Re: xmlsec-c question about XSECEnv

2005-01-11 Thread Berin Lautenbach 
In an ideal world you shouldn't have to touch XSECEnv at all.  The idea 
is a way to pass information between the various library components 
about a particular piece of XML.  As an example, the XENCCipher class 
"owns" an instance of XSECEnv.  It then passes it to all the other XENC 
classes that it uses to actually build an encrypted (or decrypted) 
piecce of XML.

So the class is created per XML instance - but all the objects that 
exist around that instance should have pointers to that single instance.

My read of below is that you are lifting bits of code from the library 
to use in your own stuff rather than actually calling the library 
through the API?  XSECEnv is supposed to be hidden from normal use, so 
I'd be concerned if there is somewhere you have to manipulate it for 
normal use of the library.

Cheers,
Berin
Scott Cantor wrote:
I'm starting to incoporate a few pieces of the XML Encryption classes into
some of my project, and I had a question about the XSECEnv class,
specifically about the DOMDocument parameter in the c'tor, and how to use
this class.
Is this object supposed to be created per XML instance being manipulated? It
seems like more of a global settings object that would be static and common
across the library.
I looked at the code, and I can see that right now there wouldn't be much
harm if I passed NULL in, but obviously I can't depend on that behavior.
-- Scott

Apache XML Security 1.2 for Java

2005-01-11 Thread Egor Pervuninski 
Hello,

Recently I tried to upgrade my project to use new Apache XML Security 1.2 for 
Java
and found that now the library does c14n much MUCH more slowly than it was with 
1.1.

Here is a simple test:

import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;

import org.apache.commons.lang.time.StopWatch;
import org.apache.xml.security.c14n.Canonicalizer;
import org.w3c.dom.Document;
import org.xml.sax.InputSource;

public class Test {
  private final static int REPEAT = 1000;

  private StopWatch timer = new StopWatch();
  private Canonicalizer canon = 
Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
  private Document document;

  public Test(String file) throws Exception {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
factory.setValidating(false);
DocumentBuilder builder = factory.newDocumentBuilder();
document = builder.parse(new InputSource(file));
  }

  public void runTest() throws Exception { 
timer.start();
for (int i = 0; i < REPEAT; i++) {
  canon.canonicalizeSubtree(document);
}
timer.stop();
System.out.println("time spent " + String.valueOf(timer.getTime()) + " ms");
  }

  public static void main(String[] args) throws Exception {
org.apache.xml.security.Init.init();
Test test = new Test(args[0]);
test.runTest();
  }
}

Just drop commons-lang-2.0.jar, commons-logging.jar, xercesImpl.jar, 
xml-apis.jar and  xmlsec.jarto the
classpath and run java Test File.xml.

Version 1.1 output: time spent 952 ms
Version 1.2 output: time spent 29172 ms

Where is the catch?

Regards,
Egor Pervuninski
egor {dot} pervuninski {at} gmail {dot} com

Re: Apache XML Security 1.2 for Java

2005-01-11 Thread Davanum Srinivas 
Can you please post your test.xml as well?

thanks,
dims


On Tue, 11 Jan 2005 18:31:18 +0500, Egor Pervuninski <[EMAIL PROTECTED]> wrote:
> Hello,
> 
> Recently I tried to upgrade my project to use new Apache XML Security 1.2 for 
> Java
> and found that now the library does c14n much MUCH more slowly than it was 
> with 1.1.
> 
> Here is a simple test:
> 
> import javax.xml.parsers.DocumentBuilder;
> import javax.xml.parsers.DocumentBuilderFactory;
> 
> import org.apache.commons.lang.time.StopWatch;
> import org.apache.xml.security.c14n.Canonicalizer;
> import org.w3c.dom.Document;
> import org.xml.sax.InputSource;
> 
> public class Test {
>   private final static int REPEAT = 1000;
> 
>   private StopWatch timer = new StopWatch();
>   private Canonicalizer canon = 
> Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
>   private Document document;
> 
>   public Test(String file) throws Exception {
> DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
> factory.setNamespaceAware(true);
> factory.setValidating(false);
> DocumentBuilder builder = factory.newDocumentBuilder();
> document = builder.parse(new InputSource(file));
>   }
> 
>   public void runTest() throws Exception {
> timer.start();
> for (int i = 0; i < REPEAT; i++) {
>   canon.canonicalizeSubtree(document);
> }
> timer.stop();
> System.out.println("time spent " + String.valueOf(timer.getTime()) + " 
> ms");
>   }
> 
>   public static void main(String[] args) throws Exception {
> org.apache.xml.security.Init.init();
> Test test = new Test(args[0]);
> test.runTest();
>   }
> }
> 
> Just drop commons-lang-2.0.jar, commons-logging.jar, xercesImpl.jar, 
> xml-apis.jar and  xmlsec.jarto the
> classpath and run java Test File.xml.
> 
> Version 1.1 output: time spent 952 ms
> Version 1.2 output: time spent 29172 ms
> 
> Where is the catch?
> 
> Regards,
> Egor Pervuninski
> egor {dot} pervuninski {at} gmail {dot} com
> 


-- 
Davanum Srinivas - http://webservices.apache.org/~dims/

Re: Apache XML Security 1.2 for Java

2005-01-11 Thread Egor Pervuninski 
Hello,

Sure, here it is.

## Davanum Srinivas : Tue, 11 Jan 2005 08:28:24 -0500

DS>  Can you please post your test.xml as well?  thanks, dims
DS> 
DS> On Tue, 11 Jan 2005 18:31:18 +0500, Egor Pervuninski
DS> <[EMAIL PROTECTED]> wrote:
>> Hello,
>> 
>> Recently I tried to upgrade my project to use new Apache XML
>> Security 1.2 for Java and found that now the library does c14n much
>> MUCH more slowly than it was with 1.1.
>> 
>> Here is a simple test:
>> 
>> import javax.xml.parsers.DocumentBuilder; import
>> javax.xml.parsers.DocumentBuilderFactory;
>> 
>> import org.apache.commons.lang.time.StopWatch; import
>> org.apache.xml.security.c14n.Canonicalizer; import
>> org.w3c.dom.Document; import org.xml.sax.InputSource;
>> 
>> public class Test { private final static int REPEAT = 1000;
>> 
>> private StopWatch timer = new StopWatch(); private Canonicalizer
>> canon =
>> Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
>> private Document document;
>> 
>> public Test(String file) throws Exception { DocumentBuilderFactory
>> factory = DocumentBuilderFactory.newInstance();
>> factory.setNamespaceAware(true); factory.setValidating(false);
>> DocumentBuilder builder = factory.newDocumentBuilder(); document =
>> builder.parse(new InputSource(file)); }
>> 
>> public void runTest() throws Exception { timer.start(); for (int i
>> = 0; i < REPEAT; i++) { canon.canonicalizeSubtree(document); }
>> timer.stop(); System.out.println("time spent " +
>> String.valueOf(timer.getTime()) + " ms"); }
>> 
>> public static void main(String[] args) throws Exception {
>> org.apache.xml.security.Init.init(); Test test = new Test(args[0]);
>> test.runTest(); } }
>> 
>> Just drop commons-lang-2.0.jar, commons-logging.jar,
>> xercesImpl.jar, xml-apis.jar and xmlsec.jarto the classpath and run
>> java Test File.xml.
>> 
>> Version 1.1 output: time spent 952 ms Version 1.2 output: time
>> spent 29172 ms
>> 
>> Where is the catch?
>> 
>> Regards, Egor Pervuninski egor {dot} pervuninski {at} gmail {dot}
>> com
>> 
DS> --
DS> Davanum Srinivas - http://webservices.apache.org/~dims/
DS> 

Regards,
Egor Pervuninski
egor {dot} pervuninski {at} gmail {dot} com



Test.xml
Description: Binary data