--Sean
Dafydd Winfield wrote:
Hi,
I am currently having problems with producing a valid XMLDSIG signature on JWSDP. First I wrote signing and verifying handlers for Axis and had no problems. I then ported this implementation to JWSDP 1.3 - for a client. When I sign then verify the server verification succeeds. However the XMLDSIG signature produced by the siging code is not valid according to the web based XMLDSIG validator at: http://www.aleksey.com/xmlsec/xmldsig-verifier.html - so it should never verify successfully. The verification error on the website site says that the data does not match the digest. As I said the same code in the Axis handler produces valid XMLDSIG signatures. Signatures produced by the Axis handlers do not verify against the Sun handlers.
Finally I wrote a JWSDP client and added the signing and verifying handlers - both client side for testing purposes. These worked correctly and produced correct XMLDSIG signatures according to the external validator. The only explanation seems to be that there must be library problem with the JWSDP 1.3 server tomcat installation (which was newly installed for this test) but I am at a total loss as to where it is - perhaps the digesting code has problems? N.B. I have copied the required endorsed jars.
Has anyone else had any similar problems with JWSDP 1.3 - or know of some code that works. I am using JDK 1.4.2_07 and axis security 1.2.1.
I can supply source if necessary.
Many thanks for you help,
Dafydd
