Signing a soap message seems to not work in jwsdp14
I'm trying to sign a soap message according to the latest oasis specifications (http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf) using the libraries provided with jwsdp14 (mainly xmlsec.jar).
As far as I know, there is not yet documention/example about this specific issue.
The following is the code I have to sign a soap message: it seems to work fine because the signed soap message respects the above specifications... but what I notice is that the digest and the signature values it contains are always the same, I mean: if i change the source soap message, the signed soap message in output is always the same!
Any clue??
import com.sun.org.apache.xml.security.Init;
import com.sun.org.apache.xml.security.signature.XMLSignature;
import com.sun.org.apache.xml.security.transforms.Transforms;
import com.sun.org.apache.xml.security.utils.Constants;
import com.sun.xml.wss.*;
import com.sun.xml.wss.reference.DirectReference;
import org.w3c.dom.Document;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.SOAPBody;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
public class Main {
public static void main(String[] args) {
// The file from which we will load the sample SOAP message
String fileName = "F:\\SampleSoapMessage.xml";
// Store the WSSE signed message here
String signatureFileName = "F:\\SignedSampleSoapMessage.xml";
try {
// Initialize the apache libraries
Init.init();
// Obtain security elements from the keystore
PrivateKey privateKey = MySecurityUtils.getPrivateKey();
X509Certificate cert = MySecurityUtils.getCertificate();
// Obtain a sample SOAPMessage from a file
FileInputStream fis = new FileInputStream(new File(fileName));
Document doc = XMLUtil.toDOMDocument(fis);
SOAPMessage message = MyFileUtils.getMessageFromFile(doc);
SOAPHeader header = message.getSOAPHeader();
SOAPBody body = message.getSOAPBody();
// Set the wsu:Id attribute to the Body
XMLUtil.setWsuIdAttr(body, "MyId");
// Create a WSSE context for the SOAP message
SecurableSoapMessage sssm = new SecurableSoapMessage(message);
// Create a security header for the message (<wsse:Security>)
SecurityHeader sh = sssm.findOrCreateSecurityHeader();
// Insert the certificate (<wsse:BinarySecurityToken>)
X509SecurityToken stoken = new X509SecurityToken(header.getOwnerDocument(), cert, "X509TokenRef");
sh.insertHeaderBlock(stoken);
// Insert the keyinfo referring to the certificate (<ds:KeyInfo>)
KeyInfoHeaderBlock kihb = new KeyInfoHeaderBlock(header.getOwnerDocument());
SecurityTokenReference secTR = new SecurityTokenReference(header.getOwnerDocument());
DirectReference dirRef = new DirectReference();
dirRef.setURI("#X509TokenRef");
secTR.setReference(dirRef);
kihb.addSecurityTokenReference(secTR);
//sh.insertHeaderBlock(kihb);
// Insert the Signature block (<ds:Signature>)
SignatureHeaderBlock shb = new SignatureHeaderBlock(header.getOwnerDocument(), XMLSignature.ALGO_ID_SIGNATURE_RSA);
Transforms transforms = new Transforms(header.getOwnerDocument());
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
shb.addSignedInfoReference("#MyId", transforms, Constants.ALGO_ID_DIGEST_SHA1);
shb.addChildElement(kihb.getAsSoapElement());
sh.insertHeaderBlock(shb);
// Digest all References (#MyId) in the SignedInfo, calculate the signature value
// and set it in the SignatureValue Element
shb.sign(privateKey);
// Add the signature data to the header element
header.addChildElement(sh.getAsSoapElement());
// Save the signed SOAP message
FileOutputStream fos = new FileOutputStream(new File(signatureFileName));
message.writeTo(fos);
message.writeTo(System.out);
} catch (Exception exc) {
exc.printStackTrace();
System.out.println("An error has occurred : " + exc.toString());
PS: Classes MySecurityUtils and MyFileUtils are not included since they have nothing interesting.
