ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gene B. (JIRA)" <>
Subject [jira] [Created] (WSS-508) When using "add inclusive prefixes" and EXC C14N - signature cannot be validated
Date Wed, 20 Aug 2014 19:38:29 GMT
Gene B. created WSS-508:

             Summary: When using "add inclusive prefixes" and EXC C14N - signature cannot
be validated
                 Key: WSS-508
             Project: WSS4J
          Issue Type: Bug
          Components: WSS4J Core
    Affects Versions: 2.0.1, 2.0.0
         Environment: WAS 7.x, IBM JDK 1.6, WebSphere JAX-WS stack, MS Windows.
            Reporter: Gene B.
            Assignee: Colm O hEigeartaigh

Security implemented using WSS4J securement/validation action approach. We are trying to sign
the body.
The provider is a JAX-WS service running on WebSphere JAX-WS stack. Custom handler uses WSS4j
to validate security. 
The consumer is a WebSphere JAX-WS dispatch client – also attaching custom security handler.
Signature can be validated on the provider side when EXC C14N canonicalization is specified
with BST compliance flag relaxed. That is because when we chose to add “InclusiveNamespaces”
“PrefixList” on the consumer side, verification fails.
When the same test is done with the SOAP UI – signature verifies Ok – so I am blaming
the consumer – the signing process - not verification process.
I am attaching a log file which shows verification failure when the InclusiveNamespaces option
is used. If not for this option – this verification would’ve been a success.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message