camel-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Franz Forsthofer (Confluence)" <conflue...@apache.org>
Subject [CONF] Apache Camel > XML Security component
Date Wed, 23 Jul 2014 08:01:00 GMT
<html>
    <head>
        <meta name="viewport" content="width=device-width" />
        <base href="https://cwiki.apache.org/confluence" />
        <style type="text/css">
    body, #email-content, #email-content-inner { font-family: Arial,FreeSans,Helvetica,sans-serif; }
    body, p, blockquote, pre, code, td, th, li, dt, dd { font-size: 13px; }
    small { font-size: 11px; }

    body { width:100% !important; -webkit-font-smoothing: antialiased; }

    body,
    #email-wrapper { background-color: #f0f0f0; }
    #email-wrapper-inner { padding: 20px; text-align: center; }
    #email-content-inner { background-color: #fff; border: 1px solid #bbb; color: $menuTxtColour; padding:20px; text-align:left; }
    #email-wrapper-inner > table { width: 100%; }
    #email-wrapper-inner.thin > table { margin: 0 auto; width: 50%; }
    #email-footer { padding: 0 16px 32px 16px; margin: 0; }

    .email-indent { margin: 8px 0 16px 0; }
    .email-comment { margin: 0 0 0 56px; }
    .email-comment.removed { background-color: #ffe7e7; border: 1px solid #df9898; padding: 0 8px;}

    #email-title-avatar { text-align: left; vertical-align: top; width: 48px; padding-right: 8px; }
    #email-title-flavor { margin: 0; padding: 0 0 4px 0; }
    #email-title-heading { font-size: 16px; line-height: 20px; min-height: 20px; margin: 0; padding: 0; }
    #email-title .icon { border: 0; padding: 0 5px 0 0; text-align: left; vertical-align: middle; }

    #email-actions { border-top: 1px solid #bbb; color: #505050; margin: 8px 0 0 0; padding: 0; }
    #email-actions td { padding-top: 8px; }
    #email-actions .left { max-width: 45%; text-align: left; }
    #email-actions .right { text-align: right; }
    .email-reply-divider { border-top: 1px solid #bbb; color: #505050; margin: 32px 0 8px 0; padding: 8px 0; }
    .email-section-title { border-bottom: 1px solid #bbb; margin: 8px 0; padding: 8px 0 0 0; }

    .email-metadata { color: #505050; }

    a { color: #326ca6; text-decoration: none; }
    a:hover { color: #336ca6; text-decoration: underline; }
    a:active {color: #326ca6; }

    a.email-footer-link { color: #505050; font-size: 11px; }

    .email-item-list { list-style: none; margin: 4px 0; padding-left: 0; }
    .email-item-list li { list-style: none; margin: 0; padding: 4px 0; }
    .email-list-divider { color: #505050; padding: 0 0.35em; }
    .email-operation-icon { padding-right: 5px; }

    .avatar { -ms-interpolation-mode: bicubic; border-radius: 3px;}
    .avatar-link { margin: 2px; }

    .tableview th { border-bottom: 1px solid #69C; font-weight: bold; text-align: left; }
    .tableview td { border-bottom: 1px solid #bbbbbb; text-align: left; padding: 4px 16px 4px 0; }

    .aui-message {  margin: 1em 0; padding: 8px; }
    .aui-message.info { background-color: #e0f0ff; border: 1px solid #9eb6d4; }
    .aui-message.success { background-color: #ddfade; border: 1px solid #93c49f; }
    .aui-message.error,
    .aui-message.removed { background-color: #ffe7e7; border: 1px solid #df9898; color: #000; }

    .call-to-action-table { margin: 10px 1px 1px 1px;}
    .call-to-cancel-container, .call-to-action-container { padding: 5px 20px; }
    .call-to-cancel-container { border: 1px solid #aaa; background-color: #eee; border-radius: 3px; }
    .call-to-cancel-container a.call-to-cancel-button { background-color: #eee; font-size: 14px; line-height: 1; padding: 0; margin: 0; color: #666; font-family: sans-serif;}
    .call-to-action-container { border: 1px solid #486582;  background-color: #3068A2; border-radius: 3px; padding: 4px 10px; }
    .call-to-action-container a.call-to-action-button { background-color: #3068A2; font-size: 14px; line-height: 1; padding: 0; margin: 0; color: #fff; font-weight: bold; font-family: sans-serif; }

    /** The span around the inline task checkbox image */
    .diff-inline-task-overlay {
        display: inline-block;
        text-align: center;
        height: 1.5em;
        padding: 5px 0px 1px 5px;
        margin-right: 5px;
        /** Unfortunately, the negative margin-left is stripped out in gmail */
        margin-left: -5px;
    }

