Hi,
I have a big problem with Wss4j when I updagred the version 1.5.8 to 1.6.4.
Here is the context :
In my application, I have a ws-security layer in order to send SOAP messages.
I must do 2 actions : TimeStamp and Signature
I have 3 signature parts :
· The timestamp :
· A specific soap header
· The BinarySecurityToken
In the previous version, there was a key word "Token" to add a
BinarySecurtyToken Reference easily as below.
<ds:Reference URI="#CertId-A73A92DB43D56384C612911246718561">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<ds:DigestValue>6zOxaDkBL288Y0BkMFi3TVelQPg=</ds:DigestValue>
</ds:Reference>
</ds:Reference>
<wsse:BinarySecurityToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
wsu:Id="CertId-A73A92DB43D56384C612911246718561">...
Nowadays, the keyword "Token" is unknown, the condition ''Token".equals(...)
has been removed, the WSSecSignature tries to find an element Token in the
document but didn't find it ...
In this cas, the security elements are not added ... (General security error
(WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found:
http://schemas.xmlsoap.org/soap/envelope/, Token)
If I use the STRTransform keyword, the result is different but not good. We
have a reference to a SecurityTokenReference and not the BinarySecurityToken.
The validation server fails (<faultstring>Signature failed to validate.
Reference: #STR-FD1CEFEA8CA78AC72413747600704523 does not
validate</faultstring>)
<ds:Reference URI="#STR-C6274A0EA1AF588B6213745943622143">
<ds:Transforms>
<ds:Transform
Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform";>
<wsse:TransformationParameters>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</wsse:TransformationParameters>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<ds:DigestValue>0PwY2kqEetUc0lUm+rrSCT8owsw=</ds:DigestValue>
</ds:Reference>
<ds:KeyInfo Id="KI-C6274A0EA1AF588B6213745943622082">
<wsse:SecurityTokenReference wsu:Id="STR-C6274A0EA1AF588B6213745943622143">
<wsse:Reference URI="#X509-C6274A0EA1AF588B6213745943621941"
valueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
If someone could help me, I find some cases like me but nobody found an
compliant issue.
Best regards,
Stéphane
________________________________
L'intégrité de ce message n'étant pas assurée sur internet, la société
expéditrice ne peut être tenue responsable de son contenu ni de ses pièces
jointes. Toute utilisation ou diffusion non autorisée est interdite. Si vous
n'êtes pas destinataire de ce message, merci de le détruire et d'avertir
l'expéditeur.
The integrity of this message cannot be guaranteed on the Internet. The company
that sent this message cannot therefore be held liable for its content nor
attachments. Any unauthorized use or dissemination is prohibited. If you are
not the intended recipient of this message, then please delete it and notify
the sender.
