In the soap message that causes the problem,I have commented out the private
information as confidential. I hope that doesn't cause a problem for you as it is outside
the signed part. The odd thing is the URI is blank and the message uses XPath to refer to the part that is signed. I am not sure how good is the support for XPath in xmlsecurity library suite.
Any help will be greatly appreciated. Thanks in advance.
Aravind
-------------------------------------------------------------------------------------
SOAPEnvelopeImpl(ElementImpl).getAttributeNodeNS(String, String) line: 353
XMLUtils.circumventBug2650(Document) line: 429
Canonicalizer20010315ExclOmitComments(CanonicalizerBase).engineCanonicalize(XMLSignatureInput) line: 150
Canonicalizer20010315ExclOmitComments(Canonicalizer20010315Excl).engineCanonicalize(XMLSignatureInput, String) line: 115
TransformC14NExclusive.enginePerformTransform(XMLSignatureInput, OutputStream) line: 93
Transform.performTransform(XMLSignatureInput, OutputStream) line: 340
Transforms.performTransforms(XMLSignatureInput, OutputStream) line: 237
Reference.getContentsAfterTransformation(XMLSignatureInput, OutputStream) line: 433
Reference.dereferenceURIandPerformTransforms(OutputStream) line: 603
Reference.calculateDigest() line: 688
Reference.verify() line: 736
SignedInfo(Manifest).verifyReferences(boolean) line: 317
SignedInfo.verify(boolean) line: 224
XMLSignature.checkSignatureValue(Key) line: 590
XMLSignature.checkSignatureValue(X509Certificate) line: 557
SignatureProcessor.verifyXMLSignature(Element, Crypto, X509Certificate[], Set, byte[][]) line: 264
SignatureProcessor.handleToken(Element, Crypto, Crypto, CallbackHandler, WSDocInfo, Vector, WSSConfig) line: 79
WSSecurityEngine.processSecurityHeader(Element, CallbackHandler, Crypto, Crypto) line: 269
WSSecurityEngine.processSecurityHeader(Document, String, CallbackHandler, Crypto, Crypto) line: 191
WSDoAllReceiver.processMessage(MessageContext) line: 180
WSDoAllReceiver(WSDoAllHandler).invoke(MessageContext) line: 82
Phase.invoke(MessageContext) line: 381
AxisEngine.invoke(MessageContext) line: 473
AxisEngine.receive(MessageContext) line: 445
OutInAxisOperationClient.send(MessageContext) line: 355
OutInAxisOperationClient.execute (boolean) line: 279
-------------------------------------------------------------------------
On 9/13/06, Ruchith Fernando <
[EMAIL PROTECTED]> wrote:
Yes !
You have to use stax-1.0.1. Please replace your stax-api jar with this
[1] and woodstox (wstx-asl-*.jar) with this [2].
Thanks,
Ruchith
[1] http://www.ibiblio.org/maven/stax/jars/stax-api-1.0.1.jar
[2] http://www.ibiblio.org/maven/woodstox/jars/wstx-asl-3.0.0.jar
On 9/14/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Do I need to upgrade any other libraries? When I used the the latest
> snapshot I get this error in my application. I have pasted only
> the relevant portion of the stack trace as the other parts are
> confidential.
>
> thanks
>
> Aravind
>
> Error is
>
> java.lang.NoSuchMethodError:
> javax.xml.stream.XMLOutputFactory.newInstance (Ljava/lang/String;Ljava/lang/ClassLoader;)Ljavax/xml/stream/XMLOutputFactory;
> at org.apache.axiom.om.util.StAXUtils.getXMLOutputFactory(StAXUtils.java:97)
> at org.apache.axiom.om.util.StAXUtils.createXMLStreamWriter (StAXUtils.java:111)
> at org.apache.axiom.om.impl.dom.NodeImpl.serialize(NodeImpl.java:577)
> at org.apache.axiom.om.impl.dom.ElementImpl.toString(ElementImpl.java:1139)
>
>
>
> On 9/13/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> >
> > Hi,
> >
> > Can you please try this with the latest axiom-*-SNAPSHOT jars.
> >
> > http://people.apache.org/repository/ws-commons/jars/axiom-api-SNAPSHOT.jar
> > http://people.apache.org/repository/ws-commons/jars/axiom-dom-SNAPSHOT.jar
> >
> > http://people.apache.org/repository/ws-commons/jars/axiom-impl-SNAPSHOT.jar
> >
> > Thanks,
> > Ruchith
> >
> > On 9/13/06, [EMAIL PROTECTED] <[EMAIL PROTECTED] > wrote:
> > > At ResolverFragment.java:60
> > >
> > > Document doc = uri.getOwnerElement().getOwnerDocument();
> > >
> > > This happens when we try to verify a xml signature. We are using
> > > axiom(version 1)/wss4j-1.5.0/xerces-2.7.1/xml-api-1.3.02/xmlsec-1.3.0with
> > > Tomcat.
> > >
> > > uri.getOwnerElement() is of type DocumentImpl that can't be type cast
> > > into Element as none of the super classes implement the Element
> > interface.
