XML Signature using an XPath filter
I want to sign an XML document, just based on the content of a particular element in the document. Based on the jwsdp docs it looked pretty simple, but I'm getting strange results. I'll get the same digest value in the SignedInfo for different Xpath filter strings.
Anybody out there have good luck trying to sign XML documents using Xpath filters?
I'm using JDK 1.5.05 and JWSDP 1.6.
Here is my simple XML doc
<?xml version="1.0" encoding="UTF-8"?>
<myns:whole_doc xmlns:myns="http://namespace.myns.com/test"
attr1="attr_one" attr2="attr_two" attr3="attr_three">
<myns:part_one attr="attr_one">
<myns:tag1>this is part_one tag_one</myns:tag1>
<myns:tag2>this is part_one tag_two</myns:tag2>
</myns:part_one>
<myns:part_two attr="attr_two">
<myns:tag1>this is part_two tag_one</myns:tag1>
<myns:tag2>this is part_two tag_two</myns:tag2>
</myns:part_two>
<myns:part_three attr="attr_three">
<myns:tag1>this is part_three tag_one</myns:tag1>
<myns:tag2>this is part_three tag_two</myns:tag2>
</myns:part_three>
</myns:whole_doc>
When I use an XPath filter = "/myns:whole_doc/myns:part_one" I get the same digest as when I use "/myns:whole_doc/myns:part_two", which is the same digest when I don't use XPath filtering. See example output below
<?xml version="1.0" encoding="UTF-8" ?>
- <myns:whole_doc xmlns:myns="http://namespace.myns.com/test" attr1="attr_one" attr2="attr_two" attr3="attr_three">
- <myns:part_one attr="attr_one">
</myns:part_three>
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" />
- <Reference URI="">
- <Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<XPath>/myns:whole_doc/myns:part_two</XPath>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>9D5CFDkWd9bHx65txuHOeXWeTns=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>D686H//H5A0zDrlQx8+0fBNpVeJGgWdTXivlI8S/+WqB/E4oBYzeIQ==</SignatureValue>
</Signature>
</myns:whole_doc>
It took me all day, but I did find the answer.
When using XPath filters in references, you can't use XPath exactly the way you would use XPath to find nodes in a document. I can't exactly explain why, but it has to do with the fact that the XPath statement is acting as a filter.
Anyway, to just include the part_one element from the following abbreviated XML
<myns:whole_doc> .....
<myns:part_one> ..... </myns:part_one>
<myns:part_two> .... </myns:part_two>
</myns:whole_doc>
the XPath statement should be "ancestor-or-self::myns:part_one"
to make sure that part_one was part of whole_doc you could use something like
(ancestor-or-self::node() = /myns:whole_doc/myns:part_one)
This allows me to sign a document, but still allow portions outside of whole_doc/part_one to change.
Similar Messages
-
Failing to extract xml value using Jdom & Xpath
I have a method (getSingleNodeValue()) which when passed an xpatch expression will extract the value of the specified element in the xml document refered to in 'doc'. Assume doc at this point has been initialised as shown below and xmlInput is the buffer containing the xml content.
SAXBuilder builder = null;
Document doc = null;
XPath xpathInstance = null;
doc = builder.build(new StringReader(xmlInput));When i call the method, i pass the following xpath xpression
/TOP4A/PERLODSUMDEC/TINPLD1/text()Here is the method. It basically just takes an xml buffer and uses xpath to extract the value:
public static String getSingleNodeValue(String xpathExpr) throws Exception{
Text list = null;
try {
xpathInstance = XPath.newInstance(xpathExpr);
list = (Text) xpathInstance.selectSingleNode(doc);
} catch (JDOMException e) {
throw new Exception(e);
}catch (Exception e){
throw new Exception(e);
return list==null ? "?" : list.getText();
}The above method always returns "?" i.e. nothing is found so 'list' is null.
The xml document it looks at is
<TOP4A xmlns="http://www.testurl.co.uk/enment/gqr/3232/1">
<HEAD>
<Doc>ABCDUK1234</Doc>
</HEAD>
<PERLODSUMDEC>
<TINPLD1>10109000000000000</TINPLD1>
</PERLODSUMDEC>
</TOP4A>The same method works with other xml documents so i am not sure what is special about this one. There is no exception so the xml is valid xml. Its just that the method always sets 'list' to null. Any ideas?
Edit
Here is a running program testing the above:
import org.jdom.*;
import org.jdom.input.*;
import org.jdom.xpath.*;
import java.io.IOException;
import java.io.StringReader;
public class XpathTest {
public static String getSingleNodeValue(String xpathExpr, String xmlInput) throws Exception{
Text list = null;
SAXBuilder builder = null;
Document doc = null;
XPath xpathInstance = null;
try {
builder = new SAXBuilder();
doc = builder.build(new StringReader(xmlInput));
xpathInstance = XPath.newInstance(xpathExpr);
list = (Text) xpathInstance.selectSingleNode(doc);
} catch (JDOMException e) {
throw new Exception(e);
}catch (Exception e){
throw new Exception(e);
return list==null ? "Nothing Found" : list.getText();
public static void main(String[] args){
String xmlInput1 = "<TOP4A xmlns=\"http://www.testurl.co.uk/enment/gqr/3232/1\"><HEAD><Doc>ABCDUK1234</Doc></HEAD><PERLODSUMDEC><TINPLD1>10109000000000000</TINPLD1></PERLODSUMDEC></TOP4A>";
String xpathExpr = "/TOP4A/PERLODSUMDEC/TINPLD1/text()";
XpathTest xp = new XpathTest();
try {
System.out.println(xp.getSingleNodeValue(xpathExpr, xmlInput1));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}When i run the above, the output is
Nothing foundEdit
I have run some further testing and it appears that if i remove the namespace url it does work. Not sure why yet. Is there any way i can tell it to ignore the namespace?
Edited by: ziggy on Sep 3, 2011 4:57 PMziggy wrote:
<TOP4A xmlns="http://www.testurl.co.uk/enment/gqr/3232/1">
<HEAD>
<Doc>ABCDUK1234</Doc>
</HEAD>
<PERLODSUMDEC>
<TINPLD1>10109000000000000</TINPLD1>
</PERLODSUMDEC>
</TOP4A>
It works fine, the problem is not with namespace, it is with url have given.
Editing:
Found a way to say the program to ignore namespace.
You have to use Xpath.addNamespace(prefix,uri), and pass the prefix to your pattern string.
If not clear refer the below code:
import org.jdom.*;
import org.jdom.input.*;
import org.jdom.xpath.*;
import java.io.IOException;
import java.io.StringReader;
public class XpathTest {
public static String getSingleNodeValue(String xpathExpr, String xmlInput) throws Exception{
Text list = null;
SAXBuilder builder = null;
Document doc = null;
XPath xpathInstance = null;
try {
builder = new SAXBuilder();
doc = builder.build(new StringReader(xmlInput));
xpathInstance = XPath.newInstance(xpathExpr);
xpathInstance.addNamespace("ns","http://www.testurl.co.uk/enment/gqr/3232/1");
list = (Text) xpathInstance.selectSingleNode(doc);
} catch (JDOMException e) {
throw new Exception(e);
}catch (Exception e){
throw new Exception(e);
return list==null ? "Nothing Found" : list.getText();
public static void main(String[] args){
String xmlInput1 = "<TOP4A xmlns=\"http://www.testurl.co.uk/enment/gqr/3232/1\"><HEAD><Doc>ABCDUK1234</Doc></HEAD><PERLODSUMDEC><TINPLD1>10109000000000000</TINPLD1></PERLODSUMDEC></TOP4A>";
String xpathExpr = "/ns:TOP4A/ns:PERLODSUMDEC/ns:TINPLD1/text()";
XpathTest xp = new XpathTest();
try {
System.out.println(xp.getSingleNodeValue(xpathExpr, xmlInput1));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}Edited by: 833545 on Sep 8, 2011 11:35 PM -
XML Signatures using Smart Cards
Hello guys,
I know this is not exactly a javacard topic, but I think this forum is where I 'll get the best replies.
We need to perform XML document signatures and verification using smart card stored certificates. The certificates are created using Microsoft Windows 2003 CA and stored in the cards using the cards' CSP.
I have a notion on the libraries that I am going to have to use:
- sun.security.pkcs11 for the smart card access,
- java.security.* for cryptography stuff (keystore, public-privateKey etc.),
- sun.security.cert.X509Certificate for the certificates,
- org.apache.xml for the xml documents.
Could you please verify that I am heading to the correct direction? I would be glad if you could suggest suitable starting points, similar scenarios etc. If you think that there is a more appropriate forum for my question please tell me so.
Thanks in advance for your help.yes you are moving towards right directiong actualy PKCS11 is a standard that is used for hardware cryptographic operations so it would be used for smart cards 2. I'll suggest u to use a wrapper and provider API given by IAIK it would help u a lot and will also ease ur work
-
Hi all,
I am learning XPATH and XQUERY from the Book "Pro T-SQL 2008 Programmer's Guide" written by Michael Coles, (published by apress). I copied the Code Listing 12-8 FOR XML PATH Using XPath Node Tests (listed below) and executed it in my
SQL Server 2012 Management Studio:
--Coles12_8.sql // saved in C:/Documemnts/SQL Server Management Studio
-- Coles Listing 12-8 FOR XML PATH Using XPATH Node Tests
-- Retrieving Name and E-mail Addresses with FOR XML PATH in AdvantureWorks
-- 16 March 2015 0935 AM
USE AdventureWorks;
GO
SELECT
p.NameStyle AS "processing-instruction(nameStyle)",
p.BusinessEntityID AS "Person/@ID",
p.ModifiedDate AS "comment()",
pp.PhoneNumber AS "test()",
FirstName AS "Person/Name/First",
MiddleName AS "Person/Name/Middle",
LastName AS "Person/Name/Last",
EmailAddress AS "Person/Email"
FROM Person.Person p
INNER JOIN Person.EmailAddress e
ON p.BusinessEntityID = e.BusinessEntityID
INNER JOIN Person.PersonPhone pp
ON p.BusinessEntityID = pp.BusinessEntityID
FOR XML PATH;
I got the following error message:
Msg 6850, Level 16, State 1, Line 2
Column name 'test()' contains an invalid XML identifier as required by FOR XML; '('(0x0028) is the first character at fault.
I have no ideas why I got this error message. Please kindly help and advise me how to resolve this error.
Thanks in advance, Scott ChangHi Michelle, Thanks for your nice response.
I corrected the mistake and executed the revised code. It worked nicely.
I just have one question to ask you about the appearance of the xml output of my Co;les12_8.sql:
<row>
<?nameStyle 0?>
<Person ID="1" />
<!--2003-02-08T00:00:00-->697-555-0142<Person><Name><First>Ken</First><Middle>J</Middle><Last>Sánchez</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="2" />
<!--2002-02-24T00:00:00-->819-555-0175<Person><Name><First>Terri</First><Middle>Lee</Middle><Last>Duffy</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="3" />
<!--2001-12-05T00:00:00-->212-555-0187<Person><Name><First>Roberto</First><Last>Tamburello</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="4" />
<!--2001-12-29T00:00:00-->612-555-0100<Person><Name><First>Rob</First><Last>Walters</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="5" />
<!--2002-01-30T00:00:00-->849-555-0139<Person><Name><First>Gail</First><Middle>A</Middle><Last>Erickson</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="6" />
<!--2002-02-17T00:00:00-->122-555-0189<Person><Name><First>Jossef</First><Middle>H</Middle><Last>Goldberg</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="7" />
<!--2003-03-05T00:00:00-->181-555-0156<Person><Name><First>Dylan</First><Middle>A</Middle><Last>Miller</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="8" />
<!--2003-01-23T00:00:00-->815-555-0138<Person><Name><First>Diane</First><Middle>L</Middle><Last>Margheim</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="9" />
<!--2003-02-10T00:00:00-->185-555-0186<Person><Name><First>Gigi</First><Middle>N</Middle><Last>Matthew</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="10" />
<!--2003-05-28T00:00:00-->330-555-2568<Person><Name><First>Michael</First><Last>Raheem</Last></Name><Email>[email protected]</Email></Person></row>
<row>
<?nameStyle 0?>
<Person ID="11" />
<!--2004-12-29T00:00:00-->719-555-0181<Person><Name><First>Ovidiu</First><Middle>V</Middle><Last>Cracium</Last></Name><Email>[email protected]</Email></Person></row>
<row>
I feel this xml output is not like the regular xml output. Do you know why it is diffrent from the regular xml xml output? Please comment on this matter.
