I had the same result that you got ... I wanted to point out that the
problem is in WSS4J because it didn't take the XPath into account when
setting up the list of signed elements after signature verification.
*This is a bug in WSS4J that has to be fixed!* Please file a bug in
JIRA [1]
The exception you listed here occurs in WSS4J after signature
verification is successful, when it tries to make a collection of
signed elements by going through the Reference elements.
Your soap message is correct and the signature verification was
successfully carried out by XML-Security library.
Thanks,
Ruchith
[1] https://issues.apache.org/jira/browse/WSS
On 9/20/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Nope. I used the same code. Crypto is merlin. I get the following error
> Are you using wss4j-1.5/xmlsec-1.3.0? So does this require a fix
> within wss4j? I am re-attaching the file and its checksum to be sure
> that we are using the same file.
>
> MD5: 13d402e3444f6aa5ee2bf3e8b8d9adb2 soapmsg.xml
>
>
> thanks
>
> Aravind
>
> - Registering Here function
> - Verification successful for URI ""
> java.lang.NullPointerException
> at
> org.apache.ws.security.util.WSSecurityUtil.findElementById(
WSSecurityUtil.java:270)
> at
> org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(
WSSecurityUtil.java:439)
> at
> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature
> (SignatureProcessor.java:294)
> at
> org.apache.ws.security.processor.SignatureProcessor.handleToken(
SignatureProcessor.java:79)
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java
> :269)
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:191)
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:144)
> at Verify2.main(Verify2.java:22)
> Exception in thread "main"
>
>
>
> On 9/19/06, Ruchith Fernando < [EMAIL PROTECTED]> wrote:
> > Hi,
> >
> > I just tried to process your message with WSS4J.
> > WSS4J (via XML-Security) verifies the signature and the signature is
valid
> ! :-)
> >
> > And yes ! the bug is in WSS4J where we only check the URI of the
> > Reference element to figure out the signed elements.
> >
> > I used the following piece of code to try this out:
> >
> > public static void main(String[] args) throws Exception {
> > Crypto crypto = CryptoFactory.getInstance("
cryptoSKI.properties");
> > DocumentBuilderFactory fac =
> DocumentBuilderFactory.newInstance ();
> > fac.setNamespaceAware(true);
> > Document doc = fac.newDocumentBuilder().parse(new
File(args[0]));
> >
> > WSSecurityEngine secEngine = new WSSecurityEngine();
> > secEngine.processSecurityHeader (doc, null, null, crypto);
> > }
> >
> > You can provide any valid crypto.properties file in creating the
> > crypto instance and the first argument should be the path to the soap
> > message.
> >
> > Thanks,
> > Ruchith
> >
> > On 9/20/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > > I just ran a test. Adding CR's anywhere other than the soap:Body
doesn't
> > > affect
> > > the signature verfication. Adding a CR inside the signed part makes
the
> > > verification to fail.
> > >
> > > AFAIK this has something to do with exclusive c14n. I don't remember
> > > exactly. BTW
> > > I changed the Reference element into a blank URI and added a XPath
> Transform
> > > element
> > > in my example.(After writing the signed xml to a file and then
manually
> > > editing it). I expected the verfication to succeed.
