Skip to Content.
Sympa Menu

mace-opensaml-users - namespace in signature

Subject: OpenSAML user discussion

List archive

namespace in signature


Chronological Thread 
  • From: "Exjobb Nexus" <>
  • To:
  • Subject: namespace in signature
  • Date: Tue, 29 May 2007 14:42:06 +0200
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=bYpZvNSLPk0MnsBl5rSGDq4IU8gj+TqkFSzlHXNI+MzenUViT9ElmjZJEJFwuUYiwkjrF8sYiPlggLa1EgniwiMh0bH8Of6g0jxp85QNGDKQ5nwDxKnu/yUk9ZuPmrPSZhMgvlNWscU1neW1ggcLnZ07AHikHqh3DlB/7RA2w8w=

Hello!

I am trying to build an assertion containing a signature. But the resulting assertion gets screwed up.

Code:

SignatureBuilder signatureBuilder = (SignatureBuilder) builderFactory.getBuilder(Signature.DEFAULT_ELEMENT_NAME );
Signature signature = signatureBuilder.buildObject();
SAMLObjectContentReference samlObjRef = new SAMLObjectContentReference(assertion);

... creating keyinfo using server certificate

signature.setCanonicalizationAlgorithm (SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signature.setSignatureAlgorithm(XMLSignature.ALGO_ID_SIGNATURE_RSA);
signature.getContentReferences().add(samlObjRef);          
assertion.setSignature(signature);


The resulting assertion (part of it):

<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo xmlns:ds=" http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds=" http://www.w3.org/2000/09/xmldsig#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" xmlns:ds=" http://www.w3.org/2000/09/xmldsig#"/>
<ds:Reference URI="#_985f08fda9b2acfdaab5b66e07253979acb6a00d" xmlns:ds="http://www.w3.org/2000/09/xmldsig# ">
<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:Transform Algorithm=" http://www.w3.org/2000/09/xmldsig#enveloped-signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:Transform Algorithm=" http://www.w3.org/2001/10/xml-exc-c14n#WithComments" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ec:InclusiveNamespaces PrefixList="ds saml" xmlns:ec=" http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm=" http://www.w3.org/2001/04/xmlenc#sha256" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:DigestValue xmlns:ds=" http://www.w3.org/2000/09/xmldsig#">pTnhmVLded3L5ZaQITSGjKW3A/3AnSeAYgOl9s6/5rI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue xmlns:ds=" http://www.w3.org/2000/09/xmldsig#">
...
</ds:SignatureValue>
<ds:KeyInfo><ds:X509Data><ds:X509Certificate>...


As you can see the namespace ds is redefined everywhere (xmlns:ds=" http://www.w3.org/2000/09/xmldsig#").
I would like it to be defined once in the signature-tag. Can´t figure out how. Can someone help me?

Regars/
Lars Kongo






Archive powered by MHonArc 2.6.16.

Top of Page