SOAP security extensions: digital signature

SOAP-DSIG and SSL

Return to article

Listing 2: The response to the SOAP message
    HTTP/1.1 200 OK
    Content-Type: text/xml; charset="UTF-8"
    Content-Length: nnnn
    <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
				<SOAP-ENV:Header>
					<SOAP-SEC:Signature xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12" SOAP-ENV:mustUnderstand="1">
						<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
							<ds:SignedInfo>
								<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2000/CR-xml-c14n-20001026"/>
								<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
								<ds:Reference URI="#Body">
									<ds:Transforms>
										<ds:Transform Algorithm="http://www.w3.org/TR/2000/CR-xml-c14n-20001026"/>
									</ds:Transforms>
									<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
									<ds:DigestValue>KtMup4Nj6lwx3rvEPO0vbeVu8nk=</ds:DigestValue>
								</ds:Reference>
							</ds:SignedInfo>
							<ds:SignatureValue>TY5CLLrVLtRlk=...</ds:SignatureValue>
							<ds:KeyInfo>
								<ds:KeyName>http://www.onlinetrade.com/</ds:KeyName>
							</ds:KeyInfo>
						</ds:Signature>
					</SOAP-SEC:Signature>
				</SOAP-ENV:Header>
				<SOAP-ENV:Body xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12" SOAP-SEC:id="Body">
					<receipt:buy xmlns:receipt="http://www.onlinetrade.com/receipt">
						<receipt:ticker-symbol>IBM</receipt:ticker-symbol>
						<receipt:quantity>100</receipt:quantity>
						<receipt:market>New York</receipt:market>
					</receipt:buy>
				</SOAP-ENV:Body>
			</SOAP-ENV:Envelope>

Return to article