li tak sing comps311f. xml schemas xml schema is a more powerful alternative to dtd to describe xml...

Li Tak Sing

COMPS311F

XML SchemasXML Schema is a more powerful alternative

to DTD to describe XML document structures. The XML Schema language is also referred to as XML Schema Definition (XSD). You have seen the DTD for the employee list.

XML schemas for employee-list<?xml version="1.0" encoding="utf-8" ?>

<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="employee-list"> <xs:complexType> <xs:sequence> <xs:element minOccurs="0" maxOccurs="unbounded" name="employee"> <xs:complexType> <xs:sequence> <xs:element minOccurs="1" maxOccurs="1" name="name" type="xs:string" /> <xs:element minOccurs="1" maxOccurs="1" name="hours">

XML schemas for employee-list<xs:simpleType>

<xs:restriction base="xs:decimal"> <xs:minInclusive value="0" /> <xs:maxInclusive value="60" /> </xs:restriction> </xs:simpleType> </xs:element> <xs:element minOccurs="1" maxOccurs="1" name="rate" type="xs:decimal" /> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:schema>

The root element of an XML Schema is just schema. It must be specified with the namespace of "http://www.w3.org/2001/XMLSchema". By convention, we use the prefix of xs or xsd though technically we could choose other prefixes, for example a meaningless prefix abc. The XML Schema will still be correct if we change all occurrences of xs to abc.

Referring to an XSD file You have learned that the inclusion of the following DOCTYPE

declaration in an XML document will validate it against employee-list.dtd. <!DOCTYPE employee-list SYSTEM "employee-list.dtd">

For validation of an XML document against an XSD, you will remove the DOCTYPE declaration and modify the start tag of the root element with two added attributes as follows. The xmlns:xsi attribute indicates that this XML document should be validated against an XML Schema. The xsi:noNamespaceSchemaLocation attribute specifies the file name of the schema and its location. Since no path is specified, the schema file is assumed to be in the same directory as the XML file being validated. As can be seen below: <employee-list xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="employee-list.xsd">

The namespace http://www.w3.org/2001/XMLSchema-instance is now bound to xsi which is the standard prefix for XML Schema Instance.

Simple elements in XSD A simple XML element is one that does not contain

any other elements. Its content can be one of the few dozens of built-in data types. The more popular ones are: string, decimal, integer, boolean, date and time. The name element is a simple element.

For example: <xs:element minOccurs="1" maxOccurs="1" name="name" type="xs:string"/>

This makes use of the optional attributes minOccurs and maxOccurs to specify the minimum and maximum number of occurrences in its parent (enclosing) element. Since both attributes are set to one, the name element must occur exactly once in the enclosing employee element.

Value restrictions by range The hours element is defined with the

restriction element available from XML Schema. The base type decimal is restricted to the minimum value of 0 and maximum value of 60 inclusively. This lower bound of zero is obvious because it is impossible to work negative number of hours. The upper bound of sixty could be due to the company policy or labour regulations.

Value restrictions by range <xs:element minOccurs="1" maxOccurs="1"

name="hours"> <xs:simpleType> <xs:restriction base="xs:decimal"> <xs:minInclusive value="0" /> <xs:maxInclusive value="60" /> </xs:restriction> </xs:simpleType> </xs:element>

The XSD specification is vastly better that the earlier DTD specification which does not consider non-numeric values in hours as errors.

Value restrictions by enumeration There are other forms of value restrictions.

Enumeration allows you to restrict an element to a list of possible values. The fruit element is defined below to have one of three possible values: Apple, Banana and Orange. <xs:element name="fruit"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:enumeration value="Apple"/> <xs:enumeration value="Banana"/> <xs:enumeration value="Orange"/> </xs:restriction> </xs:simpleType> </xs:element>

Value restrictions by pattern More advanced restrictions are specified

with the pattern element. The direction element is restricted to one of the directions: north, south, east and west respectively denoted by their first characters n, s, e and w. Even the base type is specified as a string, the direction element can only have one character because there is only one pair of square brackets in the pattern. The square brackets specify the four allowed values: n, s, e and w.

Value restrictions by pattern <xs:element name="direction"> <xs:simpleType>

<xs:restriction base="xs:string"> <xs:pattern value="[nsew]"/>

</xs:restriction> </xs:simpleType>

</xs:element>

Value restrictions by pattern The following definition allows 2-character

strings. The first character is a lower case or upper case character while the second character is a decimal digit. Values allowed include A1, a1, B3 but not BB. <xs:element name="mixedLetterDigit">

<xs:simpleType> <xs:restriction base="xs:string">

<xs:pattern value="[a-zA-Z][0-9]"/>


</xs:element>

Suppose we want to allow strings like r2d2, H5N1, H1N1 and c9L3k4. The strings can hold non-zero repetitions of the 2-character string pattern that we defined above. We could put the original pattern in brackets and add a trailing + for non-zero repetitions as follows. If we also allow empty strings, we will replace + with *. <xs:pattern value="([a-zA-Z][0-9])+"/>

