XML Security Suite: Increasing the Security of E-Business
By Doug Tidwell2005-05-18
Signing an internal XML resource
|
|
To create digital signatures, use the SampleSign application. This application is shipped with the XML Security Suite, and is found in the
xss4j/samples directory. Our first signature will be for an internal XML resource. This means that the digital signature and the XML resource are all in the same file. Here's how sonnet.xml is signed to generate signature.xml:Listing 2. SampleSign application
|
(BTW, this command was entered as a single line.)
Notice that the alias, private key password, and key store password are the same as from Listing 1, the keytool command. Also notice the use of the file: URL instead of a simple filename, and that the output is piped (using the > operator) into the file signature.xml. The results of this command are the document shown in signature.xml.
Tutorial Pages:
» A brief overview of Web security
» Creating a secure session
» The XML Security Suite
» XML Signatures
» About the sample programs
» Creating a certificate
» Signing an internal XML resource
» Signing an external XML resource
» Signing a non-XML resource
» Verifying a digital signature
» The joys of nonrepudiability
» Canonical XML
» Element-level encryption
» Other utilities
» Summary
» Resources
First published by IBM DeveloperWorks
|
