In some legacy code that I am (still) migrating up to CXF 2.7 / WSS4J 1.6, we
have a class that extends WSSecSignature and overrides addReferencesToSign, in
order to add a transform for an Assertion. It looks like the way transforms are
done has changed significantly, so there's a bit that I haven't quite figured
out. There's this bit of code in the original:
final Transforms transforms = new Transforms(document);
Element ctx = createSTRParameter(document);
transforms.addTransform(STRTransform.implementedTransformURI, ctx);
sig.addDocument("#" + this.assertionSecRefUri,
transforms, this.getDigestAlgo());
where sig and document are both available from the base class. My attempt to
migrate this code looks something like this:
final Transforms transforms = new Transforms(document);
Element ctx = createSTRParameter(document);
transforms.addTransform(STRTransform.TRANSFORM_URI,
ctx);
But this gives me an exception:
Caused by: org.apache.xml.security.transforms.TransformationException: Unknown
transformation. No handler installed for URI
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform
Original Exception was
org.apache.xml.security.transforms.InvalidTransformException: Unknown
transformation. No handler installed for URI
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform
at
org.apache.xml.security.transforms.Transforms.addTransform(Transforms.java:197)
at
gov.faa.swim.ssri.wss.wss4j.saml.SupportingSamlTokenSignedAction$WSSecSamlSupportingTokenSignature.addReferencesToSign(SupportingSamlTokenSignedAction.java:247)
... 49 more
Caused by: org.apache.xml.security.transforms.InvalidTransformException:
Unknown transformation. No handler installed for URI
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform
at
org.apache.xml.security.transforms.Transform.initializeTransform(Transform.java:336)
at
org.apache.xml.security.transforms.Transform.<init>(Transform.java:117)
at
org.apache.xml.security.transforms.Transforms.addTransform(Transforms.java:193)
... 50 more
It looks like this is because the line
transforms.addTransform(STRTransform.TRANSFORM_URI, ctx) doesn't know how to
deal with the STR-Transform type, because there's no handler installed for that
URI. Is there a handler in CXF that I need to enable somewhere, or do I need to
write one and configure it somehow? Is there a reference for this somewhere?
Dr. Google has failed me today ...
Thanx,
Stephen W. Chappell