Can't validate XML Signature tag that reside on another namespace



I have a incoming soap signed request from a company like this



<soap:Envelope xmlns:soap="http://ift.tt/18hkEkn" xmlns:nns="http://ift.tt/1tcqD2U">
   <soap:Header/>
   <soap:Body>
      <ns:CompanyRequest>
         <ns:ElementToBeSigned>
            <ns:CustomSignatureTagName>
               <ns:SignedInfo>
                  <ns:CanonicalizationMethod algorithm="http://ift.tt/11kTCUR"/>
                  <ns:SignatureMethod algorithm="http://ift.tt/18jbiFB"/>
                  <ns:Reference>
                     <ns:DigestMethod algorithm="http://ift.tt/1jbsD3O"/>
                     <ns:DigestValue>dHLkPm5pcyBub3QgYSBzaWduYXR1cmGB9w0B...</ns:DigestValue>
                  </ns:Reference>
               </ns:SignedInfo>
               <ns:SignatureValue>dHLkPm5pcyBub3QgYSBzaWduYXR1cmGB...</ns:SignatureValue>
             <ns:X509Certificate>MIIExDCCAywCCQC0bmU6MB8PuTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCUEgxEDAOBgNV...</ns:X509Certificate>
            </ns:CustomSignatureTagName>
         </ns:ElementToBeSigned>
      </ns:CompanyRequest>
   </soap:Body>
</soap:Envelope>


I am trying to validate this kind of request having a custom signature tag name with namespace same as the soap envelope and got no luck. I am using Java Api to validate it.. Can you give me insights what is wrong about the xml incoming structure? Thanks in advance...


No comments:

Post a Comment

Subscribe to: Post Comments (Atom)