Hi,
I want to use the signature action of the WSDoAllSender handler for my
WS client.
This works fine, as long as I use a wsdd file and load it with
FileProvider into the AxisClient.
But I want it to work using a SimpleProvider with a custom handler set
before WSDoAllSender.
This custom handler prepares the MessageContext for the WSDoAllSender
(such as mc.setProperty(WSHandlerConstants.SIGNATURE_USER, "Bob") and
WSDoAllSender even finishes without an Exception
However, now the server responds with a "The signature or decryption was
invalid... ".
I believe, the reason has something to do with c14n, since the messages
differ by their empty-elements, as shown in these extracts of the
crucial SignedInfo element:
FileProvider:
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="
http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
.....
</ds:SignedInfo>
SimpleProvider:
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#">
</ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="
http://www.w3.org/2000/09/xmldsig#rsa-sha1">
</ds:SignatureMethod>
.....
</ds:SignedInfo>
Any idea why this happens?
I mean, isn't the second one the "correct one" in terms of complying to
the c14n standard?
Anyway, only the first one works.
Thanks
Bauer Horscht
PS: Is this the correct mail list? Didn't find a wss4j user list
---------------------------------------------------------------------
To unsubscribe, e-mail:
wss4j-dev-unsubscribe@ws.a...
For additional commands, e-mail:
wss4j-dev-help@ws.a...
opensubscriber is not affiliated with the authors of this message nor responsible for its content.
Delicious
Digg
reddit
Facebook
StumbleUpon
