ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: WSS4J: Local id attribute and Signature References
Date Tue, 23 Jul 2013 08:51:16 GMT
WSS4J does not support looking up references by xml:id. Again, you need to
implement your own CallbackLookup implementation to support this scenario.

Colm.


On Mon, Jul 22, 2013 at 11:59 PM, Nathan Clement <
nathan.a.clement@hotmail.com> wrote:

> Hi Colm,
>
> Thanks very much for your response.  Does WSS4J support looking up
> references by xml:id?  I'm confused reading the spec as to whether
> WS-Security requires support for looking up references by xml:id and local
> id.  From your response, I'm guessing that the spec only requires support
> for wsu:Id?
>
> Thanks,
>
> Nathan
>
> ------------------------------
> Date: Mon, 22 Jul 2013 16:11:13 +0100
> Subject: Re: WSS4J: Local id attribute and Signature References
> From: coheigea@apache.org
> To: dev@ws.apache.org
>
> Hi Nathan,
>
> I guess this is the kind of scenario that you should plug in your own
> CallbackLookup implementation. You can set one on the WSSecurityEngine
> implementation used as the starting point for WS-Security processing.
>
> Colm.
>
>
> On Fri, Jul 19, 2013 at 1:37 AM, Nathan Clement <
> nathan.a.clement@hotmail.com> wrote:
>
>  Hi,
>
> The WS-Security spec says in section 4 "ID References":
>
> *However, because some key schemas used by this specification don't allow
> attribute extensibility (namely XML Signature and XML Encryption), this
> specification also allows use of their local ID attributes in addition to
> the wsu:Id attribute and the xml:id attribute [XMLID]*
>
> We are attempting to process an AS4 message, and the AS4 spec (
> http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/profiles/AS4-profile/v1.0/os/AS4-profile-v1.0-os.html)
> says in section 5.1.4 regarding the signature reference for the
> eb:Messaging header:
>
> *The eb:Messaging header SHOULD be referenced using the “id” attribute.*
>
> WSS4J doesn't seem to support looking up referenced elements by a local id
> attribute.  DOMCallbackLookup calls WSSecurityUtil.findElementById which
> only looks for wsu:Id or Id (with a capital I) with no namespace.
>
> Should WSS4J allow lookup of a signed element by local id attribute?
>
> i.e.
>
> <eb:Messaging s:mustUnderstand="true" id="ebms_header" ...
>
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>   <ds:SignedInfo>
>     <ds:Reference URI="#ebms_header">
>
> Thanks,
>
> Nathan
>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message