Re: AW: Verifying a signed document after serialisation fails

[Elias Neri]

It's probably something going wrong with the namespaces during the xalan deserialisation. When doing the same transformation before signing axis throws: "org.xml.sax.SAXParseException: The prefix "soapenv" for element "soapenv:Envelope" is not bound"; although the serialised document is correct. In case the issue arrises again for someone else, deserialising through DocumentBuilder is a possible workaround. //serialise Transformer transformer = TransformerFactory.newInstance().newTransformer(); DOMSource source1 = new DOMSource(doc); StreamResult result1 = new StreamResult(outStream); transformer.transform(source1, result1); inStream = new ByteArrayInputStream(outStream.toByteArray()); //deserialise DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setNamespaceAware(true); doc = factory.newDocumentBuilder().parse(inStream); Dittmann, Werner wrote: My assumption is that somehow the serialization and deserialization transforms modified the doc. Transforms may influde new lines or such. Can you check this? E.g. by using a specific format? Regards, Werner -----Ursprüngliche Nachricht----- Von: Elias Neri [mailto:[EMAIL PROTECTED]] Gesendet: Montag, 13. März 2006 14:38 An: wss4j-dev@ws.apache.org Betreff: Verifying a signed document after serialisation fails Hello, When i serialise a signed soap document, the verification of the signature fails. Doesn't the xml canonization when signing the soap envelope take care of movements of namespace declarations? Or am i overlooking something? I.e when i modify the verification function in the junit test wssec.TestWSSecurityNewST2 by serialising the document before verifying it: private void verify(Document doc) throws Exception { ByteArrayOutputStream outStream = new ByteArrayOutputStream(); ByteArrayInputStream inStream; //serialise Transformer transformer = TransformerFactory.newInstance().newTransformer(); DOMSource source1 = new DOMSource(doc); StreamResult result1 = new StreamResult(outStream); transformer.transform(source1, result1); inStream = new ByteArrayInputStream(outStream.toByteArray()); //deserialise transformer = TransformerFactory.newInstance().newTransformer(); StreamSource source2 = new StreamSource(inStream); DOMResult result2 = new DOMResult(); transformer.transform(source2, result2); doc = (Document)result2.getNode(); //the original verification code secEngine.processSecurityHeader(doc, null, this, crypto); SOAPUtil.updateSOAPMessage(doc, message); String decryptedString = message.getSOAPPartAsString(); assertTrue(decryptedString.indexOf("LogTestService2") > 0 ? true : false); } the test fails. Best regards, Elias --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]