            @media handheld, only screen and (max-device-width: 480px) {
        div, a, p, td, th, li, dt, dd { -webkit-text-size-adjust: auto; }
        small, small a { -webkit-text-size-adjust: 90%; }

        td[id=email-wrapper-inner] { padding: 2px !important; }
        td[id=email-content-inner] { padding: 8px !important; }
        td[id="email-wrapper-inner"][class="thin"] > table { text-align: left !important; width: 100% !important; }
        td[id=email-footer] { padding: 8px 12px !important; }
        div[class=email-indent] { margin: 8px 0px !important; }
        div[class=email-comment] { margin: 0 !important; }

        p[id=email-title-flavor] a { display: block; } /* puts the username and the action on separate lines */
        p[id=email-permalink] { padding: 4px 0 0 0 !important; }

        table[id=email-actions] td { padding-top: 0 !important; }
        table[id=email-actions] td.right { text-align: right !important; }
        table[id=email-actions] .email-list-item { display: block; margin: 1em 0 !important; word-wrap: normal !important; }
        span[class=email-list-divider] { display: none; }
    }



        </style>
    </head>
    <body style="font-family: Arial, FreeSans, Helvetica, sans-serif; font-size: 13px; width: 100%; -webkit-font-smoothing: antialiased; background-color: #f0f0f0">
        <table id="email-wrapper" width="100%" cellspacing="0" cellpadding="0" border="0" style="background-color: #f0f0f0">
            <tbody>
                <tr valign="middle">
                    <td id="email-wrapper-inner" style="font-size: 13px; padding: 20px; text-align: center">
                        <table id="email-content" cellspacing="0" cellpadding="0" border="0" style="font-family: Arial, FreeSans, Helvetica, sans-serif; width: 100%">
                            <tbody>
                                <tr valign="top">
                                    <td id="email-content-inner" align="left" style="font-family: Arial, FreeSans, Helvetica, sans-serif; font-size: 13px; background-color: #fff; border: 1px solid #bbb; padding: 20px; text-align: left">
                                        <table id="email-title" cellpadding="0" cellspacing="0" border="0" width="100%">
                                            <tbody>
                                                <tr>
                                                    <td id="email-title-avatar" rowspan="2" style="font-size: 13px; text-align: left; vertical-align: top; width: 48px; padding-right: 8px"> <img class="avatar" src="cid:avatar_d08741de1f73dd6d55da2c16dd265387" border="0" height="48" width="48" style="-ms-interpolation-mode: bicubic; border-radius: 3px" /> </td>
                                                    <td valign="top" style="font-size: 13px">
                                                        <div id="email-title-flavor" class="email-metadata" style="margin: 0; padding: 0 0 4px 0; color: #505050">
                                                            <a href="    https://cwiki.apache.org/confluence/display/~forsthofer " style="color:#326ca6;text-decoration:none;; color: #326ca6; text-decoration: none">Franz Forsthofer</a> edited the page:
                                                        </div> </td>
                                                </tr>
                                                <tr>
                                                    <td valign="top" style="font-size: 13px"> <h2 id="email-title-heading" style="font-size: 16px; line-height: 20px; min-height: 20px; margin: 0; padding: 0"> <a href="https://cwiki.apache.org/confluence/display/CAMEL/XML+Security+component" style="color: #326ca6; text-decoration: none"> <img class="icon" src="cid:page-icon" alt="" style="border: 0; padding: 0 5px 0 0; text-align: left; vertical-align: middle" /> <strong style="font-size:16px;line-height:20px;vertical-align:top;">XML Security component</strong> </a> </h2> </td>
                                                </tr>
                                            </tbody>
                                        </table>
                                        <div class="email-indent" style="margin: 8px 0 16px 0">
                                            <div class="email-diff">
                                                <div id="page-diffs" class="wiki-content">
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Maven users will need to add the following dependency to their <code style="font-size: 13px">pom.xml</code> for this component:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-0" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;dependency&gt;
    &lt;groupId&gt;org.apache.camel&lt;/groupId&gt;
    &lt;artifactId&gt;camel-xmlsecurity&lt;/artifactId&gt;
    &lt;version&gt;x.x.x&lt;/version&gt;
    &lt;!-- use the same version as your Camel core version --&gt;
&lt;/dependency&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-target" style="font-size: 13px">XML Signature differs between enveloped, enveloping, and detached XML signature. In the <a href="http://www.w3.org/TR/xmldsig-core1/#def-SignatureEnveloped" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none"><span class="diff-html-changed" id="changed-diff-0" style="background-color: #d6f0ff;">enveloped</span></a><span class="diff-html-changed" style="background-color: #d6f0ff;"> </span>XML signature case, the XML Signature is wrapped by the signed XML Document; which means that the XML signature element is a child element of a parent element, which belongs to the signed XML Document. In the <a href="http://www.w3.org/TR/xmldsig-core1/#def-SignatureEnveloping" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none"><span class="diff-html-changed" id="changed-diff-1" style="background-color: #d6f0ff;">enveloping</span></a><span class="diff-html-changed" style="background-color: #d6f0ff;"> </span>XML signature case, the XML Signature contains the signed content. All other cases are called <a href="http://www.w3.org/TR/xmldsig-core1/#def-SignatureDetached" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none"><span class="diff-html-changed" id="changed-diff-2" style="background-color: #d6f0ff;">detached</span></a><span class="diff-html-changed" style="background-color: #d6f0ff;"> </span>XML signatures. <span class="diff-html-removed" id="removed-diff-1" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">Detached XML signatures are not supported in the current implementation.</span><span class="diff-html-added" id="added-diff-0" style="font-size: 100%; background-color: #ddfade;">A certain form of detached XML signature is supported since </span><strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">2.14.0</span></strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">.</span> </p>
