The verification functions holds information which reference failed
to match the digests.
To propagate this information from WSS4J to the application we need to
modify the result structures. IMHO we shall add this to the "enhancements"
wish list of a possible WSS4J 2.0 which breaks the application interface
anyhow :-) .
Werner
Werner Dittmann (JIRA) schrieb:
[ https://issues.apache.org/jira/browse/WSS-78?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12635781#action_12635781 ]
Werner Dittmann commented on WSS-78:
------------------------------------
IMHO we need to dig into xmlsec here a bit. Can have a look during the next
weekend
if that helps.
Werner
add more details to the error message when a signature verification failes
--------------------------------------------------------------------------
Key: WSS-78
URL: https://issues.apache.org/jira/browse/WSS-78
Project: WSS4J
Issue Type: Improvement
Reporter: Armin Häberling
Fix For: 1.5.5
In org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature() a
WSSecurityException with the message "The signature verification failed" is
thrown when the signature verification fails.
The error message should be enhanced with more specific info about the error,
for example that one of the referenced digests didn't match.
See also http://marc.info/?l=xml-security-dev&m=112557776332544&w=2
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
