Menu
▾
▴
RE: [ebxmlms-general] Digital signature
|
From: Larchier C. <cla...@ax...> - 2003-11-18 14:07:24
|
Patrick, =20 The problem was a bad version of xalan.jar I have downloaded the last version (2.5.2) and now it works with my = tomcat 4.1.27. Thanks for your help. =20 Christophe -----Message d'origine----- De : ebx...@li... = [mailto:ebx...@li...]De la part de = Patrick Yee Envoy=E9 : lundi 17 novembre 2003 17:07 =C0 : ebx...@li... Objet : Re: [ebxmlms-general] Digital signature Christophe, =20 But this seems only showing the traffic from outgoing message. What has = TCPMon captured in the incoming message? And can you please send to us = the msh.log file? =20 Regards, -Patrick =20 ----- Original Message -----=20 From: Larchier <mailto:cla...@ax...> Christophe=20 To: ebx...@li...=20 Sent: Monday, November 17, 2003 11:04 PM Subject: RE: [ebxmlms-general] Digital signature Patrick, =20 Finaly, I succeed to use TCPMon in listener mode. Here is the http message : =20 OST / HTTP/1.1 =20 Content-Type: multipart/related; type=3D"text/xml"; = boundary=3D"----=3D_Part_29_17303670.1069076816312"; charset=3D"utf-8"; = start=3D"<soappart>" =20 SOAPAction: ebXML =20 Content-Length: 4463 =20 User-Agent: Java/1.4.1_03 =20 Host: localhost =20 Accept: text/html, image/gif, image/jpeg, *; q=3D.2, */*; q=3D.2 =20 Connection: keep-alive =20 =20 =20 ------=3D_Part_29_17303670.1069076816312 =20 Content-Type: text/xml =20 Content-Transfer-Encoding: binary =20 Content-Id: <soappart> =20 =20 =20 <?xml version=3D"1.0" encoding=3D"UTF-8"?> <soap-env:Envelope xmlns:soap-env=3D" = http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi=3D" = http://www.w3.org/2001/XMLSchema-instance" xmlns:xlink=3D" = http://www.w3.org/1999/xlink" xsi:schemaLocation=3D" = http://schemas.xmlsoap.org/soap/envelope/ = <http://www.oasis-open.org/committees/ebxml-msg/schema/envelope.xsd> = http://www.oasis-open.org/committees/ebxml-msg/schema/envelope.xsd"><soap= -env:Header xsi:schemaLocation=3D" = http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd = = <http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd= > = http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd"= ><eb:MessageHeader xmlns:eb=3D" = http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd"= eb:version=3D"2.0" = soap-env:mustUnderstand=3D"1"><eb:From><eb:PartyId>http://localhost:8080/= msh</eb:PartyId></eb:From><eb:To><eb:PartyId>http://localhost:8282</eb:Pa= rtyId></eb:To><eb:CPAId>CPA_2002</eb:CPAId><eb:ConversationId>Item_No_128= </eb:ConversationId><eb:Service>http://www.cecid.hku.hk/ebxml/service</eb= :Service><eb:Action>Order</eb:Action><eb:MessageData><eb:MessageId>200311= 17-134652218-CPA_2002.http://www.cecid.hku.hk/ebxml/service.Order.6@172.1= 6.161.154</eb:MessageId><eb:Timestamp>2003-11-17T13:46:52Z</eb:Timestamp>= </eb:MessageData></eb:MessageHeader><ds:Signature xmlns:ds=3D" = http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm=3D" = <http://www.w3.org/TR/2001/REC-xml-c14n-20010315> = http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:CanonicalizationMet= hod> <ds:SignatureMethod Algorithm=3D" = <http://www.w3.org/2000/09/xmldsig#dsa-sha1> = http://www.w3.org/2000/09/xmldsig#dsa-sha1"></ds:SignatureMethod> <ds:Reference URI=3D""> <ds:Transforms> <ds:Transform Algorithm=3D" = <http://www.w3.org/2000/09/xmldsig#enveloped-signature> = http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform> <ds:Transform Algorithm=3D" = http://www.w3.org/TR/1999/REC-xpath-19991116"> <ds:XPath>not(ancestor-or-self::node()[@soap-env:actor=3D"urn:oasis:names= :tc:ebxml-msg:actor:nextMSH"] | = ancestor-or-self::node()[@soap-env:actor=3D" = <http://schemas.xmlsoap.org/soap/actor/next> = http://schemas.xmlsoap.org/soap/actor/next"])</ds:XPath> </ds:Transform> <ds:Transform