Thanks,
Scott Chang
What do you mean by regular xml document? Are you referring to fact that its missing a root element? if yes it can be added as below
USE AdventureWorks;
GO
SELECT
p.NameStyle AS "processing-instruction(nameStyle)",
p.BusinessEntityID AS "Person/@ID",
p.ModifiedDate AS "comment()",
pp.PhoneNumber AS "text()",
FirstName AS "Person/Name/First",
MiddleName AS "Person/Name/Middle",
LastName AS "Person/Name/Last",
EmailAddress AS "Person/Email"
FROM Person.Person p
INNER JOIN Person.EmailAddress e
ON p.BusinessEntityID = e.BusinessEntityID
INNER JOIN Person.PersonPhone pp
ON p.BusinessEntityID = pp.BusinessEntityID
FOR XML PATH('ElementName'),ROOT('RootName');
replace ElementName and RootName with whatever name you need to set for element as well as the root element
Please Mark This As Answer if it solved your issue
Please Vote This As Helpful if it helps to solve your issue
Visakh
My Wiki User Page
My MSDN Page
My Personal Blog
My Facebook Page -
Retrieve xml attribute value of nth xml node using xpath query
I have an xml with following stucture...
<xml>
<header>
<DocumentReference OrderId="order001">
<DocumentReference OrderId="order002">
<DocumentReference OrderId="order003">
I have to loop through this xml and retrieve the orderId values inside Biztalk orchestration.
In the expression shape, I get the count of 'DocumentReference' nodes using an xpath query and then
Added a loopshape to make sure it loops thru all nodes
Loop condition: n<=nodeCount (where n is an integer variable, n=0 to begin with, incremented by 1 thru each loop, nodeCount is # of DocumentReference nodes)
I try retrieve to the orderId in the following expression shape using the below xpath query
xpathQuery = System.String.Format("//*[local-name()='OrderReference'][{0}]/@orderID)",n);
sOrderId = xpath(MsgSingleInvoice,xpathQuery);
And I get the following exception:
Inner exception: '//*[local-name()='OrderReference'][1]/@orderID)' has an invalid token.
Exception type: XPathException
Appreciate any help! thanks!Thanks for the quick response. I got rid of it.
And I see a different error:
Inner exception: Specified cast is not valid. Exception type: InvalidCastException
Source: Microsoft.XLANGs.Engine
Target Site: System.Object XPathLoad(Microsoft.XLANGs.Core.Part, System.String, System.Type)
Since variable 'n' is of integer type, I suspected it and changed it to n.ToString() and tested again and still see the same error. -
Using Non-destructive filter with Nested XML data
Hi,
How do you use Non-destructive filter with Nested XML data?
I am using the non-destructive filter sample with my own xml which is setup to search for the <smc></smcs> in my xml below. But when i test it it only searches the last row of the "smc". How can i make it work so it can search for repeating nodes? or does it have something to with how my xml is setup?
<ja>
<url>www.sample.com</url>
<jrole>Jobrole goes here</jrole>
<prole>Process role goes here...</prole>
<role>description...</role>
<prole>Process role goes here...</prole>
<role>description....</role>
<prole>Process role goes here...</prole>
<role>description...</role>
<sjc>6K8C</sjc>
<sjc>6B1B</sjc>
<sjc>6B1F</sjc>
<sjc>6B1D</sjc>
<smc>6C9</smc>
<smc>675</smc>
<smc>62R</smc>
<smc>62P</smc>
<smc>602</smc>
<smc>622</smc>
<smc>642</smc>
<smc>65F</smc>
<smc>65J</smc>
<smc>65L</smc>
<smc>623</smc>
<smc>625</smc>
<smc>624</smc>
<smc>622</smc>
<audience>Target audience goes here....</audience>
</ja>
here is the javascript that runs it.
function FilterData()
var tf = document.getElementById("filterTF");
if (!tf.value)
// If the text field is empty, remove any filter
// that is set on the data set.
ds1.filter(null);
return;
// Set a filter on the data set that matches any row
// that begins with the string in the text field.
var regExpStr = tf.value;
if (!document.getElementById("containsCB").checked)
regExpStr = "^" + regExpStr;
var regExp = new RegExp(regExpStr, "i");
var filterFunc = function(ds, row, rowNumber)
var str = row["smc"];
if (str && str.search(regExp) != -1)
return row;
return null;
ds1.filter(filterFunc);
function StartFilterTimer()
if (StartFilterTimer.timerID)
clearTimeout(StartFilterTimer.timerID);
StartFilterTimer.timerID = setTimeout(function() { StartFilterTimer.timerID = null; FilterData(); }, 100);
I really need help on this, or are there any other suggestions or samples that might work?
thank you!I apologize, im using Spry XML Data Set. i guess the best way to describe what im trying to do is, i want to use the Non-desctructive filter sample with the Spry Nested XML Data sample. So with my sample xml on my first post and with the same code non-destructive filter is using, im having trouble trying to search repeating nodes, for some reason it only searches the last node of the repeating nodes. Does that make sense? let me know.
thank you Arnout! -
JAXB Messing up my XML Signatures
I have a requirement to sign an XML message.
