Signature verification fails for References with blank URIs
-----------------------------------------------------------
Key: WSS-55
URL: http://issues.apache.org/jira/browse/WSS-55
Project: WSS4J
Issue Type: Bug
Environment: wss4j-1.5.0.jar, xmlsec-1.3.0.jar
Reporter: Aravind
Assigned To: Davanum Srinivas
Priority: Critical
Attachments: soapmsg.xml
While trying a verify a signed soap message that uses blank URI and XPath to
refer to the subset that is signed we get this error.
- Registering Here function
- Verification successful for URI ""
java.lang.NullPointerException
at
org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:270)
at
org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:439)
at
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:294)
at
org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:79)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:144)
Messages with nonempty URI's are ok. This is a blocking issue in our project
and any help will be greatly appreciated.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
