This content has been marked as final.
Show 5 replies
-
1. Re: XML signatures as WS payload?
ropalka Jan 14, 2009 1:19 AM (in response to sstaible)"sstaible" wrote:
Hi,
Any help or explanation of this behaviour is highly appreciated.
I suggest you to call Node.normalize() method before calling XML digital signature API.
You can't rely on the precondition SOAP message will be unmodified (regarding the whitespaces) on other side. -
2. Re: XML signatures as WS payload?
asoldano Jan 14, 2009 3:03 AM (in response to sstaible)Is there a reason why you're not using the WS-Security implementation provided by jbossws (which of course offers signing functionalities) ?
-
3. Re: XML signatures as WS payload?
sstaible Jan 14, 2009 4:43 AM (in response to sstaible)"alessio.soldano@jboss.com" wrote:
Is there a reason why you're not using the WS-Security implementation provided by jbossws (which of course offers signing functionalities) ?
It's not our goal to secure WS communications. Our service provides XML signature functionality to other software components within the platform that need to sign arbitrary XML data which later on will be archived (together with the signature). So the XML signature is not related to WS technology. -
4. Re: XML signatures as WS payload?
sstaible Jan 14, 2009 4:54 AM (in response to sstaible)"richard.opalka@jboss.com" wrote:
You can't rely on the precondition SOAP message will be unmodified (regarding the whitespaces) on other side.
Thank you for your response. But then I do not understand why signatures in WS-Security work. I would presume they depend on the same strict XML marshalling requirements. Is there maybe a separate layer in JBoss that handles SOAP messages using WS-security?
Do you have any reference on why SOAP does not need to preserve the whitespace information? -
5. Re: XML signatures as WS payload?
sstaible Jan 14, 2009 5:21 AM (in response to sstaible)"richard.opalka@jboss.com" wrote:
I suggest you to call Node.normalize() method before calling XML digital signature API.
This doesn't seem to help as normalize does only normalize DOM representation of the XML structure but does not modify the textual representation (which is relevant for XML signatures).