xmlsec
Used in:
components
- OverviewOverview
- VersionsVersions
- DependentsDependents
- DependenciesDependencies
<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>4.0.4</version>
</dependency><!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache</groupId>
<artifactId>apache</artifactId>
<version>34</version>
</parent>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>4.0.4</version>
<packaging>bundle</packaging>
<name>Apache XML Security for Java</name>
<description>
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. Since version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
</description>
<url>https://santuario.apache.org/</url>
<inceptionYear>2000</inceptionYear>
<organization>
<name>The Apache Software Foundation</name>
<url>https://www.apache.org/</url>
</organization>
<licenses>
<license>
<name>Apache-2.0</name>
<url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
<distribution>repo</distribution>
</license>
</licenses>
<mailingLists>
<mailingList>
<name>Apache Santuario Developer List</name>
<subscribe>dev-subscribe@santuario.apache.org</subscribe>
<unsubscribe>
dev-unsubscribe@santuario.apache.org
</unsubscribe>
<post>dev@santuario.apache.org</post>
<archive>
http://news.gmane.org/gmane.text.xml.security.devel
</archive>
</mailingList>
</mailingLists>
<scm>
<connection>scm:git:https://gitbox.apache.org/repos/asf/santuario-xml-security-java.git</connection>
<developerConnection>scm:git:https://gitbox.apache.org/repos/asf/santuario-xml-security-java.git</developerConnection>
<url>https://gitbox.apache.org/repos/asf?p=santuario-xml-security-java.git;a=summary</url>
<tag>xmlsec-4.0.4</tag>
</scm>
<issueManagement>
<system>JIRA</system>
<url>https://issues.apache.org/jira/browse/SANTUARIO</url>
</issueManagement>
<distributionManagement>
<repository>
<id>apache.releases.https</id>
<name>Apache Release Distribution Repository</name>
<url>https://repository.apache.org/service/local/staging/deploy/maven2</url>
</repository>
<snapshotRepository>
<id>apache.snapshots.https</id>
<name>Apache Development Snapshot Repository</name>
<url>https://repository.apache.org/content/repositories/snapshots</url>
<uniqueVersion>false</uniqueVersion>
</snapshotRepository>
</distributionManagement>
<properties>
<activation-api.version>2.1.3</activation-api.version>
<bcprov.version>1.80</bcprov.version>
<clirr.version>2.8</clirr.version>
<commons.codec.version>1.18.0</commons.codec.version>
<hamcrest.version>3.0</hamcrest.version>
<jaxb.runtime>4.0.5</jaxb.runtime>
<jetty.version>11.0.24</jetty.version>
<jmh.version>1.37</jmh.version>
<junit.version>5.12.1</junit.version>
<slf4j.version>2.0.17</slf4j.version>
<xalan.version>2.7.3</xalan.version>
<xmlunit.version>2.10.0</xmlunit.version>
<xml.bind.api.version>4.0.2</xml.bind.api.version>
<woodstox.core.version>7.1.0</woodstox.core.version>
<maven.compiler.release>11</maven.compiler.release>
<project.build.outputTimestamp>2025-04-07T12:42:23Z</project.build.outputTimestamp>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<!-- Allow Clirr severity to be overriden by the command-line option -DminSeverity=level -->
<minSeverity>info</minSeverity>
<xmlsec.jaxb.context.class />
<!-- Important for FuncHere.java aka here() -->
<maven.test.argLine>
-Dfile.encoding=UTF-8
-Djava.util.logging.config.file=${project.build.testOutputDirectory}/logging.properties
--add-exports org.apache.santuario.xmlsec/org.apache.xml.security.test.dom.utils.jmh_generated=ALL-UNNAMED
--add-exports org.apache.santuario.xmlsec/org.apache.xml.security.test.dom.xalan=ALL-UNNAMED
--add-exports org.apache.santuario.xmlsec/org.apache.xml.security.test.stax.performance.jmh_generated=ALL-UNNAMED
--add-opens org.apache.santuario.xmlsec/org.apache.xml.security.test.dom.providers=java.base
</maven.test.argLine>
<skipUT>false</skipUT>
<skipIT>true</skipIT>
<test.logging.level>INFO</test.logging.level>
</properties>
<dependencies>
<dependency>
<groupId>jakarta.activation</groupId>
<artifactId>jakarta.activation-api</artifactId>
<version>${activation-api.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>jakarta.xml.bind</groupId>
<artifactId>jakarta.xml.bind-api</artifactId>
<version>${xml.bind.api.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>${commons.codec.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.fasterxml.woodstox</groupId>
<artifactId>woodstox-core</artifactId>
<version>${woodstox.core.version}</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<version>${junit.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-params</artifactId>
<version>${junit.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-library</artifactId>
<version>${hamcrest.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.xmlunit</groupId>
<artifactId>xmlunit-core</artifactId>
<version>${xmlunit.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.xmlunit</groupId>
<artifactId>xmlunit-matchers</artifactId>
<version>${xmlunit.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.glassfish.jaxb</groupId>
<artifactId>jaxb-runtime</artifactId>
<version>${jaxb.runtime}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-jdk14</artifactId>
<version>${slf4j.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
<version>${jetty.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlets</artifactId>
<version>${jetty.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>xalan</groupId>
<artifactId>xalan</artifactId>
<version>${xalan.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>xalan</groupId>
<artifactId>serializer</artifactId>
<version>${xalan.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.openjdk.jmh</groupId>
<artifactId>jmh-core</artifactId>
<version>${jmh.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.openjdk.jmh</groupId>
<artifactId>jmh-generator-annprocess</artifactId>
<version>${jmh.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<defaultGoal>install</defaultGoal>
<resources>
<resource>
<directory>src/main/resources</directory>
</resource>
<resource>
<!-- Because of src/main/java/org/apache/xml/security/resource/**/* -->
<directory>src/main/java</directory>
<excludes>
<exclude>**/*.java</exclude>
</excludes>
</resource>
</resources>
<testResources>
<testResource>
<directory>src/test/resources</directory>
<filtering>true</filtering>
<includes>
<include>logging.properties</include>
</includes>
</testResource>
<testResource>
<directory>src/test/resources</directory>
<excludes>
<exclude>logging.properties</exclude>
</excludes>
</testResource>
<testResource>
<directory>src/test/java</directory>
<includes>
<include>org/apache/xml/security/test/dom/resource/testvectors.zip</include>
</includes>
</testResource>
</testResources>
<pluginManagement>
<plugins>
<plugin>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.11.2</version>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
<configuration>
<attach>true</attach>
<excludePackageNames>org.apache.xml.security.binding.*</excludePackageNames>
<doclint>none</doclint>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>clirr-maven-plugin</artifactId>
<version>${clirr.version}</version>
<configuration>
<minSeverity>${minSeverity}</minSeverity>
</configuration>
</plugin>
<plugin>
<artifactId>maven-release-plugin</artifactId>
<version>3.1.1</version>
<configuration>
<useReleaseProfile>false</useReleaseProfile>
<preparationGoals>clean install</preparationGoals>
<goals>deploy</goals>
<arguments>-Papache-release</arguments>
<autoVersionSubmodules>true</autoVersionSubmodules>
</configuration>
</plugin>
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<version>2.9.1</version>
<executions>
<execution>
<id>make-bom</id>
<phase>package</phase>
<goals>
<goal>makeAggregateBom</goal>
</goals>
</execution>
</executions>
<configuration>
<outputName>${project.artifactId}-${project.version}-bom</outputName>
</configuration>
</plugin>
</plugins>
</pluginManagement>
<plugins>
<plugin>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.5.0</version>
<configuration>
<rules>
<requireMavenVersion>
<version>3.5</version>
</requireMavenVersion>
</rules>
</configuration>
</plugin>
<plugin>
<groupId>com.evolvedbinary.maven.jvnet</groupId>
<artifactId>jaxb30-maven-plugin</artifactId>
<version>0.15.0</version>
<executions>
<execution>
<id>generate-jaxb-sources</id>
<phase>generate-sources</phase>
<goals>
<goal>generate</goal>
</goals>
<configuration>
<schemaDirectory>${basedir}/src/main/resources/</schemaDirectory>
<schemaIncludes>
<schemaInclude>schemas/security-config.xsd</schemaInclude>
<schemaInclude>bindings/schemas/exc-c14n.xsd</schemaInclude>
