ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Amarteifio" <...@perspectivetechnologies.com>
Subject Re: WS-Security digital signature validation
Date Tue, 01 Mar 2016 15:56:35 GMT

 
Colm,
 
Thanks for taking the time to respond to my earlier query.
 
We are aware the WSS4J 1.5.x is deprecated, we were hoping to address this issue with our current version then embark on a project to move to WSS4J1.6.x or 2.x.x.
 
However, I did take your advice and turned on DEBUG logging for the following:
 
log4j.logger.org.apache.wss4j.message.WSSignEnvelope=DEBUG
 log4j.logger.org.apache.wss4j.WSSecurityEngine=DEBUG
 log4j.logger.org.apache.wss4j.common.crypto.Merlin=DEBUG
 log4j.logger.org.apache.xml.security.signature.XMLSignature=DEBUG
 
I then run through a message where the signature validation succeeds (See Signature Validation Log - A below) and then a message where the signature validation fails (See Signature Validation Log - B below).
 
I have looked through both logs and can’t really work out why ‘Signature Validation Log – B’ is failing apart the fact that it logs the failure.
 I was hoping you might be able to point us in the right direction after having a look at the logs.
 
Regards,
 Sam
 
Signature Validation Log – A
59819104 [http-8443-1] DEBUG org.apache.ws.security.WSSecurityEngine  - enter processSecurityHeader()
59819107 [http-8443-1] DEBUG org.apache.ws.security.WSSecurityEngine  - Processing WS-Security header for '' actor.
59819153 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315, org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments)
59819159 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments, org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments)
59819160 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#, org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments)
59819160 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments, org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclWithComments)
59819162 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11, org.apache.xml.security.c14n.implementations.Canonicalizer11_OmitComments)
59819163 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11#WithComments, org.apache.xml.security.c14n.implementations.Canonicalizer11_WithComments)
59819166 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2000/09/xmldsig#base64, org.apache.xml.security.transforms.implementations.TransformBase64Decode)
59819167 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315, org.apache.xml.security.transforms.implementations.TransformC14N)
59819167 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments, org.apache.xml.security.transforms.implementations.TransformC14NWithComments)
59819167 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2006/12/xml-c14n11, org.apache.xml.security.transforms.implementations.TransformC14N11)
59819168 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2006/12/xml-c14n11#WithComments, org.apache.xml.security.transforms.implementations.TransformC14N11_WithComments)
59819168 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#, org.apache.xml.security.transforms.implementations.TransformC14NExclusive)
59819168 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments, org.apache.xml.security.transforms.implementations.TransformC14NExclusiveWithComments)
59819169 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/TR/1999/REC-xpath-19991116, org.apache.xml.security.transforms.implementations.TransformXPath)
59819170 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2000/09/xmldsig#enveloped-signature, org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature)
59819171 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/TR/1999/REC-xslt-19991116, org.apache.xml.security.transforms.implementations.TransformXSLT)
59819171 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2002/04/xmldsig-filter2, org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
59819171 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2002/06/xmldsig-filter2, org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
59819174 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Init() called
59819176 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#dsa-sha1, org.apache.xml.security.algorithms.implementations.SignatureDSA)
59819176 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2000/09/xmldsig#dsa-sha1 org.apache.xml.security.algorithms.implementations.SignatureDSA
59819177 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#rsa-sha1, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1)
59819177 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2000/09/xmldsig#rsa-sha1 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1
59819179 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#hmac-sha1, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1)
59819179 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2000/09/xmldsig#hmac-sha1 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1
59819179 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-md5, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5)
59819179 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-md5 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5
59819179 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160)
59819179 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160
59819180 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha256, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256)
59819180 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256
59819180 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha384, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384)
59819180 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384
59819180 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha512, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512)
59819181 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512
59819182 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1, org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1)
59819182 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1
59819182 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-md5, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5)
59819182 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-md5 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5
59819182 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160)
59819182 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160
59819183 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha256, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256)
59819183 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256
59819183 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha384, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384)
59819183 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha384 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384
59819183 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha512, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512)
59819183 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha512 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512
59819190 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP: A simple resolver for requests to HTTP space
59819191 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverLocalFilesystem: A simple resolver for requests to the local file system
59819191 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverFragment: A simple resolver for requests of same-document URIs
59819192 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverXPointer: A simple resolver for requests of XPointer fragents
59819194 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.RSAKeyValueResolver: Can extract RSA public keys
59819195 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.DSAKeyValueResolver: Can extract DSA public keys
59819195 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509CertificateResolver: Can extract public keys from X509 certificates
