OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [ebxml-msg] Schema problem with encryption in the AS4 draft


Hi Farrukh

The validation error we get is 

14:45:44.110 ERROR AS4.Session : SAXParseException: EBMS:0009:InvalidHeader, failure: org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'wsu:Id' is not allowed to appear in element 'eb:CollaborationInfo'.: The ebMS header is either not well formed as an XML document, or does not conform to the ebMS packaging rules.

and the validation tool is Xerces-J 2.9.1 

hth

On 17 May 2011, at 1:12 PM, Farrukh Najmi wrote:

> Hi Theo,
> 
> Can you please tell me what the exact validation error message was and what validation tool produced it. The reason I ask is that I want to make sure we do not have a similar problem in the ebXML RegRep 4.0 specs that are being submitted for public review soon. Thanks in advance for your help.
> 
> On 05/17/2011 05:08 AM, Theo Kramer wrote:
>> I have received the following from Mike O'Connell (senior developer) involved in implementing our AS4 light client and adapting our MSH for AS4 support.
>> 
>> The server has strict XML Schema validation ON and this has raised a question (and a number of exceptions):
>> 
>> The WSS 1.1 spec allows for arbitrary XML elements to be encrypted and signed however the ebMS schema ('ebms-header-3_0-200704.xsd') does not.
>> 
>> The only element that allows for insertion of the 'wsu:id' attribute is 'eb:Messaging' since it has the 'headerExtension' attribute (which allows for 'xsd:anyAttribute'), 'wsu:id' is the ID reference used when applying WSS1.1 security to arbitrary elements.
>> 
>> Now - I cannot encrypt the entire 'eb:Messaging' element because of the following from AS4-profile draft and in reference to ebMS v3.0, Section 7.4:
>> 
>> AS4 MSH implementations are(sic) SHALL NOT encrypt the eb:PartyInfo section of the eb:Messaging header. Other child elements of the eb:Messaging header MAY be encrypted or left unencrypted as defined by trading partner agreements or collaboration profiles.
>> 
>> The only way to bypass this issue is to turn XML Schema validation OFF, which defeats the whole purpose of XML Schema in the first place.
>> 
>> Your comments/input on this appreciated...
>> 
> 
> 
> -- 
> Regards,
> Farrukh Najmi
> 
> Web: http://www.wellfleetsoftware.com
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 

-- 
Regards
Theo



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]