Re: XMLSignature

Wed, 15 Jul 2009 13:08:45 -0700

So I went back and checked the source history and it appears that the XMLSignature class used to be non-final way back in 2002. There are no useful comments or bug associated with this change so it appears the rationale for this change has been lost, unless one of the previous active committers remembers.
We *could* consider changing it back, but I think it would be unwise for you to depend on this type of design, as there is a risk that something may change in the class internals or API that would break your implementation in the future. 


Have you considered other alternatives, like using the standard JSR 105 API or 
using composition instead of inheritance?


--Sean

Julien PASQUIER wrote:

Hi all,


Why is not possible to delete the "final" declaration of the 
org.apache.xml.security.signature.XMLSignature ?


Thanks for your response.
Regards,
Julien

Ernesto Arroyo Ron a écrit :

Ah,


sometime ago, we tried to implement a XADES class with some special 
behaviour (mainly to manage big files, you know: the c14n issues with

big files),...

In our first design, the "elegant one" we decided to extend
org.apache.xml.security.signature.XMLSignature with our methods for big
files. But we could not because of the "final" keyword

So I was in the same point about the "final" keyword and I am interested
in solutions or designs for this kind of requirements.....

Thanks



 
 
Ernesto Arroyo Ron, CISSP,CISA,CISM    
 
-----Mensaje original-----
De: Julien PASQUIER [mailto:julienpasqu...@free.fr] Enviado el: lunes, 
13 de julio de 2009 17:31

Para: security-dev@xml.apache.org
Asunto: Re: XMLSignature

Hi Sean,

Thank you for your response.


I would like implement a XAdESSignature class which extends the 
org.apache.xml.security.signature.XMLSignature class.


Regards,
Julien Pasquier

Sean Mullan wrote :

 

Julien PASQUIER wrote:

   

Hi all,


I would like to create a class which extends the XMLSignature class 
but it is not possible because XMLSignature class is declared as 
"final".


Is it possible te remove the "final" declaration from the XMLSecurity

      



 

class in the next release of XMLSecurity (v1.4.3) ?

      

The XMLSignature classes 
(org.apache.xml.security.signature.XMLSignature and 
javax.xml.crypto.dsig.XMLSignature) are not designed to be subclassed.
    



 

Instead, I would ask what you are trying to do and have you considered

    



 

other solutions?

--Sean




    




  


























					Reply via email to