cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r905723 - in /cxf/branches/2.2.x-fixes: ./ rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/ rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/
Date Tue, 02 Feb 2010 17:40:23 GMT
Author: dkulp
Date: Tue Feb  2 17:40:19 2010
New Revision: 905723

URL: http://svn.apache.org/viewvc?rev=905723&view=rev
Log:
Merged revisions 905712 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r905712 | dkulp | 2010-02-02 12:16:20 -0500 (Tue, 02 Feb 2010) | 2 lines
  
  [CXF-2638] Fix issues with validating XPath related security policies
  Patch from David Valeri  applied.
........

Added:
    cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageUtil.java
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/content_encrypted_elements_policy.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/content_encrypted_elements_policy.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_body_content.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_body_content.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_body_element.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_body_element.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_elements_policy.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_elements_policy.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_elements_policy2.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_elements_policy2.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_missing_enc_body.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_missing_enc_body.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_missing_enc_header.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_missing_enc_header.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_parts_policy_body.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_parts_policy_body.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_parts_policy_header.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_parts_policy_header.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_parts_policy_header_and_body.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_parts_policy_header_and_body.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_parts_policy_header_namespace_only.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/encrypted_parts_policy_header_namespace_only.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_elements_policy.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_elements_policy.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_missing_signed_body.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_missing_signed_body.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_missing_signed_header.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_missing_signed_header.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_parts_policy_body.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_parts_policy_body.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_parts_policy_header.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_parts_policy_header.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_parts_policy_header_and_body.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_parts_policy_header_and_body.xml
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_parts_policy_header_namespace_only.xml
      - copied unchanged from r905712, cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed_parts_policy_header_namespace_only.xml
Modified:
    cxf/branches/2.2.x-fixes/   (props changed)
    cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
    cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed.xml

Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
    svn:mergeinfo = /cxf/trunk:905712

Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=905723&r1=905722&r2=905723&view=diff
==============================================================================
--- cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
(original)
+++ cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Tue Feb  2 17:40:19 2010
@@ -40,8 +40,6 @@
 import javax.xml.xpath.XPathExpressionException;
 import javax.xml.xpath.XPathFactory;
 
-import org.w3c.dom.Attr;
-import org.w3c.dom.Element;
 import org.w3c.dom.NodeList;
 