> > > Am I right? I am new to web services and I don't understand fully. But
> > this
> > > problem is always reproducible in our environment.
> > >
> > > Any help will be greatly appreciated.
> > >
> > > thanks
> > >
> > > Aravind
> > >
> > >
> >
> >
> > --
> > www.ruchith.org
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
<?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";> <soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; wsu:Id="Id-335748019076802377-1158242966273"> MIIFRTCCBK6gAwIBAgIEN04VpzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMCVVMxFDASBgNV BAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5uZXQvQ1BTIGluY29ycC4gYnkg cmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRl ZDE6MDgGA1UEAxMxRW50cnVzdC5uZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhv cml0eTAeFw0wNDExMTIxMzQxNDRaFw0wNjExMTExNDE4MjNaMIGUMQswCQYDVQQGEwJDQTEQMA4G A1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9yb250bzEUMBIGA1UEChMLQmVsbCBDYW5hZGExHjAc BgNVBAsUFWVQb3J0YWwgKFByb2RfZG0xY2hlKTErMCkGA1UEAxMid3d3NDAuaW50ZXJhY3Rpb24u aW50cmFuZXQuYmVsbC5jYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1ogtzX7MndStwtif GCLiahJnZEv1VPi3zofLWDUzeci/swuCQxWQHPDf/3QoBbfIMaQc36Y1hz6pWHccuR8rbRLJnSUb RcI3+4QEPYxiqYpSXx0Ex2o8jN7SB4pRQ9B66JvZ64o3U7MCsPu4Mn5V2+lWiYE89NpNee6Fel/s 7P8CAwEAAaOCAnEwggJtMAsGA1UdDwQEAwIFoDArBgNVHRAEJDAigA8yMDA0MTExMjEzNDE0NFqB DzIwMDYxMTExMTQxODIzWjARBglghkgBhvhCAQEEBAMCBkAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw ggFoBgNVHSAEggFfMIIBWzCCAVcGCSqGSIb2fQdLAjCCAUgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93 d3cuZW50cnVzdC5uZXQvY3BzMIIBHAYIKwYBBQUHAgIwggEOGoIBClRoZSBFbnRydXN0IFNTTCBX ZWIgU2VydmVyIENlcnRpZmljYXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpIGF2YWlsYWJs ZSBhdCB3d3cuZW50cnVzdC5uZXQvY3BzICBpcyBoZXJlYnkgaW5jb3Jwb3JhdGVkIGludG8geW91 ciB1c2Ugb3IgcmVsaWFuY2Ugb24gdGhpcyBDZXJ0aWZpY2F0ZS4gIFRoaXMgQ1BTIGNvbnRhaW5z IGxpbWl0YXRpb25zIG9uIHdhcnJhbnRpZXMgYW5kIGxpYWJpbGl0aWVzLiBDb3B5cmlnaHQgKGMp IDIwMDIgRW50cnVzdCBMaW1pdGVkMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuZW50cnVz dC5uZXQvQ1JML3NlcnZlcjEuY3JsMB8GA1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMB0G A1UdDgQWBBT2Pu9dS++Z/cAPIYVEVwcZavBNgDAJBgNVHRMEAjAAMBkGCSqGSIb2fQdBAAQMMAob BFY1LjADAgMoMA0GCSqGSIb3DQEBBQUAA4GBALfEqy5Ote1vBKAGRXAj10+NJ7f0LYHxTouDO/ft /Tg3ds3rbhP5yqOAbNGt5810labRyzg8U3LtGzIJmfENXtg+TNFm/Z6vZNq+LYaE5pPfFW64wXX7 8dGnjJu3f6b3xhhb5oUeuLwTI3ATR4/xJ5U3QEsh8jr2X88/7yG8fxZY </wsse:BinarySecurityToken> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"; Id="--------CONFIDENTIAL--------------"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> <dsig:Reference URI=""> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116";> <dsig:XPath xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>ancestor-or-self::soap:Body</dsig:XPath> </dsig:Transform> <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <dsig:DigestValue>9P7B0gF20v/w1L39J/PB0IJr70M=</dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue> KT/hK1tPWcaulcp2eGLsVUuHuD7+kZrNYVR//mL2iTPCVLpKyVJhvk7TjoBHn4BJj68Vi1aRMY+l 2U30RVlEhIFa8aZsiJvoSQv4YYQOBEquLvhX8a+XNEqiO/uMFAHPQpCi3flelSmZogK7++GWtnPe bG8XLaG+zPooEtc1vUc= </dsig:SignatureValue> <dsig:KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI="#Id-335748019076802377-1158242966273" /> </wsse:SecurityTokenReference> </dsig:KeyInfo> </dsig:Signature> </wsse:Security> </soapenv:Header><soapenv:Body><cus:isAliveResponse xmlns:cus="http://www.oswg.ca/CustomerInfo";><cus:isAliveReturnedTimestamp>2006-09-14T10:09:24.436-04:00</cus:isAliveReturnedTimestamp></cus:isAliveResponse></soapenv:Body></soapenv:Envelope>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