> > >
> > > From this
> > >
> > > <ds:Reference URI="#id-4999541"
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#
> > > ">
> > > <ds:Transforms xmlns:ds="
> http://www.w3.org/2000/09/xmldsig#";>
> > > <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# "
> xmlns:ds="
> > > http://www.w3.org/2000/09/xmldsig#"/>
> > > </ds:Transforms>
> > > <ds:DigestMethod Algorithm="
> http://www.w3.org/2000/09/xmldsig#sha1";
> > > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
> > > <ds:DigestValue xmlns:ds="
> http://www.w3.org/2000/09/xmldsig#
> > > ">BzWOzsdSqTjsDtk4MyCtrZ3QzUU=</ds:DigestValue>
> > > </ds:Reference>
> > >
> > > to
> > >
> > > <ds:Reference URI="" xmlns:ds="
> http://www.w3.org/2000/09/xmldsig#";>
> > > <ds:Transforms
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
> > > <ds:Transform
> Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116";>
> > > <ds:XPath xmlns:soap="
> > > http://schemas.xmlsoap.org/soap/envelope/
> > > ">ancestor-or-self::soap:Body</ds:XPath>
> > > </ds:Transform>
> > > <ds:Transform Algorithm="
> http://www.w3.org/2001/10/xml-exc-c14n#"; xmlns:ds="
> > > http://www.w3.org/2000/09/xmldsig#"/>
> > > </ds:Transforms>
> > > <ds:DigestMethod Algorithm="
> http://www.w3.org/2000/09/xmldsig#sha1";
> > > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
> > > <ds:DigestValue xmlns:ds="
> http://www.w3.org/2000/09/xmldsig#
> > > ">BzWOzsdSqTjsDtk4MyCtrZ3QzUU=</ds:DigestValue>
> > > </ds:Reference>
> > >
> > > I am doing this to create a test case to show that WSS4J has a
> > > bug/limitation in handling in blankURIs/XPath. Is there a code
sample to
> do
> > > this programmatically? All of this effort to convince other vendor
to
> use
> > > ids instead of XPath so that we can use Axis2/WSS4J
> > >
> > > Any help will be greatly appreciated.
> > >
> > >
> > > On 9/19/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> > > >
> > > > Hi,
> > > >
> > > > On 9/19/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > > > > I don't know. That is the message we receive from anonther
vendor's
> > > > > implementation.
> > > > > I thought only the subset of the xml that is signed should not
be
> > > > > disturbed(in this case
> > > > > soapenv:Body). Should the rest of the soap message also remain
the
> > > > same?
> > > >
> > > > Actually *nothing* should be disturbed.
> > > >
> > > > The SignatureValue is the signature over the digest of the
SignedInfo
> > > > element in the transformed Signature element
> > > >
> > > > Also if you change the soapenv:Body then the digest value in the
> > > > SignedInfo element will change, which again will cause a sig
faliure.
> > > >
> > > > > BTW
> > > > > is there is any example where we use a blank URI? Almost all the
> > > > examples I
> > > > > have
> > > > > seen are of the form URI="#id-xxxx" but the one that I talked
about
> is
> > > > > blank/uses XPath
> > > >
> > > > Hmm... yes I noticed the use of XPath ...it seems to be valid
> > > > according to the XML-Signature spec - 6.6.3 XPath Filtering [1].
> > > >
> > > > Thanks,
> > > > Ruchith
> > > >
> > > > [1] http://www.w3.org/TR/xmldsig-core/#sec-XPath
> > > >
> > > > >
> > > > > Thanking you in advance.
> > > > >
> > > > >
> > > > >
> > > > > On 9/19/06, Ruchith Fernando < [EMAIL PROTECTED]>
wrote:
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > I am yet to try to verify the soap msg you attached earlier. I
> have
> > > > > > one concern about it: the security header looks to be pretty
> printed.
> > > > > > Are you sure the message was not modified after signature?
> > > > > >
> > > > > > Thanks,
> > > > > > Ruchith
> > > > > >
> > > > > > p.s. I applied your patch to axiom ... running the axis2 tests
now
> > > > > > with the axiom changes, will commit on success.
> > > > > >
> > > > > > On 9/19/06, [EMAIL PROTECTED] < [EMAIL PROTECTED]>
wrote:
> > > > > > > No luck. Now I don't get any exception (after fixing a npe)
but
> the
> > > > > > > signature verification still fails.
> > > > > > >
> > > > > > > I had to apply this tiny patch to get to the stage of
signature
> > > > > > verification
> > > > > > > failing. All long
> > > > > > > it has been exceptions!. Not sure whether the patch is the
right
> > > > one.Iwould
> > > > > > > appreciate if you could verify the xml file that I sent
earlier
> at
> > > > your
> > > > > > end.
