[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ebxml-msg] Schema problem with encryption in the AS4 draft
Thanks! So your WSS layer adds the wsu:Id to the ebMS Header but that is
not allowed by the XML Schema for the ebMS header. Thanks very much for
your help.
On 05/17/2011 08:49 AM, Theo Kramer wrote:
> Hi Farrukh
>
> The validation error we get is
>
> 14:45:44.110 ERROR AS4.Session : SAXParseException: EBMS:0009:InvalidHeader, failure: org.xml.sax.SAXParseException: cvc-complex-type.3.2.2: Attribute 'wsu:Id' is not allowed to appear in element 'eb:CollaborationInfo'.: The ebMS header is either not well formed as an XML document, or does not conform to the ebMS packaging rules.
>
> and the validation tool is Xerces-J 2.9.1
>
> hth
>
> On 17 May 2011, at 1:12 PM, Farrukh Najmi wrote:
>
>> Hi Theo,
>>
>> Can you please tell me what the exact validation error message was and what validation tool produced it. The reason I ask is that I want to make sure we do not have a similar problem in the ebXML RegRep 4.0 specs that are being submitted for public review soon. Thanks in advance for your help.
>>
>> On 05/17/2011 05:08 AM, Theo Kramer wrote:
>>> I have received the following from Mike O'Connell (senior developer) involved in implementing our AS4 light client and adapting our MSH for AS4 support.
>>>
>>> The server has strict XML Schema validation ON and this has raised a question (and a number of exceptions):
>>>
>>> The WSS 1.1 spec allows for arbitrary XML elements to be encrypted and signed however the ebMS schema ('ebms-header-3_0-200704.xsd') does not.
>>>
>>> The only element that allows for insertion of the 'wsu:id' attribute is 'eb:Messaging' since it has the 'headerExtension' attribute (which allows for 'xsd:anyAttribute'), 'wsu:id' is the ID reference used when applying WSS1.1 security to arbitrary elements.
>>>
>>> Now - I cannot encrypt the entire 'eb:Messaging' element because of the following from AS4-profile draft and in reference to ebMS v3.0, Section 7.4:
>>>
>>> AS4 MSH implementations are(sic) SHALL NOT encrypt the eb:PartyInfo section of the eb:Messaging header. Other child elements of the eb:Messaging header MAY be encrypted or left unencrypted as defined by trading partner agreements or collaboration profiles.
>>>
>>> The only way to bypass this issue is to turn XML Schema validation OFF, which defeats the whole purpose of XML Schema in the first place.
>>>
>>> Your comments/input on this appreciated...
>>>
>>
--
Regards,
Farrukh Najmi
Web: http://www.wellfleetsoftware.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]