Hi,
How do I determine where the <ds:Signature> element is placed in the result
XML? E.g., I have a SOAP message like this:
<env:Envelope>
<env:Header ... />
<env:Body>
<pdpa:message>...</pdpa:message>
</env:Body>
</env:Envelope>
My code signs only the <pdpa:message> part (using XPath-Transforms). In the
resulting tree, the signature is added *after* the </env:Body>:
<env:Body>
<pdpa:message>...</pdpa:message>
</env:Body>
<ds:Signature>...</ds:Signature>
</env:Envelope>
I would, however, like to add it to the <pdpa:message> part:
<env:Body>
<pdpa:message>...</pdpa:message>
<ds:Signature>...</ds:Signature>
</env:Body>
</env:Envelope>
Reason: that way, I can just encrypt the <pdpa:message> (replace with
<xenc:EncryptedData>) and preserve a correct SOAP message (with a Body
element). The way it is now, I would encrypt the <pdpa:message> and have a
signature "on the outside", which I consider weaker due to the weaknesses in
SHA1.
The code for the XPath-Transformation is
String filter[][] = { { XPath2FilterContainer.INTERSECT,
"//Envelope/Body/message" } };
transforms.addTransform(Transforms.TRANSFORM_XPATH2FILTER,
XPath2FilterContainer.newInstances(insideDoc, filter));
Which I think is correct. Where do I make the mistake?
Thanks,
Ralph
--
For contact details, please see www.ralphholz.de.
