Sanjiva, though I never looked at AXION yet (need to do it :-) ) not only XML-Security and WSS4J nut also Xalan needs to sit on top of this because all use DOM. Xalan provides XPath to XML-SEC but Xalan also implemets a XSLT engine.
Also, in such a case we need to have a specific XML-Sec and Xalan implementation because not every one who uses these libraries will or can also use AXIOM. Regards, Werner Sanjiva Weerawarana wrote: > On Tue, 2005-09-13 at 08:48 +0200, Werner Dittmann wrote: > >>>As for DOM centic: yes, you are right. IMHO it is not easy to use >>>SAX or pull parsers or other optimizations. Several reasons: >>>- during Security processing you often must alter existing elements, >>> e.g. in the Body, replace elements, insert new elements >>>- The scurity elements need to refer to elements in the Body and >>> elsewhere. >>>- if you need to sign/encrypt you need the real content and, in case >>> of encryption, replace it with the encrypted data. >>>- depeding on the order of the security actions to perform you may >>> again need to reference / sign these elements >>>- last but not least: the libraries WSS4J uses (xml-sec, xalan) are >>> also based on DOM. >>> >>>Many of these things need a "full tree" to be able to navigate inside >>>the tree and modify it where needed. >>> >>>While it may be possible to rewrite WSS4J to use SAX or pull parsers >>>it will introduce additional logic to keep track of references, element >>>replacements etc. These functions are available in DOM. Thus, IMHO, it >>>would not be simpler - maybe even more complex from the WSS4J code point >>>of view. > > > I wonder whether its possible to build XML Security and WSS4J on top of > AXIOM directly. That would be great because currently in Axis2 we > convert the trees to be able to run WSS4J, which obviously sucks. > > Sanjiva. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
