Version 0.0.3 of the library now uses the new DOMNode * DOM. This means that for XPath or XSLT transformations, Xalan V1.4 (the current release) is not sufficient, as it does not support these new classes.

If XPath/XSLT transformations are required, you will need to check out the current version of Xalan from the CVS at xml.apache.org.

If XPath/XSLT support is not required, simply run configure with the --without-xalan option (for UNIX) or use the "No-Xalan" settings in the various build projects for Win32.

The XML Signature standard requires an implementation be able to follow "redirected" HTTP links (i.e. handle 302 responses etc.)

The XML-Security library makes use of the BinInputStream objects in Xerces to access URIs declared in <Reference> objects. This means that we are reliant on the Xerces implementation to handle HTTP streams. The native sockets code implemented for Windows and *NIX is very simple - in particular it does not understand redirects.

There are two ways to overcome this problem. One is to patch the code within Xerces and re-compile the library. If you want some patched code, please contact Berin.

The other option is to link Xerces with the libWWW code. For most applications seriously using URLs of any kind, this is a better idea as it will provide very robust HTTP handling.

As of version 0.0.3, the library now supports plugging in URI resolvers, so it is possible for a user to program their own resolver to bypass this issue.

Finally - the next version of the library will have some native URIResolver code to meet the requirements of the specification.