santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 44863] Improved logging in signature handling
Date Wed, 23 Apr 2008 19:15:36 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=44863


sean.mullan@sun.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED




--- Comment #1 from sean.mullan@sun.com  2008-04-23 12:15:36 PST ---
(In reply to comment #0)
> Created an attachment (id=21848)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=21848) [details]
> logging modifications to Reference and XMLSignature classes
> 
> It would be very helpful to have additional logging surrounding the creation
> and validation of signatures.  We need this information to assist in debugging
> issues when our clients are attempting to call our web services.  Specifically,
> I am suggesting the additional logging be added to the
> org.apache.xml.security.signature.Reference.java and
> org.apache.xml.security.signature.XMLSignature.java classes.  I am attaching a
> file detailing the changes to these files we need using a base of version
> 1.4.1. Can this logging be added to the next release of xml security?  

I should be able to add it to 1.4.2 since it is fairly low risk. However, the
changes I will add will be a little different. The best place to put the
logging statements is in the SignerOutputStream and DigesterOutputStream
classes and log the bytes as they are being signed or digested. Calling
Reference.getReferencedBytes or SignedInfo.getCanonicalizedStream has a couple
of issues. These methods recalculate the transformed or canonicalized bytes;
thus they may not be the exact same bytes (for example, the referenced content
may change or there may be network issues, etc) and also incur an additional
performance cost.


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

Mime
View raw message