Inconsistent owner document
Opened this issue · 0 comments
Hi,
I'm facing an issue that looks very similar to the one mentioned here and fixed in version 2.0.0. After migrating an application from Java 8 to Java 11, some tests were failing due to an invalid XML signature; I came across the above issue, so I've tried to update the saaj version to 2.0.0 and this solved some of our use cases except one: when the SOAPMessage
is updated using wss4j then the signature is invalid, and it looks like it's happening for the same reason of the other issue: nodes have a different owner document, and this causes CanonicalizerBase#canonicalizeSubTree
to include the Signature
element when computing the signature. It could be a wss4j bug, but it's not happening in JDK8 or JDK11 with saaj < 1.4; also, from what I understand, wss4j is using standard DOM API to manipulate the message.
I'm attaching a project including all our use cases (load a SoapMessage
from a string, build a SOAPMessage
using DOM API, update a SOAPMessage
using wss4j)
- JDK8: signature is valid for any use case
- JDK11, saaj < 1.4: signature is valid for any use case
- JDK11, saaj >= 1.4 and < 2, signature is invalid for all the use cases (see #165)
- JDK11, saaj >= 2: signature is valid when the
SOAPMessage
is loaded from a string or updated using the DOM API; it's not valid when the message is updated using wss4j (also based on DOM API)
Thanks,
lorenzo