[jboss-user] [JBossWS] - Re: Sigining a SOAP message using the enveloped-signature tr
MrGuy
do-not-reply at jboss.com
Wed Nov 12 12:07:16 EST 2008
Unfortunately, the WS-Security documentation hasn't helped with the particular problem. It was very helpful in getting the WS-Security set up initially, and working from there I created the following jboss-wsse-client.xml file:
| <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://www.jboss.com/ws-security/config
| http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
| <key-store-file>META-INF/keystores/zcg.keystore</key-store-file>
| <key-store-password>zcgstore</key-store-password>
| <trust-store-file>META-INF/keystores/zcg.truststore</trust-store-file>
| <trust-store-password>zcgstore</trust-store-password>
| <config>
| <username/>
| <sign type="x509v3" alias="bandwidth.com">
| <targets>
| <target type="qname">{http://schemas.xmlsoap.org/soap/envelope/}Envelope</target>
| </targets>
| </sign>
| </config>
| </jboss-ws-security>
Which signs the full SOAP envelope:
| <env:Envelope wsu:Id='element-2-1226509117041-2045010446' xmlns:env='http://schemas.xmlsoap.org/soap/envelope/' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>
| ...
| <ds:Reference URI='#element-2-1226509117041-2045010446' xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
|
But it still lists the Transform Algorithm as XML Exclusive Canonicalization:
| <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#'/>
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188863#4188863
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188863
More information about the jboss-user
mailing list