[xmlsec] Setting base for evaluating Reference URIs when signing

Aleksey Sanin aleksey at aleksey.com
Wed Sep 3 07:24:29 PDT 2008

Probably, you will need to write your own I/O callbacks



Jonathan Share wrote:
> Jonathan Share wrote:
>> Hi,
>> My background is that I'm writing a Pylons web application that will 
>> sign Widgets based on the current state of the w3c spec[1].
>> In order to do this I'm extracting the widget to a temporary directory 
>> and then using the PyXmlSec wrapper around the xmlsec library to 
>> create the Signature Template in memory creating Reference elements 
>> relative to the root of where I extracted the zip file, something like 
>> this.
>> <Reference URI="config.xml">
>> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>> <DigestValue></DigestValue>
>> </Reference>
> Erm, don't know what happened to the end of my mail there.
> I had continued something like...
> Problem is that when trying to sign the template xmlsec doesn't know 
> where to resolve the relative URIs relative to so uses the current 
> working directory. This works fine in a command line script but not 
> suitable for a web application.
> So the core question is, how can I tell xmlsec which uri/path to use as 
> a base for evaluating relative URIs?
> Googling around hasn't turned up much, the closest being a reference in 
> the Apache Java Xml Security library for a BaseURI property somewhere 
> that sounds like it does what I want, so I'm looking for the xmlsec 
> equivalent. Any help finding it would be appreciated.
> Kind Regards,
> Jon
> [1] http://dev.w3.org/2006/waf/widgets-digsig/
> [2] http://xml.apache.org/security/Java/faq.html#baseURI
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec

More information about the xmlsec mailing list