Uploaded image for project: 'Santuario'
  1. Santuario
  2. SANTUARIO-281

Invalid signature value when using XMLSignature in two EJB modules on AS

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • Java 1.4.5
    • Java 1.4.6
    • Java
    • Security Level: Public (Public issues, viewable by everyone)
    • None
    • JBoss 5.1, 6.0

    Description

      I'm using org.apache.xml.security.signature.XMLSignature to sign my document. First signature in first EJB module works fine, but second signature generated in second EJB module is invalid/different (using the same code, document, keys, certs etc.). References, certificates and key values in generated signatures are the same, only signature value is different.

      The same situation occurs after redeploying application if using only one EJB module.

      Classloader issue? I'm not sure if this is Santuario issue, maybe this is JBoss issue. Tested on JBoss 5.1 and 6.0.

      Attachments

        1. Santuario281.zip
          484 kB
          Tomasz Juchniewicz
        2. SignTest.zip
          13 kB
          Tomasz Juchniewicz
        3. xmlsec-1.4.6-SNAPSHOT.jar
          438 kB
          Colm O hEigeartaigh

        Activity

          People

            coheigea Colm O hEigeartaigh
            tjuchniewicz Tomasz Juchniewicz
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: