Re: Signature Block in the signed message..
- From: "Pablo Cibraro" <pcibraro@xxxxxxxxxxx>
- Date: Fri, 2 Dec 2005 11:14:09 -0300
Hi Suvanan,
Are you using WSE 3.0 ?.
The mutualCertificate11Security assertion in WSE 3.0 creates two signatures
by default and you can't avoid that behavior. (The second signature is
called "Endorsed signature").
If you want one signature, then you have to use the
mutualCertificate10Security assertion or create a custom assertion.
Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
http://www.lagash.com
"SUVANAN" <SUVANAN@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:499A5525-E5D9-4C27-8D13-4930C065CB88@xxxxxxxxxxxxxxxx
> Hi We are generating a Signed and Encrypted message:
>
> There are 2 signature blocks
> 1. Signing the Timestamp and Body
> 2. The other one is signing the above Signature Element
>
> How can we turn off the second one.
>
> Thanks
> Suvanan
>
> Here is the part of the message:
>
> <Signature Id="Sig-dbb1bfcf-0ea7-4d0a-a691-05fd33ec23bf"
> xmlns="http://www.w3.org/2000/09/xmldsig#";>
> <SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; />
> <SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"; />
> <Reference
> URI="#Timestamp-752f3f0e-45f6-4217-91b5-0b3ee9b8e550">
> <Transforms>
> <Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
> </Transforms>
> <DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
>
> <DigestValue>IpSU9DGKcinh22G+H6AaUDVVw3M=</DigestValue>
> </Reference>
> <Reference
> URI="#Id-8d50e426-58a8-4b16-b903-c8c708d6e24d">
> <Transforms>
> <Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
> </Transforms>
> <DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
>
> <DigestValue>EAyHgE37LiXLomLa1um3N/E9eyo=</DigestValue>
> </Reference>
> </SignedInfo>
>
> <SignatureValue>WH7zOiE+qnhBBhsBG5yKPqalvTo=</SignatureValue>
> <KeyInfo>
> <wsse:SecurityTokenReference>
> <wsse:Reference
> URI="#SecurityToken-7ef7c130-eaed-4d40-a42b-5b0028a20201"
> ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey";
> />
> </wsse:SecurityTokenReference>
> </KeyInfo>
> </Signature>
> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
> <SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; />
> <SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; />
> <Reference
> URI="#Sig-dbb1bfcf-0ea7-4d0a-a691-05fd33ec23bf">
> <Transforms>
> <Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
> </Transforms>
> <DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
>
> <DigestValue>s7Lvf/kzM0KJYDp6Xg9L4NIXoP4=</DigestValue>
> </Reference>
> </SignedInfo>
>
> <SignatureValue>Hv45BxrQgfUsf0Fa+XdOhjWdBt2kQtfM/T1nW4EiClaC5r5VZAcwIyjjyVIN74DYlmZI5rONHEV/lrwa0oaoVUZHE5E+h2r3eHpAj9MUTpAgesYfer649BfetUqd1YBzCaxx9dsQCKxxsBVT+tLsZUEtX41ZAhBwp9gLXBiB4f0=</SignatureValue>
> <KeyInfo>
> <wsse:SecurityTokenReference>
> <wsse:Reference
> URI="#SecurityToken-fffe7139-bfeb-41bf-84fd-a24826b3697d"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
> />
> </wsse:SecurityTokenReference>
> </KeyInfo>
> </Signature>
> --
> SUVANAN DUTTA
.
- References:
- Signature Block in the signed message..
- From: SUVANAN
- Signature Block in the signed message..
- Prev by Date: Re: How to change the Default Algorithms used.
- Next by Date: Re: UserName and Kerberos tokens at the same time
- Previous by thread: Signature Block in the signed message..
- Next by thread: Using host name for SoapReceiver binds to wrong net interface...
- Index(es):
Relevant Pages
|