> > > > > > > Or if you have any tools/utilities to verify a standlone xml
> > > > message.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > ---
> org/apache/axiom/om/impl/dom/ElementImpl.java.orig
> 2006-09-19
> > > > > > 09:55:
> > > > > > > 31.445213500 -0400
> > > > > > > +++
> org/apache/axiom/om/impl/dom/ElementImpl.java
> 2006-09-19
> > > > > > 09:32:
> > > > > > > 13.461364400 -0400
> > > > > > > @@ -361,8 +361,9 @@
> > > > > > >
> > > > > > > if (namespaceURI == OMConstants.XMLNS_NS_URI) {
> > > > > > > OMNamespace ns = this.findNamespaceURI
(localName);
> > > > > > > - AttrImpl namespaceAttr = new
> AttrImpl(this.ownerNode,
> > > > > > > localName, ns
> > > > > > > - .getNamespaceURI(),
> this.factory);
> > > > > > > + String nsuri = ns != null ? ns.getNamespaceURI()
:
> "";
> > > > > > > + AttrImpl namespaceAttr = new
> AttrImpl(this.ownerNode,
> > > > > > > localName, nsuri,
> > > > > > > + this.factory);
> > > > > > > NamespaceImpl xmlNs = new NamespaceImpl(
> > > > > > > OMConstants.XMLNS_NS_URI);
> > > > > > > namespaceAttr.setOMNamespace(xmlNs);
> > > > > > > return namespaceAttr;
> > > > > > >
> > > > > > >
> > > > > > > On 9/18/06, Ruchith Fernando < [EMAIL PROTECTED]>
> wrote:
> > > > > > > >
> > > > > > > > Hi,
> > > > > > > >
> > > > > > > > This is a Bug in DOOM. Thanks for reporting it.
> > > > > > > > I just fixed it in the latest svn - revision - 447543.
> > > > > > > >
> > > > > > > > Please try it out.
> > > > > > > >
> > > > > > > > Thanks,
> > > > > > > > Ruchith
> > > > > > > >
> > > > > > > > On 9/18/06, [EMAIL PROTECTED] < [EMAIL PROTECTED]>
> wrote:
> > > > > > > > > I updated from subversion today( 20060918 10AM EST). The
> > > > > > > > > NullPointerException is gone but a new exception
> > > > > > > > > UnsupportedOperationException is being thrown.
> > > > > > > > >
> > > > > > > > > A basic question. Does axiom+wss4j support blank URI's?
> Using
> > > > > > > > > XPath? The xml message that fails actually uses blank
URIs
> and
> > > > XPath
> > > > > > to
> > > > > > > > > refer to the subset that is signed. Here is the stack
trace.
> > > > > > > > >
> > > > > > > > > Thread [http-8888-Processor25] (Suspended (exception
> > > > > > > > > UnsupportedOperationException))
> > > > > > > > >
> SOAPMessageImpl(DocumentImpl).getNextSibling() line: 111
> > > > > > > > >
> XMLUtils.circumventBug2650internal(Node) line: 490
> > > > > > > > > XMLUtils.circumventBug2650(Document) line: 436
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
Canonicalizer20010315ExclOmitComments(CanonicalizerBase).engineCanonicalize(XMLSignatureInput)
> > > > > > > > > line: 150
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
Canonicalizer20010315ExclOmitComments(Canonicalizer20010315Excl).engineCanonicalize(XMLSignatureInput,
> > > > > > > > > String) line: 115
> > > > > > > > >
> TransformC14NExclusive.enginePerformTransform
> > > > (XMLSignatureInput,
> > > > > > > > > OutputStream) line: 93
> > > > > > > > > Transform.performTransform(XMLSignatureInput,
> OutputStream)
> > > > > > line:
> > > > > > > > 340
> > > > > > > > >
> > > > > > > > > Transforms.performTransforms(XMLSignatureInput,
> > > > OutputStream)
> > > > > > line:
> > > > > > > > > 237
> > > > > > > > >
> Reference.getContentsAfterTransformation
