如何从Apache Santuario中的KeyInfo转移证书元素
我想与Apache Santuario和KeyInfo创建一个XML签名,应该参考以下
< ds:keyInfo id =“ Ki-fbb16d2886cb85821333338466666945692”的证书元素(binarySecurityToken)。 < WSSE:SecurityTokenReference WSU:ID =“ str-fbb16d2886cb8fe58213384666945693”> < wsse:参考uri =“#x509-FBB16D2886CB8FE58213384666945491”
valuetype =“ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x5099-token- profile1.0#x509v3“ /> (</wsse:SecurityTokenReference> </ds:keyInfo>
但是除了添加证书和 公钥。它将将证书添加为嵌入式,而不是参考。
I want to create a xml signature with Apache Santuario and KeyInfo should refer the certificate element(BinarySecurityToken) like below
<ds:KeyInfo Id="KI-FBB16D2886CB8FE58213384666945692">
<wsse:SecurityTokenReference wsu:Id="STR-FBB16D2886CB8FE58213384666945693">
<wsse:Reference URI="#X509-FBB16D2886CB8FE58213384666945491"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-
profile1.0#X509v3" />
(</wsse:SecurityTokenReference>
</ds:KeyInfo>
But I can't find any support in KeyInfo of Santuario other than adding the certificate and
public key . It will add the certificate as embedded and not a reference.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我能够直接使用WSS4J来解决此问题。正如我注意到的那样,使用Santuario这是不可能的。
I was able to fix this using WSS4J directly . With Santuario this is not possible as I noticed.