Whitespace processing restrictions A whitespace character is one of line feed, tab,

space and carriage return. Inside a restriction element, you can have a whiteSpace element. The attribute value of preserve is for not changing any whitespace characters, replace for replacing whitespace characters with space characters, and collapse for replacing consecutive whitespace characters with a single space character. The following is an example. <xs:element name="address">


<xs:whiteSpace value="collapse"/>


</xs:element>

Restrictions on string length You can restrict the length of a string to a

fixed number. In this example, a password must have 8 characters. <xs:element name="password">

<xs:simpleType> <xs:restriction

base="xs:string"> <xs:length value="8"/>


</xs:element>

Restrictions on string length You can also restrict the length of a string to a

range. In the following example, a password must have at least 6 characters and a maximum of 10 characters. <xs:element name="password">


<xs:minLength value="6"/> <xs:maxLength value="10"/>


</xs:element>

Complex elements in XSD An XML element is complex if it contains

attributes or other elements.

Sequence We may have a student element that

contains the elements of firstname and lastname as follows: <student>

<firstname>Peter</firstname> <lastname>Wong</lastname> </student>

It could be defined as a sequence in a complex type. <xs:element name="student">

<xs:complexType> <xs:sequence>

<xs:element name="firstname" type="xs:string"/>

<xs:element name="lastname" type="xs:string"/>

</xs:sequence> </xs:complexType>

</xs:element>

Note that if the two child elements appear in the XML document in a different order, for example lastname before firstname as follows, the validation will fail. In other words, ordering is crucial in sequences. <student>

<lastname>Wong</lastname> <firstname>Peter</firstname> </student>

Attributes If an element can have attributes, there must be

attribute elements defined within its complexType attribute. Suppose we have a student element. <student studentId="1374" /> Its XML Schema definition would look like this. <xs:element name="student">

<xs:complexType> <xs:attribute name="studentId"

type="xs:positiveInteger"/></xs:complexType>

</xs:element>

Text with attributes In XML Schema, we can use the extension

element to define attributes for any simpleType or complexType element. Consider the following element to express shoe sizes. <shoesize>9</shoesize> Its XSD definition would look like this. <xs:element name="shoesize" type="xs:integer"> </xs:element>

However shoe sizes are not standardized across countries. For example, the UK shoe size 8 is slightly larger than the US shoe size 8. In a shoe catalogue, it may be necessary to indicate the country for which the size number applies.<shoesize country="US">9</shoesize>

We can define the XML Schema with the extension element to hold the integer representing the shoe size. Within the extension element, we have the attribute element for the country. To keep our schema simple, we chose not to represent half size.

<xs:element name="shoesize"> <xs:complexType>

<xs:simpleContent> <xs:extension

base="xs:integer"> <xs:attribute

name="country" type="xs:string" />

</xs:extension> </xs:simpleContent>

</xs:complexType> </xs:element>

Texts mixed with other elements In its simplest form, an element may contain just texts

as follows. <sms> Your buy order of 400 shares of HSBC has been executed on 2009-05-04. </sms>

Perhaps certain parts of the texts have special meaning. You can turn special parts into elements to facilitate processing. The following element sms has been enhanced by making the quantity of shares, stock name and date into elements. <sms>Your buy order of <qty>400</qty> shares of <stockName>HSBC</stockName> has been executed on <execDate>2009-05-04</execDate>. </sms>

You can define the corresponding complexType element by setting its mixed attribute to true. <xs:element name="sms">

<xs:complexType mixed="true"> <xs:sequence> <xs:element name="qty" type="xs:positiveInteger" /><xs:element name="stockName" type="xs:string" /> <xs:element name="execDate" type="xs:date" /> </xs:sequence>

</xs:complexType> </xs:element>

Unspecific order in a complex type Suppose we don’t care if the first name or

the last name appears first in a student element. <student>

<firstname>Peter</firstname> <lastname>Wong</lastname> </student> <student>

<lastname>Wong</lastname> <firstname>Peter</firstname> </student>

In that case, in place of the sequence element, we can use the all element to accept any order for firstname and lastname. <xs:element name="person">

<xs:complexType> <xs:all>

<xs:element name="firstname" type="xs:string"/>

<xs:element name="lastname" type="xs:string"/>

</xs:all> </xs:complexType>

</xs:element>

Choice in a complex type Suppose you only want to contact customers

by their email addresses or phone numbers but not both. The following are the contact information for two different customers.<customer>

<email>[email protected]</email> </customer> <customer>

<tel>709394</tel> </customer>

The two alternative customer elements are expressed with the choice element as follows. <xsd:element name="customer">

