Berin Lautenbach <berin <at> wingsofhermes.org> writes: > > Can you post the template that you are using and the keypair (assuming > they are test keys) to me or the list? Keypair not so necessary - I can > use my own, but the template would help. > > You could try putting a bit of dummy text as the signature value - it > will get overwritten, but the loader for the Signature expects text > children in certain places and throws an exception if it doesn't find them. > > Cheers, > Berin > SNIP...
Here's the template: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"; xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity- secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401- wss-wssecurity-utility-1.0.xsd"> <soap:Header> <wsa:Action wsu:Id="Id-3edad06f-f155-4405-9233-6a3f22862258"> </wsa:Action> <wsa:MessageID wsu:Id="Id-b02eb10a-b0d9-491d-ba57- 5db81199302e">uuid:cca7447a-6ad7-4360-a8f0-a2181aa7c58c</wsa:MessageID> <wsa:ReplyTo wsu:Id="Id-d11bbd45-c9c5-4ca2-9a95-6cf62f3847b3"> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</w sa:Address> </wsa:ReplyTo> <wsa:To wsu:Id="Id-af811131-86e1-4146-bbed- 22da8be29d11">https://lasar002-int.dmz/ATS/dEnquiries</wsa:To> <wsse:Security> <wsu:Timestamp wsu:Id="Timestamp-d1dc5b06-ce21-43c7-a720-9bde3629d05a"> <wsu:Created>2006-11-23T05:31:41Z</wsu:Created> </wsu:Timestamp> <wsse:UsernameToken xmlns:wsu="http://docs.oasis- open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-a197613a-0a6e-4861-a72f-f355a6d66307"> <wsse:Username>pblccitec</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis- 200401-wss-username-token-profile-1.0#PasswordText">webservice</wsse:Password> <wsse:Nonce>QTctSdLLjEGx4IFXz74yxQ==</wsse:Nonce> <wsu:Created>2006-11-23T05:31:41Z</wsu:Created> </wsse:UsernameToken> <wsse:BinarySecurityToken ValueType="http://docs.oasis- open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap- message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis- open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-14bc43ec-55a8-4956-9065- 16e6b80b7400">MIID8DCCA1mgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJBVTEMM AoGA1UECBMDUUxEMQ8wDQYDVQQHEwZCcmlzc3kxDDAKBgNVBAoTA05STTEMMAoGA1UECxMDSVRTMRAw DgYDVQQDEwdzYXJ2ZWdhMB4XDTA1MDgzMTA1MTAxNFoXDTA3MDgzMTA1MTAxNFowXTELMAkGA1UEBhM CQVUxDDAKBgNVBAgTA1FMRDEPMA0GA1UEBxMGQnJpc3N5MQ0wCwYDVQQKFAROUiZNMQwwCgYDVQQLEw NJVFMxEjAQBgNVBAMTCXRlc3R1c2VyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM29v k40v30gWJr7+pvNi3x/785nSkCv2RuXaCidNG1C2+WVUKyolSkFjQQPj3A+JXrRPqS4jQbUOVMubYYt s5ElvpOG72nrDKQbLo1BVLJiJi+gTZEAS+S4ZpBzxaJYDwvX/Wa94WtgelWw+PSiGomPy995S1Aykty WQVXZiezR3TL626wOefLXb5DGHgKh8YxVWkGL9FiaKdDieUQryXFX0ksiin7CVk4WNST2vPdOAC8KAZ 44/jPq95M631j0WU2CYT7Q66JtseZIMjlPvl7QbnMLIptq5quIoft7gX18T2rIFbmNFOE6SiD4em8wg zW02FJr9FlPhWa6uEdFvqUCAwEAAaOCAT0wggE5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9w ZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQTElg47m7eBhUhkdWvdbqhY/qBqjC BggYDVR0jBHsweYAUDoB/c41zEYu2YHK28gaN0z0vdVChXqRcMFoxCzAJBgNVBAYTAkFVMQwwCgYDVQ QIEwNRTEQxDzANBgNVBAcTBkJyaXNzeTEMMAoGA1UEChMDTlJNMQwwCgYDVQQLEwNJVFMxEDAOBgNVB AMTB3NhcnZlZ2GCAQAwWgYDVR0fBFMwUTAkoCKgIIYeaHR0cDovL3d3dy5teWhvc3QuY29tL215Y2Eu