Werner,
OK, code is appended. Actually, I wrote this handler _after_ I started seeing
this bug. I orginally had the problem when using WSDoAllSender. I can't
see a canonicalization step in WSDoAllSender itself; is it part of
XMLUtils.outputDOM()? Originally, I used that (I lifted the serialization code
from WSDoAllSender), but still got the problem. Maybe I didn't try that with
the Axis don't-fiddle options set.
Cheers,
Guy
// Get the SOAP envelop as a DOM.
Document envelope =
msgContext.getCurrentMessage().getSOAPEnvelope().getAsDocument();
if (envelope == null) {
throw new Exception("SOAP Envelope is null");
}
// Sign the message using WSS4J. By default, the WSSignEnvelope signs
the
// the SOAP body as a whole, which is correct for this use case.
Init.init();
WSSignEnvelope signer = new WSSignEnvelope();
signer.setUserInfo(alias, password); // Lets it use the Crypto.
signer.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); //
Includes certificates in the message.
Document newEnvelope = signer.build(envelope, crypto);
// DEBUG: dump the raw document.
org.apache.axis.utils.XMLUtils.DocumentToStream(newEnvelope, new
java.io.FileOutputStream("client.xml"));
// Replace the unsigned message with the signed one.
String serializedEnvelope =
org.apache.axis.utils.XMLUtils.DocumentToString(newEnvelope);
SOAPPart sp =
(org.apache.axis.SOAPPart)(msgContext.getCurrentMessage().getSOAPPart());
sp.setCurrentMessage(serializedEnvelope.getBytes(),
SOAPPart.FORM_BYTES);
On Fri, 17 Mar 2006, Dittmann, Werner wrote:
> Guy,
>
> I wasn't aware that you use a custom handler.
>
> As I can see there could be a problem when you hand over
> the signed message to Axis for sending it over the wire.
> It's somewhat tricky to do this. Bevor handing it over
> to Axis the message should be fed thru a c14n method,
> this is was WSDoAllSender does before it sets the signed
> message as "new" message to Axis.
>
> Maybe you can show the code snippet where your handler
> do this.
>
> Regards,
> Werner
>
> > -----Urspr?ngliche Nachricht-----
> > Von: Guy Rixon [mailto:[EMAIL PROTECTED]
> > Gesendet: Freitag, 17. M?rz 2006 11:06
> > An: Dittmann, Werner
> > Cc: [EMAIL PROTECTED]; [email protected]
> > Betreff: Re: AW: AW: AW: Problems with signatures
> >
> > Test configuration:
> >
> > Custom handler in the client, calling WSSignEnvelope; based
> > on WSDoAllSender,
> > but stripped down so that it only has the code relevant to signature.
> >
> > WSDoAllReceiver in the service (tweaked with extra logging,
> > but basically the
> > one from WSS4J 1.0.0).
> >
> > Certificates generated from local CA. The trust anchor was
> > made with OpenSSL
> > and the user certificate with KeyStore Explorer. The trust
> > anchor is an
> > X.509v3 and the user one an X.509v1. The keys do work for the
> > signature: I
> > know that because I put a check in WSSignEnvelope to check
> > the signature just
> > after signing.
> >
> > This is the log output from the JUnit tests, starting from
> > the entry to
> > WSDoAllReceiver.
