Hi Sean,
On 1/26/11 1:32 PM, Sean Mullan wrote:
On 1/26/11 2:08 PM, Eric Johnson wrote:
Hi Sean,
On 1/26/11 10:26 AM, Sean Mullan wrote:
On 1/25/11 12:07 PM, Eric Johnson wrote:
Hi Sean,
Excellent!
I forgot to mention one very significant detail in my original email:
Using a non-DOM implementation can be significantly faster. Just
looking at the
timing of the matching test cases, the non-DOM XML tree we've got
running looks
to run the test cases against the XML Security library
approximately 30% faster,
at least that was a pattern I noticed a while back.
Great. I haven't looked at your code yet, but did you implement a
JSR 105
provider using GenXDM? When we designed the JSR 105 API, one of our
goals was
to design it so that non-DOM implementations could be plugged in. I
would be
curious as to your experience with that and how well the API fit
your needs.
I'm guessing that would be this issue:
http://code.google.com/a/apache-extras.org/p/santuario-genxdm/issues/detail?id=10
I certainly had to touch that code. For JDK 1.6 compatibility, I
renamed the
implementation from org.jcp.... to org.apache.jcp.... Given what I've
seen, I
think writing the support will go pretty quickly.
I suspect the real work here is that duplicating all the test cases
that use the
existing JSR 105 code, but instead of using DOM, will have to use
GenXDM.
Right, the work you did to port the org.jcp code to use GenXDM is
definitely needed, but to be able to plug into the JSR 105 API, I
believe you'll also need to create a "GenXDM" XMLSignatureFactory
implementation and additional subclasses of the JSR 105 API (similar
to those in the javax.xml.crypto.dom and javax.xml.crypto.dsig.dom
packages). Basically, I think the goal would be to make the JSR 105
samples in the Santuario samples work properly with your
implementation. Let me know if that makes sense.
Yes, absolutely. That's about where my understanding has been at. I've
just not gotten around to that, hence the bug I filed against myself....
Thanks for checking.
-Eric.
--Sean
I was inspired by your questions to throw together a page describing
some of the
key differences of this port from the official project:
http://code.google.com/a/apache-extras.org/p/santuario-genxdm/wiki/DifferencesFromSantuario
-Eric.
--Sean
-Eric.
On 1/25/11 8:16 AM, Sean Mullan wrote:
Thanks for sending the link to your project, it sounds interesting
and I will
try to check it out in more detail when I have more time.
--Sean
On 1/20/11 6:34 PM, Eric Johnson wrote:
You might have noticed the addition of:
http://code.google.com/a/apache-extras.org/p/santuario-genxdm/
to the "Apache Extras" hosted site.
This project aims to be a fully compatible port of the existing
XML Security
APIs that works using the GenXDM APIs that we've been developing,
instead of
DOM. We brought the GenXDM project
<http://code.google.com/p/genxdm/> to the
attention of the Apache Incubator some time back (we called in
gXML at the
time
<http://wiki.apache.org/incubator/gXMLProposal>).
Our overall aim is to bring GenXDM back to Apache for incubation,
so that
ports
of libraries like XML Security can then build on top of the
capabilities of
GenXDM. To that end, we've done this particular port to attract
interest,
and to
prove out the potential, and the capabilities.
We have, with this port, demonstrated the ability to use the full
functionality
of the XML Security library over non-DOM XML trees, including a
new set of
tests
that verify using non-DOM trees with the updated XML Security APIs.
Please come look at what we've got! Let us know what you think.
Better yet,
join
the GenXDM project, and help us make it a success!
-Eric.
