santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Mullan <Sean.Mul...@Sun.COM>
Subject Re: Problem with URI resolving in xml-security 1.4.1 with FragmentResolver
Date Fri, 15 Feb 2008 14:24:07 GMT
Lopez Cantero, Sergio wrote:
> Hi,
> 
> I am trying to implement XaDES signatures with the apache API
> 
> I’m doing all the Signed and Unsigned properties myself.
> 
> The problem is that QualifyingProperties go inside a ds:object and 
> version 1.4.1 can’t resolve the URI of the Signed Properties to get the 
> digest.
> 
> This works on 1.4.0 and the class that does this is: 
> org.apache.xml.security.utils.IdResolver
> 
> Any Ideas?

Hmm, well I'm not sure why it worked in 1.4.0 and doesn't work in 1.4.1. 
If you send a testcase, I'll have a look. However, the IdResolver does 
not have builtin knowledge of the XaDES schema. It does try to guess 
where the ID attributes are but this is not really safe, and it is also 
slow. Your best solution is to use one of the following: use a 
schema-validating parser, register the ID attributes yourself (see 
IdResolver.registerElementById), or implement your own IdResolver class 
that is XaDES aware.

> Is anyone having the same problem? Will there be a 1.4.2 version fixing 
> this?

I would like to get a 1.4.2 release out in the next couple of months. 
There have been many bug fixes integrated since 1.4.1 and the open bug 
count is small. If anyone has an open bug that you think really needs to 
be fixed, let me know.

Thanks,
Sean

Mime
View raw message