Currently our schemas (being ISO20022) have to have the XML signature located in a particular part of the message even though the signature is based on an XPath elsewhere in the message:
(Ignore the fact that my elements are not iso20022 for now)
<Message>
<MessageHeader>
<Sgntr>
<!-- XML Signature goes here -->
</Sgntr>
</MessageHeader>
<MessageBody>
<Document>
</Document>
</MessageBody>
</Message>The XPath signature is based upon is:
/Message/MessageBody
The Sgntr element is of type xs:any
To create the signature I perform the following:
1) Unmarshall the /Message and parse it into a org.w3c.dom.Document using a javax.xml.parsers.DocumentBuilder
2) Sign the org.w3c.dom.Document of the message using the code below
3) I then attached the signature to the pre-marshalled object at the /Message/MessageHeader/Sgntr element and re-marshall the object
Once marshalled, the Signature now has a bunch of empty xmlns declarations:
<Signature:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:Signature="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<ns7:CanonicalizationMethod xmlns="" xmlns:ns7="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ns7:SignatureMethod xmlns="" xmlns:ns7="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>This is causing me issues when trying to parse the XML with other technologies! It seems the empty xmlns declaration is taken as the default namespace and subsequent namespaces are stripped out.
When extracting the initial signature it seems fine:
<?xml version="1.0" encoding="UTF-8"?>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<XPath>/BPAYResponse/ResponsePayload</XPath>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>KPMR+irQuoCGp4fm91XworlhjIc=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>NQZwvGrg7p25Q+zoU/xn4nm0PO59KIj8AgxLf4JfsaSbtSXq/5vjgg==</SignatureValue>
<KeyInfo>
<KeyValue>
<DSAKeyValue>
<P>/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B81uRpH5t9jQTxeEu0ImbzRMqzVDZkVG9xD7nN1kuFw==</P>
<Q>li7dzDacuo67Jg7mtqEm2TRuOMU=</Q>
<G>Z4Rxsnqc9E7pGknFFH2xqaryRPBaQ01khpMdLRQnG541Awtx/XPaF5Bpsy4pNWMOHCBiNU0NogpsQW5QvnlMpA==</G>
<Y>ZjsWue3LCHpbuN9fF6jPKW6zgkjGR84t3X/h18aICc4+RGfob1k7yzuSVqN/uFLt++Vib7r9d8O23dv0GZ+3+g==</Y>
</DSAKeyValue>
</KeyValue>
</KeyInfo>
</Signature>Rather than having to extract and relocate the signature, can I just have the signature generated at the point we need it?
Otherwise how can I prevent the namespaces being re-written by JAXB? What other alternatives are there?
private Element createSignature(org.w3c.dom.Document xmlDoc) {
XMLSignatureFactory xmlFactory = XMLSignatureFactory.getInstance("DOM");
try {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
kpg.initialize(512);
KeyPair kp = kpg.generateKeyPair();
TransformParameterSpec parms = new XPathFilterParameterSpec("/Message/MessageBody");
DOMSignContext context = new DOMSignContext(kp.getPrivate(), xmlDoc.getDocumentElement());
javax.xml.crypto.dsig.Reference ref = xmlFactory.newReference("", xmlFactory.newDigestMethod(DigestMethod.SHA1, null),
Collections.singletonList(
xmlFactory.newTransform(Transform.XPATH, parms))
, null, null);
SignedInfo si = xmlFactory.newSignedInfo
(xmlFactory.newCanonicalizationMethod
(CanonicalizationMethod.INCLUSIVE,
(C14NMethodParameterSpec) null),
xmlFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, null),
Collections.singletonList(ref));
KeyInfoFactory kif = xmlFactory.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(kp.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
XMLSignature signature = xmlFactory.newXMLSignature(si, ki);
signature.sign(context);
return xmlDoc.getDocumentElement();
} catch(KeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (InvalidAlgorithmParameterException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (MarshalException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (XMLSignatureException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return null;
}Okay, I've been able to adjust the location of the Signature when being signed:
DOMSignContext context = new DOMSignContext(kp.getPrivate(), xmlDoc.getDocumentElement());
context.setParent(xmlDoc.getElementsByTagName("MessageHeader").item(0));However, since my Sgntr element is of type "any" I cannot target it as it needs something to exist. -
MTOM combined with WS-Security (XML signature)
I'm testing the support of MTOM together with WS-Security (XML-DSIG) on OEG. When verifying the XML signature I noticed I had to add the "Insert MTOM attachments"-filter first. Is this the right way? Shouldn't the signature verification do this transparently?
My other question is how OEG handles the attachments? Does it page them to disk? What happens if my attachments are very large? With the default setup of OEG I encountered out-of-memory issues with attachments above 200MB
Edited by: wsalembi on Sep 22, 2011 12:45 AMIf you just sign the <xop:Include> element, you are effectively only signing the reference to the attachment, i.e. the value of the href attribute. This will only prevent someone changing the href to point to a different attachment.
If you in-line the base64 encoded contents of the attachment into the XML message and only sign the base64 encoded string, you are only preventing anyone from changing the contents of the attachment.
You are not stopping somebody from changing what the <xop:Include> href attribute points to.
So I think there is value in signing BOTH the contents AND the <xop:Include> element so that:
- The integrity of the contents of the attachment is ensured, and
- The integrity of the reference to the attachment in the <xop:Include> element is ensured.
Interestingly, the XOP spec acknowledges this issue in Section 6.1:
http://www.w3.org/TR/xop10/#package_integrity
6.1 XOP Package Integrity
The integrity of Infosets optimized using XOP may need to be ensured. As XOP packages can be transformed to recover such Infosets (see 3.2 Interpreting XOP Packages), existing XML Digital Signature techniques can be used to protect them. Note, however, that a signature over the Infoset does not necessarily protect against modifications of other aspects of the XOP packaging; for example, an Infoset signature check might not protect against re-ordering of non-root parts.
In the future a transform algorithm for use with XML Signature could provide a more efficient processing model where the raw octets are digested directly.
In OEG, it would be possible to use 2 XML Signature Validation filters with an Insert MTOM Attachment filter to validate both signatures.
The flow in the policy would be as follows:
1. 1st XML Signature Filter :- Validate the Signature over the <xop:Include> element
2. Insert MTOM Attachment Filter :- Inline the base64 encoded contents of the attachment
3. 2nd XML Signature Filter :- Validate the Signature over the element now containing the in-lined base64 encoded data.