                                                    <p class="diff-block-context" style="font-size: 13px">In the <strong>enveloped XML signature</strong> case, the supported generated XML signature has the following structure (Variables are surrounded by []).</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-2" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span>&lt;[parent element]&gt;
       ... &lt;!-- Signature element is added as last child of the parent element--&gt;
       &lt;Signature Id=&quot;generated_unique_signature_id&quot;&gt;
           &lt;SignedInfo&gt;
                 &lt;Reference URI=&quot;&quot;&gt;
                       &lt;Transform Algorithm=&quot;http://www.w3.org/2000/09/xmldsig#enveloped-signature&quot;/&gt;
                       (&lt;Transform&gt;)* &lt;!-- By default &quot;http://www.w3.org/2006/12/xml-c14n11&quot; is added to the transforms --&gt;
                       &lt;DigestMethod&gt;
                       &lt;DigestValue&gt;
                 &lt;/Reference&gt;
                 (&lt;Reference URI=&quot;#[keyinfo_Id]&quot;&gt;
                       &lt;Transform Algorithm=&quot;http://www.w3.org/TR/2001/REC-xml-c14n-20010315&quot;/&gt;
                       &lt;DigestMethod&gt;
                       &lt;DigestValue&gt;
                 &lt;/Reference&gt;)?
                 &lt;!-- further references possible, see option 'properties' below --&gt;
          &lt;/SignedInfo&gt;
          &lt;SignatureValue&gt;
          (&lt;KeyInfo Id=&quot;[keyinfo_id]&quot;&gt;)?
          &lt;!-- Object elements possible, see option 'properties' below --&gt;
      &lt;/Signature&gt;
    &lt;/[parent element]&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">In the <strong>enveloping XML signature</strong> case, the supported generated XML signature has the structure:</p>
                                                    <table class="diff-macro diff-block-target diff-block-context" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-3" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span>&lt;Signature Id=&quot;generated_unique_signature_id&quot;&gt;
      &lt;SignedInfo&gt;
             &lt;Reference URI=&quot;#generated_unique_object_id&quot; type=&quot;[optional_type_value]&quot;&gt; <span class="diff-html-removed" id="removed-diff-4" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">&lt;!--</span>
<span class="diff-html-removed" id="removed-diff-5" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">the</span> <span class="diff-html-removed" id="removed-diff-6" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">URI</span> <span class="diff-html-removed" id="removed-diff-7" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">can</span> <span class="diff-html-removed" id="removed-diff-8" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">also</span> <span class="diff-html-removed" id="removed-diff-9" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">be</span> <span class="diff-html-removed" id="removed-diff-10" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">set</span> <span class="diff-html-removed" id="removed-diff-11" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">by</span> <span class="diff-html-removed" id="removed-diff-12" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">the</span> <span class="diff-html-removed" id="removed-diff-13" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">option</span> <span class="diff-html-removed" id="removed-diff-14" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">'contentReferenceUri';</span> <span class="diff-html-removed" id="removed-diff-15" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">see</span> <span class="diff-html-removed" id="removed-diff-16" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">below.</span> <span class="diff-html-removed" id="removed-diff-17" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">--&gt;</span>       <span class="diff-html-removed" id="removed-diff-18" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">             </span>(&lt;Transform&gt;)* &lt;!-- By default &quot;http://www.w3.org/2006/12/xml-c14n11&quot; is added to the transforms --&gt;
                   &lt;DigestMethod&gt;
                   &lt;DigestValue&gt;
             &lt;/Reference&gt;
             (&lt;Reference URI=&quot;#[keyinfo_id]&quot;&gt;
                   &lt;Transform Algorithm=&quot;http://www.w3.org/TR/2001/REC-xml-c14n-20010315&quot;/&gt;
                   &lt;DigestMethod&gt;
                   &lt;DigestValue&gt;
             &lt;/Reference&gt;)?
              &lt;!-- further references possible, see option 'properties' below  --&gt;
      &lt;/SignedInfo&gt;
      &lt;SignatureValue&gt;
      (&lt;KeyInfo Id=&quot;[keyinfo_id]&quot;&gt;)?
      &lt;Object Id=&quot;generated_unique_object_id&quot;/&gt; &lt;!-- The Object element contains the in-message body<span class="diff-html-added" id="added-diff-1" style="font-size: 100%; background-color: #ddfade;">;</span> <span class="diff-html-added" id="added-diff-2" style="font-size: 100%; background-color: #ddfade;">the object ID can either be generated or set by the option parameter &quot;contentObjectId&quot; </span>--&gt;
      &lt;!-- Further Object elements possible, see option 'properties' below --&gt;
    &lt;/Signature&gt;</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-target diff-block-context" style="font-size: 13px"> <span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">As of </span><strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">2.14.0 detached XML signatures&nbsp;</span></strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">with the following structure are supported (see also sub-chapter XML Signatures as Siblings of Signed Elements):</span> </p>
                                                    <table class="diff-macro diff-html-added diff-block-target diff-block-context" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;background-color: #ddfade;border-color: #93c49f;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</span></th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">language</span></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">xml</span></td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">(&lt;[signed</span> <span class="diff-html-added" id="added-diff-4" style="font-size: 100%; background-color: #ddfade;">element] Id=&quot;[id_value]&quot;&gt;
&lt;!-- signed element must have an attribute of type ID --&gt;
      ...