59819196 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509SKIResolver: Uses an X509v3 SubjectKeyIdentifier extension to retrieve a certificate from the storages
59819196 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver: Resolves keys and certificates using ResourceResolvers
59819197 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509SubjectNameResolver: Uses an X509 SubjectName to retrieve a certificate from the storages
59819198 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509IssuerSerialResolver: Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the storages
59819198 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind prefixes:
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind ds to http://www.w3.org/2000/09/xmldsig#
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind xenc to http://www.w3.org/2001/04/xmlenc#
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind experimental to http://www.xmlsecurity.org/experimental#
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind dsig-xpath-old to http://www.w3.org/2002/04/xmldsig-filter2
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind dsig-xpath to http://www.w3.org/2002/06/xmldsig-filter2
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind ec to http://www.w3.org/2001/10/xml-exc-c14n#
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind xx to http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - XX_init                             70 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_prng                           0 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_parsing                        14 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_i18n                 2 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_c14n             17 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_jcemapper        4 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_keyInfo          3 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_keyResolver      5 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_prefixes         1 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_resourceresolver 4 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_sigalgos         11 ms
59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_transforms       8 ms
59819225 [http-8443-1] DEBUG org.apache.ws.security.WSSConfig  - The provider BC was added at position: 2
59819226 [http-8443-1] DEBUG org.apache.ws.security.util.Loader  - org.apache.security.juice.provider.JuiCEProviderOpenSSL
java.lang.ClassNotFoundException: org.apache.security.juice.provider.JuiCEProviderOpenSSL
                at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1680)
                at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526)
                at org.apache.ws.security.util.Loader.loadClass(Loader.java:185)
                at org.apache.ws.security.WSSConfig.loadProvider(WSSConfig.java:605)
                at org.apache.ws.security.WSSConfig.addJceProvider(WSSConfig.java:662)
                at org.apache.ws.security.WSSConfig.staticInit(WSSConfig.java:306)
                at org.apache.ws.security.WSSConfig.<init>(WSSConfig.java:324)
                at org.apache.ws.security.WSSConfig.getNewInstance(WSSConfig.java:333)
                at org.apache.ws.security.WSSConfig.getDefaultWSConfig(WSSConfig.java:342)
                at org.apache.ws.security.WSSecurityEngine.getWssConfig(WSSecurityEngine.java:157)
                at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:320)
                at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245)
                at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:198)
                at com.perspective.onMessage.core.Utils.WSSecurityModule.processMessage(WSSecurityModule.java:226)
                at com.perspective.onMessage.core.messaging.SrvRequestMessageLogHandler.invoke(SrvRequestMessageLogHandler.java:214)
                at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
                at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
                at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
                at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
                at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
                at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
                at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
                at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
                at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
                at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
                at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
                at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
                at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
                at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
                at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
                at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
                at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
                at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
                at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
                at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
                at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
                at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
                at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
                at java.lang.Thread.run(Thread.java:662)
59819227 [http-8443-1] DEBUG org.apache.ws.security.WSSConfig  - The provider JuiCE could not be added: org.apache.security.juice.provider.JuiCEProviderOpenSSL
59819228 [http-8443-1] DEBUG org.apache.ws.security.processor.SignatureProcessor  - Found signature element
59819228 [http-8443-1] DEBUG org.apache.ws.security.processor.SignatureProcessor  - Verify XML Signature
59819230 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:Signature", "null")
59819233 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:SignedInfo", "null")
59819233 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:SignatureMethod", "null")
59819233 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:KeyInfo", "null")
59819237 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:X509IssuerSerial", "")
59819238 [http-8443-1] DEBUG org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial  - X509SerialNumber text: 1444382451
59819245 [http-8443-1] INFO  org.apache.ws.security.message.token.SecurityTokenReference  - X509IssuerSerial alias: tomcat-sv
59819246 [http-8443-1] DEBUG org.apache.xml.security.signature.XMLSignature  - SignatureMethodURI = http://www.w3.org/2000/09/xmldsig#rsa-sha1
59819246 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Create URI "http://www.w3.org/2000/09/xmldsig#rsa-sha1" class "class org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1"
59819246 [http-8443-1] DEBUG org.apache.xml.security.algorithms.JCEMapper  - Request for URI http://www.w3.org/2000/09/xmldsig#rsa-sha1
59819246 [http-8443-1] DEBUG org.apache.xml.security.algorithms.implementations.SignatureBaseRSA  - Created SignatureRSA using SHA1withRSA
59819261 [http-8443-1] DEBUG org.apache.xml.security.signature.XMLSignature  - jceSigAlgorithm    = SHA1withRSA
59819261 [http-8443-1] DEBUG org.apache.xml.security.signature.XMLSignature  - jceSigProvider     = BC
59819261 [http-8443-1] DEBUG org.apache.xml.security.signature.XMLSignature  - PublicKey = Sun RSA public key, 1024 bits
  modulus: 93610425150689383187201231124099789927987329382418136869121800093428304612151708202031700417081425402958876437802098226652838894600449242632685787409432429554105152649905032574840908271409839981907623327461685416578720622552749877795736234403019908673813687072762834183958546842472520215196850762325388296303
  public exponent: 65537
59819268 [http-8443-1] DEBUG org.apache.xml.security.utils.SignerOutputStream  - Canonicalized SignedInfo:
59819268 [http-8443-1] DEBUG org.apache.xml.security.utils.SignerOutputStream  - <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
 
