Gene B. created WSS-508:
---------------------------
Summary: When using "add inclusive prefixes" and EXC C14N -
signature cannot be validated
Key: WSS-508
URL: https://issues.apache.org/jira/browse/WSS-508
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 2.0.1, 2.0.0
Environment: WAS 7.x, IBM JDK 1.6, WebSphere JAX-WS stack, MS Windows.
Reporter: Gene B.
Assignee: Colm O hEigeartaigh
Security implemented using WSS4J securement/validation action approach. We are
trying to sign the body.
The provider is a JAX-WS service running on WebSphere JAX-WS stack. Custom
handler uses WSS4j to validate security.
The consumer is a WebSphere JAX-WS dispatch client – also attaching custom
security handler.
Signature can be validated on the provider side when EXC C14N canonicalization
is specified with BST compliance flag relaxed. That is because when we chose to
add “InclusiveNamespaces” “PrefixList” on the consumer side, verification fails.
When the same test is done with the SOAP UI – signature verifies Ok – so I am
blaming the consumer – the signing process - not verification process.
I am attaching a log file which shows verification failure when the
InclusiveNamespaces option is used. If not for this option – this verification
would’ve been a success.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