The sample input sopa message is:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<Intestazione>
</Intestazione>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
and the output signed sample message is:
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header>
<wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#MyId">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>2jmj7l5rSw0yVb/vlWAYkK/YBwk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
YdKNSPWnx630AYeZ6AXVco1b0RMo8C3WWbziq7C009gg4nhknEZmH0ds78y328SgAlAAVR6Swwok
HE3OWgL8TZ1Ks0IimmmDd8/XIb2KlfiqnUNtTjGjUn9FLQEv/CMbmrCr7EO9rf/N+0cyAyGzrKo5
ieEQhtZy9uZAKh2mrmM=
</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#X509TokenRef"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo></ds:Signature><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="X509TokenRef">MIIDITCCAsugAwIBAgIQIdu5EMFuQntM5IBOMeFcETANBgkqhkiG9w0BAQUFADCBqTEWMBQGA1UE
ChMNVmVyaVNpZ24sIEluYzFHMEUGA1UECxM+d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1Rl
c3RDUFMgSW5jb3JwLiBCeSBSZWYuIExpYWIuIExURC4xRjBEBgNVBAsTPUZvciBWZXJpU2lnbiBh
dXRob3JpemVkIHRlc3Rpbmcgb25seS4gTm8gYXNzdXJhbmNlcyAoQylWUzE5OTcwHhcNMDQwODA1
MDAwMDAwWhcNMDQwODE5MjM1OTU5WjBhMQswCQYDVQQGEwJJVDENMAsGA1UECBMEUk9NQTENMAsG
A1UEBxQEcm9tYTEOMAwGA1UEChQFaXNzcGExDjAMBgNVBAsUBWNoaWVmMRQwEgYDVQQDFAt3d3cu
dGVzdC5pdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtIsomDk9VthgMorPmG0dAwqLtTBi
U69liwopwrnAbtzIiO56R9yh4tXvG9+QWtEFRcDHVwWi9YdaHQFCvjymnNYDUHkpJsWp11nIAfOA
k+d9v1YDje4S6oba7tsIJSEkUu7LQ888Q3cGt/KUaEu6b0lZJ5zY9slK0onUPeTB3e8CAwEAAaOB
0TCBzjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3Js
LnZlcmlzaWduLmNvbS9TZWN1cmVTZXJ2ZXJUZXN0aW5nQ0EuY3JsMFEGA1UdIARKMEgwRgYKYIZI
AYb4RQEHFTA4MDYGCCsGAQUFBwIBFipodHRwOi8vd3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5
L1Rlc3RDUFMwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBQUAA0EA
Y66OqTOpHcpNUPlD4A38s8bPIIjrf+C+Wv08lUj+DGN5pm+gBWdbWEGaQmqU8fPPtGrQnHz2NAUr
ZmLaEw/qKw==</wsse:BinarySecurityToken></wsse:Security></SOAP-ENV:Header>
<SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="MyId">
<aTag>
<aChild>a value</aChild>
</aTag>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
NOTE: Check the value of <ds:SignatureValue> and <ds:DigestValue>: they never change even if I change the body of the source message.
Quoting Farrukh's reply to this question on java.net -
I can share some examples of how I have used JWSDP 1.4 and XML DSIG API to sign and verify a "standalone" soap message with and without mime attachments.
Please see the following Utility class written for the freebXML Registry project [1] for an example of how to do what you seek:
http://cvs.sourceforge.net/viewcvs.py/ebxmlrr/omar/src/java/org/freebxml/omar/common/security/SecurityUtil.java?view=markup
See methods signSOAPMessage(...), signPayload(...), verifySOAPMessage(...) and verifyPayloadSignature(...)
What you are trying to do is definitely doable and has been done with JWSDP 1.4. In my experience XML DSIG API met my needs very well.
Best of luck.
[1] freebXML Registry Project:
http://ebxmlrr.sourceforge.net
---------------------------------------------------------------------------------
Similar Messages
-
My text messaging app is not working PLEASE HELP!!!
My text messaging app is not working at all is a blank screen when I open it! Help!!!
No its a well known bug with iphones caused by their over complication of things and their complacency that their users will buy the phones on looks alone irrespective of its basic functionality.
Suggestion 1 - The most common suggested solution seems to be: iMessage needs switched off on all your devices and switched back on after a rest. I found that this did NOT work.
Suggestion 2 - Having a Wi Fi Signal seems to confuse iMessage to send an SMS as a text or as an iMessage. Turn off WiFi on your phone and manually send as text message. Slow, I lnow!!
Suggestion 3 - Move away from any wifi source ie out of range.
Suggestion 4 - Send an email, or a letter. Its more personal!!
20 Minutes later - still not sent 2 short texts.
Apple are very complacent and disdainful of their user community. Not what Id expect but this is a global corporation with the same business ethics as an Oil company or a car company. Profit not function. -
"Ask to buy" and "Sign in to Approve" process is not working
Last weekend I setup Family Sharing for the first time, but the "Ask to buy" and "Sign in to Approve" process is not working. I am the Family Organizer and I created an account for my child under 13 with "Ask to buy" enabled. My child can go in to the App Store, click "Buy" for a desired app and I get a notification on my iPhone 5s... as expected. When I open the Notification I have the option to Decline or Approve. If I select Approve, a box pops up asking me to enter the password for my child's iCloud account to complete the request. (It seems odd to me that I'd have to enter his password instead of my own, but whatever.) So I enter his password and the box goes away for a second and then comes right back like I typed it wrong or something. I enter it again and again and always the same box comes back and the request is never completed. We've tried this several times over several days and always see the same behavior. I have also tried entering my password instead of his (since that makes more sense to me) but I encounter the same problem.
