ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nathan Clement <>
Subject WSS4J: Local id attribute and Signature References
Date Fri, 19 Jul 2013 00:37:50 GMT


The WS-Security spec says in section 4 "ID References":

However, because some key schemas used by this specification don't allow attribute extensibility
(namely XML Signature and XML Encryption), this specification also allows use of their local
ID attributes in addition to the wsu:Id attribute and the xml:id attribute [XMLID]

We are attempting to process an AS4 message, and the AS4 spec (
says in section 5.1.4 regarding the signature reference for the eb:Messaging header:

The eb:Messaging header SHOULD be referenced using the “id”

WSS4J doesn't seem to support looking up referenced elements by a local id attribute.  DOMCallbackLookup
calls WSSecurityUtil.findElementById which only looks for wsu:Id or Id (with a capital I)
with no namespace.

Should WSS4J allow lookup of a signed element by local id attribute?


<eb:Messaging s:mustUnderstand="true" id="ebms_header" ...

<ds:Signature xmlns:ds="">
    <ds:Reference URI="#ebms_header">



View raw message