> (XMLSignatureInput,
> > > > > > > > > OutputStream) line: 433
> > > > > > > > >
> Reference.dereferenceURIandPerformTransforms(OutputStream)
> > > > line:
> > > > > > 603
> > > > > > > > > Reference.calculateDigest() line: 688
> > > > > > > > > Reference.verify() line: 736
> > > > > > > > >
> SignedInfo(Manifest).verifyReferences(boolean) line: 317
> > > > > > > > > SignedInfo.verify(boolean) line: 224
> > > > > > > > > XMLSignature.checkSignatureValue(Key)
> line: 590
> > > > > > > > > XMLSignature.checkSignatureValue
> (X509Certificate) line: 557
> > > > > > > > >
> SignatureProcessor.verifyXMLSignature(Element, Crypto,
> > > > > > > > > X509Certificate[], Set, byte[][]) line: 264
> > > > > > > > > SignatureProcessor.handleToken(Element, Crypto,
Crypto,
> > > > > > > > CallbackHandler,
> > > > > > > > > WSDocInfo, Vector, WSSConfig) line: 79
> > > > > > > > >
> WSSecurityEngine.processSecurityHeader(Element,
> > > > CallbackHandler,
> > > > > > > > Crypto,
> > > > > > > > > Crypto) line: 269
> > > > > > > > > WSSecurityEngine.processSecurityHeader
> (Document, String,
> > > > > > > > > CallbackHandler, Crypto, Crypto) line: 191
> > > > > > > > > WSDoAllReceiver.processMessage(MessageContext) line:
180
> > > > > > > > >
> WSDoAllReceiver(WSDoAllHandler).invoke(MessageContext)
> line:
> > > > 82
> > > > > > > > > Phase.invoke(MessageContext) line: 381
> > > > > > > > > AxisEngine.invoke(MessageContext) line: 473
> > > > > > > > > AxisEngine.receive(MessageContext) line: 445
> > > > > > > > > OutInAxisOperationClient.send(MessageContext) line:
355
> > > > > > > > >
> OutInAxisOperationClient.execute(boolean) line: 279
> > > > > > > > >
> CustomerInformationServiceStub.isAliveRequest
> > > > > > > > (IsAliveRequestDocument)
> > > > > > > > > line: 317
> > > > > > > > >
> CustomerInformationClient.queryIsAlive() line: 66
> > > > > > > > >
> IsAliveRequestAction.processRequest(HttpServletRequest,
> > > > > > > > > HttpServletResponse) line: 42
> > > > > > > > >
> > > > > >
> IsAliveRequestAction(SimpleAction).executeAction(ActionConfigExt,
> > > > > > > > > ActionForm, HttpServletRequest, HttpServletResponse)
line:
> 185
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
IsAliveRequestAction(AbstractRequestAction).executeAction(ActionConfigExt,
> > > > > > > > > ActionForm, HttpServletRequest, HttpServletResponse)
line:
> 162
> > > > > > > > >
> IsAliveRequestAction(SimpleAction).execute(ActionMapping,
> > > > > > > > ActionForm,
> > > > > > > > > HttpServletRequest, HttpServletResponse) line: 123
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
RequestProcessorExt(RequestProcessor).processActionPerform(HttpServletRequest,
> > > > > > > > > HttpServletResponse, Action, ActionForm, ActionMapping)
> line:
> > > > 484
> > > > > > > > >
> > > > > >
> RequestProcessorExt(RequestProcessor).process(HttpServletRequest,
> > > > > > > > > HttpServletResponse) line: 274
> > > > > > > > > RequestProcessorExt.process(HttpServletRequest,
> > > > > > HttpServletResponse)
> > > > > > > > > line: 126
> > > > > > > > >
> ActionServletExt(ActionServlet).process(HttpServletRequest,
> > > > > > > > > HttpServletResponse) line: 1482
> > > > > > > > > ActionServletExt.process (HttpServletRequest,
