Re: [xml] Question regarding xmlAddId

[Daniel Veillard <veillard redhat com>]

On Thu, Nov 11, 2004 at 02:10:05PM +0100, Erik F. Andersen wrote:
> Hello!
>
> I'm having some problems using xmlAddId. My problem is that I need to sign documents
> using XMLSEC and the wsu:Id-attribute (in soap:Body below) cannot be found by 
> xpointer unless I add a DTD. I have been told however that one should not (may not?) 
> use a DTD in SOAP documents and that is the reason why I want to use xmlAddId. 

  yes the XML Protocol WG screwed up on this (IMHO), and whoever designed
the format you are using requiring an Id of type ID on a soap:Body just failed
too. I don't know who, where or why, but this is clearly broken from
the start since SOAP and DTDs are by the SOAP spec incompatible.
I repeat again: your framework is broken.

> Below is the XML that I try to sign but I haven't been able to find a call to xmlAddId 
> that will work. The DTD look like this:
>
> <!DOCTYPE soap:Envelope [
> <!ATTLIST soap:Body Id ID #IMPLIED>
> ]>
>
> What should I use for xmlAttrPtr and what should I use for "value" to xmlAddId in order
> to replace the DTD? 

  It does not replace the DTD. You need to call  xmlAddID() on all 
Id attributes carried by soap:Body elements in the document, passing
the document, the attribute and the string value for the ID.

> I have tried every combination that I could think of. 
> Another strange thing is that apparently I have to reload the whole tree before 
> xpointer will "see" the wsu:Id attribute. I think this is because I build the whole
> tree in code and there is a problem (bug?) in XMLLIB regarding DTD's. 

  Well if you start blaming libxml2 while you don't seems to understand
fully what you are doing, and without providing a reproductible test case,
communication between us is likely to deteriorate extremely quickly...

> Thanks for your help,
>
> Erik F. Andersen
>
>
> <?xml version="1.0"?>
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; 
> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>  <soap:Header>
>   <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"; 
>   soap:mustUnderstand="1">
>    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
>      <SignedInfo>
>       <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
>       <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> 
>        <Reference URI="#Id-058b5a86-a1dd-4188-9920-8315c3f84eae">
>         <Transforms>
>          <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> 
>         </Transforms>
>         <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> 
>         <DigestValue /> 
>        </Reference>
>      </SignedInfo>
>     </Signature>
>    </wsse:Security>
>   </soap:Header>
>   <soap:Body xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility";
>    wsu:Id="Id-058b5a86-a1dd-4188-9920-8315c3f84eae">
>   </soap:Body>
> </soap:Envelope>

  You can build XPointer expression selecting the node you want without
requiring the attribute to be of type ID, of course it's more complex !

paphio:~/XML -> ./testXPath --xptr -i tst.xml 
'xmlns(soap=http://schemas.xmlsoap.org/soap/envelope/)xmlns(wsu=http://schemas.xmlsoap.org/ws/2002/07/utility)xpointer(//soap:Body[
 wsu:Id="Id-058b5a86-a1dd-4188-9920-8315c3f84eae"])'
Object is a Node Set :
Set contains 1 nodes:
1  ELEMENT soap:Body
    namespace wsu href=http://schemas.xmlsoap.org/ws/2002/07/ut...
    ATTRIBUTE Id
      TEXT
        content=Id-058b5a86-a1dd-4188-9920-8315c3f84eae
paphio:~/XML ->

Daniel

-- 
Daniel Veillard      | Red Hat Desktop team http://redhat.com/
veillard redhat com  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/