RE: AW: setting the canonicalization algorithm using axis deploym ent script????

[Hassan Faouaz]

Title: Message

Per Werner request, I have included the snippet of the wsdl before and after. Please note the only different is the following attribute elementFormDefault="qualified". ��   <snipet> ��� <schema targetNamespace="http://service.proxy.tuc.com" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:impl="http://service.proxy.tuc.com" xmlns:intf="http://service.proxy.tuc.com" xmlns:tns2="http://bean.soap.tuna.tuc.com" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> �� <import namespace="http://bean.soap.tuc.com"/> �� <element name="getDiscResponse"> ��� <complexType> ���� <sequence> ����� <element name="getDiscReturn" nillable="true" type="tns2:SoapResponse"/> ���� </sequence> ��� </complexType> �� </element> �� <element name="getDiscl"> ��� <complexType>   </snipet>   after   <snipet> ��� <schema elementFormDefault="qualified" targetNamespace="http://service.proxy.tuc.com" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:impl="http://service.proxy.tuc.com" xmlns:intf="http://service.proxy.tuc.com" xmlns:tns2="http://bean.soap.tuna.tuc.com" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> �� <import namespace="http://bean.soap.tuc.com"/> �� <element name="getDiscResponse"> ��� <complexType> ���� <sequence> ����� <element name="getDiscReturn" nillable="true" type="tns2:SoapResponse"/> ���� </sequence> ��� </complexType> �� </element> �� <element name="getDiscl"> ��� <complexType>   </snipet>   Hassan Faouaz     -----Original Message----- From: Werner Dittmann [mailto:[EMAIL PROTECTED] Sent: Saturday, April 09, 2005 3:26 AM To: Hassan Faouaz Cc: 'Granqvist, Hans'; 'Dittmann Werner'; fx-dev@ws.apache.org Subject: Re: AW: setting the canonicalization algorithm using axis deploym ent script???? <SOLVED>   Hassan, great to hear that you had success. May I ask you a favour? Can you just post the WSDL file you used (or the relevant snippet)? Maybe both versions - the one that works and the one that doesn't? This would help many other users because WS is used quite often, isn't it :-) ? Regards, Werner Hassan Faouaz schrieb: I had to add to my wsdl  elementFormDefault=”qualified”  and then regenerate the java client using WSDL2Java.  Doing this, when I submit the request, WebSphere 6.0 understands it since it doesn’t see anymore empty namespaces.   Thanks guys..   Hassan Faouaz     -----Original Message----- From: Hassan Faouaz [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 07, 2005 7:49 AM To: 'Granqvist, Hans'; 'Dittmann Werner'; fx-dev@ws.apache.org Subject: RE: AW: setting the canonicalization algorithm using axis deploym ent script????   This is what Werner found out as well.   I will see if I can fix the namespace problem some how, since I used AXIS WDL2JAVA class to create the  SOAP client.    Thank you guys…   Werner wrote:   after looking at the requests I can see one main difference : the handling and setting of namespace definitions insides the soap body. If you compare both requests you can easily see this difference.   IMHO this would explain why its sometimes work when you change the c14n algorithms because c14n is responsible to normalize the the namespace handling (among other things).     Hassan Faouaz     -----Original Message----- From: Granqvist, Hans [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 06, 2005 2:50 PM To: Dittmann Werner; Hassan Faouaz; fx-dev@ws.apache.org Subject: RE: AW: setting the canonicalization algorithm using axis deploym ent script????   Also: Make sure that there is concordance on the use of inclusive-namespaces in the exc-c14n. This seems to break a lot of interop attempts -----Original Message----- From: Dittmann Werner [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 05, 2005 11:12 PM To: 'Hassan Faouaz'; fx-dev@ws.apache.org Subject: AW: AW: setting the canonicalization algorithm using axis deploym ent script???? Hassan,   as for interop tests I would agree to go this route (and if, as a side effect, we get a more flexible and configurable WSS4J - that's even better :-)   ).   What makes me wonder is that there are such problems with WAS because we had successful interop tests with WSS4J and other OASIS WSS implementations (pls refer to the WSS4J wiki).   May be we can help you if you can give use some more info about the generated requests? Can you trace the requests and just send it as attachment or so?   Regards, Werner -----Urspr�ngliche Nachricht----- Von: Hassan Faouaz [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 5. April 2005 17:55 An: Dittmann Werner; fx-dev@ws.apache.org Betreff: RE: *** Spam *** AW: setting the canonicalization algorithm using axis deployment script???? Werner,   I agree with you with respect of interoperability.  The reason why I am venturing this route, is because I am trying to get WSS4J exchange successfully a secured soap message with IBM WAS 6.0.  I was able to verify a signature from a return message from WAS 6.0, but I am not able to get WAS 6.0 to verify a signature coming from WSS4J.   I went the route of using WSDP 1.5 from SUN, and I was able to  exchange secure messages by changing the canonicalization algorithm  on webSphere.  So I thought to try to change the canonicalization algorithm on WSS4J to see if that makes a difference.   Anyway, I will keep the resort of changing wss4j code as my last resort, as much as I hate to maintain different set of code.   Thanks   Hassan Faouaz       -----Original Message----- From: Dittmann Werner [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 05, 2005 9:28 AM To: 'Hassan Faouaz'; fx-dev@ws.apache.org Subject: *** Spam *** AW: setting the canonicalization algorithm using axis deployment script????   Hassan,   some of the parameters used by WSS4J are hardcoded (usually as String in WSHandlerConstants). Most, if not all, of these "hardcoded" parameters are required to have a specific value to ensure interoperability. For example c14n:  AFAIK, it is required to be C14nExclusive, other values would not work for interoperability (probably there is also a technical reason to have C14nExclusive - need to look at the specs).   Also the specific transformation algo (described in the OASIS WSS specifications) is mandatory.   Thus, if you change c14n or transformation parameters you may do so by modifying the code as you proposed. For the standard and interoperable use of WSS4J I wouldn't recommend it.   Regards, Werner -----Urspr�ngliche Nachricht----- Von: Hassan Faouaz [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 5. April 2005 16:20 An: fx-dev@ws.apache.org Betreff: setting the canonicalization algorithm using axis deployment script???? I have realized that if you use AXIS deploy script, the canonicalization algorthim is hardcoded. There is no way to change it, after looking at the code.  I had to change the WSSignEnvelope class to look at the options in the deploy script. Is this implemented somewhere, that I am not aware of?   Code changes I made to allow setting canonicalization algorithm in WSDoAllSender.java, WSHandlerConstants.java.     <snip> reqData.canonicalizationAlgo = (String) getOption(WSHandlerConstants.CONANICALIZATION_ALGO);   if (reqData.canonicalizationAlgo != null){                   wsSign.setSigCanonicalization(reqData.canonicalizationAlgo);         }           </snip>   is that true for transform algorithm as well???   Thanks in advance..   Hassan