[xmlsec] Setting base for evaluating Reference URIs when signing
Jonathan Share
jshare at opera.com
Wed Sep 3 02:48:09 PDT 2008
Jonathan Share wrote:
> Hi,
>
> My background is that I'm writing a Pylons web application that will
> sign Widgets based on the current state of the w3c spec[1].
>
> In order to do this I'm extracting the widget to a temporary directory
> and then using the PyXmlSec wrapper around the xmlsec library to create
> the Signature Template in memory creating Reference elements relative to
> the root of where I extracted the zip file, something like this.
>
> <Reference URI="config.xml">
> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> <DigestValue></DigestValue>
> </Reference>
Erm, don't know what happened to the end of my mail there.
I had continued something like...
Problem is that when trying to sign the template xmlsec doesn't know
where to resolve the relative URIs relative to so uses the current
working directory. This works fine in a command line script but not
suitable for a web application.
So the core question is, how can I tell xmlsec which uri/path to use as
a base for evaluating relative URIs?
Googling around hasn't turned up much, the closest being a reference in
the Apache Java Xml Security library for a BaseURI property somewhere
that sounds like it does what I want, so I'm looking for the xmlsec
equivalent. Any help finding it would be appreciated.
Kind Regards,
Jon
[1] http://dev.w3.org/2006/waf/widgets-digsig/
[2] http://xml.apache.org/security/Java/faq.html#baseURI
More information about the xmlsec
mailing list