yes, it seems to be a bug in xmlsec, also to my findings. :-) Clom, I'll check in the package test but leave test18 disabled until the next release. Is that ok with you?
Regards, Werner > -----Ursprüngliche Nachricht----- > Von: ext O hEigeartaigh, Colm [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 22. September 2008 15:52 > An: Werner Dittmann; wss4j-dev > Betreff: RE: Extension in WSSecSignature to set the digest algorithm > > > > In my environment xmlsec-1.4.1 runs without problems. xmlsec-1.4.2 > > gives problems when running some test cases, for example the > > TestWSSecurityNew2.java - it report a missing binding of the > > "ds:" prefix to a namespace. > > Interesting, I had a quick look, and it looks like a bug in xmlsec > rather than WSS4J, as the ds namespace is supplied for the element > (KeyInfo) in question. I'm going to go ahead and upgrade to > xmlsec 1.4.1 > for the next release, now that it's appeared in the central > maven repo. > > Colm. > > -----Original Message----- > From: Werner Dittmann [mailto:[EMAIL PROTECTED] > Sent: 20 September 2008 13:19 > To: wss4j-dev > Subject: Extension in WSSecSignature to set the digest algorithm > > All, > > looking ate the latest activities in W3C XML security and other > specifications it is obvious that SHA-1 is being phased out step by > step. The replacement are SHA256 or other digest algos. Up to > now WSSecSignature was fixed to use SHA-1 as digest algorithm. To > accommodate the growing use of other algos I extended WSSecSignature > with some small functions to set and use other Digest algos. > > To do so some shall use the standard URI of the digest algo, for > example: > > wsSig.setDigestAlgo("http://www.w3.org/2001/04/xmlenc#sha256";); > (see TestWSSecurityNew18 how it works) > > Default is to use SHA-1 not to break any application. Also the Axis > handler are not updated to support this extension. Is it required > to enhance to Axis handlers? The WSS standard are not yet updated > to accept/define other digest algos. > > > CAVEAT: > > If you use this extension and you uses different digest algos in > one application to computer the signature digests the you cannot > use xmlsec-1.4.0 jar - this version has a problem in that case. > I've tested with xmlsec-1.4.1 jar. This is the reason why I not > yet enabled the new test case in the PackageTests.java until > we updated WSS4J to xmlsec-1.4.1. > > In my environment xmlsec-1.4.1 runs without problems. xmlsec-1.4.2 > gives problems when running some test cases, for example the > TestWSSecurityNew2.java - it report a missing binding of the > "ds:" prefix to a namespace. > > Regards, > Werner > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > ---------------------------- > IONA Technologies PLC (registered in Ireland) > Registered Number: 171387 > Registered Address: The IONA Building, Shelbourne Road, > Dublin 4, Ireland > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
