santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wally Dennis" <Wally.Den...@Hewitt.com>
Subject Re: XML Signature debugging
Date Fri, 28 Mar 2008 19:20:34 GMT
Update: 

I decided to try to enable the JDK Logging facility to run in parallel 
with Log4j, since in theory there should be no conflicts.  However, when I 
follow the instructions contained in the blog postings for how to 
configure the logging, I still do not get any output.  When I debug 
through the XML Security code, I am definitely calling the 
org.apache.xml.security.utils.DigesterOutputStream class instead of the 
org.jcp.xml.dsig.internal.DigesterOutputStream class.  Am I missing 
something?   The log statements are definitely not present in the former 
version of this class - should they be or is there a reason why 
WSS4J/Rampart is using the version without the logging capability?

Thanks.






Wally Dennis/Atlanta/Hewitt Associates@Hewitt Associates NA 

Sent by: news <news@ger.gmane.org>
03/28/2008 01:06 PM
Please respond to
security-dev@xml.apache.org



To
security-dev@xml.apache.org
cc

Subject
XML Signature debugging






I am trying to enable debug logging on XML Signature creation/validation - 
I 
have read Sean's blog entries here: 

http://weblogs.java.net/blog/mullan/archive/2006/02/more_xml_signat_1.html
http://weblogs.java.net/blog/mullan/archive/2008/03/configuring_the.html#comment

s

and these do describe the type of logging I need, but unless I am missing 
something (which is entirely possible), these won't work in my situation. 

I am using xml-security in the context of Axis2/Rampart/WSS4J included 
inside 
my J2EE application running on IBM Websphere 6.0 (JDK 1.4).  We are using 
log4j 
for all of our logging tasks.  Based on the information in the blog posts, 
I 
was able to locate the classes containing the logging statements, but when 
I 
actually run my code, I never reference these classes.  The logging 
statements 
are in classes (ex: DigesterOutputStream) within the 
org.jcp.xml.dsig.internal 
package, but my application is using classes in the 
org.apache.xml.security.utils package.

Any ideas or assistance you can provide would be most appreciated.

Thanks.







The information contained in this e-mail and any accompanying documents may contain information
that is confidential or otherwise protected from disclosure. If you are not the intended recipient
of this message, or if this message has been addressed to you in error, please immediately
alert the sender by reply e-mail and then delete this message, including any attachments.
Any dissemination, distribution or other use of the contents of this message by anyone other
than the intended recipient is strictly prohibited. All messages sent to and from this e-mail
address may be monitored as permitted by applicable law and regulations to ensure compliance
with our internal policies and to protect our business. E-mails are not secure and cannot
be guaranteed to be error free as they can be intercepted, amended, lost or destroyed, or
contain viruses. You are deemed to have accepted these risks if you communicate with us by
e-mail. 



Mime
View raw message