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#id-1640824304">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>Alh9rNHcaF+nzOfiFRwKC5dnOLI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
59819274 [http-8443-1] DEBUG org.apache.xml.security.signature.Manifest  - verify 1 References
59819274 [http-8443-1] DEBUG org.apache.xml.security.signature.Manifest  - I am not requested to follow nested Manifests
59819276 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:Reference", "null")
59819276 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:Transforms", "null")
59819277 [http-8443-1] DEBUG org.apache.xml.security.algorithms.JCEMapper  - Request for URI http://www.w3.org/2000/09/xmldsig#sha1
59819278 [http-8443-1] DEBUG org.apache.xml.security.utils.resolver.ResourceResolver  - I was asked to create a ResourceResolver and got 1
59819278 [http-8443-1] DEBUG org.apache.xml.security.utils.resolver.ResourceResolver  -  extra resolvers to my existing 4 system-wide resolvers
59819278 [http-8443-1] DEBUG org.apache.xml.security.utils.resolver.ResourceResolver  - check resolvability by class org.apache.ws.security.message.EnvelopeIdResolver
59819278 [http-8443-1] DEBUG org.apache.ws.security.message.EnvelopeIdResolver  - enter engineResolve, look for: #id-1640824304
59819283 [http-8443-1] DEBUG org.apache.ws.security.message.EnvelopeIdResolver  - exit engineResolve, result: XMLSignatureInput/Element/[soapenv:Body: null] exclude null comments:false/null
59819283 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:Transform", "null")
59819284 [http-8443-1] DEBUG org.apache.xml.security.utils.DigesterOutputStream  - Pre-digested input:
59819285 [http-8443-1] DEBUG org.apache.xml.security.utils.DigesterOutputStream  - <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1640824304"><ns1:PostRq xmlns:ns1="http://www.ACORD.org/Standards/AcordMsgSvc/1.4.0"><ns1:Sender><ns1:PartyId>urn:duns:912345678</ns1:PartyId><ns1:PartyRoleCd>Reinsurer</ns1:PartyRoleCd></ns1:Sender><ns1:Receiver><ns1:PartyId>urn:duns:123456789</ns1:PartyId><ns1:PartyRoleCd>Broker</ns1:PartyRoleCd></ns1:Receiver><ns1:Application><ns1:ApplicationCd>AML</ns1:ApplicationCd><ns1:SchemaVersion>http://www.acord.org/schema/data/draft/ReusableDataComponents/1</ns1:SchemaVersion></ns1:Application><ns1:TimeStamp>2016-02-26T09:28:05Z</ns1:TimeStamp><ns1:MsgItem><ns1:MsgId>3d3dcd60-dc6b-11e5-8d07-de2796627f3b</ns1:MsgId><ns1:MsgTypeCd>RiskBoundReportProcess</ns1:MsgTypeCd></ns1:MsgItem><ns1:SecurityProfileCd>Basic</ns1:SecurityProfileCd><ns1:WorkFolder><ns1:MsgFile><ns1:FileId>cid:7F1C53A91C91DAC48E088DB79E1014A2</ns1:FileId><ns1:FileFormatCd>text/xml</ns1:FileFormatCd></ns1:MsgFile></ns1:WorkFolder></ns1:PostRq></soapenv:Body>
59819285 [http-8443-1] DEBUG org.apache.xml.security.signature.Reference  - Verification successful for URI "#id-1640824304"
59819285 [http-8443-1] DEBUG org.apache.xml.security.signature.Manifest  - The Reference has Type
59819285 [http-8443-1] DEBUG org.apache.ws.security.TIME  - Verify: total= 57, prepare-cert= 18, verify= 39
59819285 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ds:Transform", "null")
59819287 [http-8443-1] DEBUG org.apache.ws.security.TIME  - processHeader: total 180, prepare 1, handle 179
 
