java source code of XMLValidatingParser

teamengine-master
- src
  - site
    - resources
      - images
      - css
        site.css
    - pdf.xml
    - markdown
      - encoding-conformance-classes.md
      - users.md
      - testng-essentials.md
      - index.md
      - relnotes.md
      - installation.md
      - testng-cookbook.md
      - integration-ide.md
      - ctl.md
    - asciidoc
      - virt-guide.adoc
      - profiles-guide.adoc
      - definitions.adoc
    - site.xml
- teamengine-spi
  - src
    - main
      - resources
        testng-summary.xsl
        testng-report.xsl
        META-INF
        services
        org.testng.ITestNGListener
        com
        occamlab
        te
        spi
        jaxrs
        resources
        test-suites.html
      - javadoc
        overview.html
      - java
        com
        occamlab
        te
        spi
        executors
        TestRunExecutor.java
        FixtureManager.java
        TestRunFixture.java
        testng
        BasicXMLReporter.java
        TestNGExecutor.java
        AlterSuiteParametersListener.java
        TestRunSummary.java
        EarlReporter.java
        report
        ReportLog.java
        jaxrs
        TestSuiteRegistry.java
        ErrorResponseBuilder.java
        resources
        TestRunResource.java
        TestSuiteSetResource.java
        TestSuiteOverviewResource.java
        ImageResource.java
        ApplicationComponents.java
        TestSuiteController.java
        util
        HtmlReport.java
      - scripts
        jmeter
        TEAMEngine-REST.jmx
    - test
      - java
        com
        occamlab
        te
        spi
        executors
        testng
        VerifyEarlReporter.java
        VerifyBasicXMLReporter.java
        jaxrs
        resources
        VerifyTestSuitesResource.java
        VerifyTestSuiteRegistry.java
  - pom.xml
  - .gitignore
- build
  - build_te_simple.sh
- teamengine-virtualization
  - src
    - main
      - config
        docker
        Dockerfile
        packer
        teamengine-aws.json
        files
        tomcat
        tomcat.env
        tomcat-jsvc.service
        teamengine
        WANdisco-Git.repo
        mavenrc
        ks.cfg
        scripts
        setup-tomcat.sh
        setup-scm.sh
        ets-resources.sh
        setup-teamengine.sh
        teamengine-virtualbox.json
    - assembly
      - packer.xml
  - pom.xml
  - README.md
- pom.xml
- teamengine-console
  - src
    - main
      - config
        logging.properties
      - scripts
        shell
        mswin
        viewlog.bat
        setenv.bat
        listsuites.bat
        test.bat
        unix
        listsuites.sh
        setenv.sh
        test.sh
        viewlog.sh
        ctl
        note
        1.0
        ctl
        note.ctl
        config.xml
    - assembly
      - bin.xml
      - site
        welcome.html
        footer.html
        title.html
      - base.xml
      - README.txt
      - users
        ogctest
        user.xml
      - index.html
  - pom.xml
  - .gitignore
- teamengine-spi-ctl
  - src
    - main
      - javadoc
        overview.html
      - java
        com
        occamlab
        te
        spi
        ctl
        CtlExecutor.java
    - test
      - resources
        test-run-props.xml
        test-run-props-empty.xml
      - java
        com
        occamlab
        te
        spi
        ctl
        VerifyCtlExecutor.java
  - pom.xml
- teamengine-resources
  - src
    - main
      - resources
        com
        occamlab
        te
        generate_xsl.xsl
        earl_html_report.xsl
        logstyles
        result-log.xsl
        default.xsl
        PseudoCTLDocumentation.xsl
        formfn.xsl
        test_report_html.xsl
        earl
        lib
        styles
        shCoreEclipse.css
        shCoreMidnight.css
        shCoreFadeToGrey.css
        shThemeMDUltra.css
        shCoreDefault.css
        shCore.css
        shThemeFadeToGrey.css
        shCoreDjango.css
