[jira] Closed: (WSS-39) Digital signature of SOAP bodies fails when using Axis 1.3

Mon, 16 Mar 2009 04:37:22 -0700 

     [ 
https://issues.apache.org/jira/browse/WSS-39?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh closed WSS-39.
----------------------------------

    Resolution: Won't Fix


This appears to be an Axis issue, rather than a WSS4J issue, so closing this.

> Digital signature of SOAP bodies fails when using Axis 1.3
> ----------------------------------------------------------
>
>                 Key: WSS-39
>                 URL: https://issues.apache.org/jira/browse/WSS-39
>             Project: WSS4J
>          Issue Type: Bug
>         Environment: WSS4J 1.0.0, Axis 1.3, Sun JDK1.4.2
>            Reporter: Guy Rixon
>            Priority: Critical
>
> Digital signature of SOAP bodies fails when using Axis 1.3 but works when 
> using Axis 1.2.1: the message is signed without reported errors but the 
> signature verification fails.
> Inspection of the logs from the various libraries, notably XMLSec, shows that 
> the digest of the reference to the SOAP body is verified but the actual 
> signature on the SignedInfo fails verification.
> Experiments with the client-side code show that the envelope, in the form of 
> an org.w3c.dom.Document, has a correct, verifiable signature on return from 
> WSSignEnvelope.build, but an incorrect signature after it has been serialized 
> into the MessageContext and recovered as a Document within the same Handler. 
> I.e., this problem is not due to the client's pivot handler or to handlers in 
> the service.
> The bytes of the signature encoded in the message seem not to be changed 
> between successful and unsucecssful verifications. Therefore, presumably, 
> something in Axis is disturbing the XML in the SignedInfo such that the 
> canonicalization fails. In my test code and handler I set the properties 
> enableNamespacePrefixOptimization to false and disablePrettyXML to true, but 
> it makes no difference.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to