Work-around for XML Schema resolving

Validating and parsing IWXXM documents requires XML Schema validation, and thus loading the used XML Schema files in memory. This library does this by using the schema file copies contained in the jar files where also JAXB the generated Java code and Class files are located.

Part of the Xerces XML parser used for resolving the used XML Schemas requires that the protocols of the system identifiers of XML Schema resources to resolve are explicitly allowed using the system property javax.xml.accessExternalSchema when a SecurityManager is enabled. In the case of this library, this does not add to the security of the application, as the XML Schema contents are already loaded into memory by the class fi.fmi.avi.converter.iwxxm.IWXXMSchemaResourceResolver when this check is done. However, if the javax.xml.accessExternalSchema property does not contain both file and http protocols when the code is run in an application with a SecurityManager enabled, the schema loading fails.

This version contains a work-around for this issue:

• If System.getSecurityManager() returns a non-null value when loading the class fi.fmi.avi.converter.iwxxm.IWXXMConverterBase, the XMLConstants.FEATURE_SECURE_PROCESSING is set to true for the SchemaFactory used for XML Schema validation on both parsing and serialising of the IWXXM messages, and the global system property javax.xml.accessExternalSchema is set to value file,http.
• Else the XMLConstants.FEATURE_SECURE_PROCESSING is set to false for the IWXXM document validation operations, which in turn suppresses the problematic protocol checking.

Note: the code System.setProperty("javax.xml.accessExternalSchema", "file,http") may allow loading external assumed XML Schema resources using either the file or http protocols in the applications using this version of the library even if the SecurityManager is enabled.