 import org.apache.cxf.Bus;
@@ -50,14 +48,12 @@
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.endpoint.Endpoint;
 import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.helpers.MapNamespaceContext;
 import org.apache.cxf.resource.ResourceManager;
 import org.apache.cxf.service.model.EndpointInfo;
 import org.apache.cxf.ws.policy.AssertionInfo;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
 import org.apache.cxf.ws.policy.PolicyAssertion;
-import org.apache.cxf.ws.policy.PolicyConstants;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.policy.SP11Constants;
 import org.apache.cxf.ws.security.policy.SP12Constants;
@@ -74,6 +70,8 @@
 import org.apache.cxf.ws.security.policy.model.UsernameToken;
 import org.apache.cxf.ws.security.policy.model.Wss11;
 import org.apache.cxf.ws.security.policy.model.X509Token;
+import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope;
+import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSDataRef;
 import org.apache.ws.security.WSSecurityEngineResult;
@@ -312,15 +310,15 @@
                                    Collection<WSDataRef> refs,
                                    SoapMessage msg,
                                    SOAPMessage doc,
-                                   String type,
-                                   boolean content) throws SOAPException {
+                                   CoverageType type,
+                                   CoverageScope scope) throws SOAPException {
         Collection<AssertionInfo> ais = aim.get(name);
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 ai.setAsserted(true);
                 Map<String, String> namespaces = null;
                 List<String> xpaths = null;
-                if (content) {
+                if (CoverageScope.CONTENT.equals(scope)) {
                     ContentEncryptedElements p = (ContentEncryptedElements)ai.getAssertion();
                     namespaces = p.getDeclaredNamespaces();
                     xpaths = p.getXPathExpressions();
@@ -329,55 +327,15 @@
                     namespaces = p.getDeclaredNamespaces();
                     xpaths = p.getXPathExpressions();
                 }
+                
                 if (xpaths != null) {
-                    XPathFactory factory = XPathFactory.newInstance();
-                    for (String expression : xpaths) {
-                        XPath xpath = factory.newXPath();
-                        if (namespaces != null) {
-                            xpath.setNamespaceContext(new MapNamespaceContext(namespaces));
-                        }
+                    for (String xPath : xpaths) {
                         try {
-                            NodeList list = (NodeList)xpath.evaluate(expression, 
-                                                                     doc.getSOAPPart().getEnvelope(),
-                                                                     XPathConstants.NODESET);
-                            boolean found = list.getLength() == 0;
-                            for (int x = 0; x < list.getLength(); x++) {
-                                Element el = (Element)list.item(x);
-                                for (WSDataRef r : refs) {
-                                    if (r.getProtectedElement() == el
-                                        && r.isContent() == content) {
-                                        found = true;
-                                    }
-                                }
-                            }
-                            if (!found && "signed".equals(type)) {
-                                for (int x = 0; x < list.getLength(); x++) {
-                                    Element el = (Element)list.item(x);
-                                    
-                                    Attr idAttr = el.getAttributeNodeNS(PolicyConstants.WSU_NAMESPACE_URI,
-                                                                   "Id");
-                                    if (idAttr == null) {
-                                        idAttr = el.getAttributeNode("Id");
-                                    }
-                                    String id = idAttr == null ? null : idAttr.getValue();
-
-                                    for (WSDataRef r : refs) {
-                                        if (r.getName().equals(new QName(el.getNamespaceURI(),
-                                                                     el.getLocalName()))
-                                            && r.getWsuId() != null
-                                            && (r.getWsuId().equals(id)
-                                             || r.getWsuId().equals("#" + id))) {
-                                            found = true;
-                                        }
-                                    }
-                                }
-                            }
-                            if (!found) {
-                                ai.setNotAsserted("No " + type 
-                                                  + " element found matching XPath " + expression);
-                            }
-                        } catch (Exception ex) {
-                            //REVISIT
+                            CryptoCoverageUtil.checkCoverage(doc, refs,
+                                    namespaces, xPath, type, scope);
+                        } catch (WSSecurityException e) {
+                            ai.setNotAsserted("No " + type 
+                                    + " element found matching XPath " + xPath);
                         }
                     }
                 }
@@ -385,48 +343,44 @@
         }
     }
 
