Re: Rampart/Axiom Xpath namespace prefix issue

Mon, 18 Feb 2008 22:19:48 -0800 

Hi Narayan,
        I think this use case is valid. I tested your scenario and it
worked fine for me. Please let me know if I am deviating from the
scenario you explained.

My assertion :

            <sp:SignedElements
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                <sp:XPath
xmlns:ns1="http://InteropBaseAddress/interop";
xmlns:ns2="http://xmlsoap.org/Ping";>/soapenv:Envelope/soapenv:Body/ns1:PingResponse/ns2:PingResponse/ns2:scenario</sp:XPath>
            </sp:SignedElements>

SOAP Message :

      <soapenv:Body>
         <PingResponse xmlns="http://InteropBaseAddress/interop";>
            <PingResponse xmlns="http://xmlsoap.org/Ping";>
               <scenario
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="id-21761424">Scenario5</scenario>
               <origin>WSO2</origin>
               <text>WSO2 - ping</text>
            </PingResponse>
         </PingResponse>
      </soapenv:Body>

the element defined in the signed elements has been successfully signed.

thanks,
/nandana


On 2/19/08, Narayan Dhillon <[EMAIL PROTECTED]> wrote:
> Hi Devs,
>
>
>
> I will appreciate if I could get any help/directions on below issue.
>
>
>
> (1) If in my XPath expression I use namespace prefix as shown in (A)
> below, and my payload shown in (B) doesn't contain any namespace prefix,
> then Rampart doesn't sign anything because
> RampartUtil.getPartsAndElements() doen't return any signed parts back.
>
> Looking at payload (B) it is still namespace qualified and only
> difference is it doesn't have namespace prefix. Shouldn't that we
> handled?
>
>
>
> (2) Also on service side if I get such a payload sent by client, then
> Rampart will also fail to validate it as it won't be able to find the
> parts and hence won't be able to match them in PolicyResultsValidator.
>
>
>
> Could dev team please post their views on it, so that it could be
> resolved?
>
>
>
> (A) Policy example
>
> <sp:SignedElements>
>
> <sp:XPath xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
> xmlns:ns1="urn:com.xxx">
>
>       //soapenv:Envelope/soapenv:Body/ns1:Request/ns1:requestId
>
>       </sp:XPath>
>
> </sp:SignedElements>
>
>
>
>  (B) Payload eaxmple
>
> <soapenv:Body>
>
> <Request xmlns="urn:com.vocalink:corporateAccess">
>
>                <requestId>test</ns1:requestId>
>
>
>


http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/

Reply via email to