[CXF-5381] SAAJStreamWriter transforms DigestValue of custom signature - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.7.7
Fix Version/s: 2.7.8, 2.6.11
Component/s: Core
Labels:
None

Estimated Complexity:
Unknown

Description

I observe strange effect by processing custom signature in service inbound chain. End exception is: "Caused by: org.apache.xml.security.exceptions.Base64DecodingException: Error while decoding".

After a bit analyze I found that DigestValue of Signature is concatinated with DigestValue of another signature and therefore cannot be proceed by xml security (santuario).

Additional debugging shows that signature is broken by StaxUtils.copy(node, new SAAJStreamWriter(part)); in SAAJInInterceptor.
Value in node is still correct, but value in SOAPMessage is broken.

I attach a small project to illustrate the issue. Run mvn clean test for the project and compare DigestValue of Signature SIG-7D02FBC5A7AED81312138383830534822 in original request.xml and in output.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

saaj_test.zip
08/Nov/13 15:24
11 kB
Andrei Shakirin
request.xml
11/Nov/13 13:45
19 kB
Andrei Shakirin
request-transformed.xml
11/Nov/13 13:45
17 kB
Andrei Shakirin

Activity

People

Assignee:: Daniel Kulp

Reporter:: Andrei Shakirin

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Nov/13 15:23

Updated:: 26/Nov/13 17:40

Resolved:: 12/Nov/13 21:36