mace-opensaml-users - namespace in signature
Subject: OpenSAML user discussion
List archive
- From: "Exjobb Nexus" <>
- To:
- Subject: namespace in signature
- Date: Tue, 29 May 2007 14:42:06 +0200
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=bYpZvNSLPk0MnsBl5rSGDq4IU8gj+TqkFSzlHXNI+MzenUViT9ElmjZJEJFwuUYiwkjrF8sYiPlggLa1EgniwiMh0bH8Of6g0jxp85QNGDKQ5nwDxKnu/yUk9ZuPmrPSZhMgvlNWscU1neW1ggcLnZ07AHikHqh3DlB/7RA2w8w=
Hello!
I am trying to build an assertion containing a signature. But the resulting assertion gets screwed up.
Code:
SignatureBuilder signatureBuilder = (SignatureBuilder) builderFactory.getBuilder(Signature.DEFAULT_ELEMENT_NAME );
Signature signature = signatureBuilder.buildObject();
SAMLObjectContentReference samlObjRef = new SAMLObjectContentReference(assertion);
... creating keyinfo using server certificate
signature.setCanonicalizationAlgorithm (SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signature.setSignatureAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_RSA);
signature.getContentReferences().add(samlObjRef);
assertion.setSignature(signature);
The resulting assertion (part of it):
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo xmlns:ds=" http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds=" http://www.w3.org/2000/09/xmldsig#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" xmlns:ds=" http://www.w3.org/2000/09/xmldsig#"/>
<ds:Reference URI="#_985f08fda9b2acfdaab5b66e07253979acb6a00d" xmlns:ds="http://www.w3.org/2000/09/xmldsig# ">
<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:Transform Algorithm=" http://www.w3.org/2000/09/xmldsig#enveloped-signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:Transform Algorithm=" http://www.w3.org/2001/10/xml-exc-c14n#WithComments" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ec:InclusiveNamespaces PrefixList="ds saml" xmlns:ec=" http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm=" http://www.w3.org/2001/04/xmlenc#sha256" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:DigestValue xmlns:ds=" http://www.w3.org/2000/09/xmldsig#">pTnhmVLded3L5ZaQITSGjKW3A/3AnSeAYgOl9s6/5rI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue xmlns:ds=" http://www.w3.org/2000/09/xmldsig#">
...
</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>...
As you can see the namespace ds is redefined everywhere (xmlns:ds=" http://www.w3.org/2000/09/xmldsig#").
I would like it to be defined once in the signature-tag. Can´t figure out how. Can someone help me?
Regars/
Lars Kongo
- namespace in signature, Exjobb Nexus, 05/29/2007
- RE: namespace in signature, Scott Cantor, 05/29/2007
- URLMetadataProvider with public constructor, Pedro Navarro Pérez, 05/30/2007
- Re: URLMetadataProvider with public constructor, Chad La Joie, 05/30/2007
- URLMetadataProvider with public constructor, Pedro Navarro Pérez, 05/30/2007
- Re: namespace in signature, Brent Putman, 05/29/2007
- RE: namespace in signature, Scott Cantor, 05/29/2007
Archive powered by MHonArc 2.6.16.