This policy would ensure the integrity of the attachment contents AND the reference to this attachment in the <xop:Include> element. -
Hello.
Can i digitally sign (using xml signature) an outgoing XML message?. I know OSB supports WS-Security, but i have some XML (not SOAP) messages, and they have to be signed.
Thanks.Hi,
First I recommend you see some tutorial and xpath xquery. (i.e. www.w3schools.com)
Posible solution, PseudoCode:
for $barElement on $bar
for $fooElement on $foo
if name($barElement) equal value($fooElement)
return changeValue($barElement, value(fooElement)
else
return $barElement
Edited by: Sergio_AA on 12-jun-2012 0:58 -
Can I create PAdES signature using Adobe Acrobat 8.0 or 9.0?
Hi
Can I create PAdES (PDF Advanced Electronic Signatures, Technical Specification ETSI TS 102 778) signature using Adobe Acrobat 8.0 or 9.0?
ETSI Technical Specification (TS) 102 778 contains five parts:
• Part 1: PAdES Overview – a framework document for PAdES
• Part 2: PAdES Basic – Profile based on ISO 32000-1
• Part 3: PAdES Enhanced – PAdES-Basic Electronic Signatures and PAdES-Explicit Policy Electronic Signatures Profiles
• Part 4: PAdES Long Term – PAdES-Long Term Validation Profile
• Part 5: PAdES for XML Content – Profiles for XAdES signatures of XML content in PDF files
All five parts were published on 31 July 2009.
Thanks for answer.
DraganHi,
The short answer is yes.
Acrobat 8 and later support all of requirements of PAdES such as serial signing, long term validation (time stamping and embedded revocation responses) and signatures in the PKCS#7 format.
Steve -
Web Service Security with SAML - Invalid XML signature
Hello together,
we want to build a scenario where we want to use Web Service Security with SAML.
The scenario will be
WS Client (Java Application) -> WS Adapter -> Integration Engine -> WS Adapter-> CRM (Web AS ABAP 7.01 SP 3)
SAP PI release is 7.11 (SP Level 4)
We want to use the SAML Authentification from WS Client to PI and from PI to Web AS ABAP.
The SAML authentifications between the WS Client and PI works when there is no SAML auth between PI and CRM.
But we get following error at calling the CRM system when we want to communicate with SAML:
<E_TEXT>CX_WS_SECURITY_FAULT:Invalid XML signature</E_TEXT>
Has somebody an idea of the possible reason for the error.
Thanks in advance
StefanError Messages in the Trace/Log Viewer:
CX_WS_SECURITY_FAULT : Invalid XML signature | program: CL_ST_CRYPTO==================CP include: CL_ST_CRYPTO==================CM00G line: 48
A SOAP Runtime Core Exception occurred in method CL_ST_CRYPTO==================CM00G of class CL_ST_CRYPTO==================CP at position id 48 with internal error id 1001 and error text CX_WS_SECURITY_FAULT:Invalid XML signature (fault location is 1 ).
Invalid XML signature -
XML-23002: (Error) internal xpath error while calling template
Hi,
I have used call-template named Chemloop in my xslt in the following way as attached in the xsl file. But when I am testing this xsl file through the bpel transformation, getting the error XML-23002: (Error) internal xpath error. Using this xslt I am converting a flat file into a xml file. My xslt except the call template part is working fine. Please suggest me if I m doing anything wrong.
XSLT:
<?xml version="1.0" encoding="UTF-8" ?>
<?oracle-xsl-mapper <!-- SPECIFICATION OF MAP SOURCES AND TARGETS, DO NOT MODIFY. -->
<mapSources>
<source type="WSDL">
<schema location="../ReadASNNAEbizAlcanFileAdapter.wsdl"/>
<rootElement name="SynchAdvancedShipmentNotice" namespace="http://oracle.com/EbizGateway/NA/SynchASN/V2"/>
</source>
</mapSources>
<mapTargets>
<target type="WSDL">
<schema location="../ReadASNNAEbizAlcanFileAdapter.wsdl"/>
<rootElement name="ShipNotice" namespace=""/>
</target>
</mapTargets>
<!-- GENERATED BY ORACLE XSL MAPPER 11.1.1.6.0(build 111214.0600.1553) AT [TUE FEB 12 21:05:56 GMT+05:30 2013]. -->
?>
<xsl:stylesheet version="2.0"
xmlns:svcdoc="http://xmlns.oracle.com/Services/Documentation/V1"
xmlns:aia="http://www.oracle.com/XSL/Transform/java/oracle.apps.aia.core.xpath.AIAFunctions"
xmlns:bpws="http://schemas.xmlsoap.org/ws/2003/03/business-process/"
xmlns:xp20="http://www.oracle.com/XSL/Transform/java/oracle.tip.pc.services.functions.Xpath20"
xmlns:bpel="http://docs.oasis-open.org/wsbpel/2.0/process/executable"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:pc="http://xmlns.oracle.com/pcbpel/"
xmlns:bpm="http://xmlns.oracle.com/bpmn20/extensions"
xmlns:alcebo="http://oracle.com/EbizGateway/NA/SynchASN/V2"
xmlns:plnk="http://schemas.xmlsoap.org/ws/2003/05/partner-link/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:ora="http://schemas.oracle.com/xpath/extension"
xmlns:socket="http://www.oracle.com/XSL/Transform/java/oracle.tip.adapter.socket.ProtocolTranslator"
xmlns:mhdr="http://www.oracle.com/XSL/Transform/java/oracle.tip.mediator.service.common.functions.MediatorExtnFunction"
xmlns:oraext="http://www.oracle.com/XSL/Transform/java/oracle.tip.pc.services.functions.ExtFunc"
xmlns:dvm="http://www.oracle.com/XSL/Transform/java/oracle.tip.dvm.LookupValue"
xmlns:hwf="http://xmlns.oracle.com/bpel/workflow/xpath"
xmlns:jca="http://xmlns.oracle.com/pcbpel/wsdl/jca/"
