Well the PrefixList in SOAP-UI is actually empty - so there should be no need to generate it. WSS4J doesn't add the InclusiveNamespaces structure if the PrefixList is empty.
Colm. On Tue, Jul 3, 2018 at 6:46 PM, Jason Hall <jason.h...@mchsi.com> wrote: > Trying to figure out "InclusiveNamespaces" difference in SOAPUI and WSS4J > implementation. > > In the following code snippet: > Document doc = toSOAPPart(requestSoapString); > //SOAPConstants soapConstants = WSSecurityUtil. > getSOAPConstants(doc.getDocumentElement()); > WSSecHeader secHeader = new WSSecHeader(doc); > secHeader.insertSecurityHeader(); > secHeader.setMustUnderstand(true); > > WSSecTimestamp timestamp = new WSSecTimestamp(); > timestamp.setTimeToLive(300); > timestamp.build(doc, secHeader); > > //Prepare for signature > WSSecSignature builder = new WSSecSignature(); > builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); > builder.setSignatureAlgorithm(WSConstants.RSA_SHA1); > builder.setSigCanonicalization(WSConstants.C14N_EXCL_OMIT_ > COMMENTS); > builder.setDigestAlgo(WSConstants.SHA1); > builder.setAddInclusivePrefixes(true); > builder.setUserInfo(keyAlias, keyPass); > builder.setUseSingleCertificate(true); > > WSEncryptionPart encP = new WSEncryptionPart(WSConstants.ELEM_BODY, > WSConstants.URI_SOAP11_ENV, "Content"); > builder.getParts().add(encP); > Document signedDoc = builder.build(doc, passwordCrypto, secHeader); > String outputString > = XMLUtils.PrettyDocumentToString(signedDoc); > > The above produces the following snippet: > > <ds:SignedInfo> > <ds:CanonicalizationMethod Algorithm="http://www.w3.org/ > 2001/10/xml-exc-c14n#"> > <ec:InclusiveNamespaces PrefixList="soapenv" xmlns:ec=" > http://www.w3.org/2001/10/xml-exc-c14n#"/> > </ds:CanonicalizationMethod> > <ds:SignatureMethod Algorithm="http://www.w3.org/ > 2000/09/xmldsig#rsa-sha1"/> > <ds:Reference URI="#Id-206467045"> > <ds:Transforms> > <ds:Transform Algorithm="http://www.w3.org/ > 2001/10/xml-exc-c14n#"/> > </ds:Transforms> > <dsigestMethod Algorithm="http://www.w3.org/ > 2000/09/xmldsig#sha1"/> > <dsigestValue>PEvtq8JdLh8GBzKs0Dow+DWES+k=</ > dsigestValue> > </ds:Reference> > </ds:SignedInfo> > > > In SOAPUI, I have chosen the same (or what I think is the same) parameters > in the signature screen options > . It produces the following snippet: > <ds:SignedInfo> > <ds:CanonicalizationMethod Algorithm="http://www.w3.org/ > 2001/10/xml-exc-c14n#"> > <ec:InclusiveNamespaces PrefixList="soapenv" xmlns:ec=" > http://www.w3.org/2001/10/xml-exc-c14n#"/> > </ds:CanonicalizationMethod> > <ds:SignatureMethod Algorithm="http://www.w3.org/ > 2000/09/xmldsig#rsa-sha1"/> > <ds:Reference URI="#Id-206467045"> > <ds:Transforms> > <ds:Transform Algorithm="http://www.w3.org/ > 2001/10/xml-exc-c14n#"> > <ec:InclusiveNamespaces PrefixList="" xmlns:ec=" > http://www.w3.org/2001/10/xml-exc-c14n#"/> > </ds:Transform> > </ds:Transforms> > <dsigestMethod Algorithm="http://www.w3.org/ > 2000/09/xmldsig#sha1"/> > <dsigestValue>lQsfZK8weX2vRvHYDZTl9ECLzWQ=</ > dsigestValue> > </ds:Reference> > </ds:SignedInfo> > > > My question is: in WSS4J - what is needed to produce the > ec:<ec:InclusiveNamespaces .... in the <ds:Transform Algorithm=.... as > SOAPUI does in the snippet of: > > <ds:Transforms> > <ds:Transform Algorithm="http://www.w3.org/ > 2001/10/xml-exc-c14n#"> > <ec:InclusiveNamespaces PrefixList="" xmlns:ec=" > http://www.w3.org/2001/10/xml-exc-c14n#"/> > </ds:Transform> > </ds:Transforms> ? > > I am sure this is something easy that I am missing ? > > thanks, > Jason > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org > For additional commands, e-mail: dev-h...@ws.apache.org > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
