Hi Alex, I'd be happy to help in understanding the code if need be. Samples are available in TckBusiness, via the signBusiness and verifyBusiness methods. These are used by the saveJoePublisherBusinessX509Signature test, which is run from the UDDI_030_BusinessEntityIntegrationTest (method is testJoePublisherBusinessEntitySignature).
Keep in mind that all of this code is extremely sensitive to the XML signature transformations used, as well as the serialization methods used. The best documentation for it all is the XML Signature standard and the JUDDI specification itself. Thanks, Jess On Sun, Mar 17, 2013 at 11:49 AM, Alex O'Ree <[email protected]> wrote: > So I'm looking at the following files > > http://svn.apache.org/repos/asf/juddi/tags/juddi-3.1.4/uddi-tck-base/src/main/java/org/apache/juddi/v3/tck/TckSigningUtil.java > > > http://svn.apache.org/repos/asf/juddi/tags/juddi-3.1.4/juddi-core/src/main/java/org/apache/juddi/mapping/MappingApiToModel.java > > with the overall goal of providing a digital signature type of > capability from the browser to a publish/inquiry endpoint, however I'm > not really seeing anything to connect the dots. > > Does anyone have a working example of a uddi client which digitally > signs a uddi element using the juddi client api, then posting it to > juddi? > > Is there anything along the lines of validating the signature? or the > certificate for that matter? > > It looks like the TckSiginingUtil could be refactored into the client > api or the core which would add the required functionality, more or > less. Unfortunately, its not documented very well (at all). I found > that it's used in > \uddi-tck-base\src\main\java\org\apache\juddi\v3\tck\TckBusiness.java > but how it translates to a functional test isn't clear. >
