[jdom-interest] XML Signature

Per Norrman per.norrman at austers.se
Fri Sep 17 05:47:23 PDT 2004


Hello list,

Mainly for the purpose of learning the Java Security API, I have
experimented with implementing XML Signature for JDOM. I really do
not have very much in terms of code at this point, but I have done some
initial "feasbility" analysis. Producing a limited set of signatures
is possible, e.g. an enveloped signature with a sigle emtpy reference
or a detached signature with one or more external reference without
complicated transforms.

However, supporting all kinds of signatures and especially verifying
will be difficult for two reasons: 1) lot's of work and 2) JDOM's lack
of support for doc.getElementById.

Also, I don't trust Jaxen for the advanced XPath stuff that XML Signature
is employing, but instead rely on saxon, which can handle JDOM trees.

So, what is the interest of such a beast? Is it worthwhile to
continue with this and perhaps produce a working solution?

BTW, I propose we add Document#getElementById(String id) in the
next release.

/per norrman


More information about the jdom-interest mailing list