Announcement Announcement Module
Collapse
No announcement yet.
Signature verification using Spring WS 1.0 + Castor XML 1.1.1 + XWSS 3.0 Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Signature verification using Spring WS 1.0 + Castor XML 1.1.1 + XWSS 3.0

    I'm using a standard web service client extending WebServiceGatewaySupport which perform XWSS Signature on messages.

    If I use XMLBeans for marshalling the code works fine, but if I use Castor for marshalling, WebSphere 6.1 returns following error:
    Code:
    org.springframework.ws.soap.client.SoapFaultClientException: com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5620E: Error verifying signature: Core validity=false Signed info validity=true Signed info message='null' Ref[java.util.HashMap$KeyIterator@4bfc4bfc](validity=false message='Digest value mismatch: calculated: NoZcIy+Zua1zYIetixBt2Kogfe8=' uri='#XWSSGID-12402971827962088034037' type='null').
    It's just the same code with different marshalling setters.

    Even I've forced UTF-8 encoding for messages without success.

    Thanks in advance.

  • #2
    Solution

    Maybe this is now the best solution, but it works.

    It seems setting UTF-8 to message it's not enough. So, I'm encoding the SAAJ Message before doing the signature.

    Something like this.

    Code:
    Object result = wst.marshalSendAndReceive(input,
        new WebServiceMessageCallback() {
      
          public void doWithMessage(WebServiceMessage message) throws IOException {
            
            SaajSoapMessage saajSoapMessage = (SaajSoapMessage) message;
            SaajSoapMessage wsm = null;
    
            // UTF-8 encoding
            try {
              ByteArrayOutputStream os = new ByteArrayOutputStream();
              message.writeTo(os);
              StringBuilder sm = new StringBuilder(os.toString());
              os.close();
              ByteArrayInputStream is = new ByteArrayInputStream(sm.toString().getBytes("UTF-8"));
              wsm = (SaajSoapMessage)getWebServiceTemplate().getMessageFactory().createWebServiceMessage(is);
              saajSoapMessage.setSaajMessage(wsm.getSaajMessage());
              is.close();
            } catch (Exception e) {
              e.printStackTrace();
            }
    
            SOAPMessage saajMessage = saajSoapMessage.getSaajMessage();
            try {
              ProcessingContext context = new ProcessingContext();
              context.setSOAPMessage(saajMessage);
              SOAPMessage securedMessage = cprocessor.secureOutboundMessage(context);
              saajSoapMessage.setSaajMessage(securedMessage);
            } catch (XWSSecurityException e) {
              throw new XwsSecuritySecurementException(e.getMessage());
            }
    
          }
        });

    Comment

    Working...
    X