Algorithm=3D" = <http://www.w3.org/TR/2001/REC-xml-c14n-20010315> = http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm=3D" <http://www.w3.org/2000/09/xmldsig#sha1> = http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue>FnX6dxx6xVfzEUKWeplzmlf6sms=3D</ds:DigestValue> </ds:Reference> <ds:Reference URI=3D"cid:Payload-0"> <ds:DigestMethod Algorithm=3D" <http://www.w3.org/2000/09/xmldsig#sha1> = http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue>rXe6R+MQUXLN+9rnsG9JA30sElE=3D</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>kg9+FDNhq4qADjPOd7v1YXGo0vZrv7lPASvW71c3UvagAyaHV3V4Zg= =3D=3D</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> MIIDJTCCAuICBD+x8fAwCwYHKoZIzjgEAwUAMHgxCzAJBgNVBAYTAkZSMRUwEwYDVQQIEwxIY= XV0 ZS1TYXZvaWUxGDAWBgNVBAcTD0FubmVjeSBsZSBWaWV1eDETMBEGA1UEChMKU29wcmFHcm91c= DEO MAwGA1UECxMFQXh3YXkxEzARBgNVBAMTCkNocmlzdG9waGUwHhcNMDMxMTEyMDg0MDE2WhcNM= DQw MjEwMDg0MDE2WjB4MQswCQYDVQQGEwJGUjEVMBMGA1UECBMMSGF1dGUtU2F2b2llMRgwFgYDV= QQH Ew9Bbm5lY3kgbGUgVmlldXgxEzARBgNVBAoTClNvcHJhR3JvdXAxDjAMBgNVBAsTBUF4d2F5M= RMw EQYDVQQDEwpDaHJpc3RvcGhlMIIBtzCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9Kn= C7s 5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClp= J+f 6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RS= AHH AhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMC= z0H gmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C= /oh NWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYQAAoGACgp0fZI2/= fLj FAswnTiG4y3optT510AKXXqiqOX46zbT1VTsLmpPXUjR68SW6J0GllTLlPwGNVC6Fxylu9Md7= /z2 LZ6krAHQEsS39jnQqY1G+mSTHl6B+gkxpLPjm3kW/49k/4kjFSbcypnmdzruqs/tn5rV4CQgV= Z8/ ZeE+qj0wCwYHKoZIzjgEAwUAAzAAMC0CFQCByj7heG8HJjn+OUfYaPOAVhR7RQIUVNJVbo+W4= NwP RPGXWo56VMCUe4g=3D </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature></soap-env:Header><soap-env:Body xsi:schemaLocation=3D" = http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd = = <http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd= > = http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd"= ><eb:Manifest xmlns:eb=3D" = http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd"= eb:version=3D"2.0"><eb:Reference eb:id=3D"Payload-0" = xlink:type=3D"simple" = xlink:href=3D"cid:Payload-0"/></eb:Manifest></soap-env:Body></soap-env:En= velope> =20 ------=3D_Part_29_17303670.1069076816312 =20 Content-Type: application/octet-stream =20 Content-Transfer-Encoding: binary =20 Content-Id: <Payload-0> =20 =20 =20 <po/> =20 ------=3D_Part_29_17303670.1069076816312-- =20 =20 =20 =20 For me, it seems to be good. Do you see something anormal? =20 Christophe =20 -----Message d'origine----- De : ebx...@li... = [mailto:ebx...@li...]De la part de = Patrick Yee Envoy=E9 : samedi 15 novembre 2003 15:19 =C0 : ebx...@li... Objet : Re: [ebxmlms-general] Digital signature Christophe, =20 So you have send out the message twice using Monitor, once without using = digital signature, once with digital signature, right? Are you using = exactly the same parameters in Monitor, with only the digital signature = check box in the latter case? =20 If the answer is yes, we have still no clue about what's happening in = your case. To further investigate, you can try to grab a very useful = tool called TCPMon from Apache AXIS project. This tool should be = installed between your Monitor and the MSH server, and it can help you = to capture all the HTTP level traffic between Monitor and MSH server, = and then forward the captured traffic out as a proxy.=20 =20 It will be useful to capture the text/plain message to see the cause. =20 Regards, -Patrick =20 ----- Original Message -----=20 From: Larchier <mailto:cla...@ax...> Christophe=20 To: ebx...@li...=20 Sent: Friday, November 14, 2003 3:31 PM Subject: RE: [ebxmlms-general] Digital signature It's a loopback test. Note that the loopback test without digital signature works fine. =20 Christophe -----Message d'origine----- De : ebx...