<schemaInclude>bindings/schemas/xmldsig-core-schema.xsd</schemaInclude>
<schemaInclude>bindings/schemas/xmldsig11-schema.xsd</schemaInclude>
<schemaInclude>bindings/schemas/dsig-more_2001_04.xsd</schemaInclude>
<schemaInclude>bindings/schemas/dsig-more_2007_05.xsd</schemaInclude>
<schemaInclude>bindings/schemas/dsig-more_2021_04.xsd</schemaInclude>
<schemaInclude>bindings/schemas/xenc-schema.xsd</schemaInclude>
<schemaInclude>bindings/schemas/xenc-schema-11.xsd</schemaInclude>
</schemaIncludes>
<bindingDirectory>${basedir}/src/main/resources/bindings/</bindingDirectory>
<bindingIncludes>
<bindingInclude>c14n.xjb</bindingInclude>
<bindingInclude>dsig.xjb</bindingInclude>
<bindingInclude>dsig11.xjb</bindingInclude>
<bindingInclude>dsig-more.xjb</bindingInclude>
<bindingInclude>xenc.xjb</bindingInclude>
<bindingInclude>xenc11.xjb</bindingInclude>
<bindingInclude>security-config.xjb</bindingInclude>
<bindingInclude>xop.xjb</bindingInclude>
</bindingIncludes>
<catalog>${basedir}/src/main/resources/bindings/bindings.cat</catalog>
<forceRegenerate>false</forceRegenerate>
<episode>true</episode>
<specVersion>3.0</specVersion>
<extension>true</extension>
<!-- disable schema validation since the validation code
doesn't respect the catalog and will do online lookups :-( -->
<strict>false</strict>
<args>
<arg>-npa</arg>
<arg>-no-header</arg>
</args>
</configuration>
</execution>
</executions>
</plugin>
<plugin><!-- workaround for non-reproducible bits generated by jaxb30-maven-plugin / xjc even with -no-header argument -->
<groupId>com.google.code.maven-replacer-plugin</groupId>
<artifactId>replacer</artifactId>
<version>1.5.3</version>
<executions>
<execution>
<id>bindings-workaround-sun-jaxb</id>
<phase>process-sources</phase>
<goals>
<goal>replace</goal>
</goals>
<configuration>
<file>${project.build.directory}/generated-sources/xjc/META-INF/sun-jaxb.episode</file>
<replacements>
<replacement>
<token>Generated on: .+</token>
<value />
</replacement>
</replacements>
<regex>true</regex>
</configuration>
</execution>
<execution>
<id>types-workaround-xmldsig</id>
<phase>process-sources</phase>
<goals>
<goal>replace</goal>
</goals>
<configuration>
<file>${project.build.directory}/generated-sources/xjc/org/apache/xml/security/binding/xmldsig/PGPDataType.java</file>
<replacements>
<replacement>
<token>line (.+) of file:.+src/main/resources/(.+)</token>
<value>line $1 of file:src/main/resources/$2</value>
</replacement>
</replacements>
<regex>true</regex>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.14.0</version>
<configuration>
<showDeprecation>true</showDeprecation>
<showWarnings>true</showWarnings>
<compilerArgs>
<arg>-XDcompilePolicy=simple</arg>
<!-- TODO Disabled until JDK 14 is supported <arg>-Xplugin:ErrorProne</arg>-->
</compilerArgs>
<annotationProcessorPaths>
<path>
<groupId>org.openjdk.jmh</groupId>
<artifactId>jmh-generator-annprocess</artifactId>
<version>${jmh.version}</version>
</path>
<path>
<groupId>com.google.errorprone</groupId>
<artifactId>error_prone_core</artifactId>
<version>2.37.0</version>
</path>
</annotationProcessorPaths>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<version>5.1.9</version>
<extensions>true</extensions>
<configuration>
<niceManifest>true</niceManifest>
<instructions>
<Implementation-Title>Apache XML Security</Implementation-Title>
<Implementation-Vendor>The Apache Software Foundation</Implementation-Vendor>
<Implementation-Vendor-Id>org.apache</Implementation-Vendor-Id>
<Implementation-Version>${project.version}</Implementation-Version>
<Specification-Title>Apache XML Security</Specification-Title>
<Specification-Vendor>The Apache Software Foundation</Specification-Vendor>
<Specification-Version>${project.version}</Specification-Version>
<Export-Package>
org.apache.xml.security.*;version="${project.version}";-split-package:=first,
org.apache.jcp.xml.dsig.internal.*;version="${project.version}",
</Export-Package>
<Import-Package>
!org.apache.xml.security.*,
!org.apache.jcp.xml.dsig.internal.*,
org.apache.commons.codec.*;version="[1.15,2)",
*
</Import-Package>
<_noimportjava>true</_noimportjava>
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.8.13</version>
<configuration>
<outputDirectory>${project.build.directory}</outputDirectory>
<includes>
