Thanking you in advance.
On 9/19/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> I am yet to try to verify the soap msg you attached earlier. I have
> one concern about it: the security header looks to be pretty printed.
> Are you sure the message was not modified after signature?
>
> Thanks,
> Ruchith
>
> p.s. I applied your patch to axiom ... running the axis2 tests now
> with the axiom changes, will commit on success.
>
> On 9/19/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > No luck. Now I don't get any exception (after fixing a npe) but the
> > signature verification still fails.
> >
> > I had to apply this tiny patch to get to the stage of signature
> verification
> > failing. All long
> > it has been exceptions!. Not sure whether the patch is the right one.Iwould
> > appreciate if you could verify the xml file that I sent earlier at your
> end.
> > Or if you have any tools/utilities to verify a standlone xml message.
> >
> >
> >
> >
> > --- org/apache/axiom/om/impl/dom/ElementImpl.java.orig 2006-09-19
> 09:55:
> > 31.445213500 -0400
> > +++ org/apache/axiom/om/impl/dom/ElementImpl.java 2006-09-19
> 09:32:
> > 13.461364400 -0400
> > @@ -361,8 +361,9 @@
> >
> > if (namespaceURI == OMConstants.XMLNS_NS_URI) {
> > OMNamespace ns = this.findNamespaceURI(localName);
> > - AttrImpl namespaceAttr = new AttrImpl(this.ownerNode,
> > localName, ns
> > - .getNamespaceURI(), this.factory);
> > + String nsuri = ns != null ? ns.getNamespaceURI() : "";
> > + AttrImpl namespaceAttr = new AttrImpl(this.ownerNode,
> > localName, nsuri,
> > + this.factory);
> > NamespaceImpl xmlNs = new NamespaceImpl(
> > OMConstants.XMLNS_NS_URI);
> > namespaceAttr.setOMNamespace(xmlNs);
> > return namespaceAttr;
> >
> >
> > On 9/18/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> > >
> > > Hi,
> > >
> > > This is a Bug in DOOM. Thanks for reporting it.
> > > I just fixed it in the latest svn - revision - 447543.
> > >
> > > Please try it out.
> > >
> > > Thanks,
> > > Ruchith
> > >
> > > On 9/18/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > > > I updated from subversion today( 20060918 10AM EST). The
> > > > NullPointerException is gone but a new exception
> > > > UnsupportedOperationException is being thrown.
> > > >
> > > > A basic question. Does axiom+wss4j support blank URI's? Using
> > > > XPath? The xml message that fails actually uses blank URIs and XPath
> to
> > > > refer to the subset that is signed. Here is the stack trace.
> > > >
> > > > Thread [http-8888-Processor25] (Suspended (exception
> > > > UnsupportedOperationException))
> > > > SOAPMessageImpl(DocumentImpl).getNextSibling() line: 111
> > > > XMLUtils.circumventBug2650internal(Node) line: 490
> > > > XMLUtils.circumventBug2650(Document) line: 436
> > > >
> > > >
> > >
>
Canonicalizer20010315ExclOmitComments(CanonicalizerBase).engineCanonicalize(XMLSignatureInput)
> > > > line: 150
> > > >
> > > >
> > >
>
Canonicalizer20010315ExclOmitComments(Canonicalizer20010315Excl).engineCanonicalize(XMLSignatureInput,
> > > > String) line: 115
> > > > TransformC14NExclusive.enginePerformTransform(XMLSignatureInput,
> > > > OutputStream) line: 93