        shCoreRDark.css
        shThemeDjango.css
        shCoreEmacs.css
        shCoreMDUltra.css
        shThemeEmacs.css
        shThemeRDark.css
        shThemeDefault.css
        shThemeEclipse.css
        shThemeMidnight.css
        js
        shCore.js
        shBrushGroovy.js
        shBrushPowerShell.js
        shBrushSql.js
        shLegacy.js
        shBrushAS3.js
        shBrushRuby.js
        shBrushCpp.js
        shAutoloader.js
        shBrushPython.js
        shBrushPlain.js
        shBrushCSharp.js
        shBrushDelphi.js
        shBrushJScript.js
        shBrushSass.js
        shBrushJava.js
        shBrushPhp.js
        shBrushColdFusion.js
        shBrushDiff.js
        shBrushJavaFX.js
        shBrushScala.js
        shBrushAppleScript.js
        shBrushXml.js
        shBrushVb.js
        shBrushCss.js
        shBrushErlang.js
        shBrushBash.js
        shBrushPerl.js
        ext
        session_info.xsl
        config.xsl
        scripts
        parsers.ctl
        functions.ctl
        generate_dxsl.xsl
        schemas
        xml.xsd
        soap12.xsd
        soap11.xsd
        xslt20.xsd
        ctl.xsd
        xinclude.xsd
        main.xsl
        generate_source_html.xsl
  - pom.xml
  - .gitignore
- teamengine-tests
  - src
    - test
      - resources
        soapui
        TEAM-Engine-soapui-settings.xml
        TEAM-Engine-soapui-project.xml
  - pom.xml
- teamengine-realm
  - src
    - main
      - resources
        com
        occamlab
        te
        realm
        mbean-descriptor.xml
      - java
        com
        occamlab
        te
        realm
        UserFilesRealm.java
        PasswordStorage.java
        PBKDF2Realm.java
    - test
      - java
        com
        occamlab
        te
        realm
        VerifyPasswordStorage.java
        UserFilesRealmTest.java
        VerifyPBKDF2Realm.java
  - pom.xml
  - .gitignore
- README.md
- teamengine-web
  - src
    - main
      - resources
        sch
        csw
        2.0.2
        DescribeRecord.sch
        GetRecords.sch
        Capabilities.sch
        ows
        1.0.0
        ExceptionReport.sch
        logging.properties
        xsd
        ogc
        xlink
        1.0.0
        xlinks.xsd
        csw
        2.0.2
        csw-2.0.2.xsd
        rec-dcmes.xsd
        rec-dcterms.xsd
        cite
        ctl.xsd
        ows
        1.0.0
        ows-1.0.0.xsd
        gml
        ReadMe.txt
        3.1.1
        base
        smil
        xml-mod.xsd
        smil20-language.xsd
        smil20.xsd
        filter
        1.1.0
        filter-1.1.0.xsd
        w3c
        xml
        2001
        xml.xsd
        xslt
        1999
        xslt.xsd
        xmlschema
        1.0
        XMLSchema.xsd
        xinclude
        1.0
        XInclude.xsd
        com
        occamlab
        te
        web
        viewtest.xsl
        viewtestdebug.xsl
        viewoldlog.xsl
        viewlog.xsl
        coverage
        WMS-GetFeatureInfo.xml
        WMS-GetCapabilities.xml
        WMS-GetMap.xml
      - config
        config.xml
      - java
        com
        occamlab
        te
        web
        ViewTestServlet.java
        CachedHttpURLConnection.java
        TEBaseNotFoundException.java
        TestServlet.java
        DeleteSessionServlet.java
        ConfigFileCreator.java
        XMLUtils.java
        LogoutServlet.java
        listeners
        TEServletContextListener.java
        CleartextPasswordContextListener.java
        DownloadLogServlet.java
        MonitorCall.java
        Config.java
        TestSession.java
        RegistrationHandlerServlet.java
        ViewLogServlet.java
        CoverageMonitor.java
        HttpURLConnectionCopy.java
        TEException.java
        EmailLogServlet.java
        PrettyPrintLogsServlet.java
        MonitorServlet.java
      - webapp
        test.jsp
        footer.jsp
        sessionDeleted.jsp
        header.jsp
        emailLog.jsp
        viewSessions.jsp
        images
