OpenSAML user discussion

["Scott Cantor" <>]

> I'm trying to verify a Signature with a
> org.opensaml.xml.signature.SignatureValidator but using the latest
> revision from svn I can't find the class SignatureValidator (It was
> present in TP2). So what can i do ?

At a quick glance, I would guess that it was eliminated in favor of a trust
engine oriented approach. The use of the validator to simply verify a
signature using a known key (or even worse, a key from the signature) is
pathological, and basically worthless. I still have a validator in C++ but
it's largely stupid, so I may pull it myself.

TrustEngines are the way you supply external trust infrastructure to verify
signatures. I don't know if that stuff is documented yet. The class
hierarchy appears to have shifted a bit from the last time I looked at it
with more use of generics to refactor the base classes.

My best guess is the BasicX509SignatureTrustEngine class is probably the
equivalent of the old validator.

-- Scott