&lt;/[signed element]&gt;
&lt;other sibling/&gt;*&nbsp;
&lt;!-- between the signed element and the corresponding signature element, there can be other siblings.
 Signature element is added as last sibling. --&gt;
&lt;Signature Id=&quot;generated_unique_ID&quot;&gt;
           &lt;SignedInfo&gt;
                &lt;CanonicalizationMethod&gt;
                &lt;SignatureMethod&gt;
                &lt;Reference URI=&quot;#[id_value]&quot; type=&quot;[optional_type_value]&quot;&gt;
                &lt;!-- reference URI contains the ID attribute value of the signed element --&gt;
                      (&lt;Transform&gt;)* &lt;!-- By default &quot;http://www.w3.org/2006/12/xml-c14n11&quot; is added to the transforms --&gt;
                      &lt;DigestMethod&gt;
                      &lt;DigestValue&gt;
                &lt;/Reference&gt;
                (&lt;Reference URI=&quot;#[generated_keyinfo_Id]&quot;&gt;
                      &lt;Transform Algorithm=&quot;http://www.w3.org/TR/2001/REC-xml-c14n-20010315&quot;/&gt;
                      &lt;DigestMethod&gt;
                      &lt;DigestValue&gt;
                &lt;/Reference&gt;)?
         &lt;/SignedInfo&gt;
         &lt;SignatureValue&gt;
         (&lt;KeyInfo Id=&quot;[generated_keyinfo_id]&quot;&gt;)?
&lt;/Signature&gt;)+</span>
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-target diff-block-context" style="font-size: 13px"> <span class="diff-html-added" id="added-diff-5" style="font-size: 100%; background-color: #ddfade;">&nbsp;</span> </p>
                                                    <h3 id="XMLSecuritycomponent-URIformat" class="diff-block-context">URI format</h3>
                                                    <p class="diff-block-context" style="font-size: 13px">The camel component consists of two endpoints which have the following URI format.</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-19" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span>xmlsecurity:sign:name[?options]
    xmlsecurity:verify:name[?options]
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <ul class="diff-block-target">
                                                        <li style="font-size: 13px">With the signer endpoint, you can generate a XML signature for the body of the in-message which can be either a XML document or a plain text. The enveloped<span class="diff-html-removed" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span><span class="diff-html-removed" id="removed-diff-20" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">or enveloping XML signature </span><span class="diff-html-added" id="added-diff-6" style="font-size: 100%; background-color: #ddfade;">, enveloping, or detached (as of 12.14) &nbsp;XML signature(s) </span>will be set to the body of the out-message.</li>
                                                        <li style="font-size: 13px">With the verifier endpoint, you can validate an enveloped or enveloping XML signature <span class="diff-html-added" id="added-diff-7" style="font-size: 100%; background-color: #ddfade;">or even several detached (as of 2.14.0) XML signatures </span>contained in the body of the in-message; if the validation is successful, then the original content is extracted from the XML signature and set to the body of the out-message.</li>
                                                        <li style="font-size: 13px">The <code style="font-size: 13px">name</code> part in the URI can be chosen by the user to distinguish between different signer/verifier endpoints within <span class="diff-html-removed" id="removed-diff-21" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">one </span><span class="diff-html-added" id="added-diff-8" style="font-size: 100%; background-color: #ddfade;">the </span>camel context.</li>
                                                    </ul>
                                                    <h3 id="XMLSecuritycomponent-BasicExample" class="diff-block-context">Basic Example</h3>
                                                    <p class="diff-block-context" style="font-size: 13px">The following example shows the basic usage of the component.</p>
                                                    <table class="diff-macro diff-block-target diff-block-context" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-22" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span>from(&quot;direct:enveloping&quot;).to(&quot;xmlsecurity:sign://enveloping?keyAccessor=#accessor&quot;,
                                 &quot;xmlsecurity:verify://enveloping?keySelector=#selector&quot;,&quot;mock:result&quot;)
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">In Spring XML:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-23" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span>&lt;from uri=&quot;direct:enveloping&quot; /&gt;
      &lt;to uri=&quot;xmlsecurity:sign://enveloping?keyAccessor=#accessor&quot; /&gt;
      &lt;to uri=&quot;xmlsecurity:verify://enveloping?keySelector=#selector&quot; /&gt;
    &lt;to uri=&quot;mock:result&quot; /&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">In the example, the default signature algorithm <code style="font-size: 13px"><a href="http://www.w3.org/2000/09/xmldsig#rsa-sha1" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2000/09/xmldsig#rsa-sha1</a></code> is used. You can set the signature algorithm of your choice by the option <code style="font-size: 13px">signatureAlgorithm</code> (see below). The signer endpoint creates an <strong>enveloping</strong> XML signature. If you want to create an <strong>enveloped</strong> XML signature then you must specify the parent element of the Signature element; see option <code style="font-size: 13px">parentLocalName</code> for more details.</p>
                                                    <p class="diff-block-target" style="font-size: 13px"> <span class="diff-html-added" id="added-diff-9" style="font-size: 100%; background-color: #ddfade;">For creating </span><strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">detached</span></strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;"> XML signatures, see sub-chapter &quot;Detached XML Signatures as Siblings of the Signed Elements&quot;.</span> </p>
                                                    <h3 id="XMLSecuritycomponent-CommonSigningandVerifyingOptions" class="diff-block-context">Common Signing and Verifying Options</h3>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <div class="table-wrap diff-block-target">
                                                        <table class="confluenceTable" style="border-collapse: collapse; border: 1px solid #ddd;">
                                                            <tbody>
                                                                <tr>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Name</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Type</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Default</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Description</p> </th>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">uriDereferencer</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px"> <a href="http://docs.oracle.com/javase/7/docs/api/javax/xml/crypto/URIDereferencer.html" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">javax.xml.crypto.URIDereferencer</a> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">URI dereferencer. You can specify here your own URI dereferencer, if you want to restrict the dereferencing or have special requirements for dereferencing.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">baseUri</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Base URI used in the URI dereferencer. Relative URIs are concatenated with the base URI.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">cryptoContextProperties</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Map&lt;String, ? extends Object&gt;</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Crypto context properties. See <code style="font-size: 13px">javax.xml.crypto.XMLCryptoContext.setProperty(String, Object)</code>. The properties can depend on the provider. For example, the JDK provider &quot;XMLDSig&quot; has the property &quot;org.jcp.xml.dsig.validateManifests&quot; for enabling manifest validation. The following properties are set by default to the value <code style="font-size: 13px">Boolean.TRUE</code> for the XML verifier: &quot;org.jcp.xml.dsig.validateManifests&quot;, &quot;javax.xml.crypto.dsig.cacheReference&quot;. If the option <code style="font-size: 13px">secureValidation} is {{true</code> then additionally the properties &quot;org.apache.jcp.xml.dsig.secureValidation&quot; and &quot;org.jcp.xml.dsig.secureValidation&quot; are set to <code style="font-size: 13px">Boolean.TRUE</code> for the XML verifier. If you want to switch these features off you must set the property values to <code style="font-size: 13px">Boolean.FALSE</code>.