> > > > Transform.performTransform(XMLSignatureInput, OutputStream)
> line:
> > > 340
> > > >
> > > > Transforms.performTransforms(XMLSignatureInput, OutputStream)
> line:
> > > > 237
> > > > Reference.getContentsAfterTransformation(XMLSignatureInput,
> > > > OutputStream) line: 433
> > > > Reference.dereferenceURIandPerformTransforms(OutputStream) line:
> 603
> > > > Reference.calculateDigest() line: 688
> > > > Reference.verify() line: 736
> > > > SignedInfo(Manifest).verifyReferences(boolean) line: 317
> > > > SignedInfo.verify(boolean) line: 224
> > > > XMLSignature.checkSignatureValue(Key) line: 590
> > > > XMLSignature.checkSignatureValue(X509Certificate) line: 557
> > > > SignatureProcessor.verifyXMLSignature(Element, Crypto,
> > > > X509Certificate[], Set, byte[][]) line: 264
> > > > SignatureProcessor.handleToken(Element, Crypto, Crypto,
> > > CallbackHandler,
> > > > WSDocInfo, Vector, WSSConfig) line: 79
> > > > WSSecurityEngine.processSecurityHeader(Element, CallbackHandler,
> > > Crypto,
> > > > Crypto) line: 269
> > > > WSSecurityEngine.processSecurityHeader(Document, String,
> > > > CallbackHandler, Crypto, Crypto) line: 191
> > > > WSDoAllReceiver.processMessage(MessageContext) line: 180
> > > > WSDoAllReceiver(WSDoAllHandler).invoke(MessageContext) line: 82
> > > > Phase.invoke(MessageContext) line: 381
> > > > AxisEngine.invoke(MessageContext) line: 473
> > > > AxisEngine.receive(MessageContext) line: 445
> > > > OutInAxisOperationClient.send(MessageContext) line: 355
> > > > OutInAxisOperationClient.execute(boolean) line: 279
> > > > CustomerInformationServiceStub.isAliveRequest
> > > (IsAliveRequestDocument)
> > > > line: 317
> > > > CustomerInformationClient.queryIsAlive() line: 66
> > > > IsAliveRequestAction.processRequest(HttpServletRequest,
> > > > HttpServletResponse) line: 42
> > > >
> IsAliveRequestAction(SimpleAction).executeAction(ActionConfigExt,
> > > > ActionForm, HttpServletRequest, HttpServletResponse) line: 185
> > > >
> > > >
> > >
> IsAliveRequestAction(AbstractRequestAction).executeAction(ActionConfigExt,
> > > > ActionForm, HttpServletRequest, HttpServletResponse) line: 162
> > > > IsAliveRequestAction(SimpleAction).execute(ActionMapping,
> > > ActionForm,
> > > > HttpServletRequest, HttpServletResponse) line: 123
> > > >
> > > >
> > >
> RequestProcessorExt(RequestProcessor).processActionPerform(HttpServletRequest,
> > > > HttpServletResponse, Action, ActionForm, ActionMapping) line: 484
> > > >
> RequestProcessorExt(RequestProcessor).process(HttpServletRequest,
> > > > HttpServletResponse) line: 274
> > > > RequestProcessorExt.process(HttpServletRequest,
> HttpServletResponse)
> > > > line: 126
> > > > ActionServletExt(ActionServlet).process(HttpServletRequest,
> > > > HttpServletResponse) line: 1482
> > > > ActionServletExt.process(HttpServletRequest,
> HttpServletResponse)
> > > line:
> > > > 111
> > > > ActionServletExt(ActionServlet).doGet(HttpServletRequest,
> > > > HttpServletResponse) line: 507
> > > > ActionServletExt(HttpServlet).service(HttpServletRequest,
> > > > HttpServletResponse) line: 697
> > > > ActionServletExt(HttpServlet).service(ServletRequest,
