Hi Andrei Thanks for the infos about the signing behavior in CXF, this helps me to understand the difference between Weblogic and CXF.
Still I don't get the STR inside the KeyInfo signed in the CXF response. I'm not very familiar with the SignedParts/SignedElements assertions, could someone please provide the right SignedParts or SignedElements assertion to sign the STR shown in the previous post? Thanks in advance. I tried these two: <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <sp:Body/> <sp:Header Name="SecurityTokenReference" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/> </sp:SignedParts> and <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <sp:Body/> </sp:SignedParts> <sp:SignedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> <sp:XPath>/soap:Envelope/soap:Header/wsse:Security/ds:Signature/ds:KeyInfo/wsse:SecurityTokenReference</sp:XPath> </sp:SignedElements> -Andreas -- View this message in context: http://cxf.547215.n5.nabble.com/Signature-Interop-Issue-Weblogic-Apache-CXF-tp5718487p5719000.html Sent from the cxf-user mailing list archive at Nabble.com.