> > > > > > HttpServletResponse)
> > > > > > > > line:
> > > > > > > > > 111
> > > > > > > > >
> ActionServletExt(ActionServlet).doGet(HttpServletRequest,
> > > > > > > > > HttpServletResponse) line: 507
> > > > > > > > >
> ActionServletExt(HttpServlet).service(HttpServletRequest,
> > > > > > > > > HttpServletResponse) line: 697
> > > > > > > > >
> ActionServletExt(HttpServlet).service(ServletRequest,
> > > > > > > > ServletResponse)
> > > > > > > > > line: 810
> > > > > > > > >
> ApplicationFilterChain.internalDoFilter(ServletRequest,
> > > > > > > > ServletResponse)
> > > > > > > > > line: 237
> > > > > > > > > ApplicationFilterChain.doFilter (ServletRequest,
> > > > ServletResponse)
> > > > > > > > line:
> > > > > > > > > 157
> > > > > > > > > StandardWrapperValve.invoke(Request, Response,
> ValveContext)
> > > > > > line:
> > > > > > > > > 214
> > > > > > > > > StandardValveContext.invokeNext(Request, Response)
line:
> 104
> > > > > > > > > StandardPipeline.invoke (Request, Response) line:
520
> > > > > > > > >
> StandardContextValve.invokeInternal(Wrapper, Request,
> > > > Response)
> > > > > > > > line:
> > > > > > > > > 198
> > > > > > > > > StandardContextValve.invoke(Request, Response,
> ValveContext)
> > > > > > line:
> > > > > > > > > 152
> > > > > > > > > StandardValveContext.invokeNext (Request, Response)
> line: 104
> > > > > > > > > StandardPipeline.invoke(Request, Response) line: 520
> > > > > > > > > StandardHostValve.invoke(Request, Response,
> ValveContext)
> > > > line:
> > > > > > 137
> > > > > > > > > StandardValveContext.invokeNext(Request, Response)
line:
> 104
> > > > > > > > > ErrorReportValve.invoke(Request, Response,
ValveContext)
> > > > line:
> > > > > > 118
> > > > > > > > > StandardValveContext.invokeNext(Request, Response)
line:
> 102
> > > > > > > > > StandardPipeline.invoke(Request, Response) line: 520
> > > > > > > > > StandardEngineValve.invoke(Request, Response,
> ValveContext)
> > > > > > line:
> > > > > > > > 109
> > > > > > > > >
> > > > > > > > > StandardValveContext.invokeNext(Request, Response)
line:
> 104
> > > > > > > > > StandardPipeline.invoke(Request, Response) line: 520
> > > > > > > > >
> StandardEngine(ContainerBase).invoke(Request, Response)
> > > > line:
> > > > > > 929
> > > > > > > > > CoyoteAdapter.service(Request, Response) line: 160
> > > > > > > > > Http11Processor.process(InputStream, OutputStream)
line:
> 799
> > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
> Http11Protocol$Http11ConnectionHandler.processConnection(TcpConnection,
> > > > > > > > > Object[]) line: 705
> > > > > > > > > TcpWorkerThread.runIt(Object[]) line: 577
> > > > > > > > > ThreadPool$ControlRunnable.run() line:
> 684
> > > > > > > > > ThreadWithAttributes(Thread).run()
> line: 534
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On 9/18/06, Ruchith Fernando <[EMAIL PROTECTED]
>
> wrote:
> > > > > > > > > >
> > > > > > > > > > Hi Aravind,
> > > > > > > > > >
> > > > > > > > > > I just checked the latest axiom-dom impl code and
there is
> a
> > > > null
> > > > > > > > > > check in line #353 in ElementImpl. Therefore IMHO this
> > > > exception
> > > > > > is
> > > > > > > > > > not possible. Are you sure you are using the latest
> > > > > > axiom-*-SNAPSHOT
> > > > > > > > > > jars?