        blueGears.gif
        banner.jpg
        processing.gif
        viewTestLog.jsp
        executing.html
        createSession.jsp
        testControls.html
        site
        welcome.html
        footer.html
        title.html
        viewClientTestLog.jsp
        viewOldSessionLog.jsp
        registered.jsp
        register.jsp
        viewTest.jsp
        index.jsp
        META-INF
        context.xml
        viewSessionLog.jsp
        WEB-INF
        web.xml
        welcome.jsp
        infoMessage.html
        deployment.html
        console.html
        error.jsp
        error-408.jsp
        styles
        main.css
        config2table.xsl
        main-old.css
        testimonial.css
        login.jsp
        emailSent.jsp
    - test
      - resources
        tebase
        scripts
        csw
        2.0.2
        config.xml
        cat30
        3.0.0
        config.xml
        num-parity.ctl
        pycsw-capabilities.xml
        tebase-multiple-organizations
        scripts
        csw
        2.0.2
        config.xml
        sos
        1.0.0
        config.xml
        note
        1.0
        ctl
        note.ctl
        config.xml
        cat30
        3.0.0
        config.xml
        tebase-hidden-files
        scripts
        csw
        .other
        2.0.2
        config.xml
        sos
        1.0.0
        config.xml
        note
        1.0
        ctl
        config.xml
        cat30
        3.0.0
        config.xml
        tebase-no-config-in-test
        scripts
        note
        1.0
        ctl
        note.ctl
        integration-test.properties
        sut.properties
        tebase-multiple-versions-of-a-test
        scripts
        sfs
        1.1
        config.xml
        1.2
        config.xml
        1.3
        config.xml
        tebase-empty
        scripts
        readme.txt
      - java
        com
        occamlab
        te
        web
        ConfigFileCreatorTest.java
        VerifyTestSuite.java
        CoverageMonitorTest.java
    - assembly
      - common-libs.xml
  - pom.xml
  - .gitignore
- jenkinsfiles
  - build
    - Jenkinsfile
  - test
    - Jenkinsfile
  - release
    - Jenkinsfile
- teamengine-core
  - src
    - main
      - java
        net
        sf
        saxon
        s9api
        S9APIUtils.java
        com
        occamlab
        te
        Engine.java
        TECore.java
        index
        Index.java
        ParserEntry.java
        NamedEntry.java
        TemplateEntry.java
        TestEntry.java
        FunctionEntry.java
        TemplateEntryInterface.java
        ProfileEntry.java
        SuiteEntry.java
        IndexEntry.java
        parsers
        xml
        XsdSchemaLoader.java
        FileSchemaSupplier.java
        UrlSchemaSupplier.java
        package-info.java
        SchemaLoader.java
        CachingSchemaLoader.java
        SchemaSupplier.java
        InMemorySchemaSupplier.java
        ZipParser.java
        ImageParser.java
        CDataParser.java
        HTTPParser.java
        XSLTransformationErrorHandler.java
        XSLTransformationParser.java
        XMLValidatingParser.java
        SchematronValidatingParser.java
        BinaryPayloadParser.java
        XmlErrorHandler.java
        NullParser.java
        ValidationError.java
        SoapParser.java
        NullErrorListener.java
        html
        EarlToHtmlTransformation.java
        SetupOptions.java
        Test.java
        ViewLog.java
        CtlErrorHandler.java
        vocabulary
        CONTENT.java
        EARL.java
        Config.java
        package-info.java
        CITE.java
        HTTP.java
        TeErrorListener.java
        util
        DateTimeUtils.java
        XMLParserUtils.java
        Stopwatch.java
        protocols
        data
        Handler.java
        Utils.java
        URLConnectionUtils.java
        Constants.java
        Soap11MessageBuilder.java
        DomUtils.java
        SoapUtils.java
        ZipUtils.java