I have verified that I am signed in to my iCloud account and my iTunes account on my iPhone 5s. I have also verified that my son is logged in with his iCloud/iTunes account on his iPod touch, so why isn't this working? Additionally, if I disable "Ask to Buy" then I can successfully install apps on his iPod from the iPod itself.
Is it normal for the "Sign in to Approve" box to show his iCloud address instead of mine? And if so, why doesn't it complete when I enter his password? Am I missing something completely? This is driving me crazy.Hi ,
When you click your link "Click here", the SharePoint web page with anchor will not work until refresh the page, if it's the case, you can add the javascript code to refresh the page automatically as workaround per the following similar post.
http://social.msdn.microsoft.com/Forums/sharepoint/en-US/f7eab808-da8a-44fd-9933-f9b992f5affc/sharepoint-anchor-tags?forum=sharepointgeneralprevious
http://yalla.itgroove.net/2012/05/anchor-links-tags-in-sharepoint-2010/
<script type="text/javascript">
setTimeout(Reload,2000);
function Reload()
window.location.hash=self.document.location.hash.substring(1);
</script>
Thanks,
Daniel Yang
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]
Daniel Yang
TechNet Community Support -
Text messages ringtones are not working in the Storm Two
Device: Storm Two running OS version 5.0.0.713 on the Verizon Wireless network.
Recently, I upgraded from a Storm One to a Storm Two because of a multitude of issues with the Storm One; not enough memory, constant lock-ups; dropped calls, etc. On the Storm One I had customer ringtones for contacts; so when a contact calls me the phone will sound a specific ringtone for that contact; the same for text messages from that contact. Now that I have the Storm Two the text message tones for the contacts are not working. In fact, even when I select a ringtone for text messages for a contact the phone will ring the generic ringtone that comes with the phone. If I go into the sound profile and change the generic ringtone to one of my own and the contact sends me a text/sms message the phone will ring the ringtone that I selected in the profile that is being used at the time. This is not the way it worked on the Storm One. On the Storm One; if I have a specific ringtone for the contact and that contact sends me a text message it will sound the text messages tone for that contact. These ringtones have worked for previous devices including my Treo and Palm devices. The ringtone files worked well in the previous Storm One.
So to make a long story short; I want to know why my text message ringtones are not working as designed/setup-up. If a contact calls me the phone will sound the ringtone for that contact; but if that same contact text me it will not ring the ringtone for the contact. This is annoying and I am at my wits end trying to find out why this is not working.
VernonHi Jain....
Field separator is for separating the fields.That means it will effect every field in the node.
But end separator is not like that.It will apply at the end ofall fields of a node.It will effect node not a field.
according to ur scenario if u use data.endseparator 'nl',output will come like this
2008/0701$101
2008/0701$102
2008/0701$103
2008/0702$105
if u want new line for every field try to insert a separate node for second field.That means
MT_DATATYPE:
Data -
1:UnBounded
. .OrderDate----
1:1
<Data2> 1:1
. ....OrderNo -
1:1
now give data.endseparator 'nl'
data2.endseparator 'nl'
if possible try like this....
Sreedhar Goud L -
Why is my text messaging app is not working at all, is a blank screen? Help!!!
My text messaging app is not working at all is a blank screen when I open it! Help!!!
Abdussalam.A,
you mentioned that Terminal does not work at all for your MacBook Pro. What currently happens when you run Terminal? In what way does it not work? -
I use the Icalendar at home, at work, and on my Iphone. I don't want to have to "sign in" every time I need my calendar. How do I stay signed in? I have checked the "keep signed in" box, but it does not work.
Welcome to the Apple community.
Staying signed in at iCloud.com is not a problem for me. Try resetting your browser or emptying its cache. -
I am using Windows 7 64-bit. After installing Photoshop Elements 13 and trying to run it I always get the message: Photoshop does not work anymore. And it doesn't.
Hi Hardy Tasso,
Are you seeing this problem since first launch of PSE13 after installation or recently?
Please try:
Keep Ctrl + Alt + Shift keys pressed while launching PSE13 Editor and click OK on the dialog that comes next.
Thanks,
Anwesha -
Every time I open a pdf file which includes a javascript, a dialogue box pops up. I have a question why 'Do not show this message again' is not working even I checked on the checkbox. It should block the dialogue next time when I open the same pdf file but not working. What is the matter and how can I deal with it?
I am trying it on Adobe Acrobat Reader 9.2.1. Tried to fix Hex code, and also tried 'edit-preference-trust manager'. I focusing on Adobe registries but still couldn't fix the problem.
-
HT201412 Message tones is not working sometimes
1.My iPhone 5 message tones is not working sometimes suddenly, have to restart device or eventhought sometimes is not working too after restart my device. I have to reset my iPhone n restore again .
