users@glassfish.java.net

JAXB namespace problems

From: Toma? Rotovnik <rotovnik.tomaz_at_gmail.com>
Date: Thu, 27 Oct 2011 17:00:34 +0200

Hi

I create a WS client and perform connection to the server. It includes
Reliable messaging, addressing feature and secure connection trough x509
certificate. I believe that the XML message which was sent had the next
structure:

<SendLDoc xmlns="http://earchive.gama-system.com/services">
<xdkLDoc>
<LDoc*:LDoc* xmlns*:LDoc*="http://schemas.posta.si/earchive/sendldoc.xsd"
version="1.0">
<PDocs xmlns="http://schemas.posta.si/earchive/sendldoc.xsd">
<PDoc>
<Binary>true</Binary>
<DataBinary
Id="Id-11111111-8c3a-4cf8-a42c-9f2c00a299ed">YmxhIGJsYQ0KaGVjDQo=</DataBinary>
<Filename>test1</Filename>
<FileExtension>txt</FileExtension>
<Signed>false</Signed>
<Encrypted>false</Encrypted>
<Signature*:Signature* xmlns*:Signature*="http://www.w3.org/2000/09/xmldsig#
">
<SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
...
<Reference URI="#Id-11111111-8c3a-4cf8-a42c-9f2c00a299ed">
...
</X509Certificate>
</X509Data>
</KeyInfo>
</Signature*:Signature*>
</PDoc>
</PDocs>
<Nodes xmlns="http://schemas.posta.si/earchive/sendldoc.xsd">
<Node>
<Code>WEBI</Code>
</Node>
</Nodes>
<Label xmlns="http://schemas.posta.si/earchive/sendldoc.xsd">WSIT5</Label>
<Author xmlns="http://schemas.posta.si/earchive/sendldoc.xsd">Tomaz</Author>
</LDoc*:LDoc*>
</xdkLDoc>
</SendLDoc>

The above message was received from logger on client side from the method
"public void encryptData(OutputStream eos)" which is part of
com.sun.xml.ws.security.opt.impl.enc.CryptoProcessor class (I set
logger.setLevel(Level.ALL);)

Unfortunatelly I would like to send message which will look like that:

<SendLDoc xmlns="http://earchive.gama-system.com/services">
<xdkLDoc>
<LDoc xmlns="http://schemas.posta.si/earchive/sendldoc.xsd" version="1.0">
<PDocs xmlns="http://schemas.posta.si/earchive/sendldoc.xsd">
<PDoc>
<Binary>true</Binary>
<DataBinary
Id="Id-11111111-8c3a-4cf8-a42c-9f2c00a299ed">YmxhIGJsYQ0KaGVjDQo=</DataBinary>
<Filename>test1</Filename>
<FileExtension>txt</FileExtension>
<Signed>false</Signed>
<Encrypted>false</Encrypted>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
...
<Reference URI="#Id-11111111-8c3a-4cf8-a42c-9f2c00a299ed">
...
</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</PDoc>
</PDocs>
<Nodes xmlns="http://schemas.posta.si/earchive/sendldoc.xsd">
<Node>
<Code>WEBI</Code>
</Node>
</Nodes>
<Label xmlns="http://schemas.posta.si/earchive/sendldoc.xsd">WSIT5</Label>
<Author xmlns="http://schemas.posta.si/earchive/sendldoc.xsd">Tomaz</Author>
</LDoc>
</xdkLDoc>
</SendLDoc>


As it can be seen I would like to send message without namespaces (LDoc and
Signature).

Is this possible?

I'm using metro library to create client WS call to .NET WS server. I'm
using JAXB elements and
JAXBContext.newInstance(class.getPackage().getName()).createMarshaller() to
map JAXB object to Document.
Then I sign the DataBinary tag and call WS sendLDoc to send Document to
server side.

The problem is when I sign DataBinary tag, server side returns error saying
wrong signature. I think the signature value is calculated on a *message
without namespaces*. If I remove above mentioned namespaces from mesage and
perform local validation on client side then the validation is successfull.

If I send the document without signed DataBinary tag server receives the
message with no error.

I already checked for \n\r characters in SignatureValue, Modulus and
X509Certificate tags and remove them.

Does anybody could suggest what I need to change on client side to
successfully transmit signed message to .NET WS server.

Best regards

Tomaz