santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <Sean.Mul...@Sun.COM>
Subject Re: Namespaces
Date Wed, 25 Apr 2007 20:58:18 GMT
I assume you are using the Apache XML Security APIs and not the standard
JSR 105 API. In that case, try calling the following static methods
before you sign/encrypt your data:

to set the dsig prefix to "":

org.apache.xml.security.utils.Constants.setSignatureSpecNSprefix("");

to set the enc prefix to "":

org.apache.xml.security.utils.ElementProxy.setPrefix(org.apache.xml.security.encryption.EncryptionConstants.EncryptionSpecNS,
"");

Let me know if that works.

--Sean

Berin Lautenbach wrote:
> OK - first up I'm not an expert on the Java library, more on the C++
> library.
> 
> The two examples you sent through are completely separate - one is for
> sig and one encryption.  So my guess is that in your situation you could
> set the namespace prefix to "" for the dsig namespace when you are doing
> a signature and to "" for the xenc namespace when you are doing
> encryption.  I.e. do one or the other - not both.  If you need to do
> both encryption and signature in one document, I'm not sure whether the
> library will let you do that easily.  I know you can't have both
> namespaces as the default, but maybe you can switch between each other
> as the default depending on what you are trying to do.
> 
> Hopefully someone else can comment in that case.
> 
> As a side note - namespace support is mandatory according to the spec.
> What is optional is the use of "dsig" as the namespace prefix.  So in
> reality a compliant implementation needs to support the use of a prefix
> for the signature and encryption namespaces.
> 
> Cheers,
>     Berin
> 
> Eric Tournier wrote:
>> Hi Berin :)
>>
>>   I hope your baby goes well and let you sleep :)
>>
>>   Was the previously posted XML useful ? I checked the W3 XMLEnc and
>> XMLDSig references and found that thes two namespaces were optional
>> (§1.3), so could you help me to configure XMLSecurity classe to
>> produce signed XML without ds: then produce with this doc a encrypted
>> XML without xenc: ?
>>
>> Thanks in advance
>> Eric
>>
>>> -----Message d'origine-----
>>> De : Berin Lautenbach [mailto:berin@wingsofhermes.org] Envoyé :
>>> mercredi 18 avril 2007 14:05
>>> À : security-dev@xml.apache.org
>>> Objet : Re: Namespaces
>>>
>>> Can you post a signature from the implementation you use to see what
>>> it looks like?
>>>
>>> Cheers,
>>>     Berin
>>>
>>> Eric Tournier wrote:
>>>> Hi Berin :)
>>>>
>>>>   I'm using a home-made XML Encryption implementation but 
>>> unfortunately I'm not the developer of it. This implementation does
>>> not support ds: and xenc: prefixes, so I try not to have them. In
>>> order to test interoperability of it with well-known API, I'm trying
>>> to encrypt a XML document with XML Security and decrypt the result
>>> with my implementation, and vice-versa.
>>>>   My intent is not to have two different namespaces as the 
>>> default namespace for the Signature element, but trying not to have
>>> any of the ds: and xenc: prefix into the final encrypted then signed
>>> XML document : element <Signature instead of <ds:Signature and
>>> <CipherValue instead of <xenc:CipherValue.
>>>>   Thanks for your help
>>>>
>>>> Eric
>>>>
>>>>> -----Message d'origine-----
>>>>> De : Berin Lautenbach [mailto:berin@wingsofhermes.org] Envoyé :
>>>>> mercredi 18 avril 2007 11:36 À : 
>>> security-dev@xml.apache.org Objet :
>>>>> Re: Namespaces
>>>>>
>>>>> As far as I can see - effectively your trying to have two 
>>> different
>>>>> namespaces as the default namespace for the Signature 
>>> element.  Which
>>>>> can't really be done.  Or am I misreading your intent?
>>>>>
>>>>> Why do you not want the namespaces?  Both specs exist inside a
>>>>> specific namespace, so you can't not use them.
>>>>>
>>>>> Cheers,
>>>>>     Berin
>>>>>
>>>>> Eric Tournier wrote:
>>>>>> Hi :)
>>>>>>  
>>>>>>   I wish to encrypt then sign a XML document without the 
>>> 'ds;' and
>>>>>> 'xenc:' namespaces. Unfortunately, I can only suppress on 
>>> of these
>>>>>> namespaces :| The following code throws
>>>>> XmlSecurityException always on
>>>>>> the second line independent from its nature
>>>>>> (EncryptionConstants.setEncryptionSpecNSprefixor or
>>>>>> Constants.setSignatureSpecNSprefix) :
>>>>>> (...)
>>>>>>   static
>>>>>>   {
>>>>>>     org.apache.xml.security.Init.init();
>>>>>>     JCA.setProvider();
>>>>>>   }
>>>>>>  
>>>>>>   public XMLSecurityResource() throws XMLSecurityException
>>>>>>   {
>>>>>>     // Suppression du namespace 'xenc:'
>>>>>>     EncryptionConstants.setEncryptionSpecNSprefix("");
>>>>>>     // Suppression du namespace 'ds:'
>>>>>>     Constants.setSignatureSpecNSprefix("");
>>>>>>   }
>>>>>> (...)
>>>>>>  
>>>>>> Could someone tell me how to resolve this ?
>>>>>> Thanks
>>>>>> Eric
>>>>>>  
>>>>>> Eric TOURNIER
>>>>>> Ingénieur concepteur objet senior - Expertise technique
>>>>>> Java/J2EE/XML/AOP - Spring/Hibernate/Maven
>>>>>> ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
>>>>>> STERIA
>>>>>> Département Banque, Assurance et Finance 46, rue Camille
>>>>> Desmoulins -
>>>>>> 92782 Issy-Les-Moulineaux Cedex 9 Tél : 01 53 94 22 94 -
>>>>> Mob : 06 17
>>>>>> 98 32 51 eric.tournier@steria.com 
>>> <mailto:eric.tournier@steria.com>
>>>>>> //
>>>>
>>
>>


Mime
View raw message