> >
> > 1051 DEBUG org.astrogrid.security.ServiceHandler -
> > WSDoAllReceiver: enter
> > invoke() with msg type: null
> > 1071 DEBUG org.astrogrid.security.ServiceHandler - Received
> > SOAP request:
> > 1071 DEBUG org.astrogrid.security.ServiceHandler -
> > <soapenv:Envelope xmlns=""
> > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
> > xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
> > <soapenv:Header>
> > <wsse:Security soapenv:mustUnderstand="1" xmlns=""
> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040
> > 1-wss-wssecurity-secext-1.0.xsd">
> > <wsse:BinarySecurityToken
> > EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200
> > 401-wss-soap-message-security-1.0#Base64Binary"
> > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401
> > -wss-x509-token-profile-1.0#X509v3"
> > wsu:Id="CertId--273267" xmlns=""
> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401
> > -wss-wssecurity-utility-1.0.xsd">
> > MIIDETCCAfmgAwIBAAIBBDANBgkqhkiG9w0BAQIFADBCMQswCQYDVQQDEwJDQT
> > ESMBAGA1UECxMJ
> > dW5pdC10ZXN0MRIwEAYDVQQKEwlBc3Ryb0dyaWQxCzAJBgNVBAYTAlVLMB4XDT
> > A2MDMwNzE4MjAz
> > OVoXDTE2MDMwNzE4MjAzOVowVjELMAkGA1UEBhMCVUsxEjAQBgNVBAoTCUFzdH
> > JvR3JpZDESMBAG
> > A1UECxMJdW5pdC10ZXN0MR8wHQYDVQQDExZTZWN1cml0eS1mYWNhZGUgdGVzdG
> > VyMIIBIjANBgkq
> > hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA1mJfcoLg22xFvQiB9NY6tH7aY4Ub
> > FHGIl5AjampcD8
> > zW/OcbaEndMaK495ODS8BbwXz8B0YPzIjczpO56k7H63sJWxrgMsDGU4oeIlh3
> > DiAOYywD3h9PAu
> > c8tnoD7q5SyY0Vw9jkuRP6iOKmf+nTfi910zNB86PYjCk0zarie3Ehg7/LBYNC
> > 0us+JV9M/q76mw
> > OOMzypgLjM1skBjO6tMbDosnCQe58+ei2ZfRT4gnCRhHRojLfcR3ND0pi7BS5T
> > OX8qTrQ8x++erN
> > BlA2X+uX3yAx4Y1cvW9YkKAjx5UxpUu8uJFYfLNKoTCq86E6+OFk5+SRQLp1Kp
> > S9EvfZ5wIDAQAB
> > MA0GCSqGSIb3DQEBAgUAA4IBAQARtZRiqKj1IXqD7wVlwqZPvE4CuFy9fjpu0n
> > xVN+UnKs3cNm7g
> > QfLPpDbh7maiGmmxWA2mFobptzbnfAyRfKYJWJ/hI8neouL+05L78cz7nTDDxp
> > jEhWpV8qtXdKp4
> > r5S4GhG84HzPMrEqxxc0CRXbK3KLLLudbCPMNgSFxzRwimCpBTkwe81jwYH0FZ
> > ECyCBAsgfUMCz4
> > jeYwBjqKxHlGeZERD9oRfsRF28nLgNRrP5D9IMj2Y2rhbILMmb0GTK/YWFpfD3
> > H/DEP0hUVtRni7
> > ykGvaLOYA7rI1eiKwxmFWTs6H+CPgkyZ+SW3l//uY/6HnzD1XacTIRASz1UK7Bzw
> > </wsse:BinarySecurityToken>
> > <ds:Signature xmlns=""
> > xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
> >
> > <ds:SignedInfo xmlns="">
> >
> > <ds:CanonicalizationMethod
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; xmlns=""/>
> >
> > <ds:SignatureMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; xmlns=""/>
> >
> > <ds:Reference URI="#id-367156" xmlns="">
> >
> > <ds:Transforms xmlns="">
> >
> > <ds:Transform
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
> > xmlns=""/>
> >
> > </ds:Transforms>
> >
> > <ds:DigestMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";
> > xmlns=""/>
> >
> > <ds:DigestValue xmlns="">
> > S4XaDnlI8lOC8p5vVKlx9sLrKl8= </ds:DigestValue>
> >
> > </ds:Reference>
> >
> > </ds:SignedInfo>
> >
> > <ds:SignatureValue xmlns="">
> >
> > fTcyC/oqssWUL1G96ma5ED/gNIaecHKgJBR7kCeXg2mzSwfSfe3gWRFEkiViGS
> > zXE0OFvsDMjm7p
> > JdytgsjH3iuMg9WaZOV9TU7ZaYhabZMtK0toq3zGFNJayIhfpuZq5WDAbdqvZ1
> > 2BnJppWvYWADvy
> > +zX7w0UGl3ApikKbcGMp7SSnB4JRb7TS0Ln0rk0dYcpm9cAEj76dT5UFW7e+af
> > QQeUwj03E5sQfS
> > H9KjN1gg+YD1B3gNPFYErwI+QeX+UDY9fb+qAqFxN734NhvR+/rC3JTNgieSmu
> > iCjXE/8MKdOfFJ
> > QpEE1YEqTC1SH6cUU0YR3rt84Eqg91JeyrCOpQ==
> > </ds:SignatureValue>
> >
> > <ds:KeyInfo Id="KeyId-12014770" xmlns="">
> >
> > <wsse:SecurityTokenReference wsu:Id="STRId-28360136" xmlns=""
> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401
> > -wss-wssecurity-utility-1.0.xsd">
> > <wsse:Reference URI="#CertId--273267"
> > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401
> > -wss-x509-token-profile-1.0#X509v3"
> > xmlns=""/>
> > </wsse:SecurityTokenReference>
> >
> > </ds:KeyInfo>
> >
> > </ds:Signature>
> > </wsse:Security>
> > </soapenv:Header>
> > <soapenv:Body wsu:Id="id-367156"
> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401
> > -wss-wssecurity-utility-1.0.xsd">
> > <whoAmI xmlns=""/>
> > </soapenv:Body>
> > </soapenv:Envelope>
> >
> > 1071 INFO
> > org.apache.ws.security.components.crypto.CryptoFactory - Using
> > Crypto Engine [org.apache.ws.security.components.crypto.Merlin]
> > 1071 DEBUG org.apache.ws.security.WSSecurityEngine - enter
> > processSecurityHeader()
> > 1081 DEBUG org.apache.ws.security.WSSecurityEngine -
> > Processing WS-Security
> > header for '' actor.
> > 1081 DEBUG org.apache.ws.security.WSSecurityEngine - Unknown Element:
> > BinarySecurityToken
> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
> > rity-secext-1.0.xsd
> > 1081 DEBUG org.apache.ws.security.WSSecurityEngine - Found
> > signature element
> > 1081 DEBUG org.apache.ws.security.WSSecurityEngine - Verify
> > XML Signature
> > 1081 DEBUG org.apache.xml.security.utils.ElementProxy -
> > setElement("ds:Signature", "null")
> > 1081 DEBUG org.apache.xml.security.utils.ElementProxy -
> > setElement("ds:SignedInfo", "null")
> > 1081 DEBUG org.apache.xml.security.utils.ElementProxy -
> > setElement("ds:SignatureMethod", "null")
> > 1081 DEBUG
> > org.apache.xml.security.algorithms.SignatureAlgorithm - Create URI
> > "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; class
> > "org.apache.xml.security.algorithms.implementations.SignatureB
> > aseRSA$SignatureRSASHA1"
> > 1081 DEBUG org.apache.xml.security.algorithms.JCEMapper -
> > Request for URI
> > http://www.w3.org/2000/09/xmldsig#rsa-sha1
> > 1081 DEBUG
> > org.apache.xml.security.algorithms.implementations.SignatureBaseRSA
> > - Created SignatureDSA using SHA1withRSA
> > 1081 DEBUG org.apache.xml.security.utils.ElementProxy -
> > setElement("ds:KeyInfo", "null")
> > 1081 DEBUG org.apache.ws.security.WSSecurityEngine -
> > Checking signature value
> > with a certificate in the name of CN=Security-facade tester,
> > OU=unit-test,
> > O=AstroGrid, C=UK issued by C=UK, O=AstroGrid, OU=unit-test, CN=CA
> > 1081 DEBUG org.apache.xml.security.signature.Manifest -
> > verify 1 References
> > 1081 DEBUG org.apache.xml.security.signature.Manifest - I am
> > not requested to
> > follow nested Manifests
> > 1081 DEBUG org.apache.xml.security.utils.ElementProxy -
> > setElement("ds:Reference", "null")
> > 1081 DEBUG org.apache.xml.security.algorithms.JCEMapper -
> > Request for URI
> > http://www.w3.org/2000/09/xmldsig#sha1
> > 1081 DEBUG
> > org.apache.xml.security.utils.resolver.ResourceResolver - I was
> > asked to create a ResourceResolver and got 1
> > 1081 DEBUG
> > org.apache.xml.security.utils.resolver.ResourceResolver - extra
> > resolvers to my existing 4 system-wide resolvers
> > 1081 DEBUG
> > org.apache.xml.security.utils.resolver.ResourceResolver - check
> > resolvability by class
> > org.apache.ws.security.message.EnvelopeIdResolver
> > 1091 DEBUG org.apache.xml.security.utils.ElementProxy -
> > setElement("ds:Transforms", "null")
> > 1091 DEBUG org.apache.xml.security.utils.ElementProxy -
> > setElement("ds:Transform", "null")
> > 1091 DEBUG org.apache.xml.security.transforms.Transforms -
