问题
I have a spec asking for a SOAP body that looks like the example below. Based on my understanding of JAX-RS (see this page) this involves creating an "enveloped signature" of the body, but I'm not finding documentation on created enveloped signatures for JAX-WS.
All my attempts to specify individual parts to sign cause additional xml to appear in the header, but I'm unable determine how to sign a part of the body and have the signature appear within the body. Also please note that the signature is a sub-element of the bodyComponent in the example I've been given.
<soap:Body xmlns:wsu="http://some.xsd" wsu:Id="id-2">
<ns2:requestDef xmlns:ns2="http://some-namespace" xmlns="http://another-namespace" xmlns:ns4="http://yet-another-namespace">
<bodyComponent xmlns = "urn:a:namespace">
<bodySubComponent>TEST-01</bodySubComponent>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethodAlgorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>+d1GesY2VzMS8wFAYDVQQD=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>+s1GesY2VzMS8wFAYDVQQD= +d1GesY2VzMS8wFAYDVQQD= +d1GesY2VzMS8wFAYDVQQD= +d1GesY2VzMS8wFAYDVQQD= +d1GesY2VzMS8wFAYDVQQD=</SignatureValue>
<KeyInfo>
<X509Data>
<X509SubjectName>CN=A,OU=B,OU=C, OU=D,O=E,C=F</X509SubjectName>
<X509Certificate>+x509Y2VzMS8wFAYDVQQD=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</bodyComponent>
</ns2:requestDef>
</soap:Body>
Using WSHandlerConstants.SIGNATURE_PARTS all values are appearing in the Header. Is what I'm trying to do even possible via CXF?
来源:https://stackoverflow.com/questions/22613582/how-to-create-enveloped-signatures-in-soap-with-cxf