Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Signature Validation issue for different java version(ie 1.6 and 1.8)

JraneAug 16 2017 — edited Aug 16 2017

Signature Validation issue for different java version(ie 1.6 and 1.8)

Scenario

1) xml document signed by using java 1.6

2) This packet is sent to  the endpoint( this endpoint is hosted using Jboss Fuse (fuse-6.2.1.redhat-084) which uses java 1.8)

3)Due to Umarshalling(JAXB) Performed at this endpoint the signature packet structure gets Changed(Entire Signature Information gets appended to single line).

4)Validating this packet using signature.validate(valContext) [javax.xml.crypto.dsig.XMLSignature.validate]  fails despite of the proper certificate available .

Is there a way with which Structure remains intact or signature.validate(valContext) returns true despite of structural change(As only structure changes not the content of the packet)  

Comments

top.gun

OMG - where do I start!

If you are using Oracle for commercial purposes then you or your client needs a licence from Oracle. So really you should stop now.

Once you have your licence from Oracle, you can do a simulated import (ie show metadata) like this:

imp ar/live show=y statistics=none buffer=100000 feedback=100000 log=/gers/live/tmp/CUST_190312.log file=/gers/live/tmp/CUST_190312.dmp

Then if the above works you can do the real import (ie metadata and data) like this:

imp ar/live full=y statistics=none buffer=100000 feedback=100000 log=/gers/live/tmp/CUST_190312.log file=/gers/live/tmp/CUST_190312.dmp

Dean Gagne-Oracle

You can always use

imp help=y

to give you the available commands and options.  If you only want the data, then you can use:

imp user/password file=your_file.dmp rows=y

Hope this helps.

Dean

Lisa-Oracle

Hi AJVinkles,

You need to add ignore=y since the table pre-exists

Using IGNORE=y instructs Oracle to ignore any creation errors during the import

and permit the import to complete.

imp user/password file=  log= FROMUSER= TABLES=  ignore=y

rows=y as stated above is the default so it is not needed in the command

Regards,

Lisa

1 - 3
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Sep 13 2017
Added on Aug 16 2017
#cryptography
0 comments
42 views