ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: WSS4J: Local id attribute and Signature References
Date Mon, 22 Jul 2013 15:11:13 GMT
Hi Nathan,

I guess this is the kind of scenario that you should plug in your own
CallbackLookup implementation. You can set one on the WSSecurityEngine
implementation used as the starting point for WS-Security processing.

Colm.


On Fri, Jul 19, 2013 at 1:37 AM, Nathan Clement <
nathan.a.clement@hotmail.com> wrote:

>  Hi,
>
> The WS-Security spec says in section 4 "ID References":
>
> *However, because some key schemas used by this specification don't allow
> attribute extensibility (namely XML Signature and XML Encryption), this
> specification also allows use of their local ID attributes in addition to
> the wsu:Id attribute and the xml:id attribute [XMLID]*
>
> We are attempting to process an AS4 message, and the AS4 spec (
> http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/profiles/AS4-profile/v1.0/os/AS4-profile-v1.0-os.html)
> says in section 5.1.4 regarding the signature reference for the
> eb:Messaging header:
>
> *The eb:Messaging header SHOULD be referenced using the “id” attribute.*
>
> WSS4J doesn't seem to support looking up referenced elements by a local id
> attribute.  DOMCallbackLookup calls WSSecurityUtil.findElementById which
> only looks for wsu:Id or Id (with a capital I) with no namespace.
>
> Should WSS4J allow lookup of a signed element by local id attribute?
>
> i.e.
>
> <eb:Messaging s:mustUnderstand="true" id="ebms_header" ...
>
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>   <ds:SignedInfo>
>     <ds:Reference URI="#ebms_header">
>
> Thanks,
>
> Nathan
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message