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">disallowDoctypeDecl</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean.TRUE</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Indicator whether DTD DOCTYPE declarations shall be disallowed in the incoming XML message.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">omitXmlDeclaration</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean.FALSE</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Indicator whether the XML declaration header shall be omitted in the output XML message.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">clearHeaders</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean.TRUE</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Indicator whether the XML signature message headers defined in <a href="https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XmlSignatureConstants.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">XmlSignatureConstants</a> shall be deleted at the end of the signer or verifier processing.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" id="added-diff-10" style="font-size: 100%; background-color: #ddfade;">schemaResourceUri</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">String</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">null</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">Since 2.14.0</span></strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">. Classpath to the XML Schema file. If set then the XML document is validated against the XML schema. Must be set in the case of detached signatures in order to determine the attributes of type ID. </span><span><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">This value can be overwritten by the header &quot;CamelXmlSignatureSchemaResourceUri&quot;. </span><span><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">For further information, s</span></span><span><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">ee sub-chapter &quot;Detached XML Signatures as Siblings of the Signed Elements&quot;.</span></span></span></td>
                                                                </tr>
                                                            </tbody>
                                                        </table>
                                                    </div>
                                                    <h3 id="XMLSecuritycomponent-SigningOptions" class="diff-block-context">Signing Options</h3>
                                                    <p class="diff-block-context" style="font-size: 13px">The signer endpoint has the following options.</p>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <div class="table-wrap diff-block-target">
                                                        <table class="confluenceTable" style="border-collapse: collapse; border: 1px solid #ddd;">
                                                            <tbody>
                                                                <tr>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Name</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Type</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Default</p> </th>
                                                                    <th class="confluenceTh" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;background-color: #F0F0F0; font-weight: bold;; font-size: 13px"> <p style="font-size: 13px">Description</p> </th>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">keyAccessor</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px"> <a href="https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/KeyAccessor.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">KeyAccessor</a> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Provides the signing key and the KeyInfo instance. There is an example implementation which uses a keystore, see <a href="https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/DefaultKeyAccessor.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">DefaultKeyAccessor</a> </p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">addKeyInfoReference</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean.TRUE</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Indicator whether a Reference element refering the KeyInfo element provided by the key accessor should be added to the XML signature.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">signatureAlgorithm</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px"> <a href="http://www.w3.org/2000/09/xmldsig#rsa-sha1" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2000/09/xmldsig#rsa-sha1</a> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">signature algorithm consisting of a digest and encryption algorithm. The digest algorithm is used to calculate the digest of the SignedInfo element and the encryption algorithm is used to sign this digest. Possible values: <a href="http://www.w3.org/2000/09/xmldsig#dsa-sha1" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2000/09/xmldsig#dsa-sha1</a>, <a href="http://www.w3.org/2000/09/xmldsig#rsa-sha1" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2000/09/xmldsig#rsa-sha1</a>, <a href="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2001/04/xmldsig-more#rsa-sha256</a>, <a href="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2001/04/xmldsig-more#rsa-sha384</a>, <a href="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2001/04/xmldsig-more#rsa-sha512</a> </p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">digestAlgorithm</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">see description</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Digest algorithm for calculating the digest of the in-message body. If not specified then the digest algorithm of the signature algorithm is used. Possible values: <a href="http://www.w3.org/2000/09/xmldsig#sha1" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2000/09/xmldsig#sha1</a>, <a href="http://www.w3.org/2001/04/xmlenc#sha256" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2001/04/xmlenc#sha256</a>, <a href="http://www.w3.org/2001/04/xmldsig-more#sha384" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2001/04/xmldsig-more#sha384</a>, <a href="http://www.w3.org/2001/04/xmlenc#sha512" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2001/04/xmlenc#sha512</a> </p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">parentLocalName</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Local name of the parent of the Signature element. The Signature element will be added at the end of the children of the parent. Necessary for enveloped XML signature. If this option is null, then an enveloping XML signature is created. See also option <code style="font-size: 13px">parentNamespace</code>.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">parentNamespace</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Namespace of the parent of the Signature element. See option <code style="font-size: 13px">parentLocalName</code> </p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">canonicalizationMethod</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px"> <a href="http://docs.oracle.com/javase/7/docs/api/javax/xml/crypto/AlgorithmMethod.html" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">javax.xml.crypto.AlgorithmMethod</a> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">C14n</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Canonicalization method used to canonicalize the SignedInfo element before the digest is calculated. You can use the helper methods <a href="https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XmlSignatureHelper.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">XmlSignatureHelper</a>.getCanonicalizationMethod(String algorithm) or getCanonicalizationMethod(String algorithm, List&lt;String&gt; inclusiveNamespacePrefixes) to create a canonicalization method.