cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <>
Subject [jira] [Commented] (CXF-6900) invalid signature in case of soap fault
Date Tue, 24 May 2016 13:14:12 GMT


Colm O hEigeartaigh commented on CXF-6900:

Hi David,

The problem here is actually a problem with the SAAJ implementation that comes with the JDK,
where it "forces" the "env" prefix for a SOAP Fault when it does not have a pre-existing prefix.

[~dkulp] and I have managed to "work around" this problem in CXF. Your test-case should now
be working on the CXF master + 3.1.x-fixes branch. However, I believe it won't be backported
to CXF 3.0.x, as there are too many changes involved.


> invalid signature in case of soap fault
> ---------------------------------------
>                 Key: CXF-6900
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 3.0.3
>         Environment: windows 2008  jdk 1.6.0_45
>            Reporter: david leruse
>            Assignee: Colm O hEigeartaigh
>             Fix For: 3.1.7
>         Attachments: server7.log
> Hello,
> Having signature verification problems on the cxf client-side  with a .NET Ws-fed protected
webservice, I ask you a little help...
> Here is a summary of the problem :
> Most of the time, communication works well excepted when we got a soap fault message.
> Indeed signature validation works usually well excepted when
> we receive a fault message inside the body of the soap message. Even In this boundary
case, signature verification works well excepted for one element, the fault message (see the
enclosed server7.log file).             
> After digging a bit, i've found that the calculated digest couldn't be equal to the claimed
one because the content of the message given to  the DigesterOutpustrream is not well canonicalized
or normalized.
> Partial decrypted msg
> ...
> <s:Body u:Id="_3">
>   <Fault xmlns=""><Code><Value>DataNotFoundFault</Value></Code><Reason><Text
xml:lang="nl-BE">ContextContactInfo with Id '1' does not exist.</Text></Reason><Detail><DataNotFoundFault
xmlns="" xmlns:i=""><ErrorCode>ContextContactInfoNotFound</ErrorCode><Message>ContextContactInfo
with Id '1' does not exist.</Message></DataNotFoundFault></Detail></Fault>
>  </s:Body>
> ...
> Predigested input :
> <s:Body xmlns:s="" xmlns:u=""
u:Id="_3"><env:Fault><Code xmlns=""><Value>DataNotFoundFault</Value></Code><Reason
xmlns=""><Text xml:lang="nl-BE">ContextContactInfo
with Id '1' does not exist.</Text></Reason><env:Detail><DataNotFoundFault
with Id '1' does not exist.</Message></DataNotFoundFault></env:Detail></env:Fault></s:Body>
> Could you please check this problem and give me an advice ?
> The library used are :
> cxf 3.0.3
> wss4j 2.0.2
> xmlsec 2.0.2
> on a jdk 1.6.0_45
> Thanks in advance
> David L

This message was sent by Atlassian JIRA

View raw message