> > > > > > > > > >
> > > > > > > > > > Thanks,
> > > > > > > > > > Ruchith
> > > > > > > > > >
> > > > > > > > > > On 9/14/06, [EMAIL PROTECTED] <
[EMAIL PROTECTED]>
> > > > wrote:
> > > > > > > > > > > I upgraded to stax-1.0.1 and wstx-asl-3.0.0.jar as
you
> said.
> > > > And
> > > > > > I
> > > > > > > > get a
> > > > > > > > > > > NullPointerException. Here is the stack trace. I
have
> also
> > > > > > attached
> > > > > > > > the
> > > > > > > > > > xml
> > > > > > > > > > > message.
> > > > > > > > > > > In the soap message that causes the problem,I have
> commented
> > > > out
> > > > > > the
> > > > > > > > > > private
> > > > > > > > > > > information as confidential. I hope that doesn't
cause
> a
> > > > > > problem
> > > > > > > > for
> > > > > > > > > > you as
> > > > > > > > > > > it is outside
> > > > > > > > > > > the signed part. The odd thing is the URI is blank
and
> the
> > > > > > message
> > > > > > > > uses
> > > > > > > > > > > XPath to refer to the part that is signed. I am not
sure
> how
> > > > > > good is
> > > > > > > > the
> > > > > > > > > > > support for XPath in xmlsecurity library suite.
> > > > > > > > > > >
> > > > > > > > > > > Any help will be greatly appreciated. Thanks in
> advance.
> > > > > > > > > > >
> > > > > > > > > > > Aravind
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
-------------------------------------------------------------------------------------
> > > > > > > > > > > >
> > > > > > > > > > > >
> SOAPEnvelopeImpl(ElementImpl).getAttributeNodeNS(String,
> > > > > > > > > > > String) line: 353
> > > > > > > > > > > > XMLUtils.circumventBug2650(Document) line: 429
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
Canonicalizer20010315ExclOmitComments(CanonicalizerBase).engineCanonicalize(XMLSignatureInput)
> > > > > > > > > > > line: 150
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
Canonicalizer20010315ExclOmitComments(Canonicalizer20010315Excl).engineCanonicalize(XMLSignatureInput,
> > > > > > > > > > > String) line: 115
> > > > > > > > > > > >
> > > > > > > > > > >
> TransformC14NExclusive.enginePerformTransform
> > > > (XMLSignatureInput,
> > > > > > > > > > > OutputStream) line: 93
> > > > > > > > > > > > Transform.performTransform(XMLSignatureInput,
> > > > OutputStream)
> > > > > > line:
> > > > > > > > 340
> > > > > > > > > > > > Transforms.performTransforms(XMLSignatureInput,
> > > > OutputStream)
> > > > > > > > line:
> > > > > > > > > > 237
> > > > > > > > > > > >
> > > > > > > > > > >
> Reference.getContentsAfterTransformation(XMLSignatureInput,
> > > > > > > > > > > OutputStream) line: 433
> > > > > > > > > > > >
> > > > > > > > > > >
> Reference.dereferenceURIandPerformTransforms(OutputStream)
> > > > > > > > > > > line: 603
> > > > > > > > > > > > Reference.calculateDigest() line: 688
> > > > > > > > > > > > Reference.verify() line: 736
> > > > > > > > > > > >
> SignedInfo(Manifest).verifyReferences(boolean) line: 317
> > > > > > > > > > >
> > > > > > > > > > > > SignedInfo.verify(boolean) line: 224
> > > > > > > > > > > > XMLSignature.checkSignatureValue
> (Key) line: 590
> > > > > > > > > > > >
> XMLSignature.checkSignatureValue(X509Certificate) line:
> > > > > > > > > > > 557
> > > > > > > > > > > >
> SignatureProcessor.verifyXMLSignature(Element, Crypto,
> > > > > > > > > > > X509Certificate[], Set, byte[][]) line: 264
> > > > > > > > > > > > SignatureProcessor.handleToken (Element, Crypto,
> Crypto,
> > > > > > > > > > CallbackHandler,
> > > > > > > > > > > WSDocInfo, Vector, WSSConfig) line: 79
> > > > > > > > > > > >
> WSSecurityEngine.processSecurityHeader(Element,
