Changes between Version 14 and Version 15 of T12_Security/WS-Security

06/09/06 14:35:22 (14 years ago)



  • T12_Security/WS-Security

    v14 v15  
    5353The current status (01/09/06) is a working web service with `SignatureHandler` class signing/verifying messages to and from client and server. 
     55==== XML libraries, XPath and Canonicalization ==== 
     56ZSI provides an !ElementProxy class interface for XML handling for SOAP messages.  This inherits from a MessageInterface class.  This would seem to enable the underlying Python XML libraries used to be changed easily.  By default it uses !PyXML DOM library.  pyGridWare makes use of the 4Suite add-ons for extra performance. 
     58Implementations for XPath and Canonicalization are important factors for consideration.  There is a DOM based canonicalization algorithm available with ZSI.  - Doesn't work with mini-dom?? - 
     60ElementTree has been used project wide for NDG, prefered for its fast performance and pythonic style interface.  However, there doesn't appear to be a canonicalization algorithm available for it or XPath support for attribute searches.  `findall` can be used to search for elements but not element attributes.  The latter is important with WS-Security for locating elements in the SOAP message for signatures or encryption. 
     62pyGridWare includes an !ElementTree based !ElementProxy class but this appears to be incomplete.  There is no canonicalization method and other issues resolve. 
     64lxml is an implementation of the !ElementTree API but using libxml2 and xslt underneath (  XPath and canonicalization are supported.  Performance appears to be comparable. 
     68The drawback is the addition of more dependencies.  A core objective is to reduce the number of dependencies :/ 
    5570== XML Encryption == 
    5671Tackle digital signature first :)