santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wolfgang Schmiesing <wolfgang.schmies...@trustcenter.de>
Subject Re: Namespace definition in XMLObject
Date Fri, 13 May 2011 13:52:05 GMT
Thanks for the quick reply,

I followed your advice and tried using an XML template and unmarshalling 
it using

> XMLSignatureFactory.getInstance().unmarshalXMLSignature(domTemplate);

My input is as follows:

...
> <Object Id="sample" xmlns:test="http://test.net/ns/xmldsig">
> <test:Simple ATT="1" />
> <test:Simple ATT="2" />
> </Object>
...

The output looks like this after signing:

...
> <Object Id="sample">
> <test:Simple ATT="1" xmlns:test="http://test.net/ns/xmldsig" />
> <test:Simple ATT="2" xmlns:test="http://test.net/ns/xmldsig" />
> </Object>
...

Any ideas why the namespace is pushed down into the child elements after 
signing?
In the output document I'd like to have the namespace declared only once.

Kind regards,

Wolfgang

On 11.05.2011 14:57, Sean Mullan wrote:
> On 5/11/11 7:37 AM, Wolfgang Schmiesing wrote:
>> Hi,
>>
>> I'm currently using the "javax.xml.crypto.dsig" API to create a signature. Now,
>> is there any way of assigning a namespace definition to
>> an<Object>  element inside the signature? The output I need should look similar
>> to this:
>>
>> <Signature>
>> ...
>> <Object xmlns:test="http://www.example.org/ns" Id="someId">
>> <test:someElem />
>> <test:someElem />
>> </Object>
>> </Signature>
>>
>> I'm currently creating the<Object>  element using the following call:
>>
>>> XMLSignatureFactory.newXMLObject( List content, String id, String mimeType,
>>> String encoding );
>> This returns a javax.xml.crypto.dsig.XMLObject. Unfortunately, I can't find a
>> way of assigning a namespace in "XMLObject".
>>
>> I managed to create an<Object>  element with a namespace using
>> "org.apache.xml.security.signature.ObjectContainer" but
>> am currently not able to switch to XMLSecurity APIs. Is this the only way to do
>> it or am I missing something?
> No, I don't think so. It is a limitation in the API. You can add the namespace
> declarations to the test elements by creating Elements and wrapping them in
> DOMStructures. But in order to add them to the Object element you will need to
> access the underlying DOM and add them using DOM APIs.
>
> Another alternative is to use an XML template of an XML Signature where all of
> the namespace declarations are already in place. That is you unmarshal an
> XMLSignature object from XML (with empty or bogus DigestValue and SignatureValue
> elements) using XMLSignatureFactory.unmarshal and then sign it using
> XMLSignature.sign.
>
> --Sean
>
>
>>
>>
>> Kind regards,
>>
>> Wolfgang
>>


-- 
--
Wolfgang Schmiesing
Software Development

TC TrustCenter GmbH – Now part of Symantec
Sonninstrasse 24 - 28
20097 Hamburg
Germany

Office: +49-(0)40-808026-353, Fax: -126
E-mail wolfgang.schmiesing@trustcenter.de
www.trustcenter.de

Geschaeftsfuehrung/Managing Directors:
Austin McCabe, Kristen Laubscher
AG Hamburg, HRB 96168
----------------
This email may contain confidential and privileged material for the sole use of the intended
recipient.
Any review or distribution by others is strictly prohibited.
If you are not the intended recipient please contact the sender and delete all copies.



Mime
View raw message