xml.Signature.verify
Verifies that all references in this signature object have not changed.
Syntax
verify(
doc xml.DomDocument )
RETURNS INTEGER- doc defines the XML document.
Usage
Returns TRUE if valid, FALSE otherwise.
If the signature type is:
- Enveloping: then doc must be NULL because all document fragment references are inside the Signature itself
- Enveloped: then doc must be the XML document where the signature was enveloped
- Detached: then doc can be null if all references are absolute, otherwise it can be the XML document the fragment references are referencing
See XML Signature concepts for more details.
By default, the validation process uses the CryptoKey set with xml.Signature.setKey()
Before loading the XML document to verify the signature, you might need to set some options to
retrieve the "id" nodes with the xml.DomDocument.setFeature() method:
DEFINE doc xml.DomDocument
...
CALL doc.setFeature(feature, TRUE)
...Here feature must be "auto-id-attribute" if the
"id" attribute has no namespace, or "auto-id-qualified-attribute",
when "id" has a namespace.
Xml security operation failed : libxml2 library function failed : expr=xpointer(id('id-1436767651')).Meaning that the parser was unable to find the "id" attribute in the XML
document.
Note that the "auto-id-*" features will declare all XML attributes where the
name is "id", "ID", "Id" or "iD"
to be of type ID, and thus be usable via xml.DomDocument.getElementById() method used during signature
validation.
If needed, you can also set features for a specific attribute with the xml.DomNode.setIdAttribute()
method, or with the xml.DomNode.setIdAttributeNS() method.
In case of error, the method throws an exception and sets the
STATUS variable. Depending on the error, a human-readable description of the
problem is available in the SQLCA.SQLERRM register. See Error handling in GWS calls (STATUS).