Allowing "http://www.w3.org/TR/2001/REC-xml-c14n-20010315" in a STS request.

Latest response

I am implementing a secure token service with cxf in JBOSS EAP 6.3 and I am getting the following error:

DEBUG [org.apache.ws.security.processor.SignatureProcessor] (http-/192.168.192.22:8900-1) Verify XML Signature
DEBUG [org.apache.ws.security.components.crypto.AlgorithmSuiteValidator] (http-/192.168.192.22:8900-1) C14nMethod http://www.w3.org/TR/2001/REC-xml-c14n-20010315 does not match required value
WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (http-/192.168.192.22:8900-1) Interceptor for {http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: An error was discovered processing the <wsse:Security> header.
....
at org.apache.ws.security.components.crypto.AlgorithmSuiteValidator.checkC14nAlgorithm(AlgorithmSuiteValidator.java:77) [wss4j-1.6.15.redhat-1.jar:1.6.15.redhat-1]

The request contains the following element

How can I add http://www.w3.org/TR/2001/REC-xml-c14n-20010315 to the allowed Algorithm?

Responses

Hi

Can you raise a support case for this as we're going to need to see the full stack trace along with the WSDL and example requests/responses. If you have a reproducer please go ahead and upload this to the case too.

Thanks
Mustafa

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.