Hi Nandana,
Issue appears when I use ADB for binding.
In that case soap message looks like below and then Rampart doesn't sign
anything.
<soapenv:Body>
<ns1:Request xmlns:ns1="urn:com.xxx">
<requestId>testSubmission6</requestId>
</ns1:Request>
</soapenv:Body>
Regards, Narayan
-----Original Message-----
From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED]
Sent: 19 February 2008 06:19
To: [email protected]
Subject: Re: Rampart/Axiom Xpath namespace prefix issue
Hi Narayan,
I think this use case is valid. I tested your scenario and it
worked fine for me. Please let me know if I am deviating from the
scenario you explained.
My assertion :
<sp:SignedElements
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:XPath
xmlns:ns1="http://InteropBaseAddress/interop";
xmlns:ns2="http://xmlsoap.org/Ping";>/soapenv:Envelope/soapenv:Body/ns1:P
ingResponse/ns2:PingResponse/ns2:scenario</sp:XPath>
</sp:SignedElements>
SOAP Message :
<soapenv:Body>
<PingResponse xmlns="http://InteropBaseAddress/interop";>
<PingResponse xmlns="http://xmlsoap.org/Ping";>
<scenario
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
wsu:Id="id-21761424">Scenario5</scenario>
<origin>WSO2</origin>
<text>WSO2 - ping</text>
</PingResponse>
</PingResponse>
</soapenv:Body>
the element defined in the signed elements has been successfully signed.
thanks,
/nandana
On 2/19/08, Narayan Dhillon <[EMAIL PROTECTED]> wrote:
> Hi Devs,
>
>
>
> I will appreciate if I could get any help/directions on below issue.
>
>
>
> (1) If in my XPath expression I use namespace prefix as shown in (A)
> below, and my payload shown in (B) doesn't contain any namespace
prefix,
> then Rampart doesn't sign anything because
> RampartUtil.getPartsAndElements() doen't return any signed parts back.
>
> Looking at payload (B) it is still namespace qualified and only
> difference is it doesn't have namespace prefix. Shouldn't that we
> handled?
>
>
>
> (2) Also on service side if I get such a payload sent by client, then
> Rampart will also fail to validate it as it won't be able to find the
> parts and hence won't be able to match them in PolicyResultsValidator.
>
>
>
> Could dev team please post their views on it, so that it could be
> resolved?
>
>
>
> (A) Policy example
>
> <sp:SignedElements>
>
> <sp:XPath xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
> xmlns:ns1="urn:com.xxx">
>
> //soapenv:Envelope/soapenv:Body/ns1:Request/ns1:requestId
>
> </sp:XPath>
>
> </sp:SignedElements>
>
>
>
> (B) Payload eaxmple
>
> <soapenv:Body>
>
> <Request xmlns="urn:com.vocalink:corporateAccess">
>
> <requestId>test</ns1:requestId>
>
>
>
http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/
*****************************************************
This email is issued by a VocaLink group company. It is confidential and
intended for the exclusive use of the addressee only. You should not disclose
its contents to any other person. If you are not the addressee (or responsible
for delivery of the message to the addressee), please notify the originator
immediately by return message and destroy the original message. The contents of
this email will have no contractual effect unless it is otherwise agreed
between a specific VocaLink group company and the recipient.
The VocaLink group companies include, among others: VocaLink Limited (Company
No 06119048, VAT No. 907 9619 87) which is registered in England and Wales at
registered office Drake House, Homestead Road, Rickmansworth, WD3 1FX. United
Kingdom, Voca Limited (Company no 1023742, VAT No. 907 9619 87) which is
registered in England and Wales at registered office Drake House, Three Rivers
Court, Homestead Road, Rickmansworth, Hertfordshire. WD3 1FX. United Kingdom,
LINK Interchange Network Limited (Company No 3565766, VAT No. 907 9619 87)
which is registered in England and Wales at registered office Arundel House, 1
Liverpool Gardens, Worthing, West Sussex, BN11 1SL and VocaLink Holdings
Limited (Company No 06119036, VAT No. 907 9619 87) which is registered in
England and Wales at registered office Drake House, Homestead Road,
Rickmansworth, WD3 1FX. United Kingdom.
The views and opinions expressed in this email may not reflect those of any
member of the VocaLink group. This message and any attachments have been
scanned for viruses prior to leaving the VocaLink group network; however,
VocaLink does not guarantee the security of this message and will not be
responsible for any damages arising as a result of any virus being passed on or
arising from any alteration of this message by a third party. The VocaLink
group may monitor emails sent to and from the VocaLink group network.
This message has been checked for all email viruses by MessageLabs.
*************************************************************