> > > > > > > > > > > CallbackHandler, Crypto, Crypto) line: 269
> > > > > > > > > > > >
> WSSecurityEngine.processSecurityHeader (Document, String,
> > > > > > > > > > > CallbackHandler, Crypto, Crypto) line: 191
> > > > > > > > > > > > WSDoAllReceiver.processMessage(MessageContext)
line:
> 180
> > > > > > > > > > > >
> WSDoAllReceiver(WSDoAllHandler).invoke(MessageContext)
> > > > > > > > > > > line: 82
> > > > > > > > > > > > Phase.invoke (MessageContext) line: 381
> > > > > > > > > > > > AxisEngine.invoke(MessageContext) line: 473
> > > > > > > > > > > > AxisEngine.receive(MessageContext) line: 445
> > > > > > > > > > > > OutInAxisOperationClient.send(MessageContext)
line:
> 355
> > > > > > > > > > > > OutInAxisOperationClient.execute
> (boolean) line: 279
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
-------------------------------------------------------------------------
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > On 9/13/06, Ruchith Fernando <
> [EMAIL PROTECTED]>
> > > > > > wrote:
> > > > > > > > > > > > Yes !
> > > > > > > > > > > >
> > > > > > > > > > > > You have to use stax-1.0.1. Please replace your
> stax-api
> > > > jar
> > > > > > with
> > > > > > > > this
> > > > > > > > > > > > [1] and woodstox (wstx-asl-*.jar) with this [2].
> > > > > > > > > > > >
> > > > > > > > > > > > Thanks,
> > > > > > > > > > > > Ruchith
> > > > > > > > > > > >
> > > > > > > > > > > > [1]
> > > > > > > > > > >
> http://www.ibiblio.org/maven/stax/jars/stax-api-1.0.1.jar
> > > > > > > > > > > > [2]
> > > > > > > > > > >
> > > >
> http://www.ibiblio.org/maven/woodstox/jars/wstx-asl-3.0.0.jar
> > > > > > > > > > > >
> > > > > > > > > > > > On 9/14/06, [EMAIL PROTECTED] <
> [EMAIL PROTECTED]>
> > > > > > wrote:
> > > > > > > > > > > > > Hi,
> > > > > > > > > > > > >
> > > > > > > > > > > > > Do I need to upgrade any other libraries? When I
> used
> > > > the
> > > > > > the
> > > > > > > > latest
> > > > > > > > > > > > > snapshot I get this error in my application. I
have
> > > > pasted
> > > > > > only
> > > > > > > > > > > > > the relevant portion of the stack trace as the
other
> > > > parts
> > > > > > are
> > > > > > > > > > > > > confidential.
> > > > > > > > > > > > >
> > > > > > > > > > > > > thanks
> > > > > > > > > > > > >
> > > > > > > > > > > > > Aravind
> > > > > > > > > > > > >
> > > > > > > > > > > > > Error is
> > > > > > > > > > > > >
> > > > > > > > > > > > > java.lang.NoSuchMethodError:
> > > > > > > > > > > > >
> javax.xml.stream.XMLOutputFactory.newInstance
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
(Ljava/lang/String;Ljava/lang/ClassLoader;)Ljavax/xml/stream/XMLOutputFactory;
> > > > > > > > > > > > > at
> > > > > > > > > > >
> org.apache.axiom.om.util.StAXUtils.getXMLOutputFactory(
> > > > > > > > StAXUtils.java
> > > > > > > > > > :97)
> > > > > > > > > > > > > at
> > > > > > > > > > >
> org.apache.axiom.om.util.StAXUtils.createXMLStreamWriter
> > > > > > > > > > > (StAXUtils.java:111)
> > > > > > > > > > > > > at
> > > > > > > > > > >
> org.apache.axiom.om.impl.dom.NodeImpl.serialize(
> > > > NodeImpl.java
> > > > > > :577)
> > > > > > > > > > > > > at
> > > > > > > > > > >
> org.apache.axiom.om.impl.dom.ElementImpl.toString(
> > > > > > ElementImpl.java
> > > > > > > > :1139)
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > On 9/13/06, Ruchith Fernando <
> [EMAIL PROTECTED]
> > > > >
> > > > > > wrote:
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > Hi,
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > Can you please try this with the latest
> > > > axiom-*-SNAPSHOT
> > > > > > jars.
