glassfishrobot
commented
13 years ago Reported by yonghe
Open glassfishrobot opened 13 years ago
glassfishrobot
commented
13 years ago Reported by yonghe
glassfishrobot
commented
13 years ago @vbkumarjayanti said: Can you tell how to reproduce this in a unit-test on a Non Windows System. Specifically i tried the following (invoking the Metro Canonicalizer on the input XML being discussed on the other thread with Microsoft and i am not seeing any issues. The output is similar to what Microsoft claims is correct.
---------Test------- package canonicalizertest;
import com.sun.xml.stream.buffer.MutableXMLStreamBuffer; import com.sun.xml.stream.buffer.stax.StreamWriterBufferCreator; import com.sun.xml.wss.XWSSecurityException; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.StringReader; import javax.xml.stream.XMLInputFactory; import javax.xml.stream.XMLOutputFactory; import javax.xml.stream.XMLStreamReader; import javax.xml.stream.XMLStreamWriter;
public class Main {
/**
XMLInputFactory fact = XMLInputFactory.newInstance();
StringBuilder s = new StringBuilder();
s.append("
;
com.sun.xml.wss.impl.c14n.StAXEXC14nCanonicalizerImpl canon = new com.sun.xml.wss.impl.c14n.StAXEXC14nCanonicalizerImpl();
XMLOutputFactory xof = XMLOutputFactory.newInstance(); ByteArrayOutputStream baos = new ByteArrayOutputStream(); MutableXMLStreamBuffer buffer = new MutableXMLStreamBuffer(); StreamWriterBufferCreator bCreator = new StreamWriterBufferCreator(buffer);
XMLStreamWriter writer = canon; canon.setStream(baos); XMLStreamWriter writer_tmp = (XMLStreamWriter) bCreator;
while (!(XMLStreamReader.END_DOCUMENT == reader.getEventType()))
{ com.sun.xml.ws.security.opt.impl.util.StreamUtil.writeCurrentEvent(reader, writer_tmp); reader.next(); }
buffer.writeToXMLStreamWriter(writer); writer.close(); try
{ baos.close(); }
catch (IOException ex)
{ throw new XWSSecurityException("Error occurred while trying to convert SAMLAssertion stream into DOM Element", ex); }
System.out.println("canonicalized output:\n" + baos.toString());
}
canonicalized output:
Thanks
glassfishrobot
commented
13 years ago yonghe said: Please see the newly submitted zip file for details on how to repro the bug.
Yonghe
glassfishrobot
commented
13 years ago yonghe said: Please see ReadMe.txt for running Windows stuff
glassfishrobot
commented
13 years ago @vbkumarjayanti said: I had filed an issue on SJSXP thinking that it is a problem with SJSXP, but they have gotten back with the same justification that MS has given :
And here is the reply :
I believe the API is doing the correct thing by translating '\r\n' or '\r' to '\n'.
http://www.w3.org/TR/xml/#sec-line-ends
So now i am confused what exactly is the bug in your analysis on the Java/Metro Side. Earlier i assumed that the processing of \r\n is the problem but from what i see, the Canonicalizer in Metro never sees a \r instead it will always see a \n. Also unit-testing the canonicalizer shows the same output as MS.
I am going to ask my QE to setup the Test app that you have provided so we can try to reproduce and debug. But if you have any thoughts on what exactly is the bug that will help.
glassfishrobot
commented
13 years ago File: [WSIT-1535 Repro.zip](https://java.net/jira/secure/attachment/45611/WSIT-1535 Repro.zip) Attached By: yonghe
glassfishrobot
commented
13 years ago Was assigned to nitkal
glassfishrobot
commented
7 years ago This issue was imported from java.net JIRA WSIT-1535
When a string of "First line0x0D0x0ASecond line" is sent from a service implemented in MS .NET 4.0, the Java client created by Metro 2.1 will fail because of a digest verification error.
A bug was filed to MS and they are saying that it should be a bug at java side: https://connect.microsoft.com/VisualStudio/feedback/details/631605/string-digest-verification-failure-in-java-ws-security-client.
You may use the attached code to reproduce the bug.
The exceptions:
SEVERE: WSS1717: Error occurred while doing digest verification of body/payload javax.xml.crypto.dsig.XMLSignatureException: WSS1717: Error occurred while doing digest verification of body/payload at com.sun.xml.ws.security.opt.impl.incoming.processor.StreamingPayLoadDigester.accept(StreamingPayLoadDigester.java:109) at com.ctc.wstx.stax.FilteredStreamReader.next(FilteredStreamReader.java:45) at com.sun.xml.ws.security.opt.impl.util.VerifiedMessageXMLStreamReader.next(VerifiedMessageXMLStreamReader.java:86) at com.sun.xml.stream.buffer.stax.StreamReaderBufferCreator.storeElementAndChildrenNoEx(StreamReaderBufferCreator.java:245) at com.sun.xml.stream.buffer.stax.StreamReaderBufferCreator.storeElementAndChildren(StreamReaderBufferCreator.java:177) at com.sun.xml.stream.buffer.stax.StreamReaderBufferCreator.store(StreamReaderBufferCreator.java:142) at com.sun.xml.stream.buffer.stax.StreamReaderBufferCreator.create(StreamReaderBufferCreator.java:82) at com.sun.xml.ws.security.opt.impl.incoming.VerifiedStreamMessage.copy(VerifiedStreamMessage.java:447) at com.sun.xml.ws.api.message.Packet.copy(Packet.java:220) at com.sun.xml.ws.dump.LoggingDumpTube.processResponse(LoggingDumpTube.java:124) at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:651) at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:600) at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:585) at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:482) at com.sun.xml.ws.client.Stub.process(Stub.java:323) at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:161) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:113) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:93) at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:144) at $Proxy40.ping2(Unknown Source) at com.microsoft.sts.prototype.WSTrustClient.testCustomBindingIService1(WSTrustClient.java:49) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:76) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184) at org.junit.runners.ParentRunner.run(ParentRunner.java:236) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:49) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
Environment
MS .NET 4.0 and com.sun.xml.ws.webservices-rt 2.1
Affected Versions
[2.1]