On 1/26/11 2:08 PM, Eric Johnson wrote:
Hi Sean,
On 1/26/11 10:26 AM, Sean Mullan wrote:
On 1/25/11 12:07 PM, Eric Johnson wrote:
Hi Sean,
Excellent!
I forgot to mention one very significant detail in my original email:
Using a non-DOM implementation can be significantly faster. Just looking at the
timing of the matching test cases, the non-DOM XML tree we've got running looks
to run the test cases against the XML Security library approximately 30% faster,
at least that was a pattern I noticed a while back.
Great. I haven't looked at your code yet, but did you implement a JSR 105
provider using GenXDM? When we designed the JSR 105 API, one of our goals was
to design it so that non-DOM implementations could be plugged in. I would be
curious as to your experience with that and how well the API fit your needs.
I'm guessing that would be this issue:
http://code.google.com/a/apache-extras.org/p/santuario-genxdm/issues/detail?id=10
I certainly had to touch that code. For JDK 1.6 compatibility, I renamed the
implementation from org.jcp.... to org.apache.jcp.... Given what I've seen, I
think writing the support will go pretty quickly.
I suspect the real work here is that duplicating all the test cases that use the
existing JSR 105 code, but instead of using DOM, will have to use GenXDM.
Right, the work you did to port the org.jcp code to use GenXDM is definitely
needed, but to be able to plug into the JSR 105 API, I believe you'll also need
to create a "GenXDM" XMLSignatureFactory implementation and additional
subclasses of the JSR 105 API (similar to those in the javax.xml.crypto.dom and
javax.xml.crypto.dsig.dom packages). Basically, I think the goal would be to
make the JSR 105 samples in the Santuario samples work properly with your
implementation. Let me know if that makes sense.
--Sean
I was inspired by your questions to throw together a page describing some of the
key differences of this port from the official project:
http://code.google.com/a/apache-extras.org/p/santuario-genxdm/wiki/DifferencesFromSantuario
-Eric.
--Sean
-Eric.
On 1/25/11 8:16 AM, Sean Mullan wrote:
Thanks for sending the link to your project, it sounds interesting and I will
try to check it out in more detail when I have more time.
--Sean
On 1/20/11 6:34 PM, Eric Johnson wrote:
You might have noticed the addition of:
http://code.google.com/a/apache-extras.org/p/santuario-genxdm/
to the "Apache Extras" hosted site.
This project aims to be a fully compatible port of the existing XML Security
APIs that works using the GenXDM APIs that we've been developing, instead of
DOM. We brought the GenXDM project <http://code.google.com/p/genxdm/> to the
attention of the Apache Incubator some time back (we called in gXML at the
time
<http://wiki.apache.org/incubator/gXMLProposal>).
Our overall aim is to bring GenXDM back to Apache for incubation, so that
ports
of libraries like XML Security can then build on top of the capabilities of
GenXDM. To that end, we've done this particular port to attract interest,
and to
prove out the potential, and the capabilities.
We have, with this port, demonstrated the ability to use the full
functionality
of the XML Security library over non-DOM XML trees, including a new set of
tests
that verify using non-DOM trees with the updated XML Security APIs.
Please come look at what we've got! Let us know what you think. Better yet,
join
the GenXDM project, and help us make it a success!
-Eric.
