You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Paweł Gutowski <pa...@gmail.com> on 2012/06/29 13:06:23 UTC
Signing BinarySecurityToken
I need to sign Body and BinarySecurityToken elements.
I get this exception when creating signature for the message:
Caused by: org.apache.ws.security.WSSecurityException: Error during Signature:
... 35 more
Caused by: org.apache.ws.security.WSSecurityException: Signature
creation failed (Cannot setup signature data structure)
... 38 more
Caused by: org.apache.ws.security.WSSecurityException: General
security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign
not found: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd,
BinarySecurityToken)
at org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
This is my Spring config part:
<bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Signature" />
<entry key="user" value="mySuer" />
<entry key="passwordCallbackRef">
<bean id="myPasswordCallback"
class="com.myCompany.MyPasswordCallback" />
</entry>
<entry key="signaturePropFile" value="client_sign.properties" />
<entry key="signatureKeyIdentifier" value="DirectReference" />
<entry key="signatureParts"
value="{}{http://schemas.xmlsoap.org/soap/envelope/}Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken"
/>
<entry key="isBSPCompliant" value="false" />
</map>
</constructor-arg>
</bean>
I also tried to change signatureParts value to:
<entry key="signatureParts"
value="Token;{}{http://schemas.xmlsoap.org/soap/envelope/}Body" />
then I get the same exception:
Caused by: org.apache.ws.security.WSSecurityException: General
security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign
not found: http://schemas.xmlsoap.org/soap/envelope/, Token)
at org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
... 41 more
There is no problem with producing signature for Body and BST elements
on Weblogic server.
This is what I expect to produce:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soap="http://soap.my.company.com/">
<soapenv:Header>
<wsse:Security soap:mustUnderstand="1"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="SecurityToken-270e5823-573d-4252-9607-db5f6286969b">MIIDg...
</wsse:BinarySecurityToken>
<Signature Id="cd56d279-7479-41ec-94e1-b0d72f961cf0"
xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#SecurityToken-270e5823-573d-4252-9607-db5f6286969b">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>oGYH...g=</DigestValue>
</Reference>
<Reference URI="#Id-117b61be-9ca0-4745-b0fa-946e2492f0a3">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>Qo8S...=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>KV2eV.....=
</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference
URI="#SecurityToken-270e5823-573d-4252-9607-db5f6286969b"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
/>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soapenv:Header>
<soapenv:Body wsu:Id="Id-117b61be-9ca0-4745-b0fa-946e2492f0a3">
.....
</soapenv:Body>
</soapenv:Envelope>
Re: Signing BinarySecurityToken
Posted by Paweł Gutowski <pa...@gmail.com>.
Thanks Colm!
It works after switching from WS-Security to WS-Policy.
To others who may face the similar problem, you need to:
1. Define correct policy in WSDL
2. Configure CXF to use this WSDL when creating service. (without this
services looks like running well, but policy doesn't work).
3. Put correct binding and port names in Spring CXF XML configuration
file. (without this services looks like running well, but policy
doesn't work).
Regards,
Pawel Gutowski
2012/6/29 Paweł Gutowski <pa...@gmail.com>:
> I will check it right now.
>
> I am also trying to make it by registering 2 different out interceptors.
> The first one would be creating BST element.
> The second one would be signing body and BST.
> I already managed to make it in that way in SoapUI (which also uses CXF).
>
> Unfortunately, CXF looks like ignoring the second interceptor.
> Do you think this solution may work?
>
>
> 2012/6/29 Colm O hEigeartaigh <co...@apache.org>:
>> Hi Pawel,
>>
>> It is not possible to do this using the non-policy WS-Security
>> interceptors. However, you should be able to get it working by adapting one
>> of the X509 test policies, e.g.:
>>
>> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/DoubleItX509.wsdl?view=markup
>>
>> Colm.
>>
>> On Fri, Jun 29, 2012 at 12:06 PM, Paweł Gutowski
>> <pa...@gmail.com>wrote:
>>
>>> I need to sign Body and BinarySecurityToken elements.