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
http://people.apache.org/repository/ws-commons/jars/axiom-api-SNAPSHOT.jar
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
http://people.apache.org/repository/ws-commons/jars/axiom-dom-SNAPSHOT.jar
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > >
> > > >
>
http://people.apache.org/repository/ws-commons/jars/axiom-impl-SNAPSHOT.jar
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > Thanks,
> > > > > > > > > > > > > > Ruchith
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > On 9/13/06, [EMAIL PROTECTED] <
> > > > [EMAIL PROTECTED] >
> > > > > > > > wrote:
> > > > > > > > > > > > > > > At ResolverFragment.java:60
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > Document doc = uri.getOwnerElement
> > > > ().getOwnerDocument();
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > This happens when we try to verify a xml
> signature.
> > > > We
> > > > > > are
> > > > > > > > using
> > > > > > > > > > > > > > > axiom(version
> > > > > > > > > > > 1)/wss4j-
> 1.5.0/xerces-2.7.1/xml-api-1.3.02/xmlsec-1.3.0with
> > > > > > > > > > > > > > > Tomcat.
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > uri.getOwnerElement() is of type
DocumentImpl
> that
> > > > can't
> > > > > > be
> > > > > > > > type
> > > > > > > > > > > cast
> > > > > > > > > > > > > > > into Element as none of the super classes
> implement
> > > > the
> > > > > > > > Element
> > > > > > > > > > > > > > interface.
> > > > > > > > > > > > > > > Am I right? I am new to web services and I
don't
> > > > > > understand
> > > > > > > > > > fully.
> > > > > > > > > > > But
> > > > > > > > > > > > > > this
> > > > > > > > > > > > > > > problem is always reproducible in our
> environment.
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > Any help will be greatly appreciated.
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > thanks
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > Aravind
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > > > --
> > > > > > > > > > > > > > www.ruchith.org
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > >
> ---------------------------------------------------------------------
> > > > > > > > > > > > > > To unsubscribe, e-mail:
> > > > > > > > > > > [EMAIL PROTECTED]
> > > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > [EMAIL PROTECTED]
> > > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > --
> > > > > > > > > > > > www.ruchith.org
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > >
> ---------------------------------------------------------------------
> > > > > > > > > > > > To unsubscribe, e-mail:
> > > > > > > > > > > [EMAIL PROTECTED]
> > > > > > > > > > > > For additional commands, e-mail:
> > > > > > [EMAIL PROTECTED]
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > >
> ---------------------------------------------------------------------
> > > > > > > > > > > To unsubscribe, e-mail:
> > > > > > > > > > > [EMAIL PROTECTED]
> > > > > > > > > > > For additional commands, e-mail:
> > > > [EMAIL PROTECTED]
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > --
> > > > > > > > > > www.ruchith.org
> > > > > > > > > >
> > > > > > > > > >
> > > > > >
> ---------------------------------------------------------------------
> > > > > > > > > > To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> > > > > > > > > > For additional commands, e-mail:
> > > > [EMAIL PROTECTED]
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > > www.ruchith.org
> > > > > > > >
> > > > > > > >
> > > >
> ---------------------------------------------------------------------
> > > > > > > > To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> > > > > > > > For additional commands, e-mail:
> [EMAIL PROTECTED]
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > www.ruchith.org
> > > > > >
> > > > > >
> ---------------------------------------------------------------------
> > > > > > To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> > > > > > For additional commands, e-mail:
[EMAIL PROTECTED]
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > www.ruchith.org
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >
> > > >
> > >
> > >
> >
> >
> > --
> > www.ruchith.org
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