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">transformMethods</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">List&lt;javax.xml.crypto.AlgorithmMethod&gt;</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">see description</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Transforms which are executed on the message body before the digest is calculated. By default, C14n is added and in the case of enveloped signature (see option <code style="font-size: 13px">parentLocalName</code>) also <a href="http://www.w3.org/2000/09/xmldsig#enveloped-signature" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">http://www.w3.org/2000/09/xmldsig#enveloped-signature</a> is added at position 0 of the list. Use methods in <a href="https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XmlSignatureHelper.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">XmlSignatureHelper</a> to create the transform methods.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">prefixForXmlSignatureNamespace</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px"> <code style="font-size: 13px">ds</code> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Prefix for the XML signature namespace. If <code style="font-size: 13px">null</code> is specified or an empty string then no prefix is used for the signature namespace.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">contentReferenceUri</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">see description</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">The URI of the reference to the signed content (in-message body). If <code style="font-size: 13px">null</code> and we are in the enveloped XML signature case then the URI is set to &quot;&quot;. If <code style="font-size: 13px">null</code> and we are in the enveloping XML signature case then the URI is set to &quot;generated_object_id&quot; which means that the reference points to the Object element containing the in-message body. You can use this option to reference a specific part in your in-message body if you do not want to sign the complete in-message body. This value can be overwritten by the header &quot;CamelXmlSignatureContentReferenceUri&quot;. Please be aware, if you want to use a value of an XML ID attribute (example: &quot;#ID_value&quot;), then you must provide the information about the ID attribute via a doctype definition contained in the input XML document. <span class="diff-html-added" id="added-diff-11" style="font-size: 100%; background-color: #ddfade;">This option is ignored in the case of detached signature when the option </span><em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">xpathsToIdAttributes </span></em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">is set.</span> </p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">contentReferenceType</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Value of the type attribute of the content reference. This value can be overwritten by the header &quot;CamelXmlSignatureContentReferenceType&quot;</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">plainText</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Boolean.FALSE</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Indicator whether the in-message body contains plain text. Normally, the signature generator treats the incoming message body as XML. If the message body is plain text, then you must set this option to <code style="font-size: 13px">true</code>. The value can be overwritten by the header &quot;CamelXmlSignatureMessageIsPlainText&quot;.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">plainTextEncoding</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Only used when the option <code style="font-size: 13px">plainText</code> is set to <code style="font-size: 13px">true</code>. Then you can specify the encoding of the plain text. If <code style="font-size: 13px">null</code> then UTF-8 is used. The value can be overwritten by the header &quot;CamelXmlSignatureMessageIsPlainTextEncoding&quot;.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">properties</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px"> <a href="https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XmlSignatureProperties.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">XmlSignatureProperties</a> </p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">For adding additional References and Objects to the XML signature which contain additional properties, you can provide a bean which implements the <a href="https://github.com/apache/camel/blob/master/components/camel-xmlsecurity/src/main/java/org/apache/camel/component/xmlsecurity/api/XmlSignatureProperties.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">XmlSignatureProperties</a> interface.</p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">contentObjectId</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">String</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">null</p> </td>
                                                                    <td class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"> <p style="font-size: 13px">Value of the Id attribute of the Object element. Only used in the <span class="diff-html-removed" id="removed-diff-24" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">enveloped </span><span class="diff-html-added" id="added-diff-12" style="font-size: 100%; background-color: #ddfade;">enveloping </span>XML signature case. If <code style="font-size: 13px">null</code> then a unique value is generated. Available as of <strong>2.12.2</strong> </p> </td>
                                                                </tr>
                                                                <tr>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" id="added-diff-13" style="font-size: 100%; background-color: #ddfade;">xpathsToIdAttributes</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">List&lt;</span><span style="line-height: 1.4285715;"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">XPathFilterParameterSpec</span></span><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">&gt;</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">empty list</span></td>
                                                                    <td colspan="1" class="confluenceTd" style="border: 1px solid #DDD; padding: 5px 7px; min-width: 0.6em; text-align: left; vertical-align: top;; font-size: 13px"><strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">Since 2.14.0</span></strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">. List of XPATH expressions to ID attributes of elements to be signed. Used for the detached XML Signatures. Can only be used in combination with the option </span><em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">schemaResourceUri. </span></em><span><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">The value can be overwritten by the header &quot;CamelXmlSignatureXpathsToIdAttributes&quot;. If the option </span><span><em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">parentLocalName</span></em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;"> is set at the same time then an exception is thrown. The class </span><em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">XPathFilterParameterSpec </span></em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">has the package </span><em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">javax.xml.crypto.dsig.spec</span></em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">. For further information, s</span></span><span><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">ee sub-chapter &quot;Detached XML Signatures as Siblings of the Signed Elements&quot;.</span></span></span></td>
                                                                </tr>
                                                            </tbody>
                                                        </table>
                                                    </div>
                                                    <h3 id="XMLSecuritycomponent-VerifyingOptions" class="diff-block-context">Verifying Options</h3>
                                                    <p class="diff-block-context" style="font-size: 13px">The verifier endpoint has the following options.</p>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">This does mean that the enveloping XML signature must have either the structure</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-25" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span>&lt;Signature&gt;
          &lt;SignedInfo&gt;
             &lt;Reference URI=&quot;#object&quot;/&gt;
             &lt;!-- further references possible but they must not point to an Object or Manifest containing an object reference --&gt;
             ...
          &lt;/SignedInfo&gt;