xmlns:med="http://schemas.oracle.com/mediator/xpath"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:ids="http://xmlns.oracle.com/bpel/services/IdentityService/xpath"
xmlns:xdk="http://schemas.oracle.com/bpel/extension/xpath/function/xdk"
xmlns:xref="http://www.oracle.com/XSL/Transform/java/oracle.tip.xref.xpath.XRefXPathFunctions"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:alcabcs="http://xmlns.oracle.com/pcbpel/adapter/file/T2FJAN/CreateASNNAEBIZAlcanProvABCSImpl/ReadASNNAEbizAlcanFileAdapter"
xmlns:ldap="http://schemas.oracle.com/xpath/extension/ldap"
exclude-result-prefixes="xsi xsl pc alcebo plnk wsdl jca xsd alcabcs aia bpws xp20 bpel bpm ora socket mhdr oraext dvm hwf med ids xdk xref ldap">
<xsl:template match="/">
<ShipNotice>
<Header>
<BOLNo>
<xsl:value-of select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D1DP1_1000/alcebo:BILL_OF_LADING_1000"/>
</BOLNo>
<TripNo>
<xsl:value-of select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D1DP1_1000/alcebo:TRIP_NAME_1000"/>
</TripNo>
<Action>
<xsl:text disable-output-escaping="no"></xsl:text>
</Action>
<Attr1>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr1>
<Attr2>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr2>
<Attr3>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr3>
<Attr4>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr4>
<Attr5>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr5>
</Header>
<Shipment>
<ShipDate>
<xsl:value-of select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D1DP1_1000/alcebo:DEPARTURE_DATE_1000"/>
</ShipDate>
<RouteCode>
<xsl:value-of select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT4_1010"/>
</RouteCode>
<xsl:choose>
<xsl:when test='/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT1_1010 = "R"'>
<RateRouteCode>
<xsl:value-of select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT3_1010"/>
</RateRouteCode>
</xsl:when>
<xsl:otherwise>
<RateRouteCode>
<xsl:value-of select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT1_1010"/>
</RateRouteCode>
</xsl:otherwise>
</xsl:choose>
<xsl:choose>
<xsl:when test='/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT1_1010 = "R"'>
<CarrierCode>
<xsl:value-of select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT3_1010"/>
</CarrierCode>
</xsl:when>
<xsl:otherwise>
<CarrierCode>
<xsl:value-of select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT1_1010"/>
</CarrierCode>
</xsl:otherwise>
</xsl:choose>
<TransportModeCode>
<xsl:value-of select="substring(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT2_1010,1.0,1.0)"/>
</TransportModeCode>
<TransportModeType>
<xsl:value-of select="normalize-space(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:RTIN1_1030/alcebo:ROUTING_INSTRUCTIONS1_1030)"/>
</TransportModeType>
<xsl:choose>
<xsl:when test='normalize-space(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:SHIP_METHOD_CODE_EXT1_1010) = "R"'>
<TrailerNo>
<xsl:value-of select="concat(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:A1DL1_3600[1]/alcebo:DELIVERY_ATTRIBUTE1_3600,/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:A2DL2_3610[1]/alcebo:DELIVERY_ATTRIBUTE5_3610)"/>
</TrailerNo>
</xsl:when>
<xsl:otherwise>
<TrailerNo>
<xsl:value-of select="normalize-space(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:EQUIPMENT_NUMBER_1010)"/>
</TrailerNo>
</xsl:otherwise>
</xsl:choose>
<SealNo>
<xsl:value-of select="normalize-space(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D2DP2_1010[1]/alcebo:EQUIPMENT_SEAL_1010)"/>
</SealNo>
<Quantity>
<xsl:value-of select='sum(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:UnpackedOrder/alcebo:UnpackedItemDetail/alcebo:I3IT3_4520/alcebo:SHIPPED_QUANTITY_4520) + sum(format-number(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:UnpackedOrder/alcebo:P1PO1_4000/alcebo:FREIGHT_TERMS_CODE_EXT3_4000,"##############0.00"))'/>
</Quantity>
<QuantityUOM>
<xsl:value-of select="normalize-space(/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:D3DP3_1015[1]/alcebo:DELIVERY_TARE_WEIGHT_UOM_EXT1_1015)"/>
</QuantityUOM>
<Attr1>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr1>
<Attr2>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr2>
<Attr3>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr3>
<Attr4>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr4>
<Attr5>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr5>
<ShipmentItems>
<xsl:for-each select="/alcebo:SynchAdvancedShipmentNotice/alcebo:AdvanceShipmentNotice/alcebo:ASNShipmentLevel/alcebo:UnpackedOrder">
<ShipmentItem>
<ShipListNo>
<xsl:value-of select='concat(substring("0000",1.0,4.0 - string-length(string(position()))),string(position()))'/>
</ShipListNo>
<OrderNo>
<xsl:value-of select="normalize-space(alcebo:P1PO1_4000/alcebo:PURCHASE_ORDER_NUMBER_4000)"/>
</OrderNo>
<LineNo>
<xsl:value-of select="normalize-space(alcebo:UnpackedItemDetail/alcebo:I2IT2_4510[1]/alcebo:CUST_PO_LINE_NUM_4510)"/>
</LineNo>
<ItemNoXref>
<xsl:value-of select="normalize-space(alcebo:UnpackedItemDetail/alcebo:I1IT1_4500[1]/alcebo:BUYER_PART_NO_4500)"/>
</ItemNoXref>
<AlcoaPartNo>
<xsl:value-of select="normalize-space(alcebo:UnpackedItemDetail/alcebo:I1IT1_4500[1]/alcebo:SUPPLIER_PART_NUMBER_4500)"/>
</AlcoaPartNo>
<Quantity>