<include>org/apache/xml/security/**</include>
<include>org/apache/jcp/xml/dsig/internal/**</include>
</includes>
<formats>
<!-- Eclipse uses exec files, SonarQube uses xml reports -->
<format>XML</format>
</formats>
</configuration>
<executions>
<execution>
<id>jacoco-agent-for-unit-tests</id>
<goals>
<goal>prepare-agent</goal>
</goals>
</execution>
<execution>
<id>jacoco-report</id>
<phase>verify</phase>
<goals>
<goal>report</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<version>3.5.3</version>
<configuration>
<reportFormat>brief</reportFormat>
<includes>
<include>**/*Test.java</include>
</includes>
<excludedGroups>benchmark</excludedGroups>
<!-- We need to reinitialize classes based on the configuration -->
<reuseForks>false</reuseForks>
<forkCount>1</forkCount>
<forkNode implementation="org.apache.maven.plugin.surefire.extensions.SurefireForkNodeFactory" />
<!-- @{argLine} is generated by jacoco-prepare -->
<argLine>${maven.test.argLine} @{argLine}</argLine>
<skipExec>${skipUT}</skipExec>
<systemPropertyVariables>
<product.version>${project.version}</product.version>
<log4j.configurationFile>${project.build.testOutputDirectory}/log4j2.xml</log4j.configurationFile>
<!--<jakarta.xml.bind.JAXBContext>${xmlsec.jaxb.context.class}</jakarta.xml.bind.JAXBContext>-->
<javax.xml.accessExternalDTD>file</javax.xml.accessExternalDTD>
<org.apache.xml.security.securerandom.algorithm>SHA1PRNG</org.apache.xml.security.securerandom.algorithm>
<file.encoding>UTF-8</file.encoding>
</systemPropertyVariables>
<environmentVariables>
<LANG>en_US.UTF-8</LANG>
<LANGUAGE>en_US:us</LANGUAGE>
</environmentVariables>
</configuration>
</plugin>
<plugin>
<artifactId>maven-failsafe-plugin</artifactId>
<version>3.5.3</version>
<configuration>
<argLine>${maven.test.argLine}</argLine>
<skipExec>${skipIT}</skipExec>
<groups>benchmark</groups>
<forkCount>1</forkCount>
<forkNode implementation="org.apache.maven.plugin.surefire.extensions.SurefireForkNodeFactory" />
<systemPropertyVariables>
<product.version>${project.version}</product.version>
<javax.xml.accessExternalDTD>file</javax.xml.accessExternalDTD>
<org.apache.xml.security.securerandom.algorithm>SHA1PRNG</org.apache.xml.security.securerandom.algorithm>
<file.encoding>UTF-8</file.encoding>
</systemPropertyVariables>
<environmentVariables>
<LANG>en_US.UTF-8</LANG>
<LANGUAGE>en_US:us</LANGUAGE>
</environmentVariables>
</configuration>
<executions>
<execution>
<id>integration-test</id>
<goals>
<goal>integration-test</goal>
</goals>
</execution>
<execution>
<id>verify</id>
<goals>
<goal>verify</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.gaul</groupId>
<artifactId>modernizer-maven-plugin</artifactId>
<version>2.6.0</version>
<configuration>
<javaVersion>${maven.compiler.release}</javaVersion>
</configuration>
<executions>
<execution>
<id>modernizer-check</id>
<phase>verify</phase>
<goals>
<goal>modernizer</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-pmd-plugin</artifactId>
<version>3.21.0</version>
<configuration>
<rulesets>
<ruleset>${basedir}/etc/santuario-pmd-ruleset.xml</ruleset>
</rulesets>
<linkXRef>false</linkXRef>
<failOnViolation>true</failOnViolation>
<verbose>true</verbose>
<includeTests>true</includeTests>
<excludes>
<exclude>**/XMLUtilsPerformanceIT.java</exclude>
</excludes>
<excludeRoots>
<excludeRoot>${project.build.directory}/generated-test-sources</excludeRoot>
</excludeRoots>
</configuration>
<executions>
<execution>
<id>pmd-verify</id>
<phase>verify</phase>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.11.2</version>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
<reporting>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>clirr-maven-plugin</artifactId>
<version>${clirr.version}</version>
<configuration>
<minSeverity>${minSeverity}</minSeverity>
</configuration>
</plugin>
</plugins>
</reporting>
<profiles>
<profile>
<id>fastinstall</id>
<properties>
<maven.test.skip>true</maven.test.skip>
<pmd.skip>true</pmd.skip>
</properties>
</profile>
<profile>
<id>nochecks</id>
<properties>
<pmd.skip>true</pmd.skip>
</properties>
</profile>
<profile>
<id>bouncycastle</id>
<dependencies>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>${bcprov.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
</profile>
</profiles>
</project>