My assumption is that somehow the serialization and deserialization transforms modified the doc. Transforms may influde new lines or such. Can you check this? E.g. by using a specific format?
Regards, Werner > -----Ursprüngliche Nachricht----- > Von: Elias Neri [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 13. März 2006 14:38 > An: [email protected] > Betreff: Verifying a signed document after serialisation fails > > Hello, > > When i serialise a signed soap document, the verification of the > signature fails. Doesn't the xml canonization when signing the soap > envelope take care of movements of namespace declarations? Or am i > overlooking something? > > I.e when i modify the verification function in the junit test > wssec.TestWSSecurityNewST2 by serialising the document before > verifying it: > > private void verify(Document doc) throws Exception { > ByteArrayOutputStream outStream = new ByteArrayOutputStream(); > ByteArrayInputStream inStream; > > //serialise > Transformer transformer = > TransformerFactory.newInstance().newTransformer(); > DOMSource source1 = new DOMSource(doc); > StreamResult result1 = new StreamResult(outStream); > transformer.transform(source1, result1); > > inStream = new ByteArrayInputStream(outStream.toByteArray()); > > //deserialise > transformer = TransformerFactory.newInstance().newTransformer(); > StreamSource source2 = new StreamSource(inStream); > DOMResult result2 = new DOMResult(); > transformer.transform(source2, result2); > doc = (Document)result2.getNode(); > > //the original verification code > secEngine.processSecurityHeader(doc, null, this, crypto); > SOAPUtil.updateSOAPMessage(doc, message); > String decryptedString = message.getSOAPPartAsString(); > assertTrue(decryptedString.indexOf("LogTestService2") > > 0 ? true : > false); > } > > the test fails. > > Best regards, > > Elias > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