<xsd:complexType> <xsd:choice>

<xsd:element name="email" type="xsd:string"/> <xsd:element name="tel" type="xsd:string"/>

</xsd:choice> </xsd:complexType>

</xsd:element>

Named types for reuse Suppose you want to have an element to capture

someone’s favourite fruit, as follows: <myfruit>Apple</myfruit> This can also be enforced as follows which also allows you to specific which fruit, here it would be banana and orange. <xs:element name="myfruit">


<xs:enumeration value="Apple"/> <xs:enumeration

value="Banana"/> <xs:enumeration

value="Orange"/> </xs:restriction>

</xs:simpleType> </xs:element>

If we have elements other than myfruit that make use of this enumeration of Apple, Banana and Orange, we can define a type called fruitType. This will result in a more readable XML Schema without the risk of different usages of the enumeration to get out of step when for example Coconut is added to the existing fruits.

Changing the original element definition to use a named type is trivial. First, you add the type attribute to the element with the new type name. <xs:element name="fruit" type="fruitType"/>

Second, you add the name attribute to the simpleType or complexType. <xs:simpleType name="fruitType">

<xs:restriction base="xs:string"> <xs:enumeration value="Apple"/> <xs:enumeration value="Banana"/> <xs:enumeration value="Orange"/> </xs:restriction>

</xs:simpleType>

However, where can you place this named type definition in the XSD file? You can put it right below its first use. Alternatively, you can group all the named type definitions together and place them right after xs:schema’s start tag or just before its end tag. Good use of named types can make an XSD file more readable and maintainable.

elementFormDefault and attributeFormDefault In the sample XML Schemas we have presented so

far, some names have prefixes and some don’t. You are probably confused when you should use a prefix. In the schema element, you can use two attributes to control this. Attribute elementFormDefault controls whether prefixes are required for element names. Likewise attributeFormDefault controls whether prefixes are required for attribute names. We use the value qualified for prefixes required and the value unqualified for prefixes not required. The sample code that we have been using has prefixes for elements but not for attributes as indicated below.

<xs:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema" >

The default values of both are unqualified. Therefore removing attributeFormDefault as follows will have the same meaning. <xs:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema" >

In case the two attributes are set to qualified, we can still avoid the use of prefixes with a default namespace. Consider the following XML schema saved in the file employee.xsd.

<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.ouhk.edu.hk/employeeNS" xmlns="http://www.ouhk.edu.hk/employeeNS">

<xsd:element name="employee"> <xsd:complexType>

<xsd:sequence> <xsd:element name="name"

type="xsd:string"/> <xsd:element name="email"

type="xsd:string"/> <xsd:element name="hireDate"

type="xsd:string"/> </xsd:sequence>

</xsd:complexType> </xsd:element>

</xsd:schema>

The following XML document can be successfully validated against it. <?xml version="1.0"?> <em:employee xmlns:em="http://www.ouhk.edu.hk/employeeNS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ouhk.edu.hk/employeeNS employee.xsd">

<name>Oliver Au</name> <email>[email protected]</email> <hireDate>2009-09-01</hireDate>

</em:employee>

The xsi:schemaLocation attribute specifies two URI references separated by white space. The first value http://www.ouhk.edu.hk/employeeNS here is a namespace. The second value employee.xsd gives a hint to the location of the schema document.

If we had specified elementFormDefault attribute as qualified. <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.ouhk.edu.hk/employeeNS" elementFormDefault="qualified" xmlns="http://www.ouhk.edu.hk/employeeNS">

The validation will fail. The XML document must be modified as follows. Note the required prefixes added to the name, email and hireDate elements. <?xml version="1.0"?> <em:employee xmlns:em="http://www.ouhk.edu.hk/employeeNS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ouhk.edu.hk/employeeNS employee.xsd">

<em:name>Oliver Au</em:name> <em:email>[email protected]</em:email> <em:hireDate>2009-09-01</em:hireDate>

</em:employee>

XPathXPath is a simple language that allows you

to write expressions to refer to different parts of an XML document. We will learn XSLT shortly which enables us to transform XML documents to other XML documents, HTML documents or text. But XSLT uses XPath expressions which are what we need to learn first. Our XPath examples will be based on the XML document below.

<catalog> <product id="mug"> <price>16.00</price> <description>Coffee mug</description> </product> <product id="glass"> <price>25.00</price> <description>Beer glass</description> </product> </catalog>

NodesEverything in an XML document is an XPath

node. The most used nodes are element nodes, for example the catalogue, product, price and description above. XPath borrows its terminology from family trees. The catalogue node is the parent of the product node. The price node and description node are siblings which share the same ancestors of product and catalogue. The terms children and descendants have the obvious meaning. The table below summarizes the different XPath expressions we refer to above.

XPath expressionsXPath expression

Meaning

/ The beginning slash stands for the root node which is the document element.

/catalog It stands for the catalog element.

