsig.XMLSignatureException: the keySelector did not find a
> signing key
> at
> org.apache.camel.component.xmlsecurity.processor.XmlSignerProcessor.sign(XmlSignerProcessor.java:307)
> at
> org.apache.camel.component.xmlsecurity.processor.XmlSignerProcessor.process(XmlSignerProcessor.java:217)
> at
> org.apache.camel.component.xmlsecurity.XmlSignatureProducer.process(XmlSignatureProducer.java:39)
> at
> org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)
>
>
> Regards,
> Gonzalo Vásquez Sáez
> Gerente Investigación y Desarrollo (R&D)
> Altiuz Soluciones Tecnológicas de Negocios Ltda.
> Av. Nueva Tajamar 555 Of. 802, Las Condes - CP 7550099
> +56 2 335 2461
> gvasquez@altiuz.cl
> http://www.altiuz.cl
> http://www.altiuzreports.com
>
>
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com