-    private boolean contains(Collection<WSDataRef> refs, QName qn) {
-        for (WSDataRef r : refs) {
-            if (r.getName().equals(qn)) {
-                return true;
-            }
-        }
-        return false;
-    }
+    
     private void assertTokens(AssertionInfoMap aim, 
                               QName name, 
                               Collection<WSDataRef> signed,
                               SoapMessage msg,
                               SOAPMessage doc,
-                              String type) throws SOAPException {
+                              CoverageType type) throws SOAPException {
         Collection<AssertionInfo> ais = aim.get(name);
         if (ais != null) {
             for (AssertionInfo ai : ais) {
                 ai.setAsserted(true);
                 SignedEncryptedParts p = (SignedEncryptedParts)ai.getAssertion();
-                if (p.isBody() && !contains(signed, msg.getVersion().getBody()))
{
-                    ai.setNotAsserted(msg.getVersion().getBody() + " not " + type);
+                
+                if (p.isBody()) {
+                    try {
+                        if (CoverageType.SIGNED.equals(type)) {
+                            CryptoCoverageUtil.checkBodyCoverage(doc, signed, type, CoverageScope.ELEMENT);
+                        } else {
+                            CryptoCoverageUtil.checkBodyCoverage(doc, signed, type, CoverageScope.CONTENT);
+                        }
+                    } catch (WSSecurityException e) {
+                        ai.setNotAsserted(msg.getVersion().getBody() + " not " + type);
+                    }
                 }
+                
                 for (Header h : p.getHeaders()) {
-                    if (!contains(signed, h.getQName())) {
-                        boolean found = false;
-                        Element nd = DOMUtils.getFirstElement(doc.getSOAPHeader());
-                        while (nd != null && !found) {
-                            if (h.getNamespace().equals(nd.getNamespaceURI())
-                                && (nd.getLocalName().equals(h.getName())
-                                    || h.getName() == null)) {
-                                found = true;
-                            }
-                            nd = DOMUtils.getNextElement(nd);
-                        }
-                        if (found) {
-                            ai.setNotAsserted(h.getQName() + " not + " + type);
-                        }
+                    try {
+                        CryptoCoverageUtil.checkHeaderCoverage(doc, signed, h
+                                .getNamespace(), h.getName(), type,
+                                CoverageScope.ELEMENT);
+                    } catch (WSSecurityException e) {
+                        ai.setNotAsserted(h.getQName() + " not + " + type);
                     }
                 }
             }
         }
     }
+    
     protected void computeAction(SoapMessage message, RequestData data) {
         AssertionInfoMap aim = message.get(AssertionInfoMap.class);
         // extract Assertion information
@@ -569,12 +523,14 @@
                 //anything else to process?  Maybe check tokens for BKT requirements?
             }                        
         }
-        assertTokens(aim, SP12Constants.SIGNED_PARTS, signed, msg, doc, "signed");
-        assertTokens(aim, SP12Constants.ENCRYPTED_PARTS, encrypted, msg, doc, "encrypted");
-        assertXPathTokens(aim, SP12Constants.SIGNED_ELEMENTS, signed, msg, doc, "signed",
false);
-        assertXPathTokens(aim, SP12Constants.ENCRYPTED_ELEMENTS, encrypted, msg, doc, "encrypted",
false);
-        assertXPathTokens(aim, SP12Constants.CONTENT_ENCRYPTED_ELEMENTS, encrypted, msg,
-                          doc, "encrypted", true);
+        assertTokens(aim, SP12Constants.SIGNED_PARTS, signed, msg, doc, CoverageType.SIGNED);
+        assertTokens(aim, SP12Constants.ENCRYPTED_PARTS, encrypted, msg, doc, CoverageType.ENCRYPTED);
+        assertXPathTokens(aim, SP12Constants.SIGNED_ELEMENTS, signed, msg, doc,
+                CoverageType.SIGNED, CoverageScope.ELEMENT);
+        assertXPathTokens(aim, SP12Constants.ENCRYPTED_ELEMENTS, encrypted, msg, doc,
+                CoverageType.ENCRYPTED, CoverageScope.ELEMENT);
+        assertXPathTokens(aim, SP12Constants.CONTENT_ENCRYPTED_ELEMENTS, encrypted, msg,
doc,
+                CoverageType.ENCRYPTED, CoverageScope.CONTENT);
         
         assertHeadersExists(aim, msg, doc);
 

