[xmlsec] WS-Security SOAP signing using xmlsec1

Davor Perkovac davor.perkovac at gmail.com
Tue Jun 11 04:51:40 PDT 2019


I tried many different combinations similar to the one you suggested,
but neither worked.
Could it be because Id attribute in <soapenv:Body> has a namespace prefix?

wsu:Id="..."

Is this causing problems?

Davor.

On 10.06.2019 22:51, Davor Perkovac wrote:
> This requires more parameters to xmlsec1
>
> I'm using version 1.2.20 for win32:
>
> xmlsec1.exe --version
> xmlsec1 1.2.20 (openssl)
>
> and it results in:
> xmlsec1.exe --verify
> --id-attr:Id:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> Example_SOAP_PKI_Echo_1_sent.xml
> Error: <file> parameter is required for this command
> Usage: xmlsec <command> [<options>] [<files>]
>
> I've pasted again this full/unchanged xml file, so it should be possible
> for you to try to verify it as well:
> https://pastebin.com/u7SqZTLB
>
> Davor.
>
> On 10.06.2019 19:22, Aleksey Sanin wrote:
>> Try something like this:
>>
>> --id-attr:Id:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>>
>>
>> Aleksey
>>
>> On 6/10/19 9:13 AM, Davor Perkovac wrote:
>>> Hi,
>>>
>>> I assume it should be possible possible to verify and sign SOAP message
>>> using WS-Security standard with xmlsec1 command line tool.
>>> I see there was already discussion about this or something similar -
>>> referring to Section 3.2 from the FAQ and I was reading it but somehow
>>> failed to apply it to my actual example.
>>>
>>>  From what I can see the problem is with setting the correct --id-attr
>>> parameter.
>>>
>>> Can someone please advise on how to verify (and then later also sign)
>>> wss SOAP XML which looks like the example here:
>>> https://pastebin.com/5Q3mUtNJ
>>>
>>>
>>> Thanks!
>>>
>>> Davor.
>>>
>>>
>>> _______________________________________________
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
>>> http://www.aleksey.com/mailman/listinfo/xmlsec
>>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20190611/32eb4431/attachment.html>


More information about the xmlsec mailing list