Have you tried just using the latest CXF 3.1.x instead? That uses the "old" signature line break functionality, and so you should be able to turn off the line breaks via either "org.apache.xml.security.ignoreLineBreaks" and/or "com.sun.org.apache.xml.internal.security.ignoreLineBreaks".
Colm. On Fri, Feb 23, 2018 at 11:43 PM, Guy Ridley <[email protected]> wrote: > Hello Colm, > > Thank you for this explanation! It sounds like the system I'm sending to > does not follow the current standards about line feeds in the Signature & > Keyinfo tags, or perhaps their support team is just guessing about why it > thinks I have threatening characters in the payload. > > Either way, they are not going to change their system this year so I have > to > humor them, before they will look deeper. I think it should be possible to > remove the characters using an Interceptor, in the USER or POST_STREAM > Phase, without invalidating the signature, since they are not in the > SignedInfo tag? (Am studying http://cxf.apache.org/docs/interceptors.html > ). > > Thanks again, > Guy > > > > > > > > -- > Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
