我在尝试生成wsse分离数字签名时遇到异常 具有带有名称空间的id的引用URI。
请建议解决方案
代码:
Transform transformObj = fac.newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null);
Reference ref = fac.newReference("#id-4F4332715C4C1670E10080000A441E77", digestMethod, Collections.singletonList(transformObj), null, null);
例外:
Exception in thread "main" javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID part-Body-4F4332715C4C1670E10080000A441E26
at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:352)
at org.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:278)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:447)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:343)
以下示例:
使用输入数据
<Header xmlns="http://w3c.com">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Timestamp wsu:Id="ts-4F43326F5C4C1670E10080000A441E26">
<wsu:Created>2012-09-30T22:09:55Z</wsu:Created>
<wsu:Expires>2012-09-30T22:14:55Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
<PurchaseOrder wsu:Id="id-4F4332715C4C1670E10080000A441E77" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<Customer>
<Name>JJJ</Name>
<CustomerId>788335</CustomerId>
</Customer>
<Item partNum="C763">
<ProductId>6883-JF3</ProductId>
<Quantity>3</Quantity>
<ShipDate>2002-09-03</ShipDate>
<Name>X20</Name>
</Item>
</Header>
答案 0 :(得分:0)
使用一个验证模式,该模式将使用ID引用注册元素,我可以解决此问题
XMLStructure content = new DOMStructure(doc.getDocumentElement());
XMLObject obj = fac.newXMLObject(Collections.singletonList(content), "id-4F4332715C4C1670E10080000A441E77", null, null);
现在,“ id”已注册,因此将允许签名。