[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ebxml-msg] Schema problem with encryption in the AS4 draft
Hi Farrukh The validation error we get is 14:45:44.110 ERROR AS4.Session : SAXParseException: EBMS:0009:InvalidHeader, failure: org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'wsu:Id' is not allowed to appear in element 'eb:CollaborationInfo'.: The ebMS header is either not well formed as an XML document, or does not conform to the ebMS packaging rules. and the validation tool is Xerces-J 2.9.1 hth On 17 May 2011, at 1:12 PM, Farrukh Najmi wrote: > Hi Theo, > > Can you please tell me what the exact validation error message was and what validation tool produced it. The reason I ask is that I want to make sure we do not have a similar problem in the ebXML RegRep 4.0 specs that are being submitted for public review soon. Thanks in advance for your help. > > On 05/17/2011 05:08 AM, Theo Kramer wrote: >> I have received the following from Mike O'Connell (senior developer) involved in implementing our AS4 light client and adapting our MSH for AS4 support. >> >> The server has strict XML Schema validation ON and this has raised a question (and a number of exceptions): >> >> The WSS 1.1 spec allows for arbitrary XML elements to be encrypted and signed however the ebMS schema ('ebms-header-3_0-200704.xsd') does not. >> >> The only element that allows for insertion of the 'wsu:id' attribute is 'eb:Messaging' since it has the 'headerExtension' attribute (which allows for 'xsd:anyAttribute'), 'wsu:id' is the ID reference used when applying WSS1.1 security to arbitrary elements. >> >> Now - I cannot encrypt the entire 'eb:Messaging' element because of the following from AS4-profile draft and in reference to ebMS v3.0, Section 7.4: >> >> AS4 MSH implementations are(sic) SHALL NOT encrypt the eb:PartyInfo section of the eb:Messaging header. Other child elements of the eb:Messaging header MAY be encrypted or left unencrypted as defined by trading partner agreements or collaboration profiles. >> >> The only way to bypass this issue is to turn XML Schema validation OFF, which defeats the whole purpose of XML Schema in the first place. >> >> Your comments/input on this appreciated... >> > > > -- > Regards, > Farrukh Najmi > > Web: http://www.wellfleetsoftware.com > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php -- Regards Theo
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]