Y3JsMCmgJ6AlhiNodHRwOi8vd3d3Lm15b3RoZXJob3N0LmNvbS9teWNhLmNybDANBgkqhkiG9w0BAQQ FAAOBgQBWQx+k1GGAJ69rX7aJP0eR3BCmHbNC89bBpSeiBOCVOGmLSMVY9c6Kbo7QNJV7pxZcCGN5tA OO+Bry2E0ZL5auA02XzNeCNZyasHPrSgQJvTA11krJ4Kjh5/UAN+0MxiDY50R3IGBneTKFYFRSVPyUm Kmw01wqIMFmxilpQ4W8LQ==</wsse:BinarySecurityToken> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> <SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; /> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa- sha1" /> <Reference URI="#Id-3edad06f-f155-4405-9233-6a3f22862258"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc- c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <DigestValue>TVCH1habTRf0MmhInZ7lZEQqXHY=</DigestValue> </Reference> <Reference URI="#Id-b02eb10a-b0d9-491d-ba57-5db81199302e"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc- c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <DigestValue>cRnv3LpgnL/efdrnXSEcd7Jn4V0=</DigestValue> </Reference> <Reference URI="#Id-d11bbd45-c9c5-4ca2-9a95-6cf62f3847b3"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc- c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <DigestValue>6574cbbjN1AwhoAKNjrxwAD2zM8=</DigestValue> </Reference> <Reference URI="#Id-af811131-86e1-4146-bbed-22da8be29d11"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc- c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <DigestValue>4KnoFdUUUkvpmbxV6SZVc20B+zU=</DigestValue> </Reference> <Reference URI="#Timestamp-d1dc5b06-ce21-43c7-a720-9bde3629d05a"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc- c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <DigestValue>gFfTJ7l30pDGRg5wuFN6raJFxeg=</DigestValue> </Reference> <Reference URI="#Id-f02ffa1e-f0c5-4acf-9961-c34cf57f91a5"> <Transforms> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc- c14n#" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <DigestValue>UkUKHCCWocfInrKvwRG+7YYjBjY=</DigestValue> </Reference> </SignedInfo> <SignatureValue>UuI0sDfhFKG/y4zqICTqKEGQZQPqlaHROvwXsEGRHtLUZtxonXJEQs02rvyJi2A Ubw4GGMLmjLD6K7jb8E52AFrAYPTQyQHo5ZQnfX0jpnavnD6HbbZbz+YqUkCv7ADK+zPWcupI9W+iYx Xofnr4OPi+2n/J5QsUilZGHs/PgJ9J9c8M+wFxV0nas6RqXY88C7xNiBD6ct3xysoMWbC5XXhNGwgp2 ZJBtUqksXDCuS4m1Y+3sin2U9RC9zM6k/J5a1BAMuV6mlhvfGvladoprsF2d8rHY6/6wYFLfWeYb2iQ cWzPDpZiRtbuFxg7wW6kuBofXeyizHfXc9IP1z6gLQ==</SignatureValue> <KeyInfo> <wsse:SecurityTokenReference> <wsse:Reference URI="#SecurityToken-14bc43ec-55a8-4956-9065- 16e6b80b7400" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401- wss-x509-token-profile-1.0#X509v3" /> </wsse:SecurityTokenReference> </KeyInfo> </Signature> </wsse:Security> </soap:Header> <soap:Body wsu:Id="Id-f02ffa1e-f0c5-4acf-9961-c34cf57f91a5"> <GetTitleWithName xmlns="http://wsgate.nrm.qld.gov.au/ATS/dEnquiries";> <family_name xmlns="java:au.gov.qld.nrm.ats.enquiries" /> <given_name xmlns="java:au.gov.qld.nrm.ats.enquiries" /> <prev_title_reference xmlns="java:au.gov.qld.nrm.ats.enquiries" /> <title_reference xmlns="java:au.gov.qld.nrm.ats.enquiries">1/22</title_reference> </GetTitleWithName> </soap:Body> </soap:Envelope> I removed the digests, the signature value and the whitespace before submitting it to "templatesign". Many thanks, Paul.
