Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8259801

Enable XML Signature secure validation mode by default

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 17
    • Component/s: security-libs

      Description

      The XML Signature secure validation mode is enabled by setting the property "org.jcp.xml.dsig.secureValidation" to true with the javax.xml.crypto.XMLCryptoContext.setProperty() method, or by running the code with a SecurityManager.

      Use of a security manager is increasingly rare. This option should be enabled by default regardless of whether a security manager is enabled so that all applications can be protected by default.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mullan Sean Mullan
              Reporter:
              mullan Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: