AW: Signature verification failed con client Ksoap

[Dittmann Werner]

Title: Nachricht

Filippo,   that's very hard to answer.   First of all, who produced the signature of the kSoap request?   Looking at the requests I can see that the digest values of the Reference is the same in both cases. Also the Signature value is the same in both cases.   This is a good sign...however, after the signature was produced .. did some module modify the SOAP request, in particular between the SignedInfo tags? With modifcation I also mean every type of "pretty-printing" the XML after signing but before it was put on the wire.   When I look at the requests they have a different "layout", indents, and so on. I once had a similar problem.   When computing the Signature value the xmlsec library takes information that is between the SignedInfo tags, hashes and signs it. Thus, if data is changed afterwards the signature check fails.   Be aware the blanks, newlines, tabs, that are inserted after signing create additional XML DOM nodes during parsing at the server side. These new nodes that hold the additional blanks, newlines etc. now also go into the computation of hash values. Thus - the receiver computes a hash that is not the same that was computed by the sender.   Regards, Werner   -----Urspr�ngliche Nachricht----- Von: filippo [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 24. M�rz 2005 11:07 An: fx-dev@ws.apache.org Cc: Gianluigi Brasili; Arnaldo Campanella; Adriana Pietramala Betreff: Signature verification failed con client Ksoap Wichtigkeit: Hoch   ....  <some content removed/>   ....   Ing. Filippo Aiello --------------------------------------------- E-Guide S.R.L. Via Pietro Bucci, Capannone C Arcavacata di Rende (Cs) Tel.: 0984/493180 Mob: +39.348.5240323 Fax: 0984/493057 E-mail: [EMAIL PROTECTED] ---------------------------