[xmlsec] Setting base for evaluating Reference URIs when signing
Aleksey Sanin
aleksey at aleksey.com
Wed Sep 3 07:24:29 PDT 2008
Probably, you will need to write your own I/O callbacks
https://www.aleksey.com/xmlsec/api/xmlsec-io.html#XMLSECIOREGISTERCALLBACKS
Aleksey
Jonathan Share wrote:
> Jonathan Share wrote:
>> Hi,
>>
>> My background is that I'm writing a Pylons web application that will
>> sign Widgets based on the current state of the w3c spec[1].
>>
>> In order to do this I'm extracting the widget to a temporary directory
>> and then using the PyXmlSec wrapper around the xmlsec library to
>> create the Signature Template in memory creating Reference elements
>> relative to the root of where I extracted the zip file, something like
>> this.
>>
>> <Reference URI="config.xml">
>> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>> <DigestValue></DigestValue>
>> </Reference>
>
> Erm, don't know what happened to the end of my mail there.
>
> I had continued something like...
>
> Problem is that when trying to sign the template xmlsec doesn't know
> where to resolve the relative URIs relative to so uses the current
> working directory. This works fine in a command line script but not
> suitable for a web application.
>
> So the core question is, how can I tell xmlsec which uri/path to use as
> a base for evaluating relative URIs?
>
> Googling around hasn't turned up much, the closest being a reference in
> the Apache Java Xml Security library for a BaseURI property somewhere
> that sounds like it does what I want, so I'm looking for the xmlsec
> equivalent. Any help finding it would be appreciated.
>
> Kind Regards,
>
> Jon
>
> [1] http://dev.w3.org/2006/waf/widgets-digsig/
> [2] http://xml.apache.org/security/Java/faq.html#baseURI
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list