<xsl:value-of select="sum(alcebo:UnpackedItemDetail/alcebo:I3IT3_4520/alcebo:SHIPPED_QUANTITY_4520)"/>
</Quantity>
<QuantityUOM>
<xsl:value-of select="normalize-space(alcebo:UnpackedItemDetail/alcebo:I3IT3_4520[1]/alcebo:ORDER_QUANTITY_UOM_INT_4520)"/>
</QuantityUOM>
<TareWeight>
<xsl:value-of select='format-number(alcebo:P1PO1_4000/alcebo:FREIGHT_TERMS_CODE_EXT3_4000,"##############0.##")'/>
</TareWeight>
<TareWeightUOM>
<xsl:value-of select="normalize-space(alcebo:UnpackedItemDetail/alcebo:I3IT3_4520[1]/alcebo:ORDER_QUANTITY_UOM_INT_4520)"/>
</TareWeightUOM>
<Attr1>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr1>
<Attr2>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr2>
<Attr3>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr3>
<Attr4>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr4>
<Attr5>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr5>
<xsl:for-each select="alcebo:UnpackedItemDetail">
<Bundle>
<LotNo>
<xsl:value-of select="alcebo:DeliveryDetail/alcebo:LSDET_5500[1]/alcebo:LOT_NUMBER_5500"/>
</LotNo>
<SubLotNo>
<xsl:value-of select="alcebo:DeliveryDetail/alcebo:EX02_5591[1]/alcebo:DSNO_LEV06_EXT09_5591"/>
</SubLotNo>
<Quantity>
<xsl:value-of select="alcebo:I3IT3_4520[1]/alcebo:SHIPPED_QUANTITY_4520"/>
</Quantity>
<QuantityUOM>
<xsl:value-of select="alcebo:I3IT3_4520[1]/alcebo:ORDER_QUANTITY_UOM_INT_4520"/>
</QuantityUOM>
<Pieces>
<xsl:value-of select="alcebo:DeliveryDetail/alcebo:EX02_5591[1]/alcebo:DSNO_LEV06_EXT10_5591"/>
</Pieces>
<Attr1>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr1>
<Attr2>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr2>
<Attr3>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr3>
<Attr4>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr4>
<Attr5>
<xsl:text disable-output-escaping="no"></xsl:text>
</Attr5>
<!-- User Defined Templates -->
<xsl:call-template name="Chemloop">
<xsl:with-param name="i">1</xsl:with-param>
</xsl:call-template>
</Bundle>
</xsl:for-each>
</ShipmentItem>
</xsl:for-each>
</ShipmentItems>
</Shipment>
</ShipNotice>
</xsl:template>
<xsl:template name="Chemloop">
<xsl:param name="i"/>
<xsl:variable name="ChemRow"
select="concat(/alcebo:DeliveryDetail[position()]/alcebo:EX01_5590[1]/alcebo:DSNO_LEV06_EXT01_5590,/alcebo:DeliveryDetail[position()]/alcebo:EX01_5590[1]/alcebo:DSNO_LEV06_EXT02_5590,/alcebo:DeliveryDetail[position()]/alcebo:EX01_5590[1]/alcebo:DSNO_LEV06_EXT03_5590,/alcebo:DeliveryDetail[position()]/alcebo:EX01_5590[1]/alcebo:DSNO_LEV06_EXT04_5590)"/>
<xsl:variable name="ChemBlock"
select="substring($ChemRow,1+($i-1)*33,33)"/>
<xsl:if test="$ChemBlock!=' '">
<ChemicalAnalysis>
<ElementName>
<xsl:value-of select="substring($ChemBlock,1,5)"/>
</ElementName>
<RNDValue>
<xsl:value-of select="substring($ChemBlock,6,15)"/>
</RNDValue>
<ValueQualifier>
<xsl:value-of select="substring($ChemBlock,21,2)"/>
</ValueQualifier>
<NumDecimals>
<xsl:value-of select="substring($ChemBlock,23,3)"/>
</NumDecimals>
<DropNo>
<xsl:value-of select="substring($ChemBlock,26,8)"/>
</DropNo>
</ChemicalAnalysis>
</xsl:if>
<xsl:if test="($ChemBlock=' ') and $i=1">
<xsl:message terminate="yes">No Chemical data found</xsl:message>
</xsl:if>
<xsl:if test="$i <= 26">
<xsl:call-template name="Chemloop">
<xsl:with-param name="i">
<!-- Increment index-->
<xsl:value-of select="$i + 1"/>
</xsl:with-param>
</xsl:call-template>
</xsl:if>
</xsl:template>
</xsl:stylesheet>I can't get what are you trying to achieve by a construction like bellow...
/alcebo:DeliveryDetail[position()]
Remember XSLT is not a procedural language... a selector like /alcebo:DeliveryDetail[position() = $var] or just /alcebo:DeliveryDetail[$var] would make more sense...
Cheers,
Vlad -
Issue in updating the Huge XML by using updatexml function
Hi All,
Database Credentails:
Oracle 9i R2.
I have a huge xml like this,
<Root>
<abc></abc>
<abc></abc>
<abc></abc>
</Root>
The <abc></abc> will be more than 10000 under the <Root> tag.
I have tried to update this xml by using the following script,
for i in 1 .. 10000
loop
SELECT UPDATEXML(v_xml,'/Root/abc['|| i ||']','<abc>'|| i || '<abc>')
INTO v_xml;
dbms_output.put_line(i); -- Just to check how many values were updated
end loop;
While executing the above sample code, i am getting the error called
INVALID XPATH EXPRESSION,
some times it is executing to some number after that i am getting the above error. when i try execute the same code again i will get error for different i value.
Could you please help me out to fix this bug/mistake for me. Please provide me some sample code for this.
Thanks in Advance,
Vinoth Kumar S.You don't need any loop for this. simple UPDATEXML statement should do.
sql> WITH myxmltab AS
2 (SELECT XMLTYPE('<Root>
3 <abc>4</abc>
4 <abc>5</abc>
5 <abc> </abc>
6 <abc> </abc>
7 <abc> </abc>
8 <abc></abc>
9 <abc></abc>
10 <abc></abc>
11 <abc></abc>
12 <abc></abc>
13 </Root>') xmlcol FROM dual)
14 select UPDATEXML(t.column_value,'/abc',xmltype('<abc>' || rownum || '</abc>')) from myxmltab,
15 table(xmlsequence(extract(xmlcol,'/Root/abc'))) t;
UPDATEXML(T.COLUMN_VALUE,'/ABC',XMLTYPE('<ABC>'||ROWNUM||'</ABC>'))
<abc>1</abc>
<abc>2</abc>
<abc>3</abc>
<abc>4</abc>
<abc>5</abc>
<abc>6</abc>
<abc>7</abc>
<abc>8</abc>
<abc>9</abc>
<abc>10</abc>
10 rows selected.
