santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Terry, Ryan" <ryan.te...@adp.com>
Subject XML Signature Validation Fails
Date Mon, 07 Oct 2013 18:12:34 GMT
Still working on this XML validation issue.  Replaced the self-signbed certificate with a Verisign
signed cert, and the problem persists.  Debug logs show the following:

[2013-10-07 11:18:44,533 http-bio-8080-exec-4] [org.apache.xml.security.signature.Reference
: ?] [WARN ] Verification failed for URI "#_355f4d642121f2eabf18e0a29de1461f2a80ad3f"
[2013-10-07 11:18:44,536 http-bio-8080-exec-4] [org.apache.xml.security.signature.Reference
: ?] [WARN ] Expected Digest: B3ODtoOgYqgCD1zRSXkb+IKI+Fw=
[2013-10-07 11:18:44,538 http-bio-8080-exec-4] [org.apache.xml.security.signature.Reference
: ?] [WARN ] Actual Digest: 81w+8JNEEQ22uMu3nV1lI1jMyfU=
[2013-10-07 11:18:44,541 http-bio-8080-exec-4] [org.apache.xml.security.signature.Manifest
: ?] [DEBUG] The Reference has Type
[2013-10-07 11:18:55,667 http-bio-8080-exec-4] [SamlSSODataHandler : 215] [ERROR] The SAML
Response Signature was either invalid or the signing key could not be established as trusted!

The interesting thing is that JDK revision effects this.  With JDK 1.6.0_17 this signature
works, with 1.6.0_18 and newer it fails with this error.  How is the JDK affecting the digest
value of a signature?  Anyone have any ideas?
Ryan Terry
Senior Systems Engineer
ADP Network Services
w- 801.956.6999
c- 801.509.3212

----------------------------------------------------------------------
This message and any attachments are intended only for the use of the addressee and may contain
information that is privileged and confidential. If the reader of the message is not the intended
recipient or an authorized representative of the intended recipient, you are hereby notified
that any dissemination of this communication is strictly prohibited. If you have received
this communication in error, notify the sender immediately by return email and delete the
message and any attachments from your system.

Mime
View raw message