Modified: cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed.xml?rev=905723&r1=905722&r2=905723&view=diff
==============================================================================
--- cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed.xml
(original)
+++ cxf/branches/2.2.x-fixes/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/signed.xml
Tue Feb  2 17:40:19 2010
@@ -1,30 +1,51 @@
-<soapenv:Envelope xmlns="http://somenamespace.pl" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-<soapenv:Header xmlns="http://somenamespace.pl" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-<wsse:Security soapenv:actor="actor1" soapenv:mustUnderstand="1" xmlns="http://somenamespace.pl"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><ds:Signature
xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-<ds:SignedInfo xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns="http://somenamespace.pl"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
-<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" xmlns="http://somenamespace.pl"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
-<ds:Reference URI="#id-2554341" xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-<ds:Transforms xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns="http://somenamespace.pl"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
+<?xml version="1.0" encoding="UTF-8"?>
+<soapenv:Envelope xmlns:ser="http://blah" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+   <soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><ds:Signature
Id="Signature-13" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:SignedInfo>
+<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+<ds:Reference URI="#id-14">
+<ds:Transforms>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 </ds:Transforms>
-<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns="http://somenamespace.pl"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
-<ds:DigestValue xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">nHDpxCF9GOnGqqxXMsKcok736Kc=</ds:DigestValue>
+<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+<ds:DigestValue>wDPX14XCrVsUWZn6j8rs+m7I8O8=</ds:DigestValue>
+</ds:Reference>
+<ds:Reference URI="#id-8">
+<ds:Transforms>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+</ds:Transforms>
+<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+<ds:DigestValue>TJj4H4XAG1HaH/gPprXOv5zwkXQ=</ds:DigestValue>
+</ds:Reference>
+<ds:Reference URI="#id-15">
+<ds:Transforms>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+</ds:Transforms>
+<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+<ds:DigestValue>NL4WOzgXO8Lc2aBiWr78AXzK/gM=</ds:DigestValue>
 </ds:Reference>
 </ds:SignedInfo>
-<ds:SignatureValue xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-XJT0rL/FWioSoS5lHGl25uQVSJS8KCwNA8r8PRE8FpJp2m34ZmihDt1SKZNbzQioTvczJoigAgU5
-Ew72ODuD/2vGjbXYzrrgaq/3VPA3XFBWBvKSEwe34feQI2huhNV8litJSyQwOrKmIE2cc3yXGitJ
-ZqciSl1dZnaMjx7JYAA=
+<ds:SignatureValue>
+bAx2CT83LxVKReQzYCEHGxxTo3MZzOHMA6e/CcHOQlfvJXwOWcOe/gzk5APRzOJBC1fKGAH0dAiO
+f70WVCU0wRjcjj3+PHiSRRfgqAGk6M/Txl2uGgoSW5JCGYsgTrSLtE6c/n75XGfQr38yiZwAKT8P
+dFHSXRu3Q9SBx0idbBg=
 </ds:SignatureValue>
-<ds:KeyInfo Id="KeyId-15399793" xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 >
-<wsse:SecurityTokenReference wsu:Id="STRId-11349040" xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><ds:X509IssuerSerial
xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-<ds:X509IssuerName xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">CN=alias</ds:X509IssuerName>
-
-<ds:X509SerialNumber xmlns="http://somenamespace.pl" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">1137540018</ds:X509SerialNumber>
-</ds:X509IssuerSerial></wsse:SecurityTokenReference>
+<ds:KeyInfo Id="KeyId-B5419464DCB3C8B05A126477266969520">
+<wsse:SecurityTokenReference wsu:Id="STRId-B5419464DCB3C8B05A126477266969521" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><ds:X509Data>
+<ds:X509IssuerSerial>
+<ds:X509IssuerName>CN=myAlias</ds:X509IssuerName>
+<ds:X509SerialNumber>1181668586</ds:X509SerialNumber>
+</ds:X509IssuerSerial>
+</ds:X509Data></wsse:SecurityTokenReference>
 </ds:KeyInfo>
-</ds:Signature></wsse:Security></soapenv:Header>
-	<soapenv:Body wsu:Id="id-2554341" xmlns="http://somenamespace.pl" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-		<testMethod xmlns="http://cxf.apache.org/BookService" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
</soapenv:Body>
+</ds:Signature></wsse:Security>
+      <Header wsu:Id="id-14" xmlns="http://www.sdj.pl" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">1234</Header>
+      <Header wsu:Id="id-8" xmlns="http://www.sdj.pl" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">5678</Header>
+   </soapenv:Header>
+   <soapenv:Body wsu:Id="id-15" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+     <echo xmlns="http://www.sdj.pl">
+       <in0>A</in0>    
+     </echo>
+   </soapenv:Body>
 </soapenv:Envelope>



Mime
View raw message