Elapsed: 00:00:00.04 -
How to update XML file using XSLT
Hi there,
I have a "small" issue with exporting data to an XML file using XSLT.
A two steps process is needed to import data from a non-hierarchical XML file into ABAP, change the data, and then update the XML file with new values. The problem is not trivial, since the format of the XML file is a complex one: there are many interdependent elements on the same level, pointing to each other by using id and ref attributes. Based on these values the data can be read and written into an internal table. I use XSLT and XPath for that. So the inbound process is done and seems to work correctly. I have to mention that the file contains much more data than I need. I am working only with a small part of it.
Now the changed data must be exported back into the XML file, meaning that the content of certain elements must be updated. How can this be done with XSLT? I can pass only the internal table to the transformation, so how do I access the XML file in order to update it? I have tried to use the <B>xsl:document()</B> function to access the content of the file store locally on my PC, but it fails each time by throwing and URI exception. I have tried the absolute path without any addition and the path with the file:/// addition. Same result. Please advise.
Many thanks,
Ferenc
P.S. Please provide me with links only if they are relevant for this very matter. I will not give points for irrelevant postings...Now the changed data must be exported back into the XML file, meaning that the content of certain elements must be updated. How can this be done with XSLT?
XSLT approach: check these online tutorial
http://www.xml.com/pub/a/2000/08/02/xslt/index.html
http://www.xml.com/pub/a/2000/06/07/transforming/index.html
ABAP approach:
for example you have the xml (original) in a string called say xml_out .
data: l_xml type ref to cl_xml_document ,
node type ref to if_ixml_node .
create object l_xml.
call method l_xml->parse_string
exporting
stream = xml_out.
node = l_xml->find_node(
name = 'IDENTITY'
ROOT = ROOT
l_xml->set_attribute(
name = 'Name'
value = 'Charles'
node = node
(the above example reads the element IDENTITY and sets attribute name/value to the same)
like wise you can add new elements starting from IDENTITY using various methods available in class CL_XML_DOCUMENT
so how do I access the XML file in order to update it?
you have already read this XML into a ABAP variable right?
Sorry couldnt understand your whole process, why do you need to read local XML file?
Raja -
Hi,
i get an Exception in Registering mechanism for XML Signature factory
it says.
javax.xml.crypto.NoSuchMechanismException : Cannot find DOM Mechanism type
I use J2sdk1.4.2_05 with JWSDP 1.4
Following is the code do let me know where i go wrong.
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.DocumentBuilder;
import org.w3c.dom.Document;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.*;
import javax.xml.crypto.dsig.*;
import javax.xml.crypto.dom.*;
import java.security.Provider;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import java.security.KeyPairGenerator;
import java.security.KeyPair;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import java.io.FileInputStream;
import java.util.Collections;
//author Palani V. Rajan
// SafeScrypt Ltd
class XMLSign
XMLSign(){}
/*XMLSign(String inputFile)
public void signTheMarkup(String inputFilePath)
Document domDoc;
try{
System.out.println("Creating DOM");
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
domDoc = db.parse(new FileInputStream(inputFilePath));
System.out.println("Generating Key's.....");
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");
kpg.initialize(1024);
KeyPair kp = kpg.generateKeyPair();
DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), domDoc.getDocumentElement());
String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
System.out.println("Creating xml sign.....");
System.out.println("Provider Name "+providerName);
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM",(Provider) Class.forName(providerName).newInstance());
System.out.println("T 1");
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null),Collections.singletonList(fac.newTransform(Transform.ENVELOPED, null)),null, null);
System.out.println("T 2");
SignedInfo si = fac.newSignedInfo(fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, null),fac.newSignatureMethod(SignatureMethod.DSA_SHA1, null),Collections.singletonList(ref));
System.out.println("T 4");
KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(kp.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
System.out.println("T 5");
XMLSignature signature = fac.newXMLSignature(si, ki);
signature.sign(dsc);
}catch(Exception e){e.printStackTrace();}
public static void main(String[] q)
System.out.println("Creating XML Signatures.....");
XMLSign xs = new XMLSign();
xs.signTheMarkup(q[0]);
Thnx in Advance
VinodhI have encountered the same problem. I am using Jbuilder 5 with JDK 1.3.0. I copied all the JAR files of jwsdp-1.5 by creating a custom library.
Even then It didnt work. Can some one who has resolved this please help.
I have tried running the same code in JDeveloper 10g (10.1.2) and got a same error.
Regards,
Srinivas.
Maybe you are looking for
-
Syncing of Apps and a Work Around I Thought Of
(this is an excerpt from a previous thread which was not answered - if you could kindly help me out with this and offer your expertise it would be greatly appreciated. Thanks!!) Hi All, I know this will be quite a change of tone from what you've been
-
Internet very slow in MacBook Pro - 2010 Model
I am facing lot of issue while browsing any site .i have tried using all the browers but still internet is dam slow i am Unifi 5mbps.when i perfome the speed test the result is dam good its about 4.89 mbps . But if i browser any thing or stream any v
-
Has to type each character twice while supplying command in Open VISA test panel
has a set of commands to work witha system connected to the MS windows PC. when I trype the commands in Hyperterminal (with/without ) they are yielding the expected results. in LabVIEW, to get the expected results I MUST has to type 'each character'
-
Can you give me a recommendation?
I am still setting up my system, but I am considering using Tomcat 4.0.4 as a server, forte as an IDE and MySql. What is the standard for a development server and IDE?
-
How do i transfer a project completed in cc 8.0 to sc6? I keep getting a loading error.
I have used cc 8.0 to edit my project but need to transfer it to a school computer that is using CS6 in order to run voice over and use there audio board and software. please help.