[jira] [Comment Edited] (CXF-6652) can't sign SOAP header Signature "signature verification failed"

Fri, 23 Oct 2015 08:06:37 -0700 

    [ 
https://issues.apache.org/jira/browse/CXF-6652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14969332#comment-14969332
 ] 

Alexandre Meyer edited comment on CXF-6652 at 10/23/15 2:59 PM:
----------------------------------------------------------------

Ok, but I don't understand how it work, and I don't find sample to do this...
Il have:

{code:java}
ClientProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(Service.class);
factory.setAddress("https://...";);
Service service = (Service) factory.create();

//And I want to active WS-SecurityPolicy
ClientProxy.getClient(service).getRequestContext().put(SecurityConstants.ENABLE_STREAMING_SECURITY,
 "true"); //???
ClientProxy.getClient(service).getRequestContext().put(security.signature.properties,"file.properties");
...

service.doSomething()
{code}

But nothing append to SOAP message


was (Author: alexflex25):
Ok, but I don't understand how it work, and I don't find sample to do this...
Il have:

ClientProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(Service.class);
factory.setAddress("https://...";);
Service service = (Service) factory.create();

//And I want to active WS-SecurityPolicy
ClientProxy.getClient(service).getRequestContext().put(SecurityConstants.ENABLE_STREAMING_SECURITY,
 "true"); //???
ClientProxy.getClient(service).getRequestContext().put(security.signature.properties,"file.properties");
...

service.doSomething()

But nothing append to SOAP message

> can't sign SOAP header Signature "signature verification failed"
> ----------------------------------------------------------------
>
>                 Key: CXF-6652
>                 URL: https://issues.apache.org/jira/browse/CXF-6652
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 3.1.3
>            Reporter: Alexandre Meyer
>
> When you configure Signature action:
> {code:java}
> Map<String, Object> outProps = new HashMap<String, Object>();
> outProps.put(WSHandlerConstants.ACTION,"Signature Encrypt Timestamp");
> //...
> {code}
> and SIGNATURE_PARTS
> {code:java}
> //...
> outProps.put(WSHandlerConstants.SIGNATURE_PARTS,
>       
> "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;
>  "
>       + "{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body; "
>       + "{Element}{http://schemas.xmlsoap.org/ws/2004/08/addressing}Action; "
>       + "{Element}{http://schemas.xmlsoap.org/ws/2004/08/addressing}To; "
>       + "{Element}{http://schemas.xmlsoap.org/ws/2004/08/addressing}ReplyTo; "
>       + "{Element}{http://schemas.xmlsoap.org/ws/2004/08/addressing}MessageID 
> ");
> {code}
> All works fine but the Signature element does not have any reference.
> Result:
> {code:xml}
> <wsu:Timestamp wsu:Id="TS-1">
>       <wsu:Created>2015-10-22T11:55:21.937Z</wsu:Created>
>       <wsu:Expires>2015-10-22T12:00:21.937Z</wsu:Expires>
> </wsu:Timestamp>
> <Action ... wsu:Id="id-1">
> <MessageID ... wsu:Id="id-2">
> <To ... wsu:Id="id-3">
> <ReplyTo ... wsu:Id="id-4">
>       
> <Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</Address>
> </ReplyTo>
> ....
> <ds:Signature ... Id="SIG-ed19886d-2f14-4595-a815-8544867deae4">
>       <ds:SignedInfo>
>               <ds:CanonicalizationMethod 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>               <ds:SignatureMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>               <ds:Reference URI="#TS-1">
>                       <ds:Transforms>
>                               <ds:Transform 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>                       </ds:Transforms>
>                       <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>                       <ds:DigestValue>...</ds:DigestValue>
>               </ds:Reference>
>               <ds:Reference URI="#id-1">
>                       <ds:Transforms>
>                               <ds:Transform 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>                       </ds:Transforms>
>                       <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>                       <ds:DigestValue>...</ds:DigestValue>
>               </ds:Reference>
>               <ds:Reference URI="#id-2">
>                       <ds:Transforms>
>                               <ds:Transform 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>                       </ds:Transforms>
>                       <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>                       <ds:DigestValue>...</ds:DigestValue>
>               </ds:Reference>
>               <ds:Reference URI="#id-3">
>                       <ds:Transforms>
>                               <ds:Transform 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>                       </ds:Transforms>
>                       <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>                       <ds:DigestValue>...</ds:DigestValue>
>               </ds:Reference>
>               <ds:Reference URI="#id-4">
>                       <ds:Transforms>
>                               <ds:Transform 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>                       </ds:Transforms>
>                       <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>                       <ds:DigestValue>...</ds:DigestValue>
>               </ds:Reference>
>       </ds:SignedInfo>
>       <ds:SignatureValue>.......</ds:SignatureValue>
>       <ds:KeyInfo Id="KI-...">
>               ....
>       </ds:KeyInfo>
> </ds:Signature>
> {code}
> But where is the reference to "SIG-ed19886d-2f14-4595-a815-8544867deae4"?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to