axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Theodore W. Leung" <twle...@sauria.com>
Subject Re: XML Security Job Offer: Axis Connector
Date Fri, 11 Jan 2002 06:01:12 GMT
On Thu, 2002-01-10 at 12:57, Christian Geuer-Pollmann wrote:
> 
> Second: It seems that the Signature it not in the final DOM tree: You add 
> the Signature Element to a new SOAPHeader which is added to the Envelope. 
> During the sign() operation, the whole tree is taversed. I added the (+) 
> marked code prior to the sign call and the output shows me that the 
> Signature element has no parent:

I'm including a bigger section of Client.java:

      Element methodElement = doc.createElementNS("http://xml.apache.org/xml-axis-xml-security/LogTestService",
                                                  "ns1:testMethod");

      methodElement.setAttributeNS(SOAPSECNS, SOAPSECprefix + ":id", "Body");

      SOAPBodyElement sbe = new SOAPBodyElement(methodElement);

      env.addBodyElement(sbe);
      Message msg = new Message(env);
      doc = msg.getSOAPEnvelope().getAsDocument();
// 1. We just got the SOAP Envelope as a DOM tree -- it doesn't have the Signature Header
in it
      System.out.println("\n============= Request (Before Signing) ==============");
      XMLUtils.PrettyDocumentToStream(msg.getSOAPEnvelope().getAsDocument(), System.out);

      String BaseURI = "http://dims";
      XMLSignature sig = new XMLSignature(doc, BaseURI,
                                          XMLSignature.ALGO_ID_SIGNATURE_DSA);
// 2. We use doc from 1. to create an XMLSignature (which we need to create the signature
header)
      sig.addDocument("#Body");
      env.addHeader(new SOAPHeader(sig.getElement()));
//3. We create the signature header -- In the Envelope Object, but not in the DOM tree to
be used by
//   the signature
      X509Certificate cert =
         (X509Certificate) ks.getCertificate(certificateAlias);

      sig.addKeyInfo(cert);
      sig.addKeyInfo(cert.getPublicKey());
      Node curr = sig.getElement();
      while (curr != null) {
	  System.out.println(org.apache.xml.security.utils.XMLUtils.getNodeTypeString(curr) + " "
+ curr);
	  curr = curr.getParentNode();
      }

      sig.sign(privateKey);
// 4. we try to sign and fail

So I thought to fix this by getting the env as a DOM  again, but then I need to create a
new signature using that DOM.  And that does't seem to be working.  I need a way to create
just an
empty signature element and add that as a header before creating the signature value.


Also if I dump out the value of the envelope at 3. by doing msg.getSOAPEnvelope().getAsDocument(),

then I see that the namespaces on the headers look weird:

Dims, I don't understand all the ----end bracketed output - I assume this
is telling me about the namespaces associated with the envelope.  

============= doc (after adding header) ==============
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
----
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/envelope/ -> SOAP-ENV
http://schemas.xmlsoap.org/soap/security/2000-12 -> SOAP-SEC
http://www.w3.org/2001/XMLSchema -> xsd
http://www.w3.org/2001/XMLSchema-instance -> xsi
----end
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope SOAP-ENV:actor="some-uri" SOAP-ENV:mustUnderstand="1" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

  <SOAP-ENV:Header>
  <ns1:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ns1="http://www.w3.org/2000/09/xmldsig#">

   <ns1:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

    <ns1:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>

    <ns1:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>

    <ns1:Reference URI="#Body" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

     <ns1:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>

     <ns1:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>

    </ns1:Reference>

   </ns1:SignedInfo>

   <ns1:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>

  </ns1:Signature>
  </SOAP-ENV:Header>

  <SOAP-ENV:Body>
  <ns2:testMethod SOAP-SEC:id="Body" xmlns:ns2="http://xml.apache.org/xml-axis-xml-security/LogTestService"/>
  </SOAP-ENV:Body>

</SOAP-ENV:Envelope>
ELEMENT [ds:Signature: null]
java.lang.NullPointerException
	at org.apache.xml.security.signature.Manifest.generateDigestValues(Manifest.java:211)
	at org.apache.xml.security.signature.XMLSignature.sign(XMLSignature.java:547)
	at security.Client.main(Client.java:182)
Exception in thread "main" 

Mime
View raw message