Sean Mullan provides some quick instructions on leveraging JSR-105 (XML Digital Signature API) in Java 1.4 and Java 5
JSR 105 (XML Digital Signature API) is included with JDK 6, but is also available separately, for example as part of the Apache XML Security Project. This allows you to use the JSR with earlier JDK/JREs such as JDK 1.4 or JDK 5. If you do this, however, be aware that the JSR 105 service provider implementation is not included by default with JDK 1.4 or JDK 1.5, so you may get some exceptions when instantiating an XMLSignatureFactory: XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); javax.xml.crypto.NoSuchMechanismException: Mechanism type DOM not available at javax.xml.crypto.dsig.XMLDSigSecurity.getEngineClassName(Unknown Source) at javax.xml.crypto.dsig.XMLDSigSecurity.getImpl(Unknown Source) at javax.xml.crypto.dsig.XMLDSigSecurity.getImpl(Unknown Source) at javax.xml.crypto.dsig.XMLSignatureFactory.findInstance The easiest workaround is to just instantiate and specify the service provider implementation (bundled with Apache XMLSec) as a parameter as follows: XMLSignatureFactory factory = XMLSignatureFactory.getInstance ("DOM", new org.jcp.xml.dsig.internal.dom.XMLDSigRI()); Alternatively, you can register the provider in the java.security file, or use the java.security.Provider API. See http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#ProviderInstalling "Registering a Provider" for more details.
Sean's original post: http://weblogs.java.net/blog/mullan/archive/2008/02/using_jsr_105_w_1.html