>>> I get this exception when creating signature for the message:
>>>
>>>
>>> Caused by: org.apache.ws.security.WSSecurityException: Error during
>>> Signature:
>>> ... 35 more
>>> Caused by: org.apache.ws.security.WSSecurityException: Signature
>>> creation failed (Cannot setup signature data structure)
>>> ... 38 more
>>> Caused by: org.apache.ws.security.WSSecurityException: General
>>> security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign
>>> not found:
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>>> ,
>>> BinarySecurityToken)
>>> at
>>> org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
>>>
>>>
>>> This is my Spring config part:
>>>
>>> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
>>> <constructor-arg>
>>> <map>
>>> <entry key="action" value="Signature" />
>>> <entry key="user" value="mySuer" />
>>> <entry key="passwordCallbackRef">
>>> <bean id="myPasswordCallback"
>>> class="com.myCompany.MyPasswordCallback" />
>>> </entry>
>>> <entry key="signaturePropFile" value="client_sign.properties" />
>>> <entry key="signatureKeyIdentifier" value="DirectReference" />
>>> <entry key="signatureParts"
>>> value="{}{
>>> http://schemas.xmlsoap.org/soap/envelope/}Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken
>>> "
>>> />
>>> <entry key="isBSPCompliant" value="false" />
>>> </map>
>>> </constructor-arg>
>>> </bean>
>>>
>>>
>>> I also tried to change signatureParts value to:
>>> <entry key="signatureParts"
>>> value="Token;{}{http://schemas.xmlsoap.org/soap/envelope/}Body" />
>>>
>>> then I get the same exception:
>>> Caused by: org.apache.ws.security.WSSecurityException: General
>>> security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign
>>> not found: http://schemas.xmlsoap.org/soap/envelope/, Token)
>>> at
>>> org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
>>> ... 41 more
>>>
>>>
>>> There is no problem with producing signature for Body and BST elements
>>> on Weblogic server.
>>> This is what I expect to produce:
>>>
>>> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/
>>> "
>>> xmlns:soap="http://soap.my.company.com/">
>>> <soapenv:Header>
>>> <wsse:Security soap:mustUnderstand="1"
>>> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
>>> xmlns:wsse="
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>>> ">
>>> <wsse:BinarySecurityToken
>>> ValueType="
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>>> "
>>> EncodingType="
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
>>> "
>>> xmlns:wsu="
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>>> "
>>> wsu:Id="SecurityToken-270e5823-573d-4252-9607-db5f6286969b">MIIDg...
>>> </wsse:BinarySecurityToken>
>>> <Signature Id="cd56d279-7479-41ec-94e1-b0d72f961cf0"
>>> xmlns="http://www.w3.org/2000/09/xmldsig#">
>>> <SignedInfo>
>>> <ds:CanonicalizationMethod
>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
>>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
>>> <SignatureMethod
>>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>>> <Reference
>>> URI="#SecurityToken-270e5823-573d-4252-9607-db5f6286969b">
>>> <Transforms>
>>> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
>>> />
>>> </Transforms>
>>> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
>>> />
>>> <DigestValue>oGYH...g=</DigestValue>
>>> </Reference>
>>> <Reference URI="#Id-117b61be-9ca0-4745-b0fa-946e2492f0a3">
>>> <Transforms>
>>> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
>>> />
>>> </Transforms>
>>> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
>>> />
>>> <DigestValue>Qo8S...=</DigestValue>
>>> </Reference>
>>> </SignedInfo>
>>> <SignatureValue>KV2eV.....=
>>> </SignatureValue>
>>> <KeyInfo>
>>> <wsse:SecurityTokenReference>
>>> <wsse:Reference
>>> URI="#SecurityToken-270e5823-573d-4252-9607-db5f6286969b"
>>> ValueType="
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>>> "
>>> />
>>> </wsse:SecurityTokenReference>
>>> </KeyInfo>
>>> </Signature>
>>> </wsse:Security>
>>> </soapenv:Header>
>>> <soapenv:Body wsu:Id="Id-117b61be-9ca0-4745-b0fa-946e2492f0a3">
>>> .....
>>> </soapenv:Body>
>>> </soapenv:Envelope>
>>>
>>
>>
>>
>> --
>> Colm O hEigeartaigh
>>
>> Talend Community Coder
>> http://coders.talend.com
Re: Signing BinarySecurityToken
Posted by Paweł Gutowski <pa...@gmail.com>.
I will check it right now.
I am also trying to make it by registering 2 different out interceptors.
The first one would be creating BST element.
The second one would be signing body and BST.
I already managed to make it in that way in SoapUI (which also uses CXF).
Unfortunately, CXF looks like ignoring the second interceptor.
Do you think this solution may work?
2012/6/29 Colm O hEigeartaigh <co...@apache.org>:
> Hi Pawel,
>
> It is not possible to do this using the non-policy WS-Security
> interceptors. However, you should be able to get it working by adapting one
> of the X509 test policies, e.g.:
>
> http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/DoubleItX509.wsdl?view=markup
>
> Colm.
>
> On Fri, Jun 29, 2012 at 12:06 PM, Paweł Gutowski
> <pa...@gmail.com>wrote:
>
>> I need to sign Body and BinarySecurityToken elements.
>> I get this exception when creating signature for the message:
>>
>>
>> Caused by: org.apache.ws.security.WSSecurityException: Error during
>> Signature:
>> ... 35 more
>> Caused by: org.apache.ws.security.WSSecurityException: Signature
>> creation failed (Cannot setup signature data structure)
>> ... 38 more
>> Caused by: org.apache.ws.security.WSSecurityException: General
>> security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign
>> not found:
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>> ,
>> BinarySecurityToken)
>> at
>> org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
>>
>>
>> This is my Spring config part:
>>
>> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
>> <constructor-arg>
>> <map>
>> <entry key="action" value="Signature" />
>> <entry key="user" value="mySuer" />
>> <entry key="passwordCallbackRef">
>> <bean id="myPasswordCallback"
>> class="com.myCompany.MyPasswordCallback" />
>> </entry>
>> <entry key="signaturePropFile" value="client_sign.properties" />
>> <entry key="signatureKeyIdentifier" value="DirectReference" />
>> <entry key="signatureParts"
>> value="{}{
>> http://schemas.xmlsoap.org/soap/envelope/}Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken
>> "
>> />
>> <entry key="isBSPCompliant" value="false" />
>> </map>
>> </constructor-arg>
>> </bean>
>>
>>
>> I also tried to change signatureParts value to:
>> <entry key="signatureParts"
>> value="Token;{}{http://schemas.xmlsoap.org/soap/envelope/}Body" />
>>
>> then I get the same exception:
>> Caused by: org.apache.ws.security.WSSecurityException: General
>> security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign
>> not found: http://schemas.xmlsoap.org/soap/envelope/, Token)
>> at
>> org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
>> ... 41 more
>>
>>
>> There is no problem with producing signature for Body and BST elements
>> on Weblogic server.
>> This is what I expect to produce:
>>
>> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/
>> "
>> xmlns:soap="http://soap.my.company.com/">
>> <soapenv:Header>
>> <wsse:Security soap:mustUnderstand="1"
>> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:wsse="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>> ">
>> <wsse:BinarySecurityToken
>> ValueType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>> "
>> EncodingType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
>> "
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> "
>> wsu:Id="SecurityToken-270e5823-573d-4252-9607-db5f6286969b">MIIDg...
>> </wsse:BinarySecurityToken>
>> <Signature Id="cd56d279-7479-41ec-94e1-b0d72f961cf0"
>> xmlns="http://www.w3.org/2000/09/xmldsig#">
>> <SignedInfo>
>> <ds:CanonicalizationMethod
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
>> <SignatureMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>> <Reference
>> URI="#SecurityToken-270e5823-573d-4252-9607-db5f6286969b">
>> <Transforms>
>> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
>> />
>> </Transforms>
>> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
>> />
>> <DigestValue>oGYH...g=</DigestValue>
>> </Reference>
>> <Reference URI="#Id-117b61be-9ca0-4745-b0fa-946e2492f0a3">
>> <Transforms>
>> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
>> />
>> </Transforms>
>> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
>> />
>> <DigestValue>Qo8S...=</DigestValue>
>> </Reference>
>> </SignedInfo>
>> <SignatureValue>KV2eV.....=
>> </SignatureValue>
>> <KeyInfo>
>> <wsse:SecurityTokenReference>
>> <wsse:Reference
>> URI="#SecurityToken-270e5823-573d-4252-9607-db5f6286969b"
>> ValueType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>> "
>> />
>> </wsse:SecurityTokenReference>
>> </KeyInfo>
>> </Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body wsu:Id="Id-117b61be-9ca0-4745-b0fa-946e2492f0a3">
>> .....
