XML Security Suite: Increasing the Security of E-Business

By Doug Tidwell
2005-05-18


Signing an external XML resource
Signing an external XML resource means that the <Signature> document contains the URI of the XML resource, not the resource itself. To create this kind of digital signature, use the -extxml option:

Listing 3. SampleSign application with -extxml option

java SampleSign xss4j security openstds -extxml file:///d:/xss4j/samples/sonnet.xml > external-signature.xml

This produces a document similar to signature.xml, except the actual XML document is not contained in the <Signature>.

Tutorial Pages:
» A brief overview of Web security
» Creating a secure session
» The XML Security Suite
» XML Signatures
» About the sample programs
» Creating a certificate
» Signing an internal XML resource
» Signing an external XML resource
» Signing a non-XML resource
» Verifying a digital signature
» The joys of nonrepudiability
» Canonical XML
» Element-level encryption
» Other utilities
» Summary
» Resources


First published by IBM DeveloperWorks

Related Tutorials: » Starting with XML » Performing Client-Side XSL Transformations » Create a Google Sitemap for your Web Site » XML and Scripting Languages » Parsing Comma-Separated Values » Servlets and XML: Made for Each Other

Tutorials AJAX ASP CGI & Perl CSS Flash HTML Illustrator Java JavaScript Linux MySQL PHP Photoshop Python Wireless XML Miscellaneous Scripts AJAX ASP ASP.NET CGI & Perl Flash Java JavaScript PHP Python Remotely Hosted Tools & Utilities XML Web Hosting Articles ASP.NET Budget Dedicated Servers Ecommerce Linux Resellers Shared Small Business Windows Developer Manuals Learn HTML Learn PHP Learn CSS Learn AJAX Learn JavaScript Learn Pear White Papers Resources Developer Tools Developer Content