[
https://issues.apache.org/jira/browse/RAMPART-216?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12678641#action_12678641
]
Heinz Zerbes commented on RAMPART-216:
--------------------------------------
Hello Mr. Veithen!
No, unfortunately I pasted this line from my original policy into this one.
There is only one namespace prefix.
Thank you very much!!
Heinz Zerbes
Siemens AG
Siemens IT Solutions and Services
Germany
SIS D PRO SI ESS SCI
Otto-Hahn-Ring 6
81739 München, Germany
Tel.: +49 89 636-48428
mailto:zer...@siemens.com
Siemens Aktiengesellschaft: Vorsitzender des Aufsichtsrats: Gerhard Cromme;
Vorstand: Peter Löscher, Vorsitzender; Wolfgang Dehen, Heinrich Hiesinger, Joe
Kaeser, Jim Reid-Anderson, Hermann Requardt, Siegfried Russwurm, Peter Y.
Solmssen; Sitz der Gesellschaft: Berlin und München; Registergericht: Berlin
Charlottenburg, HRB 12300, München, HRB 6684; WEEE-Reg.-Nr. DE 23691322
Important Note:
This e-mail may contain trade secrets or privileged, undisclosed or otherwise
confidential information. If you have received this e-mail in error, you are
hereby notified that any review, copying or distribution of it is strictly
prohibited. Please inform us immediately and destroy the original transmittal.
Thank you for your cooperation.
> Wrong SignatureMethod and DigestMethod generated in request in case of
> algoritm suite having SHA256 hashing algorithm (example: Basic256Sha256)
> -----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-216
> URL: https://issues.apache.org/jira/browse/RAMPART-216
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core, rampart-integration, rampart-policy
> Affects Versions: 1.3
> Environment: Windows XP/Vista, Java 1.4.2, Axis 2 1.3, Rampart 1.3
> Reporter: Heinz Zerbes
> Assignee: Ruchith Udayanga Fernando
> Fix For: 1.3
>
>
> My Rampart policy has a algoritm suit = Base256Sha256. In rest it is very
> simple (I will attach it to this issue).
> I expected to get from this suite a SignedInfo element in request like this:
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
> <ds:Reference URI="#Id-27120928">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
>
> <ds:DigestValue>.....</ds:DigestValue>
> </ds:Reference>
> But instead I get the following (always 'sha1'):
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> <ds:Reference URI="#Id-27120928">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>
> <ds:DigestValue>....</ds:DigestValue>
> </ds:Reference>
> It makes no difference what algorithms suit I take. I always get 'sha1'.
> In class org.apache.ws.secpolicy.model.AlgorithmSuite there is only
> asymmetricSignature = Constants.RSA_SHA1. In Constants.java the same. Thus
> the getAsymmetricSignature() method always return SHA1.
> Here is my policy:
> <wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"; name="TelematikPolicy"
> targetNamespace="http://ws.test.xy/tel/transport/v1.2";>
> <wsdl:documentation>
> </wsdl:documentation>
> <wsp:Policy wsu:Id="TelematicsTransport_Binding_Signed_Policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:AsymmetricBinding
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:InitiatorToken>
> <wsp:Policy>
> <sp:X509Token
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
>
> <wsp:Policy>
>
> <sp:WssX509V3Token10/>
>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:InitiatorToken>
> <sp:RecipientToken>
> <wsp:Policy>
> <sp:X509Token
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
>
> <wsp:Policy>
>
> <sp:WssX509V3Token10/>
>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:RecipientToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
>
> <sp:sp:Basic256Sha256/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Lax/>
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp/>
> <sp:SignedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body/>
> </sp:SignedParts>
> </wsp:Policy>
> </sp:AsymmetricBinding>
> <sp:Wss10
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:MustSupportRefIssuerSerial/>
> </wsp:Policy>
> </sp:Wss10>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> </wsdl:definitions>
> Is there any workarround for this problem? I would appreciate it very much if
> you could give me a good hint! It's urgent.
> Thank you a lot!
> Heinz
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
