It seems like when I’m reading a signed XML document I can register a
SecurityEventListener:
InboundXMLSec inboundXmlSec = XMLSec.getInboundWSSec(properties);
XMLStreamReader reader =
inboundXmlSec.processInMessage(xmlStreamReader, null, eventListener);
The SecurityEventListener will get SecurityEvent callbacks and one of the
callbacks is a SignatureValueSecurityEvent [1] which would let me retrieve the
actual signature bytes hat are base64’d into the document.
I would really like to retrieve the XML Signature byte[] at write time. That is
after I call XMLStreamWriter.close() I really need to know what XML signature
ended up in the doc. I could read the doc back in but this seems very wasteful
with Stax. Is there any way to retrieve the signature byte[] at write time? Can
I register a SecurityEventListener to be invoked by the outbound processing
chain?
[1]
https://santuario.apache.org/Java/api/org/apache/xml/security/stax/securityEvent/SignatureValueSecurityEvent.html
