This content has been marked as final.
Show 2 replies
-
1. Re: Sigining a SOAP message using the enveloped-signature tr
peterj Nov 12, 2008 11:42 AM (in response to mrguy)Does the WS-Security section of the docs help: http://jbossws.jboss.org/mediawiki/index.php?title=JAX-WS_User_Guide#WS-Security
-
2. Re: Sigining a SOAP message using the enveloped-signature tr
mrguy Nov 12, 2008 12:07 PM (in response to mrguy)Unfortunately, the WS-Security documentation hasn't helped with the particular problem. It was very helpful in getting the WS-Security set up initially, and working from there I created the following jboss-wsse-client.xml file:
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> <key-store-file>META-INF/keystores/zcg.keystore</key-store-file> <key-store-password>zcgstore</key-store-password> <trust-store-file>META-INF/keystores/zcg.truststore</trust-store-file> <trust-store-password>zcgstore</trust-store-password> <config> <username/> <sign type="x509v3" alias="bandwidth.com"> <targets> <target type="qname">{http://schemas.xmlsoap.org/soap/envelope/}Envelope</target> </targets> </sign> </config> </jboss-ws-security>
Which signs the full SOAP envelope:<env:Envelope wsu:Id='element-2-1226509117041-2045010446' xmlns:env='http://schemas.xmlsoap.org/soap/envelope/' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'> ... <ds:Reference URI='#element-2-1226509117041-2045010446' xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
But it still lists the Transform Algorithm as XML Exclusive Canonicalization:<ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#'/>