STRTransform usage

Wed, 19 Nov 2014 11:09:11 -0800 

In some legacy code that I am (still) migrating up to CXF 2.7 / WSS4J 1.6, we 
have a class that extends WSSecSignature and overrides addReferencesToSign, in 
order to add a transform for an Assertion. It looks like the way transforms are 
done has changed significantly, so there's a bit that I haven't quite figured 
out. There's this bit of code in the original:

                        final Transforms transforms = new Transforms(document);
                        Element ctx = createSTRParameter(document);
                        
transforms.addTransform(STRTransform.implementedTransformURI, ctx);
                        sig.addDocument("#" + this.assertionSecRefUri, 
transforms, this.getDigestAlgo());

where sig and document are both available from the base class. My attempt to 
migrate this code looks something like this:

                        final Transforms transforms = new Transforms(document);
                        Element ctx = createSTRParameter(document);
                        transforms.addTransform(STRTransform.TRANSFORM_URI, 
ctx);

But this gives me an exception:

Caused by: org.apache.xml.security.transforms.TransformationException: Unknown 
transformation. No handler installed for URI 
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform
Original Exception was 
org.apache.xml.security.transforms.InvalidTransformException: Unknown 
transformation. No handler installed for URI 
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform
                at 
org.apache.xml.security.transforms.Transforms.addTransform(Transforms.java:197)
                at 
gov.faa.swim.ssri.wss.wss4j.saml.SupportingSamlTokenSignedAction$WSSecSamlSupportingTokenSignature.addReferencesToSign(SupportingSamlTokenSignedAction.java:247)
                ... 49 more
Caused by: org.apache.xml.security.transforms.InvalidTransformException: 
Unknown transformation. No handler installed for URI 
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform
                at 
org.apache.xml.security.transforms.Transform.initializeTransform(Transform.java:336)
                at 
org.apache.xml.security.transforms.Transform.<init>(Transform.java:117)
                at 
org.apache.xml.security.transforms.Transforms.addTransform(Transforms.java:193)
                ... 50 more

It looks like this is because the line 
transforms.addTransform(STRTransform.TRANSFORM_URI, ctx) doesn't know how to 
deal with the STR-Transform type, because there's no handler installed for that 
URI. Is there a handler in CXF that I need to enable somewhere, or do I need to 
write one and configure it somehow? Is there a reference for this somewhere? 
Dr. Google has failed me today ...

Thanx,

Stephen W. Chappell

Reply via email to