Ian Hummel wrote:
This outputs:
DEBUG net.parityinc.jumpstart.sts.CryptoUtils - keyInfo is:
[EMAIL PROTECTED]
DEBUG net.parityinc.jumpstart.sts.CryptoUtils - Public key is: Sun RSA
public key, 1024 bits
modulus:
111569399812228317974104160667778574453427703386659798836457259422563834830313005221987124756525281662856577689662339654944603341744351755854419363610184584407762310756727959272178338147873650923924948006027542968201887110182779600654460562132129929712009593703603588025273257129489044637731356622650761637013
public exponent: 65537
WARN org.apache.xml.security.signature.Reference - Verification failed
for URI "#IC01"
WARN net.parityinc.jumpstart.sts.CryptoUtils - Signature was invalid
false
el1 serialized
<?xml version="1.0" encoding="UTF-8"?>
<InformationCard/>
el2 serialized
<?xml version="1.0" encoding="UTF-8"?>
<InformationCard xmlns="http://schemas.xmlsoap.org/ws/2005/05/identity"/>
Am i not creating/attaching the "InformationCard" node correctly? Why
doesn't the namespace declaration show up in example 1, even though I've
created the node via doc.createElementNS(NS_IDENTITY, "InformationCard");
You must also add the namespace attribute to the element where it is
defined using the Element.setAttributeNS method. Otherwise the namespace
is not visible when canonicalizing the element.
See: https://issues.apache.org/bugzilla/show_bug.cgi?id=41821
I have seen this same problem come up at least 1/2 dozen times. Since
this is a common mistake, I wonder if we could work around this in our
implementation as it seems xalan is able to figure out where to add the
namespace attribute even though it hasn't been explicitly added by the
application. Will look into this some more, but in the meantime, you
should have a workaround.
--Sean
