RE: XML Security & JAXB

2007-11-07 Thread Scott Cantor
> We have a schema we bind to Java using JAXB (and C++ with LMX) which > works well. I know have been asked to encrypt certain element data. How > can I do this and not loose the schema to POJO binding? > > What is the best way to accomplish this? > Does XSD support XML Security in some way? > Do

RE: XML Security & JAXB

2007-11-07 Thread Lucas, Mike
I've done this by using JAXB to build the full unencrypted XML, then marshalling to a org.w3c.dom.Document and using XML Security library to perform encryption on the Document object. I realise this may not be the best solution in all cases, especially if you need to get the Document back into JAX

XML Security & JAXB

2007-11-07 Thread Dave Hoffer
We have a schema we bind to Java using JAXB (and C++ with LMX) which works well. I know have been asked to encrypt certain element data. How can I do this and not loose the schema to POJO binding? What is the best way to accomplish this? Does XSD support XML Security in some way? Does JAXB or oth

RE: XML Security & JAXB

2007-11-07 Thread Dave Hoffer
Thanks for the reply... In my case I start with XML with (possibly) encrypted content, I then need to get to POJOs. XML is essentially the data storage medium. I don't see how to accomplish this. -dh -Original Message- From: Lucas, Mike [mailto:[EMAIL PROTECTED] Sent: Wednesday, Nov

RE: XML Security & JAXB

2007-11-07 Thread Lucas, Mike
Hey Dave, We do the same thing actually; sorry I was thinking you were starting with XML that you had to encrypt. What we do is take the XML and load it into a Document object first, then do the decryption if necessary. (The decryption modifies the Document object.) Finally we pass the Document to

Re: XML Security & JAXB

2007-11-07 Thread Bradley Beddoes
Hi Dave, I have a library you can take a look at its OSS Apache 2.0 and I've already dealt with all of the pain. Its tagged as a SAML 2.0 library but in reality you could feed it any schema and get going infact we have plans to generalize it out sometime in the future when that magical day I'

RE: XML Security & JAXB

2007-11-07 Thread Lucas, Mike
Hi Bradley, Do you have a general description / homepage for your library? -Original Message- From: Bradley Beddoes [mailto:[EMAIL PROTECTED] Sent: November 7, 2007 3:16 PM To: security-dev@xml.apache.org Subject: Re: XML Security & JAXB Hi Dave, I have a library you can take a look at

RE: XML Security & JAXB

2007-11-07 Thread Dave Hoffer
Mike, Okay, that sounds good. How do you deal with the XML schema? Since JAXB needs the XSD of the un-encrypted XML(my assumption), I assume your XSD is un-aware of any encryption? You say you load the XML into a Document object first and then do the decryption if necessary. How do you know if

RE: XML Security & JAXB

2007-11-07 Thread Lucas, Mike
With SAML it's quite easy: 1. There's only one XSD. It defines that certain elements can be encrypted and if encrypted they will have different names. E.g. will be replaced by . The element can appear anywhere the element can. 2. I check for encryption simply by looking for the presence of any

Re: XML Security & JAXB

2007-11-07 Thread Bradley Beddoes
Hi, At the moment its just part of the larger ESOE project (SAML 2 based SSO solution) at http://esoeproject.org I will be getting around to giving it a standalone page at sometime but we haven't gotten to that yet. Bradley Lucas, Mike wrote: Hi Bradley, Do you have a general description /

RE: XML Security & JAXB

2007-11-07 Thread Dave Hoffer
I see how you can read and decrypt an XML file. Can you then take this Document and feed it to JAXB to get POJOs? You mention that the XML Security library will modify the Document object which is what I would expect. Do you then have either a Document object or XSD that is usable by JAXB to g