XML Security and JSR 105-106

Abstract

As web services are being used ever more frequently to perform secure transactions, the need for authenticating and protecting the XML data that is transmitted over potentially insecure networks is essential.

With the incorporation of JSR 105 (Java XML Signature API) into JDK 6, Java programmers now have a standard solution for creating and validating XML signatures. And with the progression of JSR 106 (Java XML Encryption API) through the Java Community Process, a standard solution for XML encryption will soon be available.
This session will describe the two core XML security technologies, XML
Signature and Encryption, and show you how to sign and encrypt data in Java using the JSR 105 and 106 APIs. Simple and more advanced use cases will be presented along with code examples. Debugging tips and common mistakes will also be covered.

The session will also provide an overview and history of the Apache XML Security project, which the implementation of JSR 105 is based on.

Finally, the session will take a look at where XML Security may be headed in the future, and discuss some of the issues that were discussed at the recent W3C workshop on Next Steps for XML Signature and Encryption.

Speaker

Adaptavist Theme Builder Powered by Atlassian Confluence