Skip to main content

Sean Mullan

Sean Mullan is a staff engineer at Sun Microsystems working on Java Security and focused on the areas of PKI, XML Security, and access control. He was specification lead of JSR 55 (Certification Path API) and is currently co-specification lead of JSR 105 (XML Digital Signature API).


mullan's blog

Apache Java XMLSec 1.4.2 Release

Posted by mullan on June 24, 2008 at 8:55 AM PDT

I'm happy to announce that the final release of Apache Java XML Security 1.4.2 is now available.

Apache XML Security 1.4.2 Beta 1 available for testing

Posted by mullan on March 21, 2008 at 12:45 PM PDT

I just posted the initial beta release of Apache XML Security 1.4.2.

Configuring the logging properties for JSR 105 and Apache XML Signature applications.

Posted by mullan on March 13, 2008 at 12:29 PM PDT

A while ago, I blogged about XML Signature debugging and how to configure the logging mechanism to emit debug information.

This configuration works if you are using the JSR 105 bundled with JDK 6.

Using JSR 105 with JDK 1.4 or 1.5

Posted by mullan on February 27, 2008 at 8:20 AM PST

JSR 105 (XML Digital Signature API) is included with JDK 6, but is also available separately, for example as part of the Apache XML Security Project. This allows you to use the JSR with earlier JDK/JREs such as JDK 1.4 or JDK 5.

JavaPolis '07

Posted by mullan on November 26, 2007 at 8:32 AM PST

If you are attending JavaPolis '07, come check out my talk. I'll be speaking about XML Security and JSRs 105 and 106.

This will be a great opportunity to learn more about the new Java APIs for XML Signature and Encryption.

Even more XML Signature debugging tips

Posted by mullan on August 3, 2007 at 9:19 AM PDT

In a previous blog entry, I wrote about how to enable logging to get debugging output when using the Java XML DSig API to validate an XML Signature. There are also various methods in the API that you can invoke to get similar information.

Apache XML Security 1.4.1 is ready for download

Posted by mullan on June 8, 2007 at 11:51 AM PDT

Apache XML Security 1.4.1 is ready for download.

This is a bugfix release that contains a major fix to the canonicalization engine. This bug was introduced in the 1.4.0 release, so it is highly recommended that anyone
using 1.4.0 upgrade to the 1.4.1 version.

Java Security at JavaOne 2007

Posted by mullan on May 4, 2007 at 1:15 PM PDT

Wow, JavaOne is here again, next week to be exact! I hope you are
going. We have a bunch of new security features in the JDK and
a number of things we are thinking about for the future.
Come to one of our sessions to learn or discuss more about Java

1. Ask the Experts about Java Security in the Java Pavilion (booth #1538)
Time: Tuesday, 12:30 - 1:30 PM


New article on XML Signatures

Posted by mullan on February 28, 2007 at 7:22 AM PST

Check out my new technicle article on Programming With the Java XML Digital Signature API.

This article introduces you to the new XML Digital Signature API in JDK 6 and shows you how to generate and validate an XML Signature using the API.

Apache Java XML Security 1.4 released!

Posted by mullan on January 29, 2007 at 12:24 PM PST

Apache Java XML Security 1.4 has just been released. This is the first release that contains an implementation of JSR 105, the standard Java XML Digital Signature API. It also contains several performance and memory reduction improvements. See the website for more details and a download link.