Skip to Content.
Sympa Menu

mace-opensaml-users - RE: opensaml 0.9 DOM3 interface usage...

Subject: OpenSAML user discussion

List archive

RE: opensaml 0.9 DOM3 interface usage...


Chronological Thread 
  • From: Scott Cantor <>
  • To: "'Molitor, Mark'" <>,
  • Subject: RE: opensaml 0.9 DOM3 interface usage...
  • Date: Tue, 11 Nov 2003 13:10:33 -0500
  • Importance: Normal
  • Organization: The Ohio State University

There are two usages of DOM3 calls. One is in 0.9, the other only in cvs.

The most important is the setIdAttribute calls. Put simply, signatures can't
work without it. There is no way in XML to designate an attribute as an ID
when creating a document, only after parsing with a schema. Secondly, if I
decide later to make validation optional, even then I need to use it.

Signatures in SAML and in most other specs use ID attributes as a way of
designating coverage.

So, basically, if you don't need signing, you can comment out the calls. If
you do, and you probably will in the future, you don't have much choice.

The second use is the adoptNode method which makes it possible to use DOM
trees as parameters and efficiently get them imported into a different
document. It's not impossible to get around it, but since I depend on DOM3
anyway for a critical purpose (signing), I didn't try.

I wish they had fixed the ID problem in DOM2, but I wasn't left with much
choice. I also wish Java had #ifdefs so I could easily support multiple
builds, but if someone has a suggestion for how to achieve that goal, let me
know and I'll consider it.

-- Scott

---------------------------------------------------mace-opensaml-users-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at

http://archives.internet2.edu/

---------------------------------------------------mace-opensaml-users--




Archive powered by MHonArc 2.6.16.

Top of Page