Mike, Okay, that sounds good. How do you deal with the XML schema? Since JAXB needs the XSD of the un-encrypted XML(my assumption), I assume your XSD is un-aware of any encryption?
You say you load the XML into a Document object first and then do the decryption if necessary. How do you know if it is necessary? Do you have yet another document (XSD or something) that defines what is encrypted so you know what to do? What does your process look like? -Dave -----Original Message----- From: Lucas, Mike [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 07, 2007 3:30 PM To: security-dev@xml.apache.org Subject: RE: XML Security & JAXB Hey Dave, We do the same thing actually; sorry I was thinking you were starting with XML that you had to encrypt. What we do is take the XML and load it into a Document object first, then do the decryption if necessary. (The decryption modifies the Document object.) Finally we pass the Document to JAXB which unmarshalls it into Java objects (POJOs). -Mike -----Original Message----- From: Dave Hoffer [mailto:[EMAIL PROTECTED] Sent: November 7, 2007 1:46 PM To: security-dev@xml.apache.org Subject: RE: XML Security & JAXB Thanks for the reply... In my case I start with XML with (possibly) encrypted content, I then need to get to POJOs. XML is essentially the data storage medium. I don't see how to accomplish this. -dh -----Original Message----- From: Lucas, Mike [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 07, 2007 11:01 AM To: security-dev@xml.apache.org Subject: RE: XML Security & JAXB I've done this by using JAXB to build the full unencrypted XML, then marshalling to a org.w3c.dom.Document and using XML Security library to perform encryption on the Document object. I realise this may not be the best solution in all cases, especially if you need to get the Document back into JAXB again (could be a significant performance impact). It worked well for me because I could do the encryption as the final step before returning the XML to the caller. -----Original Message----- From: Dave Hoffer [mailto:[EMAIL PROTECTED] Sent: November 7, 2007 9:40 AM To: security-dev@xml.apache.org Subject: XML Security & JAXB We have a schema we bind to Java using JAXB (and C++ with LMX) which works well. I know have been asked to encrypt certain element data. How can I do this and not loose the schema to POJO binding? What is the best way to accomplish this? Does XSD support XML Security in some way? Does JAXB or other binding implementation support XML Security? -Dave