/catalog/product It stands for the product element which is the child node of the catalog element.

product Note that there is no beginning slash in this expression. That means we are not starting from the root node but from the current node. This expression is only meaningful if the current node has a child node called product. The expression is meaningful when catalog is our current node. This expression refers to its child product element.

. A single dot stands for the current node whatever that may be.

.. The double dot stands for the parent node of the current node.

/catalog/product/@id

This expression uses the @ symbol to refer to the id attribute.

XPathIf you have used command prompts on

Windows or Unix, path expressions are not new to you. In an XSLT specification, you use XPath expressions to refer to specific parts of the XML document. This allows you to perform specific transformations selectively.

Predicates Predicates are used to filter the nodes that

match an XPath expression. A predicate is enclosed in a pair of square brackets placed after an XPath expression. Numeric predicates are predicates that evaluate to integers. For example, we use the following expression to refer to the first product child of catalog which is the product with id mug. /catalog/product[1]

Likewise, we use the next expression to refer to the second product element with id glass. /catalog/product[2]

PredicatesA predicate can also evaluate to a Boolean

value. The following expression matches all the product elements priced less than fifteen dollars. /catalog/product [price < 15]

There are many operators and functions to help you build XPath predicates. For example, the following predicate makes use of the last( ) function. The expression refers to the second last product element. /catalog/product[last( ) -1].

AxesXPath provides 13 axes to help you select a

set of nodes in relation to the current node, for example, descendant, following, ancestor, preceding, parent, self, attribute, etc. Axes are used with double colon before node names. Many uses of axes can be substituted with other mechanisms that you have learned. For example, the following two expressions are equivalent. The first expression makes use of the attribute axis./catalog/product/attribute::id /catalog/product/@id

Extensible Style Language Transformation (XSLT)XSLT is itself defined in XML syntax. An XSLT

file takes the input from an XML file and transforms it into another file which could be XML, HTML or text. XSLT is more like a declarative language such as SQL than a conventional procedural language such as C. A good thing about XSLT is that all you need to run it is a Web browser. It is supported by all major Web browsers in the market including Mozilla Firefox, Microsoft Internet Explorer, Google Chrome, Opera, and Safari.

XSLT NamespaceKeep in mind that XSLT files need to have

the following root element. <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

This must be closed by a matching close tag at the end of the file as follows. </xsl:stylesheet>

Referring to an XSLT fileThe following is an XML document named

cdcatalog.xml adapted from http://www.w3schools.com/xsl/. Its second processing instruction refers to an XSLT file called cdcatalogue.xslt stored in the same directory. When you open cdcatalog.xml from a Web browser, the transformations in cdcatalog.xslt will be invoked automatically. Both xsl and xslt are legitimate extensions for XSLT files. By default, Liquid XML Studio uses xslt.

Referring to an XSLT file<?xml version="1.0" encoding="ISO-8859-1"?

> <?xml-stylesheet type="text/xsl" href="cdcatalog.xslt"?> <catalog> <cd> <title>The Freewheelin'</title> <artist>Bob Dylan</artist> <country>USA</country> <company>Columbia</company> <price>10.90</price> <year>1963</year> </cd>

<cd> <title>One night only</title> <artist>Bee Gees</artist> <country>UK</country> <company>Polydor</company> <price>10.90</price> <year>1998</year>

</cd>

<cd> <title>Maggie May</title> <artist>Rod Stewart</artist> <country>UK</country> <company>Pickwick</company> <price>8.50</price> <year>1990</year>

</cd>

<cd> <title>Romanza</title> <artist>Andrea Bocelli</artist> <country>EU</country> <company>Polydor</company> <price>10.80</price> <year>1996</year>

</cd> </catalog>

<xsl:template>Here is our first version of the

cdcatalog.xslt which contains a template. Templates are the basic building blocks of XSLT. We will build this file incrementally until it has the desired functionalities. <?xml version="1.0" encoding="utf-8"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="cd"> Hello </xsl:template> </xsl:stylesheet>

<xsl:template>The XSLT file has one xsl:template. From

now on, we may simply call it template. It has the match attribute with the XPath expression value cd. By default, the current node is the root element catalog. It has four child elements of cd. There are four CDs in the XML file to match this template four times. Therefore Hello appears four times in the output as you can see in the screen shot below.

<xsl:apply-templates>Even if you have multiple templates defined

in an XSLT file, only the top-level template with the match attribute closest to the root will be executed automatically. <?xml version="1.0" encoding="utf-8"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> My CD Collection </xsl:template> <xsl:template match="/catalog/cd/title"> Title </xsl:template> </xsl:stylesheet>

<xsl:apply-templates>Opening the XML document referring to

this XSLT gives the following result.

