Class DOMValidateContext

java.lang.Object
javax.xml.crypto.dom.DOMCryptoContext
javax.xml.crypto.dsig.dom.DOMValidateContext
All Implemented Interfaces:
XMLValidateContext, XMLCryptoContext

public class DOMValidateContext extends DOMCryptoContext implements XMLValidateContext
A DOM-specific XMLValidateContext. This class contains additional methods to specify the location in a DOM tree where an XMLSignature is to be unmarshalled and validated from.

Note that the behavior of an unmarshalled XMLSignature is undefined if the contents of the underlying DOM tree are modified by the caller after the XMLSignature is created.

Also, note that DOMValidateContext instances can contain information and state specific to the XML signature structure it is used with. The results are unpredictable if a DOMValidateContext is used with different signature structures (for example, you should not use the same DOMValidateContext instance to validate two different XMLSignature objects).

Implementation Note:
By default, the JDK implementation enables a secure validation mode by setting the org.jcp.xml.dsig.secureValidation property to Boolean.TRUE (see the setProperty method). When enabled, validation of XML signatures are subject to stricter checking of algorithms and other constraints as specified by the jdk.xml.dsig.secureValidationPolicy security property. The mode can be disabled by setting the property to Boolean.FALSE. The mode can also be enabled or disabled by setting the org.jcp.xml.dsig.secureValidation system property to "true" or "false". Any other value for the system property is also treated as "false". If the system property is set, it supersedes the DOMValidateContext property value.
Since:
1.6
See Also: