Downloading the Libraries | ![]() |
Obtaining the Libraries
Source and binrary distributions for both the Java and C++ libraries are available from one of the Apache mirrors.
Click here to choose the mirror closest to you.
If all else fails, the source can be downloaded directly from Apache.
Validating Distribution Signatures
All distributions are provided with signature .sig files. These contain PGP signatures for the related distribution. You should validate these using the keys found in the key file downloaded from the Apache site.
Verification can be performed using :
% pgpk -a keys.asc % pgpv xml-security-bin-1_0_5D2.zip.sig or % pgp -ka keys.asc % pgp xml-security-bin-1_0_5D2.zip.sig or % gpg --import keys.asc % gpg --verify xml-security-bin-1_0_5D2.zip.sig
CVS Download
For the adventurous, this project's CVS repository can be checked out through anonymous (pserver) CVS with the following instruction set. When prompted for a password for anonymous, simply enter "anoncvs" without quotes:
cvs -d :pserver:anoncvs@cvs.apache.org:/home/cvspublic login password: anoncvs cvs -d :pserver:anoncvs@cvs.apache.org:/home/cvspublic checkout xml-security