[Xml-compile] Re: WSSE example: referencing the body data to be encoded

[Karen Etheridge]

On Fri, Oct 05, 2012 at 09:49:07PM +0200, Mark Overmeer wrote:
> There are many different uses of WSSE.  Many, many fragmented schema's
> with "any" all over the place.  Inspect XML::Compile::WSS::Util and you
> understand what I mean.

Yes, the official WSSE schema is pretty terrifying.

> So, please tell me what kind of structure you think there should
> be, an I will stick them together.

:)

Here's some things I'm stuck on so far:

- trying to get some extra attributes added to some header tags (I think
  this can be done by calling $wsdl->writer($element_name) in some
  way, but I haven't figured out the exact code to make this happen yet)
    - to <wsse:Security>:
       xmlns:ds=  XML::Compile::WSS::Util::DSIG_NS
       xmlns:wsu= XML::Compile::WSS::Util::WSU_10
        (the only attr that is being added currently is xmlns:wsse)
       SOAP-ENV:mustUnderstand="1"
       xmlns:xenc= XML::Compile::WSS::Util::XENC_N

    - to <wsse:BinarySecurityToken>:
        EncodingType should be "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" (no such constant with this URI currently exists)
    
  ... there are a few others, but once I figure out the code to add
  these, I can fill them in, and then define constants for those that
  aren't defined yet (and push those changes back up to you for
  incorporation into example/wsse/write_example.pl).

- the other big sticking point seems to be getting the body element(s) to
  be properly picked up and signed into the SignatureValue element - in
  write_example.pl, the data is simply 'aap noot mies', but I think this
  needs to be pulled out of the document somehow, by referencing the
  correct tags, or perhaps by calling the writer sub and serializing? In
  either case, what's ending up in the Signaturevalue element right now is
  an encoding of this text, not the actual body, so something's missing.

thanks very much,