Hi, On Wednesday 14 November 2007 06:50:03 Vishal Mahajan wrote:
> I have attached another instance of this string comparison problem that
> was reported on wss4j list sometime back. The work-around is of course
> to explicitly make sure that all standard namespace strings are interned
> before messages are parsed.
In other words, the XMLSec library assumes XML is always sent as String/text
over a network, and never serialised/deserialised as an XML Document between
VMs. In the latter case, no parsing takes place, and thus the namespace
objects are not the same. Is there a way to intern the namespaces without
building the Document anew?
Ralph
>
> Vishal
>
> on 11/08/2007 8:16 PM Sean Mullan wrote:
> > The exception is thrown by the following method in ElementProxy:
> >
> > public void guaranteeThatElementInCorrectSpace()
> > throws XMLSecurityException {
> >
> > String localnameSHOULDBE = this.getBaseLocalName();
> > String namespaceSHOULDBE = this.getBaseNamespace();
> >
> > String localnameIS = this._constructionElement.getLocalName();
> > String namespaceIS = this._constructionElement.getNamespaceURI();
> > if ((namespaceSHOULDBE!=namespaceIS) ||
> > !localnameSHOULDBE.equals(localnameIS) ) {
> > Object exArgs[] = { namespaceIS +":"+ localnameIS,
> > namespaceSHOULDBE +":"+ localnameSHOULDBE};
> > throw new XMLSecurityException("xml.WrongElement", exArgs);
> > }
> > }
> >
> >
> > It sounds like the namespaces, though equal, are not the same object,
> > thus the test is failing. Comparing by reference is done for
> > performance reasons, since most XML parsers intern the namespace Strings.
> >
> > There has been some discussion about this issue. What XML parser are
> > you using? See http://issues.apache.org/bugzilla/show_bug.cgi?id=40897
> >
> > --Sean
--
For contact details, please see www.ralphholz.de.
signature.asc
Description: This is a digitally signed message part.
