WSSE - Sign an element inside soapenv:Header

Ok, I have solved the problem.

Normally this code should work in my situation.

//strange static method from apache o.O
org.apache.xml.security.Init.init();
List<WSEncryptionPart> wsEncryptionParts = new ArrayList<>();
WSEncryptionPart somethingPart = new WSEncryptionPart("something","somethingNamespace","");
wsEncryptionParts.add(somethingPart);
sign.addReferencesToSign(wsEncryptionParts);

Nevertheless, It doesn't work. It always throws an exception:

org.apache.wss4j.common.ext.WSSecurityException: No message with ID "noXMLSig" found in resource bundle "org/apache/xml/security/resource/xmlsecurity". Original Exception was a org.apache.wss4j.common.ext.WSSecurityException and message No message with ID "noEncElement" found in resource bundle "org/apache/xml/security/resource/xmlsecurity"

I could not find an answer to what is wrong with my soap message or code.

However, after a time of debugging of org.apache.wss4j.dom.message.WSSecSignature. I felt that something is wrong with the class. I decided to modify a method build(Crypto cr).

public Document build(Crypto cr) throws WSSecurityException {
        LOG.debug("Beginning signing...");
        this.prepare(cr);
        if (this.getParts().isEmpty()) {
            this.getParts().add(WSSecurityUtil.getDefaultEncryptionPart(this.getDocument()));

            // --- Here is my edit - And it works!

            WSEncryptionPart aaa = new WSEncryptionPart("something","somethingNamespace","");
            this.getParts().add(aaa);

            // ----------------------------------

        } else {
            Iterator var2 = this.getParts().iterator();

            label33:
            while(true) {
                while(true) {
                    if (!var2.hasNext()) {
                        break label33;
                    }

                    WSEncryptionPart part = (WSEncryptionPart)var2.next();
                    if (part.getId() == null && "STRTransform".equals(part.getName())) {
                        part.setId(this.strUri);
                    } else if ("KeyInfo".equals(part.getName()) && "http://www.w3.org/2000/09/xmldsig#".equals(part.getNamespace()) && part.getElement() == null) {
                        Element keyInfoElement = this.getKeyInfoElement();
                        part.setElement(keyInfoElement);
                    }
                }
            }
        }

        List<javax.xml.crypto.dsig.Reference> referenceList = this.addReferencesToSign(this.getParts());
        this.computeSignature(referenceList);
        if (this.bstToken != null) {
            this.prependBSTElementToHeader();
        }

        return this.getDocument();
    }

Of course, the solution is quite weak. Yet, at least it works now.

The problem exists in the newest version:

wss4j-ws-security-dom 2.2.2

wss4j-ws-security-common 2.2.2

Tags:

Web Services

Java

Soap

Soapui

Wss4J

Related

How to enable LHLS in FFMPEG 4.1? Keychain Query Always Returns errSecItemNotFound After Upgrading to iOS 13 SwiftUI: Putting multiple BindableObjects into Environment What is the difference between Java intrinsic and native methods? Equivalence of slicing tensor in Pytorch/ATen C++ Why is this NuGet dependency missing when compiling .NET Framework project depending on .NET Standard? How to fix (node:12388) [DEP0066] DeprecationWarning: OutgoingMessage.prototype._headers is deprecated in windows How to fix "Call requires API level 26 (current min is 25) " error in Android Duplicated classes found in modules classes.jar Using list.count to sort a list in-place using .sort() does not work. Why? Why does a pipe remove the branch names from git log? Fill NAs in R with zero if the next valid data point is more than 2 intervals away

Recent Posts