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
Re: Signing BinarySecurityToken
Posted by Colm O hEigeartaigh <co...@apache.org>.
Hi Pawel,
It is not possible to do this using the non-policy WS-Security
interceptors. However, you should be able to get it working by adapting one
of the X509 test policies, e.g.:
http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/x509/DoubleItX509.wsdl?view=markup
Colm.
On Fri, Jun 29, 2012 at 12:06 PM, Paweł Gutowski
<pa...@gmail.com>wrote:
> I need to sign Body and BinarySecurityToken elements.
> I get this exception when creating signature for the message:
>
>
> Caused by: org.apache.ws.security.WSSecurityException: Error during
> Signature:
> ... 35 more
> Caused by: org.apache.ws.security.WSSecurityException: Signature
> creation failed (Cannot setup signature data structure)
> ... 38 more
> Caused by: org.apache.ws.security.WSSecurityException: General
> security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign
> not found:
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ,
> BinarySecurityToken)
> at
> org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
>
>
> This is my Spring config part:
>
> <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
> <constructor-arg>
> <map>
> <entry key="action" value="Signature" />
> <entry key="user" value="mySuer" />
> <entry key="passwordCallbackRef">
> <bean id="myPasswordCallback"
> class="com.myCompany.MyPasswordCallback" />
> </entry>
> <entry key="signaturePropFile" value="client_sign.properties" />
> <entry key="signatureKeyIdentifier" value="DirectReference" />
> <entry key="signatureParts"
> value="{}{
> http://schemas.xmlsoap.org/soap/envelope/}Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken
> "
> />
> <entry key="isBSPCompliant" value="false" />
> </map>
> </constructor-arg>
> </bean>
>
>
> I also tried to change signatureParts value to:
> <entry key="signatureParts"
> value="Token;{}{http://schemas.xmlsoap.org/soap/envelope/}Body" />
>
> then I get the same exception:
> Caused by: org.apache.ws.security.WSSecurityException: General
> security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign
> not found: http://schemas.xmlsoap.org/soap/envelope/, Token)
> at
> org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
> ... 41 more
>
>
> There is no problem with producing signature for Body and BST elements
> on Weblogic server.
> This is what I expect to produce:
>
> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/
> "
> xmlns:soap="http://soap.my.company.com/">
> <soapenv:Header>
> <wsse:Security soap:mustUnderstand="1"
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
> <wsse:BinarySecurityToken
> ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
> EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> "
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="SecurityToken-270e5823-573d-4252-9607-db5f6286969b">MIIDg...
> </wsse:BinarySecurityToken>
> <Signature Id="cd56d279-7479-41ec-94e1-b0d72f961cf0"
> xmlns="http://www.w3.org/2000/09/xmldsig#">
> <SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
> <SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> <Reference
> URI="#SecurityToken-270e5823-573d-4252-9607-db5f6286969b">
> <Transforms>
> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> />
> </Transforms>
> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> />
> <DigestValue>oGYH...g=</DigestValue>
> </Reference>
> <Reference URI="#Id-117b61be-9ca0-4745-b0fa-946e2492f0a3">
> <Transforms>
> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> />
> </Transforms>
> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> />
> <DigestValue>Qo8S...=</DigestValue>
> </Reference>
> </SignedInfo>
> <SignatureValue>KV2eV.....=
> </SignatureValue>
> <KeyInfo>
> <wsse:SecurityTokenReference>
> <wsse:Reference
> URI="#SecurityToken-270e5823-573d-4252-9607-db5f6286969b"
> ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
> />
> </wsse:SecurityTokenReference>
> </KeyInfo>
> </Signature>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body wsu:Id="Id-117b61be-9ca0-4745-b0fa-946e2492f0a3">
> .....
> </soapenv:Body>
> </soapenv:Envelope>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com