Re: Camel-xmlsecurity :No XML schema found

Jack Ding Tue, 09 Feb 2016 17:15:51 -0800

Thanks Claus,
My ultimate goal is to create a soap secure header with signature in it.   I am 
thinking to use detached mode plus referring the schemaResourceUri to the 
schema "http://schemas.xmlsoap.org/soap/envelope/";.  Now the problem seems to 
be the location of x509 certificate, which needs to be in the 
BinarySecurityToken element and referenced by SecurityTokenReference  in the 
KeyInfo.
Could you advise if the current camel-xmlsecurity  supports this kind of soap 
secure header?   If so, could you check if my above approach is feasible?
For example, below is the format of the secure soap header we need. 
<soapenv:Envelope 
xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 xmlns:ser="http://webservices.cashedge.com/services"; 
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>   <soapenv:Header>   
   <wsse:Security soapenv:mustUnderstand="1" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
         <wsse:BinarySecurityToken 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
 
wsu:Id="X509-181AC833A9A23E3A2E145461038308455">MIIE4jCCA8qgAwIBAg...</wsse:BinarySecurityToken>
         <ds:Signature Id="SIG-181AC833A9A23E3A2E145461038308458" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>            <ds:SignedInfo>       
        <ds:CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";>                  
<ec:InclusiveNamespaces PrefixList="oas ser soapenv" 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>               
</ds:CanonicalizationMethod>               <ds:SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>               
<ds:Reference URI="#id-181AC833A9A23E3A2E14545684427885">                  
<ds:Transforms>                     <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";>                        
<ec:InclusiveNamespaces PrefixList="oas ser" 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>                     
</ds:Transform>                  </ds:Transforms>                  
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>           
       <ds:DigestValue>cermnLLbtJrCVJ2wtmj4OmFOD3M=</ds:DigestValue>            
   </ds:Reference>            </ds:SignedInfo>            
<ds:SignatureValue>nrBdXPCD9PHkPe....p+icdOcQ==</ds:SignatureValue>            
<ds:KeyInfo Id="KI-181AC833A9A23E3A2E145461038308456">               
<wsse:SecurityTokenReference wsu:Id="STR-181AC833A9A23E3A2E145461038308457">    
              <wsse:Reference URI="#X509-181AC833A9A23E3A2E145461038308455" 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
               </wsse:SecurityTokenReference>            </ds:KeyInfo>         
</ds:Signature>         <wsu:Timestamp 
wsu:Id="TS-181AC833A9A23E3A2E145461038306854">            
<wsu:Created>2016-02-04T18:26:23Z</wsu:Created>            
<wsu:Expires>2016-02-04T18:36:23Z</wsu:Expires>         </wsu:Timestamp>      
</wsse:Security>   </soapenv:Header>   <soapenv:Body 
wsu:Id="id-181AC833A9A23E3A2E14545684427885" > .....   
</soapenv:Body></soapenv:Envelope>
Thanks in advance.


    On Tuesday, February 9, 2016 1:01 AM, Claus Ibsen <claus.ib...@gmail.com> 
wrote:
 

 You need to put the test.xsd file together with your Camel application
so they are in the same OSGi bundle, so the classloder can find the
file.

Look at some of the other osgi examples that are in the examples of Camel.
https://github.com/apache/camel/tree/master/examples

On Tue, Feb 9, 2016 at 6:16 AM, Jack Ding <hding...@yahoo.com.invalid> wrote:
> Hello,
>
> I am testing the  XML Security component according to the example from the 
> camel-xmlsecurity website. For example the following producer refers to the 
> Test.xsd:
>
> <to 
> uri="xmlsecurity:sign://detached?keyAccessor=#keyAccessorBean&amp;xpathsToIdAttributes=#xpathsToIdAttributesBean&amp;schemaResourceUri=Test.xsd"
>  />
>
> I am testing this in the karaf and I have put the Test.xsd in the following 
> folder:
>
> apache-karaf-2.3.11/instances/mytestinstance/
> However I am getting this error:
> org.apache.camel.component.xmlsecurity.api.XmlSignatureException: XML 
> Signature component is wrongly configured: No XML schema found for specified 
> schema resource URI Test.xsd
>
> My camel version is 2.14.3.
>
> According to the document it is the classpath:
> schemaResourceUri: Since 2.14.0. Classpath to the XML Schema file....
>
> Could anybody advise what the classpath exactly is and where I should I put 
> the Test.xsd in Karaf container for xmlsecurity endpoint to access it?
>
> Thanks in advance
>



-- 
Claus Ibsen
-----------------
http://davsclaus.com @davsclaus
Camel in Action 2: https://www.manning.com/ibsen2

Re: Camel-xmlsecurity :No XML schema found

Reply via email to