Re: Dependency tree question

Stephanie Stroka Thu, 12 Apr 2012 07:34:45 -0700

I'm not getting the error in WSS4J, it is just a subsequent error causedby the update of wss4j and the update of xmlsec.


Here's the (cut version of the) stack trace:

org.apache.xml.security.utils.resolver.ResourceResolverException: Cannotresolve element with ID Response_0429a9ae645e7a9f06533443bf6d9e33bd4abeea[junit] atorg.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolve(ResolverFragment.java:86)[junit] atorg.apache.xml.security.utils.resolver.ResourceResolver.resolve(ResourceResolver.java:279)[junit] atorg.apache.xml.security.signature.Reference.getContentsBeforeTransformation(Reference.java:432)[junit] atorg.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Reference.java:614)[junit] atorg.apache.xml.security.signature.Reference.calculateDigest(Reference.java:705)[junit] atorg.apache.xml.security.signature.Reference.verify(Reference.java:761)[junit] atorg.apache.xml.security.signature.Manifest.verifyReferences(Manifest.java:336)[junit] atorg.apache.xml.security.signature.SignedInfo.verify(SignedInfo.java:259)[junit] atorg.apache.xml.security.signature.XMLSignature.checkSignatureValue(XMLSignature.java:724)[junit] atorg.opensaml.xml.signature.SignatureValidator.validate(SignatureValidator.java:68)[junit] atch.nevis.esauth.auth.states.saml.Toolbox.verifyXMLSignature(Toolbox.java:1657)

    [junit]     at

    [junit]     at

The exception is thrown because "doc.getElementById(id)" inResolverFragment did not return any element. I'm new to xmlsec and wss4jbut what I read in your blog post "Apache Santuario (XML Security forJava) 1.5.0 RC2"(http://coheigea.blogspot.com/2012/01/apache-santuario-xml-security-for-java.html)I assumed that it is possible that opensaml does not register the idcorrectly. Is that correct?Besides what you posted on your blog (registering the id withElement.setIdAttribute* or DOMCryptoContext.setIdAttributeNS), do youhave any idea how to do that in opensaml?


best wishes, Steffi



On 04/12/12 15:55, Colm O hEigeartaigh wrote:

Are you getting the error in WSS4J itself or in your own code? Could
you paste the stacktrace?

Colm.

On Thu, Apr 12, 2012 at 2:39 PM, Stephanie Stroka
<[email protected]>  wrote:

Hey!

Thanks for your answer Colm!
I'm using ant. I think that opensaml uses xmlsec 1.5.1 in my setup.

I come to realize that maybe this mailinglist is not the one I should aim
for since I do not have any particular problems with wss4j.
I think the main problem is rather that opensaml does not register the id's
for the XML Signatures correctly and so the verification of the signature
fails because the element with a certain ID cannot be resolved by the new
xmlsec lib.

But maybe one of you experienced a similar problem before and has some idea
about how I could register the id correctly.

best wishes,
Stephanie



On 04/12/12 15:30, Colm O hEigeartaigh wrote:


What are you using to build your project? WSS4J excludes the XML
Security dependency coming from opensaml by defining a dependency on
XML Security 1.5.1 which overrides the 1.4.4 version coming in via
Opensaml.

http://svn.apache.org/viewvc/webservices/wss4j/trunk/pom.xml?view=co

Colm.



On Thu, Apr 12, 2012 at 9:56 AM, Stephanie Stroka
<[email protected]>    wrote:


Hello!

I was upgrading a project from wss4j 1.5.3 to 1.6.5, but I seem to have
severe problems with resolving the dependencies and I was wondering if
you
could help me.

  From the dependency tree of the wss website I figures that I have to
upgrade
the xmlsec library (which was in version 1.4.4) to 1.5.1.
The opensaml library was already in version 2.5.1.

The problem is that opensaml 2.5.1 has a dependency on xmltooling 1.3.2,
which has a dependency on xmlsec 1.4.4. Although it is compiling, I'm
experiencing problems at runtime.
Since I upgraded to xmlsec 1.5.1 some things in opensaml are failing
(e.g.
because of the change in IdResolver of xmlsec, but that's not the only
problematic part.)

Do you have any suggestions on how you solved the dependency conflicts or
do
those conflicts not appear in you projects?
I'd be very grateful for any suggestions and hints :)

Best wishes,
Stephanie


--
AdNovum Informatik AG
Stephanie Stroka
Dipl. Informatik-Ing. FH

Roentgenstrasse 22, CH-8005 Zurich
mailto:[email protected]
phone: +41 44 272 6111, fax: +41 44 272 6312

http://www.adnovum.ch  AdNovum Offices: Bern, Budapest, Singapore, Zurich
(HQ)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]


--
AdNovum Informatik AG
Stephanie Stroka
Dipl. Informatik-Ing. FH

Roentgenstrasse 22, CH-8005 Zurich
mailto:[email protected]
phone: +41 44 272 6111, fax: +41 44 272 6312

http://www.adnovum.ch  AdNovum Offices: Bern, Budapest, Singapore, Zurich
(HQ)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]


--
AdNovum Informatik AG
Stephanie Stroka
Dipl. Informatik-Ing. FH

Roentgenstrasse 22, CH-8005 Zurich
mailto:[email protected]
phone: +41 44 272 6111, fax: +41 44 272 6312

http://www.adnovum.ch AdNovum Offices: Bern, Budapest, Singapore,Zurich (HQ)


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Re: Dependency tree question

Reply via email to