> > > ServletResponse)
> > > > line: 810
> > > > ApplicationFilterChain.internalDoFilter(ServletRequest,
> > > ServletResponse)
> > > > line: 237
> > > > ApplicationFilterChain.doFilter(ServletRequest, ServletResponse)
> > > line:
> > > > 157
> > > > StandardWrapperValve.invoke(Request, Response, ValveContext)
> line:
> > > > 214
> > > > StandardValveContext.invokeNext(Request, Response) line: 104
> > > > StandardPipeline.invoke(Request, Response) line: 520
> > > > StandardContextValve.invokeInternal(Wrapper, Request, Response)
> > > line:
> > > > 198
> > > > StandardContextValve.invoke(Request, Response, ValveContext)
> line:
> > > > 152
> > > > StandardValveContext.invokeNext(Request, Response) line: 104
> > > > StandardPipeline.invoke(Request, Response) line: 520
> > > > StandardHostValve.invoke(Request, Response, ValveContext) line:
> 137
> > > > StandardValveContext.invokeNext(Request, Response) line: 104
> > > > ErrorReportValve.invoke(Request, Response, ValveContext) line:
> 118
> > > > StandardValveContext.invokeNext(Request, Response) line: 102
> > > > StandardPipeline.invoke(Request, Response) line: 520
> > > > StandardEngineValve.invoke(Request, Response, ValveContext)
> line:
> > > 109
> > > >
> > > > StandardValveContext.invokeNext(Request, Response) line: 104
> > > > StandardPipeline.invoke(Request, Response) line: 520
> > > > StandardEngine(ContainerBase).invoke(Request, Response) line:
> 929
> > > > CoyoteAdapter.service(Request, Response) line: 160
> > > > Http11Processor.process(InputStream, OutputStream) line: 799
> > > >
> > >
> Http11Protocol$Http11ConnectionHandler.processConnection(TcpConnection,
> > > > Object[]) line: 705
> > > > TcpWorkerThread.runIt(Object[]) line: 577
> > > > ThreadPool$ControlRunnable.run() line: 684
> > > > ThreadWithAttributes(Thread).run() line: 534
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On 9/18/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> > > > >
> > > > > Hi Aravind,
> > > > >
> > > > > I just checked the latest axiom-dom impl code and there is a null
> > > > > check in line #353 in ElementImpl. Therefore IMHO this exception
> is
> > > > > not possible. Are you sure you are using the latest
> axiom-*-SNAPSHOT
> > > > > jars?
> > > > >
> > > > > Thanks,
> > > > > Ruchith
> > > > >
> > > > > On 9/14/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > > > > > I upgraded to stax-1.0.1 and wstx-asl-3.0.0.jar as you said. And
> I
> > > get a
> > > > > > NullPointerException. Here is the stack trace. I have also
> attached
> > > the
> > > > > xml
> > > > > > message.
> > > > > > In the soap message that causes the problem,I have commented out
> the
> > > > > private
> > > > > > information as confidential. I hope that doesn't cause a
> problem
> > > for
> > > > > you as
> > > > > > it is outside
> > > > > > the signed part. The odd thing is the URI is blank and the
> message
> > > uses
> > > > > > XPath to refer to the part that is signed. I am not sure how
> good is
> > > the
> > > > > > support for XPath in xmlsecurity library suite.
> > > > > >
> > > > > > Any help will be greatly appreciated. Thanks in advance.
