The Signature ID Attribute tab allows you to list the
supported attributes that can be used by the Enterprise Gateway to identify a
Signature reference within an XML message.
An XML-signature <signedInfo> section may
reference signed data via the URI attribute. The
URI value may contain an id that identifies data in
the message. The referenced data will hold the "URI" field value in one
of its attributes.
By default, the server will use the "Id" attribute for each of the WSSE
namespaces listed above to locate referenced signed data.
The following sample XML Signature illustrates the use of the "Id"
attribute:
| | |
|
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<dsig:Signature id="Sample" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo>
...
<dsig:Reference URI="#Oracle:sLmDCph3tGZ10">
...
</dsig:Reference>
</dsig:SignedInfo>
....
</dsig:Signature>
</soap:Header>
<soap:Body>
<getProduct wsu:Id="Oracle:sLmDCph3tGZ10"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2003/06/utility">
<Name>SOA Test Client</Name>
<Company>Company</Company>
</getProduct>
</soap:Body>
</soap:Envelope>
| |
| | |
|
It is clear from this example that the Signature reference identified by
the URI attribute of the
<Reference> element refers to the nodeset
identified with the Id attribute, i.e. the
<getProduct> block.
Because different toolkits and implementations of the XML-Signature
specification can use attributes other than the Id
attribute, the Enterprise Gateway allows the user to specify other attributes that
should be supported in this manner. By default, the Enterprise Gateway supports the
Id , ID , and
AssertionID attributes for the purposes of
identifying the signed content within an XML Signature.
However it is possible to add more attributes by clicking the
Add button and adding the attribute in the interface
provided. The priorities of attributes can be altered by clicking the
Up and Down buttons. For example, if
most of the XML Signatures processed by the Enterprise Gateway use the
ID attribute, this attribute should be given the
highest priority.
|