The XML Signature standard requires an implementation be able to
follow "redirected" HTTP links (i.e. handle 302 responses etc.)
The XML-Security library makes use of the BinInputStream objects
in Xerces to access URIs declared in <Reference> objects. This
means that we are reliant on the Xerces implementation to handle
HTTP streams. The native sockets code implemented for Windows and
*NIX is very simple - in particular it does not understand redirects.
There are two ways to overcome this problem. One is to patch the
code within Xerces and re-compile the library. If you want some
patched code, please contact
The other option is to link Xerces with the libWWW code. For most
applications seriously using URLs of any kind, this is a better idea
as it will provide very robust HTTP handling.
As of version 0.0.3, the library now supports plugging in URI resolvers,
so it is possible for a user to program their own resolver to
bypass this issue.
Finally - the next version of the library will have some native
URIResolver code to meet the requirements of the specification.