 
 
 
Signature Validation Log – B
75811797 [http-8443-1] DEBUG org.apache.ws.security.WSSecurityEngine  - enter processSecurityHeader()
75811802 [http-8443-1] DEBUG org.apache.ws.security.WSSecurityEngine  - Processing WS-Security header for '' actor.
75811858 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315, org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments)
75811859 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments, org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments)
75811860 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#, org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments)
75811860 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments, org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclWithComments)
75811862 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11, org.apache.xml.security.c14n.implementations.Canonicalizer11_OmitComments)
75811862 [http-8443-1] DEBUG org.apache.xml.security.Init  - Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11#WithComments, org.apache.xml.security.c14n.implementations.Canonicalizer11_WithComments)
75811865 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2000/09/xmldsig#base64, org.apache.xml.security.transforms.implementations.TransformBase64Decode)
75811866 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315, org.apache.xml.security.transforms.implementations.TransformC14N)
75811867 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments, org.apache.xml.security.transforms.implementations.TransformC14NWithComments)
75811868 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2006/12/xml-c14n11, org.apache.xml.security.transforms.implementations.TransformC14N11)
75811868 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2006/12/xml-c14n11#WithComments, org.apache.xml.security.transforms.implementations.TransformC14N11_WithComments)
75811868 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#, org.apache.xml.security.transforms.implementations.TransformC14NExclusive)
75811869 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments, org.apache.xml.security.transforms.implementations.TransformC14NExclusiveWithComments)
75811870 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/TR/1999/REC-xpath-19991116, org.apache.xml.security.transforms.implementations.TransformXPath)
75811870 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2000/09/xmldsig#enveloped-signature, org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature)
75811871 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/TR/1999/REC-xslt-19991116, org.apache.xml.security.transforms.implementations.TransformXSLT)
75811872 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2002/04/xmldsig-filter2, org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
75811872 [http-8443-1] DEBUG org.apache.xml.security.Init  - Transform.register(http://www.w3.org/2002/06/xmldsig-filter2, org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
75811875 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Init() called
75811877 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#dsa-sha1, org.apache.xml.security.algorithms.implementations.SignatureDSA)
75811877 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2000/09/xmldsig#dsa-sha1 org.apache.xml.security.algorithms.implementations.SignatureDSA
75811878 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#rsa-sha1, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1)
75811878 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2000/09/xmldsig#rsa-sha1 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1
75811879 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#hmac-sha1, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1)
75811880 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2000/09/xmldsig#hmac-sha1 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1
75811880 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-md5, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5)
75811880 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-md5 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5
75811880 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160)
75811880 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160
75811881 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha256, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256)
75811881 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256
75811881 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha384, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384)
75811881 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384
75811882 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha512, org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512)
75811882 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512
75811883 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1, org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1)
75811883 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1 org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1
75811883 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-md5, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5)
75811883 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-md5 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5
75811884 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160)
75811884 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160
75811884 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha256, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256)
75811884 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha256 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256
75811885 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha384, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384)
75811885 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha384 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384
75811885 [http-8443-1] DEBUG org.apache.xml.security.Init  - SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha512, org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512)
75811885 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha512 org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512
75811893 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP: A simple resolver for requests to HTTP space
75811895 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverLocalFilesystem: A simple resolver for requests to the local file system
75811895 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverFragment: A simple resolver for requests of same-document URIs
75811896 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverXPointer: A simple resolver for requests of XPointer fragents
75811898 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.RSAKeyValueResolver: Can extract RSA public keys
75811899 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.DSAKeyValueResolver: Can extract DSA public keys
75811900 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509CertificateResolver: Can extract public keys from X509 certificates
75811900 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509SKIResolver: Uses an X509v3 SubjectKeyIdentifier extension to retrieve a certificate from the storages
75811901 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver: Resolves keys and certificates using ResourceResolvers
75811902 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509SubjectNameResolver: Uses an X509 SubjectName to retrieve a certificate from the storages
75811903 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509IssuerSerialResolver: Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the storages
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind prefixes:
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind ds to http://www.w3.org/2000/09/xmldsig#
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind xenc to http://www.w3.org/2001/04/xmlenc#
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind experimental to http://www.xmlsecurity.org/experimental#
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind dsig-xpath-old to http://www.w3.org/2002/04/xmldsig-filter2
