Recently we've been tasked with coming up with a XML communication specification for our products. A few of my coworkers have high opinions of JAXB for marshalling and unmarshalling XML docs. I've spent some time playing around with it and I understand where they are coming from. It makes life simple for simple XML docs.
Now to take it up a notch. One of the things that I would like to see in our communication model "built in" signature validation for people who use it after me. One of the problems I'm running into is that to validate a signature I need to treat the corresponding XML as bytes. So let's take this example...
<topLevel>
<sensitiveData encoding="UTF8">
<creditCard>
<number>1234-1234-1234-1234</number>
<expDate>Oct 2020</expDate>
</creditCard>
</sensitiveData>
<signatureOfSensitiveData algorithm="SHA1WithRSA">VGhpc0lzQVNpZ25hdHVyZQ==</signatureOfSensitiveData>
</topLevel>
Edit: I am not actually passing credit card data. Just an example here.
What would be great is if I could get the byte[] (determined by the encoding) representation of everything inside of the "sensitiveData" tag. I wouldn't even mind having to call "unmarshall" again on that byte[].
This also opens up other doors for us. We could actually introduce "compression" and "encryption" attributes into elements. If we could treat them as a byte[] we could then inflate and decrypt them and then pass them on to be unmarshalled again.
Side note: I think this works if you base64 encode the XML and then include it in an element. But that then forces us to base64 even simple documents and introduce some unnecessary bloat into our messages.
Any ideas for solutions to this? My hope is that I'm just missing something basic in JAXB and it will be a breeze after I get that.
Thanks!