> > Preform the (0)th
> > http://www.w3.org/2001/10/xml-exc-c14n# transform
> > 1091 WARN org.apache.xml.security.signature.Reference -
> > Verification failed
> > for URI "#id-367156"
> > 1091 DEBUG org.apache.xml.security.signature.Manifest - The
> > Reference has
> > Type
> > ------------- ---------------- ---------------
> > ------------- Standard Error -----------------
> > org.apache.ws.security.WSSecurityException: The signature
> > verification failed
> > at
> > org.apache.ws.security.WSSecurityEngine.verifyXMLSignature(WSS
> > ecurityEngine.java:649)
> > at
> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
> > WSSecurityEngine.java:334)
> > at
> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
> > WSSecurityEngine.java:259)
> > at
> > org.astrogrid.security.ServiceHandler.invoke(ServiceHandler.java:160)
> > at
> > org.apache.axis.strategies.InvocationStrategy.visit(Invocation
> > Strategy.java:32)
> > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> > at
> > org.apache.axis.strategies.InvocationStrategy.visit(Invocation
> > Strategy.java:32)
> > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> > at
> > org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453)
> > at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
> > at
> > org.apache.axis.transport.local.LocalSender.invoke(LocalSender
> > .java:141)
> > at
> > org.apache.axis.strategies.InvocationStrategy.visit(Invocation
> > Strategy.java:32)
> > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> > at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
> > at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
> > at org.apache.axis.client.Call.invoke(Call.java:2767)
> > at org.apache.axis.client.Call.invoke(Call.java:2443)
> > at org.apache.axis.client.Call.invoke(Call.java:2366)
> > at org.apache.axis.client.Call.invoke(Call.java:1812)
> > at
> > org.astrogrid.security.sample.SamplePortSoapBindingStub.whoAmI
> > (SamplePortSoapBindingStub.java:108)
> > at
> > org.astrogrid.security.sample.SampleDelegate.whoAmI(SampleDele
> > gate.java:42)
> > at
> > org.astrogrid.security.EndToEndTest.testGoodCredentials(EndToE
> > ndTest.java:58)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at
> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccess
> > orImpl.java:39)
> > at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMeth
> > odAccessorImpl.java:25)
> > at java.lang.reflect.Method.invoke(Method.java:324)
> > at junit.framework.TestCase.runTest(TestCase.java:154)
> > at junit.framework.TestCase.runBare(TestCase.java:127)
> > at junit.framework.TestResult$1.protect(TestResult.java:106)
> > at junit.framework.TestResult.runProtected(TestResult.java:124)
> > at junit.framework.TestResult.run(TestResult.java:109)
> > at junit.framework.TestCase.run(TestCase.java:118)
> > at junit.framework.TestSuite.runTest(TestSuite.java:208)
> > at junit.framework.TestSuite.run(TestSuite.java:203)
> > at
> > org.apache.tools.ant.taskdefs.optional.junit.JUnitTestRunner.r
> > un(JUnitTestRunner.java:325)
> > at
> > org.apache.tools.ant.taskdefs.optional.junit.JUnitTestRunner.m
> > ain(JUnitTestRunner.java:536)
> >
> >
> > I made it log the actual exception thrown by XMLSec:
> >
> > 1091 WARN org.apache.xml.security.signature.Reference -
> > Verification failed
> > for URI "#id-367156"
> >
> > Cheers,
> > Guy
> >
> >
> >
> > On Fri, 17 Mar 2006, Dittmann, Werner wrote:
> >
> > > Guy,
> > >
> > > whatis your test configuration? Which certificates do you use?