2.Restore with iOS is not as good as last time coz I can't get back all my iOS photo stream photos n all the photo in my albums too. This is ***** n takes few days also not complete download all of my photos.
3.some of my iPhone apps will suddenly not respond or will log out to home screen suddenly . Have to open the apps few times only its working as normal .Hi,
I have nothing found regarding your issue. But maybe a look at SAP note 638058 will give you a hint.
Regards,
Klaus -
Message.saver is not working under 10.6 - anybody know of an alternative?
Message.saver 1.5.2 (http://www.apple.com/downloads/macosx/icons_screensavers/message.html ) is not working under 10.6. It is a screensaver that allows you to put a text on the screen as the saver kicks in. IMHO a excellent piece of software that worked fine under 10.5 but not under 10.6.
Does anybody know if there is something like it? and that works under 10.6?
Thanks.Hi
i have the same messages on 10.6.4 and with the sonic xx170:
28.06.10 11:39:04 racoon[489] IKE Packet: transmit success. (Phase2 Retransmit).
28.06.10 11:39:07 racoon[489] IKE Packet: transmit success. (Phase2 Retransmit).
28.06.10 11:39:08 racoon[489] IKE Packet: receive success. (Information message).
28.06.10 11:39:10 pppd[488] IPSec connection failed
28.06.10 11:39:10 racoon[489] IKE Packet: transmit success. (Information message).
28.06.10 11:39:10 racoon[489] IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA).
any ideas?
waiting on 10.6.5, 10.6.6 ....?
regards, Arthur -
Everytime i close firefox, i get an error message about quicktime not working. 6 times.
browsing normally, close firefox, i get an error message about quicktime not working. i click ok. then another comes up. i click ok. 6 times total this error message comes up, every time i close firefox. really annoying.
If there are problems with updating or with the permissions then best is to download the full version and trash the currently installed version to do a clean install of the new version.
*Trash the current Firefox application (open the Applications folder in the Finder and drag the Firefox application to the Trash) to do a clean (re)install
*Install the new version that you have downloaded
* http://kb.mozillazine.org/Installing_Firefox#Mac_OS_X
Your personal data is stored elsewhere in the Firefox profile folder, so you won't lose your bookmarks and other personal data when you uninstall and (re)install Firefox.
*http://kb.mozillazine.org/Profile_folder_-_Firefox
You can also try to repair the disk permissions:
*http://thexlab.com/faqs/repairprocess.html -
I created a book using iPhoto, but the "Buy Book" tab seems to not work. Any suggestions?
I created a book using iPhoto, but the "Buy Book" tab seems to not work. Any suggestions?
First confirm that you can create a PDF file of your book as described in this Apple document: iPhoto '11: Preview a book, card, or calendar before you order or print it. Post back with the results.
OT -
Yahoo mail message editor is not working in Firefox 3.6.9
Hi
Yahoo! main message editor is not working in latest firefox release 3.6.9
I am unable to type any text in message body.Try changing privacy.clearonshutdown.history to false
-
My message sounds are not working, or my game sounds...but my video is?
Never mind. I fixed it. Silent switch was stuck
-
i have an phone 4s from cricket and when i text non iphone users such as android or and other phone brand they receive my text message but when they reply i wont get there message. send imessages is working its just my text message that is not working.
You use Restore to get the latest firmware build, not the Update button. You can only use the Update button, if there is an iOS update, say iOS 5.1.
this link talks about updating to 9A406 to fix the "No Service" issue with iPhone 4S:
http://iphone-and-i.blogspot.com/2011/12/fixing-iphone-4s-signal-problem.html
Maybe you are looking for
-
Cross Domain Trust Error, while opening the infopath in sharepoint list.
Dear All, Facing some issue in Environement: Windows = Windows Server 2008 Shareppoint = Sharepoint Server 2013. Project Server = Project Server 2013 Info Path = Info Path Designer 2013 Detailed: I have sharepoint environment with Project Server,I wh
-
Using Captivate with SharePoint
I apologize in advance, the "search within this forum" function is not working, so I can't search the Captivate forum to see if this question has already been answered. When you develop training and quizzes in Captivate, I've heard you can post the f
-
Change vendor House Bank - prevent
Dear All, Can any one tell me, how i can prevent user from changing house bank from vendor master. Is there any config for that, or do i need look for enhancements. Regards, Suresh Patipati.
-
Can't sync contacts with Blackberry phone after migration to iCloud
Can't sync contacts with Blackberry phone after migration to iCloud. The only way to do is to have a local copy of address book. What else can I do (before BB will fix the bug)?
-
Does the Airport Extreme support HP cp1025? There are two versions of the printer the cp1025 and cp1025nw. I have the cp1025, and can't set it up. Is there a list of AE/bonjour supported printers?