<xsl:apply-templates>If a template is applied, the string inside the

template will appear in the output. The two templates try to produce My CD Collection and Title. But we can only see the first string in the output. Clearly, the second template with match="/catalog/cd/title" is never executed. If we want to execute templates for nodes at various levels, we should start from the root and call xsl:apply-templates explicitly to apply the templates for the lower-level nodes. Consider our next XSLT stylesheet. Keep in mind that it does not matter what order you write the template rules.

<xsl:apply-templates><?xml version="1.0" encoding="utf-8"?>

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <html> <body> <h2>My CD Collection</h2> <xsl:apply-templates select="catalog/cd"/> </body> </html> </xsl:template>

<xsl:apply-templates><xsl:template match="catalog/cd">

 <xsl:apply-templates select="title"/> <xsl:apply-templates select="artist"/> 

</xsl:template> <xsl:template match="/catalog/cd/title">

Title: <xsl:value-of select="." /> 

</xsl:template>

<xsl:apply-templates><xsl:template match="artist"> Artist:

<xsl:value-of select="." /> </xsl:template> </xsl:stylesheet>

<xsl:apply-templates>The XSLT stylesheet has four templates. Each template

has a match attribute which decides the kind of nodes that it will handle. The template with match value / handles the root element. This template produces a few HTML tags including a level-2 heading My CD Collection. The root template is the only one that will be applied automatically. Other templates must be manually applied with xsl:apply-template tags. For example, our root template invokes xsl:apply-templates for catalog/cd. The current node is / and the select value is "catalog/cd". Concatenating the two, we have an XPath expression "/catalog/cd". Do we have nodes matching this XPath expression in the document? Yes. Do we have a template defined that can match this XPath expression? Yes, again. The invocation succeeds. If at least one of the answers to the two questions is negative, the invocation will not happen.

<xsl:apply-templates>The second template matches "catalog/cd".

It invokes xsl:apply-templates for title and artist. The result of the two calls are enclosed in a pair of paragraph tags and . The current node is "/catalog/cd". The first apply-templates has select value "title". Appending the value to the current node, we have an XPath expression "/catalog/cd/title". The nodes in the XML document that match this XPath expression will be used for the execution of the third template in the XSLT file.

The apply-templates for "artist" yields the XPath expression "/catalog/cd/artist". This XPath expression will also match the template with select value "artist". Note that the select value of just "artist" works as well as a more detailed XPath expression "/catalog/cd/artist". The minor difference between the short and the long expressions is that the later requires node artist to be a child of /catalog/cd. Since we do not have other nodes with child node artist, the two expressions make no difference to us.

The last two templates in our XSLT stylesheet contain the following. In case you don’t remember is the line break tag in HTML. Title: <xsl:value-of select="." /> Artist: <xsl:value-of select="." /> 

The HTML code can be seen on a Web browser as follows in the screen shot below. The two occurrences of the <xsl:value-of select="." /> tag return the title and the singer of the CD depending on the current node in the template.

In our construction of the XSLT stylesheet, we define an automatically applied template for the root node. In that template, we call apply-templates to navigate down the child nodes and output HTML or XML code. The select attribute in apply-templates, the match attribute in templates and the nodes in the XML document being processed must agree.

<xsl:apply-templates> without select attribute In the previous example, we selectively

applied templates to title and artist. However, if we omit the select attribute, the Web browser will try to match all child nodes of the current node to a template as can be seen below.

<?xml version="1.0" encoding="utf-8"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> <xsl:template match="/"> <html> <body> <h2>My CD Collection</h2> <xsl:apply-templates select="catalog/cd"/> </body> </html> </xsl:template>

<xsl:apply-templates> without select attribute <xsl:template match="catalog/cd">

 <xsl:apply-templates /> 

</xsl:template> <xsl:template match="title"> Title:

<xsl:value-of select="." /> </xsl:template>

<xsl:template match="artist"> Artist: <xsl:value-of select="." /> 

</xsl:template> <xsl:template match="country"> Country:

<xsl:value-of select="." /> </xsl:template> <xsl:template match="company">

Company: <xsl:value-of select="." /> 

</xsl:template>

<xsl:template match="year"> Year: <xsl:value-of select="." /> 

</xsl:template> <xsl:template match="price"> Price:

<xsl:value-of select="." /> </xsl:template></xsl:stylesheet>

Pay attention to the second xsl:template with match attribute value "catalog/cd". It contains an xsl:apply-templates element without the select attribute. With no select attributes, the xsl:apply-templates attempts to find an appropriate template for its nodes. This XSLT stylesheet gives the following output as can be seen in the screen shot below.

<xsl:if> However, suppose we are only interested in

displaying CDs that cost over 10 dollars. In that case we can modify the second template for "catalog/cd" as follows.

<xsl:template match="catalog/cd"> <xsl:if test="price > 10"> 

<xsl:apply-templates /> </xsl:if>

</xsl:template>

SecurityFor Java applications, there are two main

areas of security issues:1 system security2 information security.

