You can't remove line breaks any more in XML Signature for BASE-64 encoded
content. This is because the spec says that:

"The SignatureValue element contains the actual value of the digital
signature; it is always encoded using base64 [RFC2045
<https://www.w3.org/TR/xmldsig-core1/#bib-RFC2045>]. "

and RFC-2045 mandates line breaks.

Colm.

On Thu, Feb 22, 2018 at 8:04 PM, Guy Ridley <guy.rid...@lunarlogic.com>
wrote:

> Hello,
>
> How can I create signatures that don't have XML linefeed characters in
> them?
> (&#xd;)
>
> The server receiving the transmission is saying that the ampersand or hash
> could be the cause of a 'potential threat' fault, as if it could be a SQL
> injection error.
>
> Last year the signatures had no line feeds at all - but there have been
> several changes and I'm not sure when it started happening.  (Currently
> using CXF 3.2.1, WSSJ 2.2, and Java 1.8 - we had to upgrade to handle a new
> requirement for sha-256 instead of sha-1.)
>
> I've tried this (among other things) without success.
>         String xmlSec = "org.apache.xml.security.ignoreLineBreaks";
>         System.setProperty(xmlSec, "true");
>
> Is there a cxf or Tomcat config file somewhere I could set this permanently
> in?  Or is this a red herring?
>
> Could it be a WsHandler setting? (I've checked them all, don't see any that
> would apply.)  Or a mismatch in the versions above?
>
> Thanks for any ideas.
>
>
>
>
>
> --
> Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to