Skip to main content

Sean Mullan: How to use the XML Signature secure validation mode

In JDK 7u25, we introduced a new secure validation mode for XML Signatures. This mode is designed to protect you from XML Signatures that contain potentially hostile constructs that could cause denial-of-service or other types of security issues. The good news is that if you run your application with a SecurityManager, the secure validation mode is enabled by default, and there is no further action required. Otherwise...

Community: OpenJDK