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind dsig-xpath to http://www.w3.org/2002/06/xmldsig-filter2
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind ec to http://www.w3.org/2001/10/xml-exc-c14n#
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to bind xx to http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - XX_init                             73 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_prng                           0 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_parsing                        11 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_i18n                 3 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_c14n             12 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_jcemapper        4 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_keyInfo          8 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_keyResolver      7 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_prefixes         0 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_resourceresolver 5 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_sigalgos         13 ms
75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -   XX_configure_reg_transforms       10 ms
75811934 [http-8443-1] DEBUG org.apache.ws.security.WSSConfig  - The provider BC was added at position: 2
75811936 [http-8443-1] DEBUG org.apache.ws.security.util.Loader  - org.apache.security.juice.provider.JuiCEProviderOpenSSL
java.lang.ClassNotFoundException: org.apache.security.juice.provider.JuiCEProviderOpenSSL
                at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1680)
                at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526)
                at org.apache.ws.security.util.Loader.loadClass(Loader.java:185)
                at org.apache.ws.security.WSSConfig.loadProvider(WSSConfig.java:605)
                at org.apache.ws.security.WSSConfig.addJceProvider(WSSConfig.java:662)
                at org.apache.ws.security.WSSConfig.staticInit(WSSConfig.java:306)
                at org.apache.ws.security.WSSConfig.<init>(WSSConfig.java:324)
                at org.apache.ws.security.WSSConfig.getNewInstance(WSSConfig.java:333)
                at org.apache.ws.security.WSSConfig.getDefaultWSConfig(WSSConfig.java:342)
                at org.apache.ws.security.WSSecurityEngine.getWssConfig(WSSecurityEngine.java:157)
                at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:320)
                at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245)
                at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:198)
                at com.perspective.onMessage.core.Utils.WSSecurityModule.processMessage(WSSecurityModule.java:226)
                at com.perspective.onMessage.core.messaging.SrvRequestMessageLogHandler.invoke(SrvRequestMessageLogHandler.java:214)
                at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
                at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
                at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
                at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
                at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
                at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
                at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
                at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
                at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
                at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
                at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
                at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
                at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
                at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
                at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
                at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
                at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
                at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
                at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
                at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
                at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
                at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
                at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
                at java.lang.Thread.run(Thread.java:662)
75811937 [http-8443-1] DEBUG org.apache.ws.security.WSSConfig  - The provider JuiCE could not be added: org.apache.security.juice.provider.JuiCEProviderOpenSSL
75811938 [http-8443-1] DEBUG org.apache.ws.security.processor.SignatureProcessor  - Found signature element
75811938 [http-8443-1] DEBUG org.apache.ws.security.processor.SignatureProcessor  - Verify XML Signature
75811940 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ns2:Signature", "null")
75811943 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ns2:SignedInfo", "null")
75811943 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ns2:SignatureMethod", "null")
75811943 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ns2:KeyInfo", "null")
75811947 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  - setElement("ns2:X509IssuerSerial", "")
75811949 [http-8443-1] DEBUG org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial  - X509SerialNumber text: 604358
75811958 [http-8443-1] INFO  org.apache.ws.security.message.token.SecurityTokenReference  - X509IssuerSerial alias: lloyds-exch
75811959 [http-8443-1] DEBUG org.apache.xml.security.signature.XMLSignature  - SignatureMethodURI = http://www.w3.org/2000/09/xmldsig#rsa-sha1
75811959 [http-8443-1] DEBUG org.apache.xml.security.algorithms.SignatureAlgorithm  - Create URI "http://www.w3.org/2000/09/xmldsig#rsa-sha1" class "class org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1"
75811959 [http-8443-1] DEBUG org.apache.xml.security.algorithms.JCEMapper  - Request for URI http://www.w3.org/2000/09/xmldsig#rsa-sha1
75811959 [http-8443-1] DEBUG org.apache.xml.security.algorithms.implementations.SignatureBaseRSA  - Created SignatureRSA using SHA1withRSA
75811976 [http-8443-1] DEBUG org.apache.xml.security.signature.XMLSignature  - jceSigAlgorithm    = SHA1withRSA
75811976 [http-8443-1] DEBUG org.apache.xml.security.signature.XMLSignature  - jceSigProvider     = BC
75811977 [http-8443-1] DEBUG org.apache.xml.security.signature.XMLSignature  - PublicKey = Sun RSA public key, 2048 bits
  modulus: 26430731384825362242696808077633199711202753670797332780727536659131960813652566992350509167921393013813366003748544038538461902188890311123165826467140044341011862766176978150742269203625151938990165544929787829837938988000820998332488145317091742337954792664993194742301362562495035781177387750692860723060672603654968039388568042893668467974917933369415902977464977413736394694476283767728239077206845772427531671068443654802074780748359829021441038851112407179903997173832621234910670461653199651463640776709030791759891654422491840524696846497795438748682591298012408472585017460957223048794672235177868443588973
  public exponent: 65537
75811984 [http-8443-1] DEBUG org.apache.xml.security.utils.SignerOutputStream  - Canonicalized SignedInfo:
75811984 [http-8443-1] DEBUG org.apache.xml.security.utils.SignerOutputStream  - <ns2:SignedInfo xmlns:ns2="http://www.w3.org/2000/09/xmldsig#"><ns2:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ns2:CanonicalizationMethod><ns2:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ns2:SignatureMethod><ns2:Reference URI="#Id-005f3bba-d023-1004-8580-6239465f8fb3"><ns2:Transforms><ns2:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ns2:Transform></ns2:Transforms><ns2:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ns2:DigestMethod><ns2:DigestValue>+wCLGGkbQHYmNneaAf+/+k2QXdM=</ns2:DigestValue></ns2:Reference></ns2:SignedInfo>
75811990 [http-8443-1] WARN  org.apache.xml.security.signature.XMLSignature  - Signature verification failed.
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
75811998 [http-8443-1] DEBUG org.apache.axis.i18n.ProjectResourceBundle  - org.apache.axis.i18n.resource::handleGetObject(empty00)
 