@li... = [mailto:ebx...@li...]De la part de = Patrick Yee Envoy=E9 : jeudi 13 novembre 2003 11:32 =C0 : ebx...@li... Objet : Re: [ebxmlms-general] Digital signature Larchier, Where did you send the message to? It seems that the target end sent = back a message that is not comprehensible by Hermes. Regards, -Patrick Larchier Christophe wrote: Hi all,=20 With the MSH monitor, when I send a message with digital signature, I = get the following message in the Tomcat console :=20 javax.xml.soap.SOAPException: Invalid Content-Type:text/plain=20 at = com.sun.xml.messaging.saaj.soap.MessageImpl.verify(MessageImpl.java:159) = at = com.sun.xml.messaging.saaj.soap.MessageImpl.<init>(MessageImpl.java:91)=20 at = com.sun.xml.messaging.saaj.soap.MessageFactoryImpl.createMessage(MessageF= actoryImpl.java:32)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPCon= nection.java:333)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.= run(HttpSOAPConnection.java:142)=20 at java.security.AccessController.doPrivileged(Native Method)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPCon= nection.java:115)=20 at = hk.hku.cecid.phoenix.message.transport.HttpServlet.send(Unknown Source)=20 at hk.hku.cecid.phoenix.message.handler.HttpSender.run(Unknown = Source)=20 javax.xml.soap.SOAPException: Unable to internalize message=20 at = com.sun.xml.messaging.saaj.soap.MessageImpl.<init>(MessageImpl.java:135) = at = com.sun.xml.messaging.saaj.soap.MessageFactoryImpl.createMessage(MessageF= actoryImpl.java:32)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPCon= nection.java:333)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.= run(HttpSOAPConnection.java:142)=20 at java.security.AccessController.doPrivileged(Native Method)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPCon= nection.java:115)=20 at = hk.hku.cecid.phoenix.message.transport.HttpServlet.send(Unknown Source)=20 at hk.hku.cecid.phoenix.message.handler.HttpSender.run(Unknown = Source)=20 Caused by: javax.xml.soap.SOAPException: Invalid Content-Type:text/plain = at = com.sun.xml.messaging.saaj.soap.MessageImpl.verify(MessageImpl.java:159) = at = com.sun.xml.messaging.saaj.soap.MessageImpl.<init>(MessageImpl.java:91)=20 ... 7 more=20 java.security.PrivilegedActionException: javax.xml.soap.SOAPException: = Unable to internalize message=20 at java.security.AccessController.doPrivileged(Native Method)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPCon= nection.java:115)=20 at = hk.hku.cecid.phoenix.message.transport.HttpServlet.send(Unknown Source)=20 at hk.hku.cecid.phoenix.message.handler.HttpSender.run(Unknown = Source)=20 Caused by: javax.xml.soap.SOAPException: Unable to internalize message=20 at = com.sun.xml.messaging.saaj.soap.MessageImpl.<init>(MessageImpl.java:135) = at = com.sun.xml.messaging.saaj.soap.MessageFactoryImpl.createMessage(MessageF= actoryImpl.java:32)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPCon= nection.java:333)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.= run(HttpSOAPConnection.java:142)=20 ... 4 more=20 After few minutes, I receive an error message : "Delivery failure".=20 Thanks for your help.=20 ______________________________________=20 Christophe Larchier=20 Axway.=20 a Sopra Group company.=20 3, rue de Pr=E9 Faucon=20 PAE - Les Glaisins - BP238=20 F-74942 Annecy-le-Vieux Cedex=20 * +33 (0)4 50 33 31 55=20 ______________________________________=20 ------------------------------------------------------- This SF.Net = email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn = firsthand the latest developments in Apache, PHP, Perl, XML, Java, = MySQL, WebDAV, and more! http://www.apachecon.com/ = _______________________________________________ ebxmlms-general mailing = list ebx...@li... = https://lists.sourceforge.net/lists/listinfo/ebxmlms-general=20 |