> > >
> > > What is the exception that xml-sec throws?
> > >
> > > Thanks,
> > > Werner
> > >
> > > > -----Urspr?ngliche Nachricht-----
> > > > Von: Guy Rixon [mailto:[EMAIL PROTECTED]
> > > > Gesendet: Donnerstag, 16. M?rz 2006 17:11
> > > > An: Dittmann, Werner
> > > > Cc: [EMAIL PROTECTED]; [email protected]
> > > > Betreff: Re: AW: AW: Problems with signatures
> > > >
> > > > I've set the options on both client and service and the
> > > > verification still
> > > > fails. I've dumped the raw XML messages with and without the
> > > > options and there
> > > > doesn't seem to be any difference.
> > > >
> > > > On Thu, 16 Mar 2006, Dittmann, Werner wrote:
> > > >
> > > > > Probably on both if the service responds with signed messages.
> > > > >
> > > > > Regards,
> > > > > Werner
> > > > >
> > > > > > -----Urspr?ngliche Nachricht-----
> > > > > > Von: Guy Rixon [mailto:[EMAIL PROTECTED]
> > > > > > Gesendet: Donnerstag, 16. M?rz 2006 16:29
> > > > > > An: [EMAIL PROTECTED]
> > > > > > Cc: Dittmann, Werner; [email protected]
> > > > > > Betreff: Re: AW: Problems with signatures
> > > > > >
> > > > > > Thanks.
> > > > > >
> > > > > > Do these parameters have to be set on the client, the
> > > > service or both?
> > > > > > Setting them just on the service doesn't fix the problem, and
> > > > > > to set them on
> > > > > > the client I have to find out how to do it programmatically.
> > > > > >
> > > > > > On Thu, 16 Mar 2006 [EMAIL PROTECTED] wrote:
> > > > > >
> > > > > > > Hi Guy
> > > > > > > setting these 2 props works for me.
> > > > > > > <parameter name="enableNamespacePrefixOptimization"
> > > > > > value="false" />
> > > > > > > <parameter name="disablePrettyXML" value="true"/>
> > > > > > >
> > > > > > > thanks
> > > > > > > Anamitra
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > "Dittmann,
> > > > > > > Werner"
> > > > > > > <werner.dittmann@
> > > > > > To
> > > > > > > siemens.com> "Guy Rixon"
> > > > > > <[EMAIL PROTECTED]>,
> > > > > > >
> > <[email protected]>
> > > > > > > 03/16/2006 09:10
> > > > > > cc
> > > > > > > AM
> > > > > > >
> > > > > > Subject
> > > > > > > AW: Problems
> > > > with signatures
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > AFAIK there is a switch / parameter in the Axis WSDD files
> > > > > > > to disable XML pretty printing. Maybe this
> > "feature" is enabled
> > > > > > > by default - pretty printing always destroys the signature
> > > > > > > hashes.
> > > > > > >
> > > > > > > Also there is a parameter for Axis to disable some sort
> > > > > > > of namespace optimization - sorry but I haven't the
> > parameter
> > > > > > > names at hand.
> > > > > > >
> > > > > > > Regards,
> > > > > > > Werner
> > > > > > >
> > > > > > > > -----Urspr?ngliche Nachricht-----
> > > > > > > > Von: Guy Rixon [mailto:[EMAIL PROTECTED]
> > > > > > > > Gesendet: Donnerstag, 16. M?rz 2006 14:01
> > > > > > > > An: [email protected]
> > > > > > > > Betreff: Problems with signatures
> > > > > > > >
> > > > > > > > Hi,
> > > > > > > >
> > > > > > > > can you help me with a signature problem? I have a client
> > > > > > > > and service, both
> > > > > > > > using WSS4J 1.0.0. The client signs the SOAP body of the
> > > > > > > > request, but the
> > > > > > > > signature checking in the service always fails at
> > the XMLSec
> > > > > > > > level. The
> > > > > > > > signature uses a direct reference to a
> > BinarySecurityToken,
> > > > > > > > and the service
> > > > > > > > seems to be reading the token properly; at least,
> > it gets the
> > > > > > > > subject DN
> > > > > > > > right.
> > > > > > > >
> > > > > > > > I've checked the signature in the client immediately after
> > > > > > > > signing and it
> > > > > > > > verifies correctly there. Something bad seems to
> > be happening
> > > > > > > > to the XML on
> > > > > > > > the way to the service, but I can't think what. No other
> > > > > > > > special handlers are
> > > > > > > > involved.
> > > > > > > >
> > > > > > > > This is all with Axis 1.3 and "local" transport, BTW.
> > > > > > > >
> > > > > > > > Thanks,
> > > > > > > > Guy
> > > > > > > >
> > > > > > > > Guy Rixon
> > > > > > > [EMAIL PROTECTED]
> > > > > > > > Institute of Astronomy Tel:
> > > > > > +44-1223-337542
> > > > > > > > Madingley Road, Cambridge, UK, CB3 0HA
> > > > Fax:
> > > > > > > > +44-1223-337523
> > > > > > > >
> > > > > > > >
> > > > > >
> > > >
> > ---------------------------------------------------------------------
> > > > > > > > To unsubscribe, e-mail:
> > [EMAIL PROTECTED]
> > > > > > > > For additional commands, e-mail:
> > [EMAIL PROTECTED]
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > >
> > ---------------------------------------------------------------------
> > > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > > > > For additional commands, e-mail:
> > [EMAIL PROTECTED]
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > > Guy Rixon
> > > > [EMAIL PROTECTED]
> > > > > > Institute of Astronomy Tel:
> > +44-1223-337542
> > > > > > Madingley Road, Cambridge, UK, CB3 0HA Fax:
> > > > > > +44-1223-337523
> > > > > >
> > > > > >
> > > >
> > ---------------------------------------------------------------------
> > > > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > > > >
> > > > > >
> > > > >
> > > >
> > > > Guy Rixon
> > [EMAIL PROTECTED]
> > > > Institute of Astronomy Tel: +44-1223-337542
> > > > Madingley Road, Cambridge, UK, CB3 0HA Fax:
> > > > +44-1223-337523
> > > >
> > > >
> > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >
> > > >
> > >
> > >
> > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> > Guy Rixon [EMAIL PROTECTED]
> > Institute of Astronomy Tel: +44-1223-337542
> > Madingley Road, Cambridge, UK, CB3 0HA Fax:
> > +44-1223-337523
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
Guy Rixon [EMAIL PROTECTED]
Institute of Astronomy Tel: +44-1223-337542
Madingley Road, Cambridge, UK, CB3 0HA Fax: +44-1223-337523
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
