Sorry, you were right:
I put this in client class:
Map<String, Object> ctx = ((BindingProvider)port).getRequestContext();
ctx.put(WSHandlerConstants.IS_BSP_COMPLIANT, "false");
Now it works, but without timestamp reference.
Interesting, <Body> is correctly signed and validated.
If I put <sp:IncludeTimestamp> in policy file:
<wsu:Timestamp wsu:Id="TS-5A28482C0A57755103139419734630013">
<wsu:Created>2014-03-07T13:02:26.300Z</wsu:Created>
<wsu:Expires>2014-03-07T13:07:26.300Z</wsu:Expires>
</wsu:Timestamp>
then I get:
Digest value: OMNbo25276XKjodI3T60RuR1nh8=
Calculated digest value: olWImZ1Re/74QV8+56VdoWpwjcs=
DOMReferencer class:
validationStatus = Arrays.equals(digestValue, calcDigestValue);
This one returns false.
Thanks.
--
View this message in context:
http://cxf.547215.n5.nabble.com/Unable-to-verify-signature-with-Apache-CXF-and-WSS4J-on-Websphere-Application-Server-8-5-tp5740358p5740957.html
Sent from the cxf-user mailing list archive at Nabble.com.