System securitySystem security refers to the safety and

stability of the computing environment. The safety and stability can be breached in a number of ways.

When a malicious application (such as a virus) executes itself, it can cause damage to the system — for example, by deleting some critical files and rendering the computer inoperable.

Information securityOr, the malicious application can

intentionally or unintentionally consume too many resources, such as computing time, disk space, or network bandwidth, thereby causing the system to perform improperly.

Information securityInformation security, however, refers to the

secrecy and integrity of data. For example, when you send an email, how do you ensure that only the targeted recipients can read the message? When you receive an email, how do you ensure that the message has not been tampered with and that it is from the supposed sender?

System securityIn the security policy model, resources can

be granted or denied different types of access independently. For example, a file can be a resource, and the read action can be differentiated from the write action. So, you can easily grant read-only access to a particular file. You can do the same with objects, allowing you to create security policies for runtime objects as well.

System securityJava makes things even more interesting

by allowing different policies to apply to different applications, or to different invocations of the same application.

Security policyAs you know by now, applets are small

applications that can be embedded in webpages. When Java was first introduced, applets were sensational because they provided a cross-platform solution for making a webpage more interesting. To safeguard users from malicious applets, applets are run in a sandbox, which imposes rather stringent restrictions on what the applets can do.

Applet securityIf you run an applet through a browser and

then the applet tries to read a local file, an error message would appear.

You can try the following link:http://plbpc001.ouhk.edu.hk/~mt311f/2005-mt311f/lecture/test/build/classes/test.html

Applet securityThe applet in the file tries to read a local

file "c:/test.dat" and then display it.

Code of the appletpublic class ReadFile extends

javax.swing.JApplet { private String st=""; public void init() { try { java.io.FileReader reader=new

java.io.FileReader("c:/test.dat"); char c[]=new char[1000];

Code of the applet while (true) { int no=reader.read(c); if (no<0) { break; } for (int i=0;i<no;i++) {

Code of the applet st+=c[i]; } } } catch (Exception e) { st=e.toString();

Code of the applet } javax.swing.JTextArea area=new

javax.swing.JTextArea(4,40); this.getContentPane().add(area); area.setText(st); }}

Allowing an applet to access a local fileTo remove the restriction, we need to specify

a different policy. The format of the policy file is quite simple, and you can create one using a text editor. For example, below is a simple file that grants rights for applets from plbpc001.ouhk.edu.hk ‘.java.policy’:

Changing the policygrant codeBase

"http://plbpc001.ouhk.edu.hk/-" { permission java.security.AllPermission;};

You should put this file in the home directory. In MS Windows, this should be the parent directory of "My Documents" As this would grant permission to applets from the host to do everything, you should remove this file after testing it.

CryptographyInformation security is save guarded by

cryptography.

CryptographyCryptography has four main objectives:

Confidentiality — the information cannot be understood by anyone for whom it was not intended.

Integrity — the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected.

CryptographyNon-repudiation — the creator/sender of the

information cannot deny at a later stage his or her intentions in the creation or transmission of the information.

Authentication — the sender and receiver can confirm each other’s identity and the origin/destination of the information.

Secret Key methodIn the secret key method, the sender and

the receiver share the same secret key. Then, the sender first encrypts the message with the key and sends the encrypted message to the receiver who decrypts the message with the same key.

Secret key

messageencrypted message

encrypted message

message

key keysend over anunsafe channel

Java secret key APIsJava’s cryptographic APIs are defined in the

java.security and javax.crypto packages. For a basic encryption, we need a secret key and a cryptographic algorithm. The Java classes for those are:SecretKey — this class encapsulates the

secret key for use in encryption and decryption

Cipher — this class provides cryptographic APIs for encryption and decryption.

Creating a secret keyThe following code would create a secret

key:// the key itself as a byte array

byte[] key = new byte[] {'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h'};

// create a KeySpec specifically for DES for our key

DESKeySpec spec = new DESKeySpec(key);

// retrieve a DES SecretKeyFactory

SecretKeyFactory factory = SecretKeyFactory.getInstance("DES");

// generate the actual SecretKey object

SecretKey secret = factory.generateSecret(spec);

Creating a cipherTo create a DES cipher, you first need to find a

DES algorithm provider using Cipher.getInstance: Cipher c = Cipher.getInstance("DES");

The same Cipher object can be used for either encryption or decryption, depending on how you initialize the object:Encryption:

c.init(Cipher.ENCRYPT_MODE, secret);Decryption

c.init(Cipher.DECRYPT_MODE, secret);

To encrypt or decrypt a messageNow, with Cipher object, you can encrypt or

decrypt any bytes easily with: byte[] c.update(byte[] buf);

You can invoke update as many times as necessary to encrypt or decrypt the entire message. To retrieve the encrypted or decrypted result, you invoke the doFinal method: byte[] inEncrypted = c.doFinal();or byte[] inEncrypted=.cdoFinal(byte[] buf);

The result is the combination of all the output of update() and doFinal().

