ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: Order of elements in the Security Header when signing
Date Thu, 13 Jul 2017 09:00:29 GMT
You could look at this test (testSignedTimestamp)

https://github.com/apache/wss4j/blob/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java#L628

It signs a Timestamp, and the Timestamp is placed above the Signature in
the message.

Colm.

On Thu, Jul 13, 2017 at 4:41 AM, Harris, Andrew <Andrew.Harris@adp.com>
wrote:

> I am using WSS4J to sign a SOAP message. I currently add a timestamp to
> the WSSecHeader and add it as one of the Parts to sign and then sign the
> message.
>
>
>
> When I sign the message the BST and Security Elements are prepended to the
> WSSecHeader and therefore I end up with :
>
>
>
> <wsse:BinarySecurityToken />
>
> <ds:Signature />
>
> <wsu:Timestamp />
>
>
>
> But I am being told an error I am getting may be because it should be:
>
>
>
> <wsu:Timestamp />
>
> <wsse:BinarySecurityToken />
>
> <ds:Signature />
>
>
>
> I have traced the code to the line “sig.sign(signContext);” in the
> computeSignature method in WSSecSignature. The sig object is an Apache
> implementation (org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature) of
> javax.xml.crypto.dsig. XMLSignature which appears to always insert the
> signature as the first item in the Security element.
>
>
>
> Any thoughts on how to get what I am after?
>
>
>
>
>
>
>
> *Regards*
>
>
>
> *Andrew Harris *| Architecture & Design Manager
>
> andrew.harris@adp.com | +61 3 9566 7125 <+61%203%209566%207125> | +61 4
> 1859 9547
> Level 1,6 Nexus Crt, Mulgrave Vic 3170
>
> [image: Description: Description: Description: Description: Description:
> email-logo] <http://www.adppayroll.com.au/>[image: Description:
> Description: Description: Description: Description: LinkedIn]
> <https://www.linkedin.com/company/adpaustralia?trk=biz-companies-cym>[image:
> Description: Description: Description: Description: Description: Twitter]
> <https://twitter.com/adp_anz>[image: Description: Description:
> Description: Description: Description: YouTube]
> <https://www.youtube.com/user/ADPANZ>
>
>
> CAUTION - This message may contain privileged and confidential information
> intended only for the use of the addressee named above. If you are not the
> intended recipient of this message you are hereby notified that any use,
> dissemination, distribution or reproduction of this message is prohibited.
> If you have received this message in error please notify Automatic Data
> Processing Limited immediately. Any views expressed in this message are
> those of the individual sender and may not necessarily reflect the views of
> Automatic Data Processing Limited. If this email contains marketing
> material and you do not wish to receive any email marketing material from
> us in the future, please forward this email to unsubscribe@adp.com
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message