> > > > > >
> > > > > > Aravind
> > > > > >
> > > > > > >
> > > > > >
> > > > >
> > >
>
-------------------------------------------------------------------------------------
> > > > > > >
> > > > > > > SOAPEnvelopeImpl(ElementImpl).getAttributeNodeNS(String,
> > > > > > String) line: 353
> > > > > > > XMLUtils.circumventBug2650(Document) line: 429
> > > > > > >
> > > > > >
> > > > >
> > >
>
Canonicalizer20010315ExclOmitComments(CanonicalizerBase).engineCanonicalize(XMLSignatureInput)
> > > > > > line: 150
> > > > > > >
> > > > > >
> > > > >
> > >
>
Canonicalizer20010315ExclOmitComments(Canonicalizer20010315Excl).engineCanonicalize(XMLSignatureInput,
> > > > > > String) line: 115
> > > > > > >
> > > > > > TransformC14NExclusive.enginePerformTransform(XMLSignatureInput,
> > > > > > OutputStream) line: 93
> > > > > > > Transform.performTransform(XMLSignatureInput, OutputStream)
> line:
> > > 340
> > > > > > > Transforms.performTransforms(XMLSignatureInput, OutputStream)
> > > line:
> > > > > 237
> > > > > > >
> > > > > > Reference.getContentsAfterTransformation(XMLSignatureInput,
> > > > > > OutputStream) line: 433
> > > > > > >
> > > > > > Reference.dereferenceURIandPerformTransforms(OutputStream)
> > > > > > line: 603
> > > > > > > Reference.calculateDigest() line: 688
> > > > > > > Reference.verify() line: 736
> > > > > > > SignedInfo(Manifest).verifyReferences(boolean) line: 317
> > > > > >
> > > > > > > SignedInfo.verify(boolean) line: 224
> > > > > > > XMLSignature.checkSignatureValue(Key) line: 590
> > > > > > > XMLSignature.checkSignatureValue(X509Certificate) line:
> > > > > > 557
> > > > > > > SignatureProcessor.verifyXMLSignature(Element, Crypto,
> > > > > > X509Certificate[], Set, byte[][]) line: 264
> > > > > > > SignatureProcessor.handleToken(Element, Crypto, Crypto,
> > > > > CallbackHandler,
> > > > > > WSDocInfo, Vector, WSSConfig) line: 79
> > > > > > > WSSecurityEngine.processSecurityHeader(Element,
> > > > > > CallbackHandler, Crypto, Crypto) line: 269
> > > > > > > WSSecurityEngine.processSecurityHeader(Document, String,
> > > > > > CallbackHandler, Crypto, Crypto) line: 191
> > > > > > > WSDoAllReceiver.processMessage(MessageContext) line: 180
> > > > > > > WSDoAllReceiver(WSDoAllHandler).invoke(MessageContext)
> > > > > > line: 82
> > > > > > > Phase.invoke(MessageContext) line: 381
> > > > > > > AxisEngine.invoke(MessageContext) line: 473
> > > > > > > AxisEngine.receive(MessageContext) line: 445
> > > > > > > OutInAxisOperationClient.send(MessageContext) line: 355
> > > > > > > OutInAxisOperationClient.execute (boolean) line: 279
> > > > > > >
> > > > > >
> > > > >
> > >
> -------------------------------------------------------------------------
> > > > > >
> > > > > >
> > > > > >
> > > > > > On 9/13/06, Ruchith Fernando < [EMAIL PROTECTED]>
> wrote:
> > > > > > > Yes !
> > > > > > >
> > > > > > > You have to use stax-1.0.1. Please replace your stax-api jar
> with
> > > this
> > > > > > > [1] and woodstox (wstx-asl-*.jar) with this [2].
> > > > > > >
> > > > > > > Thanks,
> > > > > > > Ruchith
> > > > > > >
> > > > > > > [1]
> > > > > > http://www.ibiblio.org/maven/stax/jars/stax-api-1.0.1.jar
> > > > > > > [2]
> > > > > > http://www.ibiblio.org/maven/woodstox/jars/wstx-asl-3.0.0.jar
> > > > > > >
> > > > > > > On 9/14/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> wrote:
> > > > > > > > Hi,
> > > > > > > >
> > > > > > > > Do I need to upgrade any other libraries? When I used the
> the
> > > latest
> > > > > > > > snapshot I get this error in my application. I have pasted
> only
> > > > > > > > the relevant portion of the stack trace as the other parts
> are
> > > > > > > > confidential.
