Okay, I think I found the problem. The gSOAP request is missing the CanonicalizationMethod element (child of SignedInfo) which is _not_ optional. XML sec first tries to get the method and the result is NULL thus the NPE.
Thanks Yves On Wed, 2005-12-21 at 16:13 -0500, Davanum Srinivas wrote: > Yves, > > could u please try latest SVN? > > thanks, > dims > > On 12/21/05, Yves Langisch <[EMAIL PROTECTED]> wrote: > > Hi, > > > > I have a gSOAP client sending a signed request to WSS4J 1.1.0 . During > > the verification process a NullPointerException is thrown > > (WSSecurityEngine, line 461). The NPE seems to come from the xmlsec > > library. Below you find the complete stacktrace and the gSOAP request. > > The only difference I see to a WSS4J request is the missing > > 'CanonicalizationMethod' and the 'Transforms' elements. But IMHO they > > are optional by the spec. > > > > at org.apache.xml.security.signature.SignedInfo.<init>(Unknown Source) > > at org.apache.xml.security.signature.XMLSignature.<init>(Unknown > > Source) > > at > > org.apache.ws.security.WSSecurityEngine.verifyXMLSignature(WSSecurityEngine.java:461) > > at > > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:320) > > at > > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245) > > at > > a.b.c.AbstractCheckSecurityHandler.invoke(AbstractCheckSecurityHandler.java:158) > > at > > a.b.c.CheckSecurityHandler.invoke(CheckSecurityHandler.java:69) > > at > > org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) > > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) > > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) > > at > > org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) > > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) > > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) > > at > > org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453) > > at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281) > > at > > org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:6 > > > > ---- > > > > <wsse:Security SOAP-ENV:mustUnderstand="1"> > > <wsu:Timestamp wsu:Id="Time"> > > <wsu:Created>2005-12-21T22:00:45+01:00</wsu:Created> > > <wsu:Expires>2005-12-22T00:47:25+01:00</wsu:Expires> > > </wsu:Timestamp> > > <wsse:BinarySecurityToken > > EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; > > > > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; > > > > wsu:Id="X509Token">MIIDsTCCAxqgAwIBAgIBBDANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkZMMRQwEgYDVQQHEwtUYWxsYWhhc3NlZTEWMBQGA1UEChMNR2VuaXZpYSwgSW5jLjELMAkGA1UECxMCSVQxFDASBgNVBAMTC2dlbml2aWEuY29tMSIwIAYJKoZIhvcNAQkBFhNjb250YWN0QGdlbml2aWEuY29tMB4XDTA0MTAwMjE3MTQwOFoXDTA1MTAwMjE3MTQwOFowgY0xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJGTDEUMBIGA1UEBxMLVGFsbGFoYXNzZWUxFjAUBgNVBAoTDUdlbml2aWEsIEluYy4xCzAJBgNVBAsTAklUMRIwEAYDVQQDEwlsb2NhbGhvc3QxIjAgBgkqhkiG9w0BCQEWE2NvbnRhY3RAZ2VuaXZpYS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANNaNlzgeeRTdq80kIGzm1fKhT3SXlbKDhBCBciYF75c8/Z1lPGRKB/64dX51zy9WS02eogR2SRNm2Z48HfaT/XKh5iEuDYuL5RPOLPrVjaEhJdmDNSFCUoNA9B2Vxg5878nRoLsACb5ognldyxVq7KjwyOOcnBhSiroLyl2DkoVAgMBAAGjggEbMIIBFzAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUaFZhHcJnrCtOfenAhfjoBVjlz1YwgbwGA1UdIwSBtDCBsYAU4MyIi0GgIUqkYRhnJ2GgyUmVd8qhgZWkgZIwgY8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJGTDEUMBIGA1UEBxMLVGFsbGFoYXNzZWUxFjAUBgNVBAoTDUdlbml2aWEsIEluYy4xCzAJBgNVBAsTAklUMRQwEgYDVQQDEwtnZW5pdmlhLmNvbTEiMCAGCSqGSIb3DQEJARYTY29udGFjdEBnZW5pdmlhLmNvbYIBADANBgkqhkiG9w0BAQUFAAOBgQBwcmjfme60+xDU5B5vt2i62UxDsTyyX/+kztKTAo5dGWLoG+oKLQ9kIqDNHW6jEgJDYoTzAtByRbR4NMQofNN5PcQ1rLWU3F/eor049vnvvD9lXWfNGlaGOTVW728FyQ6kj7ZU1si0c8XUOHQOPXxidNq2dbC8m+RTPejrhU5YQA==</wsse:BinarySecurityToken> > > <ds:Signature> > > <ds:SignedInfo> > > <ds:SignatureMethod > > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod> > > <ds:Reference URI="#Body"> > > <ds:DigestMethod > > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod> > > <ds:DigestValue>M3aJ > > +2vrs4GxZtUb2hzqdDjXsS4=</ds:DigestValue> > > </ds:Reference> > > <ds:Reference URI="#X509Token"> > > <ds:DigestMethod > > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod> > > <ds:DigestValue>KzcEfJFx3jlQ399g+zmrMxelT > > +0=</ds:DigestValue> > > </ds:Reference> > > <ds:Reference URI="#Time"> > > <ds:DigestMethod > > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod> > > <ds:DigestValue>wJo/g7CUd3fntbt > > +kS7moBNhDa8=</ds:DigestValue> > > </ds:Reference> > > </ds:SignedInfo> > > > > <ds:SignatureValue>I4vJwRK8X/tYhrWQf2TH6p12geUV3awLupkYFLAOOGC/d0jbC39oXt5aHLeCb6brdDz669fKxwL0jatfakeh24GTWwYJ0vf+iPKk//HYwoMzkcCXBRsvEvaJXJ5hagg5qpajAtSVriaYofAWpcca5VkVHYKnYVOg67GGAGFt+to=</ds:SignatureValue> > > <ds:KeyInfo> > > <wsse:SecurityTokenReference> > > <wsse:Reference URI="#X509Token" > > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";></wsse:Reference> > > </wsse:SecurityTokenReference> > > </ds:KeyInfo> > > </ds:Signature> > > </wsse:Security> > > </SOAP-ENV:Header> > > > > Any ideas? > > > > Thanks > > Yves > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > -- > Davanum Srinivas : http://wso2.com/blogs/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
