Thanks for the response Joana. I am not modifying the contents of both Header and body but I am creating a new soap envelope and copying the contents of soap header and soap body from the original request in my router application. Not sure whether that is considered as violating message integrity rules.
Thanks, PM -----Original Message----- From: Joana M. F. Trindade [mailto:jmftrind...@gmail.com] Sent: Thursday, February 05, 2009 4:48 PM To: rampart-dev@ws.apache.org Subject: Re: Modifying Soap body of a signed message Hi, I think the signature will be invalid if you alter the content of the header and/or body. This happens because one of the things the signature algorithm takes into account is the content of the header/body. Of course, you can try it yourself by checking if your sample 02 client is still able to validate the signature of the message if it has been altered. HTH, Joana -- Joana M. F. da Trindade Visiting Scholar Center for Reliable and High-Performance Computing University of Illinois at Urbana-Champaign Personal Homepage: http://joanatrindade.wikidot.com LinkedIn: http://www.linkedin.com/in/joanatrindade
