ws-dev mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	Jason Hall <jason.h...@mchsi.com>
Subject	inclusive namespace question
Date	Tue, 03 Jul 2018 17:46:38 GMT
Trying to figure out "InclusiveNamespaces" difference in SOAPUI and WSS4J implementation. In the following code snippet: Document doc = toSOAPPart(requestSoapString); //SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc.getDocumentElement()); WSSecHeader secHeader = new WSSecHeader(doc); secHeader.insertSecurityHeader(); secHeader.setMustUnderstand(true); WSSecTimestamp timestamp = new WSSecTimestamp(); timestamp.setTimeToLive(300); timestamp.build(doc, secHeader); //Prepare for signature WSSecSignature builder = new WSSecSignature(); builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); builder.setSignatureAlgorithm(WSConstants.RSA_SHA1); builder.setSigCanonicalization(WSConstants.C14N_EXCL_OMIT_COMMENTS); builder.setDigestAlgo(WSConstants.SHA1); builder.setAddInclusivePrefixes(true); builder.setUserInfo(keyAlias, keyPass); builder.setUseSingleCertificate(true); WSEncryptionPart encP = new WSEncryptionPart(WSConstants.ELEM_BODY, WSConstants.URI_SOAP11_ENV, "Content"); builder.getParts().add(encP); Document signedDoc = builder.build(doc, passwordCrypto, secHeader); String outputString = XMLUtils.PrettyDocumentToString(signedDoc); The above produces the following snippet: <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <ec:InclusiveNamespaces PrefixList="soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#Id-206467045"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <dsigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsigestValue>PEvtq8JdLh8GBzKs0Dow+DWES+k=</dsigestValue> </ds:Reference> </ds:SignedInfo> In SOAPUI, I have chosen the same (or what I think is the same) parameters in the signature screen options . It produces the following snippet: <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <ec:InclusiveNamespaces PrefixList="soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#Id-206467045"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <ec:InclusiveNamespaces PrefixList="" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transform> </ds:Transforms> <dsigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsigestValue>lQsfZK8weX2vRvHYDZTl9ECLzWQ=</dsigestValue> </ds:Reference> </ds:SignedInfo> My question is: in WSS4J - what is needed to produce the ec:<ec:InclusiveNamespaces .... in the <ds:Transform Algorithm=.... as SOAPUI does in the snippet of: <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <ec:InclusiveNamespaces PrefixList="" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transform> </ds:Transforms> ? I am sure this is something easy that I am missing ? thanks, Jason --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org For additional commands, e-mail: dev-help@ws.apache.org
Mime	Unnamed text/plain (inline, 7-Bit, 4047 bytes)
	View raw message