Base64 encodeddata for SignatureValue has 
 at end of each line
Description
Environment
is related to
Activity
Brent Putman March 23, 2019 at 12:27 AM
I'm going to go ahead and close this issue, since there's nothing we can do to change Santuario's behavior other than the documented system property. But feel free to add comments if there is more to discuss.
Unidentified Legacy Account February 20, 2019 at 5:03 PMEdited
The issue exists both with Jetty 9.4.14 on OpenJDK 8 and WebLogic 12.1. 3 with Oracle JDK 8, so it seems to be regardless of Java version as Scott points out.
A quick test with org.apache.xml.security.ignoreLineBreaks=true does seem to work for both Jetty and WebLogic, will have to do some more regression testing before I call this a fix.
Thanks for all the help, will be sure to monitor for progress.
Scott Cantor February 20, 2019 at 1:38 PM
The proper fix is to get the broken systems fixed. It's not a workaround to go screwing with XML Signature syntax to accomodate broken systems, that's just a dead end. Every change will simply break some other broken system. Fix the NetScaler.
Scott Cantor February 20, 2019 at 1:37 PM
Not specific to any Java version, it's the same on all of them.
Ian Young February 20, 2019 at 1:24 PM
I've only seen the variant I was interested in under Java 11 (any variety), not under any variant of Java 8. I think Jenkins would show it up, as we're usually up to date with that.
I guess we need more details so that we can try and reproduce it in the right environment.
After upgrading to 3.4.2 the SignatureValue has an added
at the end of each line. Example from a signed LogoutResponse:
The X509Certificate value does not have the same problem.
When OpenSAML is used on both ends this does not seem to be a problem, but I am having compatibility issues with other SAML implementations, like NetScaler.