Overall algorithmTo create a secret keyTo create a cipherInvoke the update method continuously

until the end of dataInvoke the doFinal method to get the final

result.

Conversion to or from byte[]You should notice that all the cryptography

APIs work on byte[]. So no method what is the format of your original message, you must convert it to byte[].

Conversion to or from byte[]To convert a String to byte[], you can use

the following method of String: public byte[] getBytes()

To convert a byte[] to a String, you can use the following constructor of String:public String(byte[] bytes)

EncryptionThe following method would encrypt a

message:

static byte[] encrypt(String st, Cipher c) { return c.doFinal(st.getBytes());}

DecryptionThe following method would decrypt a

message:

public static String decrypt(byte[] message, Cipher c) { byte[] result=c.doFinal(message); return new String(result);}

Message digestThe above method would only be able to

protect the confidentiality of the message. It cannot protect the integrity of the message because the receiver would not know whether the message has been altered in any way.

To protect the integrity, we need the message digest.

Hash functionA message digest, typically of fixed length,

is generated using a special mathematical transformation called a hash function. A hash function is basically a transformation that takes any arbitrary input and produces an output in a finite space.

Hash functionFor message digests, we need a hash

function that has two properties:It must be extremely difficult to produce the

same message digest from two different messages, i.e. the hash must be one-to-one.

It must be extremely difficult to produce the original message from a given message digest, i.e. the hash must be irreversible.

Message digestMessage digest alone cannot be used to

protect the integrity of message. This is because anyone can use the same hash function to protect a message digest of an altered message.

So the secret key method must be used together with the message digest.

Secret key method with message digest

message message

message digest message digest

encrypted message encrypted message

sent overunsafe channel

compareproduce

key key

produce

message digest

Message digestThe creation of a MessageDigest is similar to

that of Cipher, using getInstance: MessageDigest md = MessageDigest.getInstance("MD5");

Once you have a MessageDigest object, you can feed data to it using the update method: md.update(inbuf);

Finally, you can retrieve the final hash using the digest method: md.digest();

Message digestThe following method generate the

message digest of a String:

public static byte[] md(String st) { MessageDigest md = MessageDigest.getInstance("MD5"); md.update(st.getBytes()); return md.digest();

}

Compare two byte[]Since message digests are in the format of

byte[], we need to compare two byte[]'s. you should use a for loop to compare two byte[]'s.

Message Authentication Code (MAC)As we have mentioned earlier, we cannot

use the message digest alone to guarantee the integrity of a message. We need to add a secret key protection so that the resulting string would also depends on the secret key.

Such an encrypted message digest is called a message authentication code(MAC).

MAC protects the authentication and integrity of a message.

MACWhen a user want to send a message, it would

use the secret key to produce a MAC of the message. Then he/she sends the message and the MAC to the receiver. The receiver would then use the same secret key and the message to generate another MAC. The two MACs would then be compared. If they are the same, then the message is really from the supposed sender and the message has not been messed with by others.

message

MAC

keyed hash

message

MAC

MAC

send to the recipient

keyedhash

compare

MACThe followings are the steps to create an

MAC of a message:create a secret keycreate an Mac objectinitialize the Mac object with the keyupdate the Mac object with the contents of

the messageget the MAC from the Mac object.

Create a secret keyKeyGenerator kg =

KeyGenerator.getInstance("HmacMD5");SecretKey sk = kg.generateKey();

Note that the key is randomly generated. So different key would be generated if the generateKey is invoked for many times. So if you want to share this key, you need to save the key to a file and then share the file.

Create an Mac objectMac mac = Mac.getInstance("HmacMD5");

Initialize the Mac object with the keymac.init(sk);

update the Mac object with the contents of the messagemac.update(buf);

where buf is an array of bytes. You can call this method as many times as you wish.

get the MAC from the Mac object.

byte[] result=mac.doFinal();

The MD5 programKeyGenerator kg =

KeyGenerator.getInstance("HmacMD5");SecretKey sk = kg.generateKey();Mac mac = Mac.getInstance("HmacMD5");mac.init(sk);mac.update(buf);byte[] result=mac.doFinal();

Public key methodIn the secret key method, there is a

problem in distributing the key because both the sender and recipient need to have the same key.

It is possible that the key is intercepted when it is transmitted from one person to another.

Public key methodThe public key method, you need a pair of

keys to perform the encryption and decryption process. The two keys are called public key and private key. You cannot deduce the private key from the public key.

When a message is encrypted with the public key, it must be decrypted with the private key.

When a message is decrypted with the private key, it must be decrypted with the public key.

