You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Marc Giger (JIRA)" <ji...@apache.org> on 2012/07/19 19:08:34 UTC
[jira] [Commented] (SANTUARIO-330) Problem processing #default
PrefixList for streaming signature verification
[ https://issues.apache.org/jira/browse/SANTUARIO-330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13418451#comment-13418451 ]
Marc Giger commented on SANTUARIO-330:
--------------------------------------
This is a exc-c14n schema bug. An errata already exists:
http://www.w3.org/2002/07/xml-exc-c14n-errata
E02 2002-10-03; updated 2009-08-04 (Error)
In section 4 Use in XML Security, the data type of the PrefixList attribute value is specified as NMTOKENS in both the DTD and Schema. This does not permit "non-zero-length sequences," or the occurrence of the '#default' token in the attribute value because of the "#" character. Consequently, the The type of this attribute value should be CDATA in a DTD and/or list of xsd:string in a XML Schema.
See also: corrected schema document; corrected DTD
Fixed in r1363426
> Problem processing #default PrefixList for streaming signature verification
> ---------------------------------------------------------------------------
>
> Key: SANTUARIO-330
> URL: https://issues.apache.org/jira/browse/SANTUARIO-330
> Project: Santuario
> Issue Type: Bug
> Components: Java
> Reporter: Colm O hEigeartaigh
> Assignee: Marc Giger
> Fix For: Java 2.0.0
>
>
> This seems to be a problem processing #default PrefixList for streaming signature verification. The BaltimoreTest.testExcSignature testcase is failing with:
> javax.xml.stream.XMLStreamException: org.apache.xml.security.stax.ext.XMLSecurityException: An error was discovered processing the <wsse:Security> header; nested exception is:
> javax.xml.bind.UnmarshalException
> - with linked exception:
> [org.xml.sax.SAXParseException: cvc-datatype-valid.1.2.1: '#default' is not a valid value for 'NMTOKEN'.]
> at org.apache.xml.security.stax.impl.XMLSecurityStreamReader.next(XMLSecurityStreamReader.java:72)
> Colm.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira