https://issues.apache.org/bugzilla/show_bug.cgi?id=43685
--- Comment #13 from René Nielsen <[EMAIL PROTECTED]> 2008-05-22 06:42:02 PST --- Enabling isWsiBSPCompliant the element " <exc14n:InclusiveNamespaces xmlns:exc14n="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="" /> " gets inserted by WSS4J, however, enabling this feature makes it imposible to include a reference to the BinarySecurityToken in order to get that signed too. The BEA generated WSDL requires the BinarySecurityToken to be signed along with timestamp and body. Furthermore, the SignatureValue on the BEA client cannot be verified anymore as it could in isWsiBSPCompliant = false mode. In order to add a reference for the BinarySecurityToken is must be present in the security header, otherwise getPrefixList throws an NullPointerException, but the conveniance method WSSecSignaure.build adds the references before updating the security header leading to the NullPointerException. Furthermore, the isWsiBSPCompliant=true mode forced the above InclusiveNamespaces to both the SignedInfo canonilization method as well as to the timestamp and body references. BEA only agrees with the two last ones. So neither isWsiBSPCompliant mode disabled or enabled works together with a BEA client. :( -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
