I am using an open source kit that
embeds apache xml sec java 1.2.1 with
xml beans version 1.0.x. The kit uses a different version of xml beans than we
do - but the 2 xml beans versions do not seem to be too different. When we try
to use it the kit with our xml beans version I get the following exception at
the line "XMLSignature sig = new XMLSignature(element, null)". The moment I switch back to the original xml
beans version, the error goes away. I have rebuilt most of the actual xml beans
that came with the kit using our xml beans version - but the error persists:
org.apache.xml.security.c14n.InvalidCanonicalizerException:
Unknown canonicalizer. No handler installed for URI
at org.apache.xml.security.c14n.Canonicalizer.<init>(Unknown Source)
at org.apache.xml.security.c14n.Canonicalizer.getInstance(Unknown Source)
at org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
at org.apache.xml.security.signature.XMLSignature.<init>(Unknown Source)
at org.apache.xml.security.c14n.Canonicalizer.<init>(Unknown Source)
at org.apache.xml.security.c14n.Canonicalizer.getInstance(Unknown Source)
at org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source)
at org.apache.xml.security.signature.XMLSignature.<init>(Unknown Source)
I have debugged the code upto the point of the exception and I see that
with both xml beans versions, the xml itself does have the canonicalizer uri -
but the Element.getAttributeNS call returns null when our xml beans is used and
then we get the exception.
In the code,
the only link between the usage of xmlbeans and xmlsec seems to be when we
construct a DOM from an XMLObject using XMLTokenSource.newDomNode(). Is it
possible that something changed in the implementation of this method between the
different xmlbean versions that I am trying with? Or is this a known
dependency/problem between xml
beans and xml sec or has anyone run into this before?
Thanks,
Vish.