          &lt;Object Id=&quot;object&quot;&gt;
               &lt;!-- contains one XML element which is extracted to the message body --&gt;
          &lt;Object&gt;
          &lt;!-- further object elements possible which are not referenced--&gt;
          ...
          (&lt;KeyInfo&gt;)?
    &lt;/Signature&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">or the structure</p>
                                                    <table class="diff-macro diff-block-target diff-block-context" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-26" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;"> </span>&lt;Signature&gt;
          &lt;SignedInfo&gt;
             &lt;Reference URI=&quot;#manifest&quot;/&gt;
             &lt;!-- further references  are possible but they must not point to an Object or other manifest containing an object reference --&gt;
             ...
          &lt;/SignedInfo&gt;

          &lt;Object &gt;
             &lt;Manifest Id=&quot;manifest&quot;&gt;
                &lt;Reference URI=#object/&gt;
             &lt;/Manifest&gt;
          &lt;/Objet&gt;
          &lt;Object Id=&quot;object&quot;&gt;
              &lt;!-- contains the DOM node which is extracted to the message body --&gt;
          &lt;/Object&gt;
           &lt;!-- further object elements possible which are not referenced --&gt;
          ...
          (&lt;KeyInfo&gt;)?
    &lt;/Signature&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <h3 id="XMLSecuritycomponent-DetachedXMLSignaturesasSiblingsoftheSignedElements" class="diff-block-target diff-block-context"> <span class="diff-html-added" id="added-diff-14" style="font-size: 100%; background-color: #ddfade;">Detached XML Signatures as Siblings of the Signed Elements</span> </h3>
                                                    <p class="diff-block-target diff-block-context" style="font-size: 13px"> <strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">Since 2.14.0</span></strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">.</span> </p>
                                                    <p class="diff-block-target diff-block-context" style="font-size: 13px"> <span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">You can create detached signatures where the signature is a sibling of the signed element. The following example contains two detached signatures. The first signature is for the element &quot;C&quot; and the second signature is for element &quot;A&quot;. The signatures are </span><strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">nested</span></strong><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">; the second signature is for the element A which also contains the first signature.</span> </p>
                                                    <table class="diff-macro diff-html-added diff-block-target diff-block-context" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;background-color: #ddfade;border-color: #93c49f;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</span></th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">title</span></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">Example Detached XML Signatures</span></td>
                                                                            </tr>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">language</span></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">xml</span></td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">&lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot; ?&gt;
&lt;root&gt;
    &lt;A ID=&quot;IDforA&quot;&gt;
        &lt;B&gt;
            &lt;C ID=&quot;IDforC&quot;&gt;
                &lt;D&gt;dvalue&lt;/D&gt;
            &lt;/C&gt;
            &lt;ds:Signature xmlns:ds=&quot;http://www.w3.org/2000/09/xmldsig#&quot;
                Id=&quot;_6bf13099-0568-4d76-8649-faf5dcb313c0&quot;&gt;
                &lt;ds:SignedInfo&gt;
                    &lt;ds:CanonicalizationMethod
                        Algorithm=&quot;http://www.w3.org/TR/2001/REC-xml-c14n-20010315&quot; /&gt;
                    &lt;ds:SignatureMethod
                        Algorithm=&quot;http://www.w3.org/2000/09/xmldsig#rsa-sha1&quot; /&gt;
                    &lt;ds:Reference URI=&quot;#IDforC&quot;&gt;
                        ...
                    &lt;/ds:Reference&gt;
                &lt;/ds:SignedInfo&gt;
                &lt;ds:SignatureValue&gt;aUDFmiG71&lt;/ds:SignatureValue&gt;
            &lt;/ds:Signature&gt;
        &lt;/B&gt;
    &lt;/test&gt;
    &lt;ds:Signature xmlns:ds=&quot;http://www.w3.org/2000/09/xmldsig#&quot;Id=&quot;_6b02fb8a-30df-42c6-ba25-76eba02c8214&quot;&gt;
        &lt;ds:SignedInfo&gt;
            &lt;ds:CanonicalizationMethod
                Algorithm=&quot;http://www.w3.org/TR/2001/REC-xml-c14n-20010315&quot; /&gt;
            &lt;ds:SignatureMethod
                Algorithm=&quot;http://www.w3.org/2000/09/xmldsig#rsa-sha1&quot; /&gt;
            &lt;ds:Reference URI=&quot;#IDforA&quot;&gt;
                ...
            &lt;/ds:Reference&gt;
        &lt;/ds:SignedInfo&gt;
