[
https://issues.apache.org/jira/browse/WSS-567?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh resolved WSS-567.
-------------------------------------
Resolution: Fixed
> processSecurityHeadaers does not work for 1.1 namespace
> -------------------------------------------------------
>
> Key: WSS-567
> URL: https://issues.apache.org/jira/browse/WSS-567
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 2.1.4
> Environment: windows 64
> Reporter: Jason Eaton
> Assignee: Colm O hEigeartaigh
> Fix For: 2.0.7, 2.1.5
>
>
> I’m not sure why the WSS4J is not recognizing our messages. This is just
> testing the existing signature feature of our server with the new WSS4J
> 2.1.4. I’m still working on how to convince the software to expect the
> correct namespace.
> The two classes that define constants relative to 1.1 or 1.2 soap
> specification, which work correctly. The software believes this is a soap 1.1
> message which is corrrrect. They are looking for the Security header element
> in the document which is present and valid.
> <?xml version="1.0" encoding="UTF-8"?>
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
> xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext";>
> <soap:Header>
> <wsse:BinarySecurityToken EncodingType="wsse:Base64Binary"
> Id="X509Token" ValueType="wsse:X509v3">
>
> MIICZTCCAc6gAwIBAgIWNDAzMjk4NzEyOTkxMDE3OTA4OTI3NzANBgkqhkiG9w0BAQUFADAeMRww
> …
> NulsPIzixDPpgKm8iPF1i8EEz/n3ByF2dKMMfn7Q5UgvXzjYOGsqwuwBXbzlPmpdW0DN4j6l/O0+
> djYJLdB/lvvj8kv9GfwLIlId5TejGtGVqCgUa7tzsOLBj0uvZpNBELA948iRYF4=
> </wsse:BinarySecurityToken>
> <wsse:Security>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
> <SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
> <CanonicalizationMethod
> Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
> But they keep comparing the envelope namespace a different schema, where the
> below namespace which doesn’t match. So it cannot find the security header.
> public static final String WSSE_NS =
>
> "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";;
> I believe the problem is in the WSSecurityUtil class method,
> getSecurityHeader where they choose the 1.2 namespace.
> public static Element getSecurityHeader(Document doc, String actor)
> throws WSSecurityException {
> Element soapHeaderElement = getSOAPHeader(doc);
> if (soapHeaderElement == null) { // no SOAP header at all
> return null;
> }
>
> String soapNamespace =
> WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
> return getSecurityHeader(soapHeaderElement, actor,
> WSConstants.URI_SOAP12_ENV.equals(soapNamespace));
> }
> and in WSSecurityUtil ... WSSE_NS is the 1.2 namespace.
> if (Node.ELEMENT_NODE == currentChild.getNodeType()
> && WSConstants.WSSE_LN.equals(currentChild.getLocalName())
> &&
> WSConstants.WSSE_NS.equals(currentChild.getNamespaceURI())) {
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
