ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Harris, Andrew" <>
Subject Order of elements in the Security Header when signing
Date Thu, 13 Jul 2017 03:41:44 GMT
I am using WSS4J to sign a SOAP message. I currently add a timestamp to the WSSecHeader and
add it as one of the Parts to sign and then sign the message.

When I sign the message the BST and Security Elements are prepended to the WSSecHeader and
therefore I end up with :

<wsse:BinarySecurityToken />
<ds:Signature />
<wsu:Timestamp />

But I am being told an error I am getting may be because it should be:

<wsu:Timestamp />
<wsse:BinarySecurityToken />
<ds:Signature />

I have traced the code to the line "sig.sign(signContext);" in the computeSignature method
in WSSecSignature. The sig object is an Apache implementation (
of javax.xml.crypto.dsig. XMLSignature which appears to always insert the signature as the
first item in the Security element.

Any thoughts on how to get what I am after?


Andrew Harris | Architecture & Design Manager<> | +61 3 9566 7125 | +61 4 1859 9547
Level 1,6 Nexus Crt, Mulgrave Vic 3170
[Description: Description: Description: Description: Description: email-logo]<>[Description:
Description: Description: Description: Description: LinkedIn]<>[Description:
Description: Description: Description: Description: Twitter]<>[Description:
Description: Description: Description: Description: YouTube]<>

CAUTION - This message may contain privileged and confidential information intended only for
the use of the addressee named above. If you are not the intended recipient of this message
you are hereby notified that any use, dissemination, distribution or reproduction of this
message is prohibited. If you have received this message in error please notify Automatic
Data Processing Limited immediately. Any views expressed in this message are those of the
individual sender and may not necessarily reflect the views of Automatic Data Processing Limited.
If this email contains marketing material and you do not wish to receive any email marketing
material from us in the future, please forward this email to

View raw message