> > > > > > > >
> > > > > > > > thanks
> > > > > > > >
> > > > > > > > Aravind
> > > > > > > >
> > > > > > > > Error is
> > > > > > > >
> > > > > > > > java.lang.NoSuchMethodError:
> > > > > > > > javax.xml.stream.XMLOutputFactory.newInstance
> > > > > >
> > > > >
> > >
> (Ljava/lang/String;Ljava/lang/ClassLoader;)Ljavax/xml/stream/XMLOutputFactory;
> > > > > > > > at
> > > > > > org.apache.axiom.om.util.StAXUtils.getXMLOutputFactory(
> > > StAXUtils.java
> > > > > :97)
> > > > > > > > at
> > > > > > org.apache.axiom.om.util.StAXUtils.createXMLStreamWriter
> > > > > > (StAXUtils.java:111)
> > > > > > > > at
> > > > > > org.apache.axiom.om.impl.dom.NodeImpl.serialize(NodeImpl.java
> :577)
> > > > > > > > at
> > > > > > org.apache.axiom.om.impl.dom.ElementImpl.toString(
> ElementImpl.java
> > > :1139)
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On 9/13/06, Ruchith Fernando <[EMAIL PROTECTED]>
> wrote:
> > > > > > > > >
> > > > > > > > > Hi,
> > > > > > > > >
> > > > > > > > > Can you please try this with the latest axiom-*-SNAPSHOT
> jars.
> > > > > > > > >
> > > > > > > > >
> > > > > >
> > > > >
> > >
> http://people.apache.org/repository/ws-commons/jars/axiom-api-SNAPSHOT.jar
> > > > > > > > >
> > > > > >
> > > > >
> > >
> http://people.apache.org/repository/ws-commons/jars/axiom-dom-SNAPSHOT.jar
> > > > > > > > >
> > > > > > > > >
> > > > > >
> > > > >
> > >
> http://people.apache.org/repository/ws-commons/jars/axiom-impl-SNAPSHOT.jar
> > > > > > > > >
> > > > > > > > > Thanks,
> > > > > > > > > Ruchith
> > > > > > > > >
> > > > > > > > > On 9/13/06, [EMAIL PROTECTED] <[EMAIL PROTECTED] >
> > > wrote:
> > > > > > > > > > At ResolverFragment.java:60
> > > > > > > > > >
> > > > > > > > > > Document doc = uri.getOwnerElement().getOwnerDocument();
> > > > > > > > > >
> > > > > > > > > > This happens when we try to verify a xml signature. We
> are
> > > using
> > > > > > > > > > axiom(version
> > > > > > 1)/wss4j-1.5.0/xerces-2.7.1/xml-api-1.3.02/xmlsec-1.3.0with
> > > > > > > > > > Tomcat.
> > > > > > > > > >
> > > > > > > > > > uri.getOwnerElement() is of type DocumentImpl that can't
> be
> > > type
> > > > > > cast
> > > > > > > > > > into Element as none of the super classes implement the
> > > Element
> > > > > > > > > interface.
> > > > > > > > > > Am I right? I am new to web services and I don't
> understand
> > > > > fully.
> > > > > > But
> > > > > > > > > this
> > > > > > > > > > problem is always reproducible in our environment.
> > > > > > > > > >
> > > > > > > > > > Any help will be greatly appreciated.
> > > > > > > > > >
> > > > > > > > > > thanks
> > > > > > > > > >
> > > > > > > > > > Aravind
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > --
> > > > > > > > > www.ruchith.org
> > > > > > > > >
> > > > > > > > >
> > > > > >
> > > ---------------------------------------------------------------------
> > > > > > > > > To unsubscribe, e-mail:
> > > > > > [EMAIL PROTECTED]
> > > > > > > > > For additional commands, e-mail:
> > > [EMAIL PROTECTED]
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > www.ruchith.org
> > > > > > >
> > > > > > >
> > > > > >
> > > ---------------------------------------------------------------------
> > > > > > > To unsubscribe, e-mail:
> > > > > > [EMAIL PROTECTED]
> > > > > > > For additional commands, e-mail:
> [EMAIL PROTECTED]
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > ---------------------------------------------------------------------
> > > > > > To unsubscribe, e-mail:
> > > > > > [EMAIL PROTECTED]
> > > > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > www.ruchith.org
> > > > >
> > > > >
> ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> > > --
> > > www.ruchith.org
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >
>
>
> --
> www.ruchith.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