        &lt;ds:SignatureValue&gt;q3tvRoGgc8cMUqUSzP6C21zb7tt04riPnDuk=&lt;/ds:SignatureValue&gt;
    &lt;/ds:Signature&gt;
&lt;root&gt;</span>
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-target diff-block-context" style="font-size: 13px"> <span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">The example shows that you can sign several elements and that for each element a signature is created as sibling. The elements to be signed must have an attribute of type ID. The ID type of the attribute must be defined in the XML schema (see option&nbsp;</span><span><em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">schemaResourceUri</span></em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">).</span></span><span style="line-height: 1.4285715;"><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">&nbsp;You specify a list of XPATH expressions pointing to attributes of type ID (see option </span><em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">xpathsToIdAttributes</span></em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">). These attributes determine the elements to be signed. The elements are signed by the same key given by the </span><span><em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">keyAccessor</span></em><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;"> bean</span></span><span class="diff-html-added" style="font-size: 100%; background-color: #ddfade;">. Ements with higher (=deeper) hierarachy level are signed first. In the example, the element &quot;C&quot; is signed before the element &quot;A&quot;.</span></span> </p>
                                                    <p class="diff-block-context" style="font-size: 13px"> <span style="line-height: 1.4285715;"> <br /> </span> </p>
                                                    <h3 id="XMLSecuritycomponent-SeeAlso" class="diff-block-context">See Also</h3>
                                                    <ul class="diff-block-context">
                                                        <li style="font-size: 13px"> <a href="http://www.w3.org/TR/xmldsig-bestpractices/" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">Best Practices</a> </li>
                                                    </ul>
                                                </div>
                                            </div>
                                        </div>
                                        <table id="email-actions" class="email-metadata" cellspacing="0" cellpadding="0" border="0" width="100%" style="border-top: 1px solid #bbb; color: #505050; margin: 8px 0 0 0; padding: 0; color: #505050">
                                            <tbody>
                                                <tr>
                                                    <td class="left" valign="top" style="font-size: 13px; padding-top: 8px; max-width: 45%; text-align: left"> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/display/CAMEL/XML+Security+component" style="color: #326ca6; text-decoration: none">View Online</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/plugins/likes/like.action?contentId=34018151" style="color: #326ca6; text-decoration: none">Like</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=34018151&amp;revisedVersion=14&amp;originalVersion=13" style="color: #326ca6; text-decoration: none">View Changes</a> </span> </td>
                                                    <td class="right" width="50%" valign="top" style="font-size: 13px; padding-top: 8px; text-align: right"> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/users/removespacenotification.action?spaceKey=CAMEL" style="color: #326ca6; text-decoration: none">Stop watching space</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/users/editmyemailsettings.action" style="color: #326ca6; text-decoration: none">Manage Notifications</a> </span> </td>
                                                </tr>
                                            </tbody>
                                        </table> </td>
                                </tr>
                            </tbody>
                        </table> </td>
                </tr>
                <tr>
                    <td id="email-footer" align="center" style="font-size: 13px; padding: 0 16px 32px 16px; margin: 0"> <small style="font-size: 11px"> This message was sent by <a class="email-footer-link" style="color:#505050;font-size:11px;text-decoration:none;; color: #326ca6; text-decoration: none; color: #505050; font-size: 11px" href="http://www.atlassian.com/software/confluence">Atlassian Confluence</a> 5.0.3, <a class="email-footer-link" style="color:#505050;font-size:11px;text-decoration:none;; color: #326ca6; text-decoration: none; color: #505050; font-size: 11px" href="http://www.atlassian.com/software/confluence/overview/team-collaboration-software?utm_source=email-footer">Team Collaboration Software</a> </small> </td>
                </tr>
            </tbody>
        </table>
    </body>
</html>
Mime
View raw message