Yesterday we have installed new release 10.1 CR02. Since then we get the following error message for the service

org.apache.xml.security.c14n.CanonicalizationException: Element header data has a relative namespace: BMB="GDV-Branchenmodell/BranchenmodellBasis".

WS-Security is disabled for this service.

Release : 10.1

Component : API GATEWAY

The observed difference is caused by a Gateway 3rd party XML library upgrade done in CR2. What's New in Gateway Version 10.1 CR2

• "Secure XML Messaging Java Library Upgrade    Java libraries related to secure XML messaging and signing have been updated."

The proposed fix: is update the relative namespace URIs to absolute URIs in the request (to the Gateway XpathAssertion). Attached is POST-request-Proposed20220914.xml that pass my local testing

• E.g. change xmlns:WDS="GDV-Branchenmodell/Wetterdatenservice" to xmlns:WDS="http://ruv-schema.de/GDV-Branchenmodell/Wetterdatenservice"