All, I have a service with the following attributes: - Generated code with wsdl2java and therefore have a bunch of custom types - Invokes the service call method from the Client Stub - A Handler to add a digital signature
My logic for handling the Digital Signature is as follows: 1) Get the DOM 2) Find the Element to Sign, throw error if not present 3) Find any other signature elements, remove if present 4) Sign the Element 5) Canonicalize the document 6) Reparse the envelope and regenerate the message I am running into trouble at stage 6. I have tried both creating a new envelope and serializing with the SOAPEnvelope(InputStream is) constructor and DeserializationContextImpl.parse() with the same results; it whacks my namespaces, most notably my Digital Signature namespace. Here is what the document looks like after Canonicaliziation: <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> <soapenv:Body> <Request xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> <Query xmlns="" xsi:nil="true"></Query> <SubjectQuery xmlns="" xsi:nil="true"></SubjectQuery> <AuthenticationQuery xmlns="" xsi:nil="true"></AuthenticationQuery> <AttributeQuery xmlns="" xsi:nil="true"></AttributeQuery> <AuthorizationDecisionQuery xmlns="" xsi:nil="true"></AuthorizationDecisionQuery> <AssertionArtifact xmlns="">AAFIaUJz7PYDhw1R9W7C+Mju31QJKRUihv95nETkJzJa4l+LtoabLvAi</Asser tionArtifact> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> .... More Signature Elements Here .... </ds:SignedInfo> </ds:Signature> </Request> </soapenv:Body> </soapenv:Envelope> Here is what the document looks like after Re-parsing: <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> <soapenv:Body> <Request xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> <Query xsi:nil="true" xmlns=""/> <SubjectQuery xsi:nil="true" xmlns=""/> <AuthenticationQuery xsi:nil="true" xmlns=""/> <AttributeQuery xsi:nil="true" xmlns=""/> <AuthorizationDecisionQuery xsi:nil="true" xmlns=""/> <AssertionArtifact xmlns="">AAFIaUJz7PYDhw1R9W7C+Mju31QJKRUihv95nETkJzJa4l+LtoabLvAi</Asser tionArtifact> <Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <SignedInfo> .... More Signature Elements Here .... </SignedInfo> </Signature> </Request> </soapenv:Body> </soapenv:Envelope> I eliminated some elements for brevity, but the document is unchanged other than the removal of the "ds" namespace. Then the document blows up on the server side because the Signature is now associated with the default namespace, urn:oasis:names:tc:SAML:1.0:protocol. I am obviously missing a step or configuration when I serialize. Does anyone have an idea what I am missing, or even another approach to the problem? I have already tried adding a new Mapping to the Envelope and Adding my typeMappings to my client-config.wsdd with the same results. Thank you in advance. AJ
