Aki,
pls have a look at the Apache project WSS4J (subproject of WS-FX) that already implements a fair complete set of WS-Security. This project also has an own id resolver that specifically takes care about the whole wsu:Id stuff.
The generic XML-security stuff is only for the generic Ids, not for specific ids, such as wsu:Id.
Regards, Werner
Yoshida, Akitoshi wrote:
Hello, I am using apache axis to do ws-security and I need to use wsu:Id to tag the reference.
When I used axis' security sample with wsu:Id, I noticed that IdResolver (in org.apache.xml.security.utils) doesn't do the lookup for wsu:Id, although it has a sequence of hard-wired various ID lookups.
So I added the code below so that wsu:Id gets recognized in that part.
My question is, is this something that the future version of xml-security will provide? Or is there other way to use wsu:Id with the xml-security library?
Thank you in advance. Regards, Aki Yoshida
109a110,119
result = IdResolver.getElementByWSUIdType(doc, id);
if (result != null) { log.debug( "I could find an Element using the simple getElementByWSUIdType method: " + result.getTagName());
return result; }
214a225,248
* Method getElementByWSUIdType * * @param doc * @param id * */ private static Element getElementByWSUIdType(Document doc, String id) { log.debug("getElementByWSUIdType() Search for ID " + id);
try { Element nscontext = XMLUtils.createDSctx(doc, "wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";); Element element = (Element) XPathAPI.selectSingleNode(doc, "//[EMAIL PROTECTED]:Id='" + id + "']", nscontext);
return element; } catch (TransformerException ex) { log.fatal("empty", ex); }
return null; }
/**
