axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Theodore W. Leung" <twle...@sauria.com>
Subject Re: XML Security Job Offer: Axis Connector
Date Sun, 13 Jan 2002 00:27:15 GMT
On Fri, 2002-01-11 at 10:53, Davanum Srinivas wrote:
> Christian, 
> Checked in a sample in Axis CVS. So far the client sends a signed message and the LogHandler
on
> the server can log the message. All the Signature related code is in
> xml-axis\java\samples\security\SignedSoapEnvelope.java. 
> 
> Ted,
> Can you try things out and suggest changes, also please see the TODO items below...

That seems to have done the trick, all is working.  But it seems kind of
slow to me.  I haven't had a chance to track that down yet.

> TODO:
> - Borrow code from AxisVerifier and enhance samples\security\LogHandler.java to Verify
the signed
> message.
Done in the attached patch
> - Should SignedSoapEnvelope be part of the main source tree?
I parameterized the constructor for this in the attached patch, to allow
passing in the baseURI for the signature
> - Should we add the sample as a part of the regular automated tests. If yes, request
sam to add a
> dependency between xml-security and xml-axis
.
> - Get rid of ServiceClient and use Call
Done in the attached patch.
.
> 
> Thanks,
> dims
> 
> --- Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de> wrote:
> > 
> > 
> > --On Donnerstag, 10. Januar 2002 22:01 -0800 "Theodore W. Leung" 
> > <twleung@sauria.com> wrote:
> > 
> > > So I thought to fix this by getting the env as a DOM  again, but then I
> > > need to create a new signature using that DOM.  And that does't seem to
> > > be working.  I need a way to create just an empty signature element and
> > > add that as a header before creating the signature value.
> > 
> > 
> > When you call XMLSignature.sign(), the Signature locates the Noes to be 
> > signed based on it's own position, so if you create a signature for "#Body" 
> > it tries to traverse the tree in which itself is. If the signature is not 
> > part of a tree (header.getElement().appendChild(signature.getElement()) was 
> > not called), then the traversal fails. You must ensure that signature and 
> > signed contents are "connected" via the DOM before you call sign().
> > 
> > 
> > Christian
> 
> 
> =====
> Davanum Srinivas - http://jguru.com/dims/
> 
> __________________________________________________
> Do You Yahoo!?
> Send FREE video emails in Yahoo! Mail!
> http://promo.yahoo.com/videomail/


Mime
View raw message