 
 
-----Original Message-----
From: "Colm O hEigeartaigh" <coheigea@apache.org>
Sent: Thursday, 25 February, 2016 14:05
To: users@ws.apache.org
Subject: Re: WS-Security digital signature validation




It's impossible to say what the problem is without access to the signature validation logs. Turn on DEBUG logging and it should tell you what the problem is. All of WSS4J 1.5.x is deprecated and no longer supported by the way.

Colm.


On Thu, Feb 25, 2016 at 12:12 PM, Sam Amarteifio <[ sam@perspectivetechnologies.com ]( mailto:sam@perspectivetechnologies.com )> wrote:

We are currently using the WSS4J (version 1.5.3) with Axis 1.4 for our WS-Security digital signature validation.
 
We use the WSSecurityEngine.ProcessSecurityHeader method to validate the signature in the security header.
 
The issue we are experiencing here is that the signature validation is successful for one form of security header (Header A. see below) and fails for another form of security header (Header B. see below). You will notice a difference in the construct of the ‘<wsse:Security’> and ‘<ds:Signature>’ elements in respect of their namespace definitions.
 
Please could someone enlighten us if we are doing something wrong or do we need to upgrade to a particular version of the WSS4J WS-Security library, please note we are bound at the moment to Axis 1.4.
 
Regards,
 Sam
 
 
Header A.
 
