Hi All
This is with reference to a custom WS Security implementation at our end which we are trying to replace with standard WSSecurity Module of Integration Server 8.2 SP2.Our partner requires us to send soap messages initialized with the parameters canonicalizationMethod=C14N_EXCL_OMIT_COMMENTS, keyIdentifierType=ISSUER_SERIAL but SAG webMethods documentation says there is no support for C14N Canonicalization Algorithm.Does anyone know if there is a way to achieve above in 8.2 SP2.
Hi Frank
Basically webMethods have support for canonicalization to the extent the underlying xml security library supports it and the underlying security implementation has been taken from Apache.
In my case I tried with a custom policy file provided by the communicating partner as none of the webMethods provided out of the box policies were sufficient for my requirement.
For more information you can refer to the details of SR which I raised to SAG.
so far I’ve loaded the xmlsec-1.5.6.jar to C:\SoftwareAG\IntegrationServer\lib\jars and then tried to use the c14n method in a java service, however the compile of the service fails with the error
C:\SoftwareAG\IntegrationServer\packages\c14n\code\source\c14n.java:62: cannot find symbol symbol : constructor ByteArrayInputStream(java.lang.Object) location: class java.io.ByteArrayInputStream Document doc = documentBuilder.parse(new ByteArrayInputStream(node));
public final class canonDirect_SVC
{
public static final void canonDirect(IData pipeline) throws ServiceException {
org.apache.xml.security.Init.init();
DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();
dfactory.setNamespaceAware(true);
dfactory.setValidating(true);
DocumentBuilder documentBuilder = null;
try {
documentBuilder = dfactory.newDocumentBuilder();
} catch (ParserConfigurationException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
// this is to throw away all validation warnings
documentBuilder.setErrorHandler(new org.apache.xml.security.utils.IgnoreAllErrorHandler());
String myString = "<start>Hello</start>";
ByteArrayInputStream stream = new ByteArrayInputStream(myString.getBytes());
Document doc = null;
try {
doc = documentBuilder.parse(stream);
} catch (SAXException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
My project requirement was to implement Exclusive XML Canonicalization 1.0 With Comments algorithm and I did the same with a simple JAVA service and it working as expected on wM 7.
Myself and Lachlan had a discussion offline in regards to this subject and he found it to be a good candidate for Tundra. I gave him the required details (Apache Santuario XML Security library). In addition, he has implemented the below algorithm :
Canonical XML Version 1.0
Canonical XML Version 1.0 With Comments
Canonical XML Version 1.1
Canonical XML Version 1.1 With Comments
Exclusive Canonical XML Version 1.0
Exclusive Canonical XML Version 1.0 With Comments