XML Signature

www.altova.com Expand/Collapse All Print this Topic Previous Page Up One Level Next page

Home >  User Reference > Authentic Menu >

XML Signature

The XML Signature command is available in Authentic View when the associated SPS has XML Signatures enabled. The XML Signature command is also available as the XML Signature toolbar icon BtnXMLSignatures in the Authentic toolbar.

 

Verification and own certificate/password

Clicking the XML Signature command starts the signature verification process. If no signature is present in the document, a message to that effect is displayed in the XML Signature dialog (see screenshot below), and the dialog will have a button that enables the Authentic View user to sign the document.

 

XMLSigVerificationFailed

 

If the Select Own Certificate or Select Own Password button is present in this dialog, it means that the Authentic View has been given the option of selecting an own certificate/password. (Whether a certificate or password is to be chosen has been decided by the SPS designer at the time the signature was configured. The signature will be either certificate-based or password-based.) Clicking either of these buttons, if present in the dialog, enables the Authentic View user to browse for a certificate or to enter a password. The Authentic View user's selection is stored in memory and is valid for the current session only. If, after selecting a certificate or password, the document or application is closed, the certificate/password setting reverts to the setting originally saved with the SPS.

 

Verification and authentication information

If the verification process is run on a signed document, two general situations are possible. First: If the authentication information is available (in the signature or the SPS), then the verification process is executed directly and the result is displayed (screenshot below).

 

XMLSigVerified

 

Authentication information is either the signing certificate's key information or the signing password. The SPS designer can specify, in the XML Signature Settings, that the certificate's key information be saved in the signature, or that the password be saved in the SPS. In either of these cases, the authentication is available. Consequently the verification process will be run directly, without requiring any input from the Authentic View user.

 

The second possible general situation occurs when authentication information is not available in the signature (password not saved) or SPS file (certificate's key information not saved). In this situation, the Authentic View user will be asked to supply the authentication information: a password (see screenshot below) or the location of a certificate.

 

SigPassword

 

 

 


© 2019 Altova GmbH