Public key methodsA user first generates a key pair that

consists of a public key and private key. He/she now informs others about the public key. Then anybody can now encrypt a message with the public key and send the encrypted message to the user. Now, the user can decrypt the message with the private key.

Public key methodsNote that the public key does not have to

be send over a secured channel because any one who knows the public key would still not be able to decrypt any message that has been encrypted with the public key.

The method protects the confidentiality of the message.

Java classes for the public key methodsMost java classes for the public key

methods are in the package java.security.KeyPairGenerator

the static method static public KeyPairGenerator getInstance(String)would return a KeyPairGenerator with the specified method. The most popular method is RSA. So the following statement get a RSA public key generator:

original message

encrypted with public key encrypted


original message

decrypted with private key

original message

encrypted with private key encrypted


original message

decrypted with public key

Java classes for the public key methodsKeyPairGenerator generator=KeyPairGenerator("RSA");

The following method of KeyPairGenerator would initial the KeyPairGenerator to generate a key of the specified byte length:public void initialize(int length)

For example, the following statement would initialize a KeyPairGenerator to generate a key of size 2048 bits long:generator.initialize(2048);

Java classes for the public key methodsThe following statement create a key pair:

KeyPair key=generator.generateKeyPair();The following statement finds the public

key:PublicKey publicKey=key.getPublic();

The following statement finds the private key:Privatekey privatekey=key.getPrivate();

Java classes for the public key methodsAfter obtaining the key pair, we can use

Cipher to encode or decode a message like what we have done in the secret key algorithm.

The following statement initializes a Cipher to be used to encrypt a message using the private key:Cipher cipher=Cipher.getInstance("RSA");

cipher.init(Cipher.ENCRYPT_MODE, key.getPrivate());

Java classes for the public key methodsThe following statement initializes a Cipher

to be used to encrypt a message using the public key:Cipher cipher=Cipher.getInstance("RSA");

cipher.init(Cipher.ENCRYPT_MODE, key.getPublic());


to be used to decrypt a message using the private key:Cipher cipher=Cipher.getInstance("RSA");

cipher.init(Cipher.DECRYPT_MODE, key.getPivate());


to be used to decrypt a message using the public key:Cipher cipher=Cipher.getInstance("RSA");

cipher.init(Cipher.DECRYPT_MODE, key.getPublic());

Java classes for the public key methodsThen, we can use the update and doFinal

method Cipher to encrypt or decrypt the message.

If the message is short, we can simply use the doFinal straight away to decrypt the message.

Digital signatureWhen you receive a message from a

person, how do you be sure that the message is really from that person? This can be done by using digital signature.

Digital signatureA digital signature is like a MAC but the key

used is the private key of the key pair.To produce a digital signature, we first

create a message digest and then encrypt the message digest with the private key of the message. We would say that we sign the message with the private key.

Digital signatureThen, the sender would send the message

together with the digital signature.The receiver would then first use the public

key of the sender to decrypt the digital signature and then get back the message digest. The receiver then calculate another message digest from the message.

Digital signatureIf the two digital digests match, then we

can sure of two things:integrity. That is the message has not been

changed by another person.authentication. The message is really from

the supposed sender because only he/she has the private key.

message

messagedigest

hash

digitalsignatureencrypt

withprivate key

message

digitalsignature

send to the recipient

messagedigest

hash

messagedigestdecrypt

withpublic key

compare

Java classes to create a digital signatureFirst we create a key pair first like what we

did for the public key method. However, we would specify that we want to use the DSA algorithm which is a digital signature algorithm:KeyPairGenerator kpg =

KeyPairGenerator.getInstance("DSA");

Java classes to create a digital signatureThen, we initialize the key as before:

kpg.initialize(1024);Then, we can use this key pair generator to

generate a key pair:KeyPair keyPair=kpg.generateKeyPair();

Java classes to create a digital signatureWe can then get the public key and private

key of the key pair:PublicKey publicKey=keyPair.getPublic();PrivateKey privateKey=keyPair.getPrivate();

You should then save the two keys to a files and send the public key to your recipients.

Java classes to create a digital signatureNow, assume that we want to create a

digital signature of a message. Signature sig=Signature.getInstance("DSA");sig.initSign(privateKey);

Then, you can use the update method of Signature to check the contents of the message:sig.update(message);

Java classes to create a digital signatureThe digital signature is generated by

invoked by the method sign:sig.sign();This method returns an array of bytes which is the digital signature of the message.

To verify a signature, we need the following statements:Signature sig=Signature.getInstance("DSA");sig.initVerify(publicKey);

Java classes to create a digital signatureThen, we use the update method of

signature to put in the content of the message just like what we did when we generated the digitial message.sig.update(message);or sig.update(message,offset,length);

Java classes to create a digital signatureThen, we can check whether the message

has been correctly signed by invoking the method verify of Signature:sig.verify(signature[]);This method would return true or false depending on whether the message has been correctly signed or not.