<soapenv:Envelope xmlns:soapenv="[ http://schemas.xmlsoap.org/soap/envelope/ ]( http://schemas.xmlsoap.org/soap/envelope/ )" xmlns:soapenc="[ http://schemas.xmlsoap.org/soap/encoding/ ]( http://schemas.xmlsoap.org/soap/encoding/ )" xmlns:xsd="[ http://www.w3.org/2001/XMLSchema ]( http://www.w3.org/2001/XMLSchema )" xmlns:xsi="[ http://www.w3.org/2001/XMLSchema-instance ]( http://www.w3.org/2001/XMLSchema-instance )">
                <SOAP-ENV:Header xmlns:SOAP-ENV="[ http://schemas.xmlsoap.org/soap/envelope/ ]( http://schemas.xmlsoap.org/soap/envelope/ )">
                                <wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="[ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd ]( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd )">
                                                <ds:Signature xmlns:ds="[ http://www.w3.org/2000/09/xmldsig# ]( http://www.w3.org/2000/09/xmldsig# )">
                                                                <ds:SignedInfo>
                                                                                <ds:CanonicalizationMethod Algorithm="[ http://www.w3.org/2001/10/xml-exc-c14n# ]( http://www.w3.org/2001/10/xml-exc-c14n# )"/>
                                                                                <ds:SignatureMethod Algorithm="[ http://www.w3.org/2000/09/xmldsig#rsa-sha1 ]( http://www.w3.org/2000/09/xmldsig#rsa-sha1 )"/>
                                                                                <ds:Reference URI="#id-38">
                                                                                                <ds:Transforms>
                                                                                                                <ds:Transform Algorithm="[ http://www.w3.org/2001/10/xml-exc-c14n# ]( http://www.w3.org/2001/10/xml-exc-c14n# )"/>
                                                                                                </ds:Transforms>
                                                                                                <ds:DigestMethod Algorithm="[ http://www.w3.org/2000/09/xmldsig#sha1 ]( http://www.w3.org/2000/09/xmldsig#sha1 )"/>
                                                                                                <ds:DigestValue>vIxJAh8EITqs1uZPiC1yrt4H2DU=</ds:DigestValue>
                                                                                </ds:Reference>
                                                                </ds:SignedInfo>
                                                                <ds:SignatureValue>zcaDiNn0om913HKIryt1+S4EPWXHIKH8bsQTdGDKlUepfv5yMJTLPA9PNecyAAMDF3GuT096lR5WjB2IJQClOoCobbabofvjr7GbfHV8XQLRPiykGKd8+IuiKEKHqyxClUi5strXIOw5ppFnEHkfib2h2YJQzjSptmke7PsAixgh5mDkDranYHNUE3+zdRFeLyC0ZFCeyMD45+tkdnr6koV1di5Z+dJggo4EbWIUv20OUdPblZaw6B82uMondZ/iK/Em8qniMz3FPf583vySkBlb+kLecDPrB/DidYtyDnuFicxsD2pdJ9KsPApXr5dpsnoBITiw8ZubVFbE3uZl1g==</ds:SignatureValue>
                                                                <ds:KeyInfo>
                                                                                <wsse:SecurityTokenReference wsu:Id="Id-18fe8f24-d993-1004-81fe-8f8827f68a2b" xmlns:wsu="[ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd ]( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd )">
                                                                                                <ds:X509Data>
                                                                                                                <ds:X509IssuerSerial>
                                                                                                                                <ds:X509IssuerName>CN=GeoTrust DV SSL CA,OU=Domain Validated SSL,O=GeoTrust Inc.,C=US</ds:X509IssuerName>
                                                                                                                                <ds:X509SerialNumber>604358</ds:X509SerialNumber>
                                                                                                                </ds:X509IssuerSerial>
                                                                                                </ds:X509Data>
                                                                                </wsse:SecurityTokenReference>
                                                                </ds:KeyInfo>
                                                </ds:Signature>
                                </wsse:Security>
                </SOAP-ENV:Header>
                <soapenv:Body wsu:Id="id-38" xmlns:wsu="[ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd ]( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd )">
                                ......
                </soapenv:Body>
</soapenv:Envelope>
 
 
 
 
Header B.
 
<soapenv:Envelope xmlns:soapenv="[ http://schemas.xmlsoap.org/soap/envelope/ ]( http://schemas.xmlsoap.org/soap/envelope/ )" xmlns:soapenc="[ http://schemas.xmlsoap.org/soap/encoding/ ]( http://schemas.xmlsoap.org/soap/encoding/ )" xmlns:xsd="[ http://www.w3.org/2001/XMLSchema ]( http://www.w3.org/2001/XMLSchema )" xmlns:xsi="[ http://www.w3.org/2001/XMLSchema-instance ]( http://www.w3.org/2001/XMLSchema-instance )">
                <SOAP-ENV:Header xmlns:SOAP-ENV="[ http://schemas.xmlsoap.org/soap/envelope/ ]( http://schemas.xmlsoap.org/soap/envelope/ )" xmlns:ds="[ http://www.w3.org/2000/09/xmldsig# ]( http://www.w3.org/2000/09/xmldsig# )" xmlns:wsa="[ http://www.w3.org/2005/08/addressing ]( http://www.w3.org/2005/08/addressing )"
                                 xmlns:wsse="[ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd ]( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd )" xmlns:wsu="[ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd ]( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd )"
                                 xmlns:xenc="[ http://www.w3.org/2001/04/xmlenc# ]( http://www.w3.org/2001/04/xmlenc# )">
                                <wsse:Security SOAP-ENV:mustUnderstand="1">
                                                <ds:Signature>
                                                                <ds:SignedInfo>
                                                                                <ds:CanonicalizationMethod Algorithm="[ http://www.w3.org/2001/10/xml-exc-c14n# ]( http://www.w3.org/2001/10/xml-exc-c14n# )"/>
                                                                                <ds:SignatureMethod Algorithm="[ http://www.w3.org/2000/09/xmldsig#rsa-sha1 ]( http://www.w3.org/2000/09/xmldsig#rsa-sha1 )"/>
                                                                                <ds:Reference URI="#MainBody">
                                                                                                <ds:Transforms>
                                                                                                                <ds:Transform Algorithm="[ http://www.w3.org/2001/10/xml-exc-c14n# ]( http://www.w3.org/2001/10/xml-exc-c14n# )"/>
                                                                                                </ds:Transforms>
                                                                                                <ds:DigestMethod Algorithm="[ http://www.w3.org/2000/09/xmldsig#sha1 ]( http://www.w3.org/2000/09/xmldsig#sha1 )"/>
                                                                                                <ds:DigestValue>20WF+Eg2mHpaHbvKWVasYdNoFsw=</ds:DigestValue>
                                                                                </ds:Reference>
                                                                </ds:SignedInfo>
                                                                <ds:SignatureValue>J4ItDIaW2ak6R1UwdQEHMpQHpdjZVVqsx5mxTUjVoFwRNBPpbIua54mdaIZnJJpl06AdZ1i04Kl4yx4xkvd+IzDEWvAISu0CeCQDgmB+R2BfcHwtVtqBi04lGNyIdPZJVv2y9Y5VUywgtWvOLuwydXKVpy9uA5j47LDfEuI0YbrK6+I8d6bfD+aO0I6q7+yHU6iZOUchv920r3eVMGjNfihMag80qRBPzScIWnH3kWp2iOCCJi8Q/O5nTwUI8DwW7EJXvMPVPouDzzbxYekQuOEG+GdumXKcfmeOqCDd9cqflbyUbTOpB5fFVu2qmqVOsVStNzGNn15vH8SHuibXvA==</ds:SignatureValue>
                                                                <ds:KeyInfo>
                                                                                <wsse:SecurityTokenReference wsu:Id="Id-fb589ba8-d9bb-1004-8f49-10246a7582f9">
                                                                                                <ds:X509Data>
                                                                                                                <ds:X509IssuerSerial>
                                                                                                                                <ds:X509IssuerName>CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at [ https://www.verisign.com/rpa ]( https://www.verisign.com/rpa ) (c)10,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US</ds:X509IssuerName>
                                                                                                                                <ds:X509SerialNumber>62129071348004622724048880787045315607</ds:X509SerialNumber>
                                                                                                                </ds:X509IssuerSerial>
                                                                                                </ds:X509Data>
                                                                                </wsse:SecurityTokenReference>
                                                                </ds:KeyInfo>
                                                </ds:Signature>
                                </wsse:Security>
                </SOAP-ENV:Header>
                <soapenv:Body Id="MainBody" xmlns:wsu="[ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd ]( http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd )">
                ........
                </soapenv:Body>
</soapenv:Envelope>
 
 
 
 

-- 

Colm O hEigeartaigh

Talend Community Coder
[ http://coders.talend.com ]( http://coders.talend.com )
Mime
View raw message