Better support for newer signature algorithm

Tue, 09 Oct 2018 04:36:01 -0700 

These days we cannot allow anything below SHA2; so it took me a lot of trouble 
shooting to resolve the error below and only found a fix by adding this:
properties.put("ws-security.asymmetric.signature.algorithm","http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";);

I would have liked adding this to the ws-securitypolicy but could not find 
anyway to use the newer ones like the above and best I could do was this:
  <sp:AlgorithmSuite>
                        <wsp:Policy>
                            <sp:Basic256Sha256Rsa15/>
                        </wsp:Policy>
 </sp:AlgorithmSuite>

It would be nice if this was out of the box support or discoverable from the 
keystore signing side.

2018-10-08 12:30:12.726 DEBUG 19280 --- [           main] 
o.a.w.dom.processor.SignatureProcessor   : Verify XML Signature
2018-10-08 12:30:12.727 DEBUG 19280 --- [           main] 
o.a.w.c.crypto.AlgorithmSuiteValidator   : SignatureMethod 
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 does not match required values
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor@16a9eb2e
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@257e0827
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@806996
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@697a34af
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@38e7ed69
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.frontend.WSDLGetInterceptor@2a367e93
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JStaxInInterceptor@76332405
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.interceptor.StaxInInterceptor@1a6dc589
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.interceptor.AttachmentInInterceptor@7f6874f2
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.a.cxf.phase.PhaseInterceptorChain      : Invoking handleFault on interceptor 
org.apache.cxf.ext.logging.LoggingInInterceptor$LoggingInFaultInterceptor@3fba233d
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.apache.cxf.ws.addressing.ContextUtils  : retrieving MAPs from context 
property javax.xml.ws.addressing.context.inbound
2018-10-08 12:30:12.730 DEBUG 19280 --- [           main] 
o.apache.cxf.ws.addressing.ContextUtils  : WS-Addressing - failed to retrieve 
Message Addressing Properties from context

Reply via email to