Excellent idea. I went with the hosts option. For those interested, I found that while I was using the digital signature schema locally, it was reaching out to the XMLSchema.dtd and datatypes.dtd online. I made local copies of those and created a custom EntityResolver. Everything works fine.
On Mon, Apr 4, 2011 at 11:32 AM, Cantor, Scott E. <[email protected]> wrote: > On 4/4/11 11:26 AM, "Michael Bishop" <[email protected]> wrote: > >That sounds reasonable. The only schema validation I'm doing is the > >digital signature against the digital signature schema. I'm using the > >internal one (org.apache.xml.security.resource.schema) and that one > >doesn't appear to link to other entities. I assume I should still take > >over entity resolution nonetheless? Maybe it's still trying to generate > >a call to the schema on the web? > > Easy enough to find out, you can set an /etc/hosts entry for the relevant > host. (Or use Wireshark of course.) > > -- Scott > >
