[jira] Commented: (AXIS-1968) CLONE -Problem with namespace handling in Axis 1.2 : break XML Signature

Fri, 20 May 2005 22:37:07 -0700 

     [ 
http://issues.apache.org/jira/browse/AXIS-1968?page=comments#action_65909 ]
     
Venkat Reddy commented on AXIS-1968:
------------------------------------

hi,

Right now, i got the following output on running the test client using an ant 
script. Seems the signature verficiation succeeds !! (see the last line). 
Please verify at your end as well. Thanks.

response received by the client :
<?xml version="1.0" encoding="UTF-8"?>
<name1:roottag xmlns:name1="http://name1.com";>
<name2:child1 xmlns:name2="http://name2.com";>
<name2:child2>text</name2:child2>
</name2:child1>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
  <ds:SignedInfo>
    <ds:CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <ds:Reference URI="">
      <ds:Transforms>
        <ds:Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
      </ds:Transforms>
      <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
      <ds:DigestValue>EbF81+pMnbZZ/e4E325r3R50pWA=</ds:DigestValue>
    </ds:Reference>
  </ds:SignedInfo>
  <ds:SignatureValue>
    O12jWOqgkpkOXxGHmmXi0IzJhMv29uhbdl1PE1S/CYlL/Ua3sDSuReucWt1Ae6iRjKdN8Ekr
    EaM0K/+bASmXXwK82pul3ZF4dykClCUKIX4eGLSYDsQIJzNhG5g6n+eRzxjk3Eak6G2eYAky
    qjVJp7Iic3opzb8VQKpLvle1ZME=
  </ds:SignatureValue>
</ds:Signature></name1:roottag>
Signature verification : true



> CLONE -Problem with namespace handling in Axis 1.2 : break XML Signature
> ------------------------------------------------------------------------
>
>          Key: AXIS-1968
>          URL: http://issues.apache.org/jira/browse/AXIS-1968
>      Project: Axis
>         Type: Bug
>  Environment: Windows 2000, Tomcat 5.0
>     Reporter: rudolf schamberger
>     Assignee: Davanum Srinivas
>  Attachments: MOASSRequest.xml, SignatureResponse_axis1.1.xml, 
> SignatureResponse_axis1.2rc3_21apr05_build.xml, axis.jar, 
> axis_namespace_testcode.zip
>
> I have a web service (Message style) working with Axis 1.1
> When upgrading to Axis 1.2, it doesn't work anymore because of a namespace 
> management that changes in Axis 1.2.
> Details of the problem :
> The web service is of type :
>    public Document execute(Document body)
> it returns a signed document
> The client have to verify the signature of the response.
> At the end of this mail, you can see the message sent by the server and the 
> message received by the client
> You can see that the message has been changed during transfer : all
> namespace definitions have moved to the root element.
> The document is still syntactically correct, but the signature is broken...
> It's a serious problem if Axis 1.2 is no more compatible with xml
> signature.
> Message sent by the server :
> <name1:roottag xmlns:name1="http://name1.com";>
> <name2:child1 xmlns:name2="http://name2.com";>
> <name2:child2>text</name2:child2>
> </name2:child1>
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>   <ds:SignedInfo>
>     <ds:CanonicalizationMethod 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>     <ds:SignatureMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>     <ds:Reference URI="">
>       <ds:Transforms>
>         <ds:Transform 
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
>       </ds:Transforms>
>       <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>       <ds:DigestValue>EbF81+pMnbZZ/e4E325r3R50pWA=</ds:DigestValue>
>     </ds:Reference>
>   </ds:SignedInfo>
>   <ds:SignatureValue>
> O12jWOqgkpkOXxGHmmXi0IzJhMv29uhbdl1PE1S/CYlL/Ua3sDSuReucWt1Ae6iRjKdN8Ekr
> EaM0K/+bASmXXwK82pul3ZF4dykClCUKIX4eGLSYDsQIJzNhG5g6n+eRzxjk3Eak6G2eYAky
>     qjVJp7Iic3opzb8VQKpLvle1ZME=
>   </ds:SignatureValue>
> </ds:Signature></name1:roottag>
> Message received by the client :
> <name1:roottag xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; 
> xmlns:name1="http://name1.com"; xmlns:name2="http://name2.com";>
> <name2:child1>
> <name2:child2>text</name2:child2>
> </name2:child1>
> <ds:Signature>
>   <ds:SignedInfo>
>     <ds:CanonicalizationMethod 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>     <ds:SignatureMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>     <ds:Reference URI="">
>       <ds:Transforms>
>         <ds:Transform 
> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
>       </ds:Transforms>
>       <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>       <ds:DigestValue>EbF81+pMnbZZ/e4E325r3R50pWA=</ds:DigestValue>
>     </ds:Reference>
>   </ds:SignedInfo>
>   <ds:SignatureValue>
> O12jWOqgkpkOXxGHmmXi0IzJhMv29uhbdl1PE1S/CYlL/Ua3sDSuReucWt1Ae6iRjKdN8Ekr
> EaM0K/+bASmXXwK82pul3ZF4dykClCUKIX4eGLSYDsQIJzNhG5g6n+eRzxjk3Eak6G2eYAky
>     qjVJp7Iic3opzb8VQKpLvle1ZME=
>   </ds:SignatureValue>
> </ds:Signature></name1:roottag>

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira

Reply via email to