I've added some tests to CXF where I add in a comment to a signed SOAP Body + validation works fine. Could you create a testcase with a CXF service + a SOAP-UI project that shows the failure?
Colm. On Fri, Jan 9, 2015 at 8:42 AM, Ariel Cassan <[email protected]> wrote: > Hi all, > > I've some services exposed with CXF 2.7.12, which expects the incoming > messages to be signed (the validation is being done in WSS4JInInterceptor). > For the client, I'm just using SoapUI 5. > > Signature validation is being performed well for any scenario, except for > when the body of the SOAP message includes comments. In that case, I'm > getting a: > > org.apache.cxf.binding.soap.SoapFault: The signature or decryption was > invalid > > In order to exclude SoapUI as the cause of the problem, I've tried with > exactly the same message twice, once with the comment tag and the other > without it. Both messages generates the same signature values, as we are > using xml-exc-c14n for canonicalization. > > However, in the server with CXF, messages with comments fail to validate. > > > If it is not a bug, I'm thinking on things like a weird server encoding > configuration, any wrong WSS4J configuration or whatever like that. > > Can someone realize what may be happening, or did someone face this same > problem before? > I can post examples of both messages, but I can assure that both makes the > same signature, so it's probably unnecessary. > > > Thanks a lot! > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Problem-with-signature-of-message-including-comments-tp5752902.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