        Misc.java
        IOUtils.java
        DocumentationHelper.java
        LogUtils.java
        StringUtils.java
        Soap12MessageBuilder.java
        form
        ImageHandler.java
        config
        ConfigFileBuilder.java
        ConfigEntry.java
        package-info.java
        ConfigComparator.java
        ErrorHandlerImpl.java
        Suite.java
        SwingForm.java
        saxon
        TEJavaFunctionCall.java
        GetTypeFunctionCall.java
        ObjValue.java
        TEXSLFunctionCall.java
        TEFunctionCall.java
        TEFunctionLibrary.java
        Generator.java
        RecordedForms.java
        RecordTestResult.java
        RecordedForm.java
        RuntimeOptions.java
        ListSuites.java
        CtlEarlReporter.java
        TEClassLoader.java
    - test
      - resources
        sch
        csw-capabilities.sch
        ExceptionReport.sch
        legal.xml
        img
        model-argb-transparent.xml
        fjord.webp
        metadata.xml
        ipo-multipleSchemaRefs.xml
        dtd
        testng-1.0.dtd
        WMS_exception_1_1_1.dtd
        xsd
        details.xsd
        ipo.xsd
        Log4j-config.xsd
        ogc
        csw
        2.0.2
        csw-2.0.2.2.xsd
        testng-invalid.xml
        ipo.xml
        article.xml
        ctl
        nested-failure.xml
        jabberwocky.txt
        comment.xml
        ipo-schemaLoc.xml
        testng.xml
        ipo-invalid.xml
        exception.xml
        com
        occamlab
        te
        html
        earl-results_testng.rdf
        unittest
        session
        d68e18027_1
        d68e18138_1
        d68e1351_1
        log.xml
        log.xml
        d68e1354_1
        log.xml
        d68e18157_1
        log.xml
        d68e3485_1
        log.xml
        d68e18149_1
        d68e3639_1
        d68e3745_1
        log.xml
        d68e3754_1
        log.xml
        d68e3750_1
        log.xml
        d68e3752_1
        log.xml
        d68e3739_1
        log.xml
        log.xml
        d68e3741_1
        log.xml
        d68e3653_1
        d68e3917_1
        log.xml
        d68e3919_1
        log.xml
        log.xml
        d68e3632_1
        d68e3684_1
        log.xml
        d68e3688_1
        log.xml
        d68e3682_1
        log.xml
        d68e3686_1
        log.xml
        d68e3673_1
        log.xml
        d68e3669_1
        log.xml
        d68e3680_1
        log.xml
        d68e3671_1
        log.xml
        log.xml
        d68e3675_1
        log.xml
        d68e3677_1
        log.xml
        d68e3651_1
        d68e3903_1
        log.xml
        d68e3899_1
        log.xml
        log.xml
        d68e3901_1
        log.xml
        log.xml
        d68e3641_1
        d68e3775_6
        log.xml
        d68e3769_1
        log.xml
        d68e3775_2
        log.xml
        d68e3775_8
        log.xml
        d68e3775_4
        log.xml
        d68e3775_3
        log.xml
        d68e3775_7
        log.xml
        d68e3775_1
        log.xml
        log.xml
        d68e3775_5
        log.xml
        d68e3649_1
        d68e3857_1
        log.xml
        d68e3859_1
        log.xml
        d68e3868_1
        log.xml
        d68e3853_1
        log.xml
        d68e3855_1
        log.xml
        d68e3879_1
        log.xml
        d68e3866_1
        log.xml
        d68e3879_2
        log.xml
        d68e3864_1
        log.xml
        d68e3870_1
        log.xml
        d68e3862_1
        log.xml
        d68e3851_1
        log.xml
        d68e3872_1
        log.xml
        d68e3879_3
        log.xml
        log.xml
        d68e3634_1
        d68e3708_1
        log.xml
        d68e3706_1
        log.xml
        log.xml
        d68e3704_1
        log.xml
        d68e3643_1
        d68e3806_1
        log.xml
        d68e3800_1
        log.xml
        d68e3829_13
        log.xml
        d68e3829_10
        log.xml
        d68e3829_6
        log.xml
        d68e3829_11
        log.xml
        d68e3829_5
        log.xml
        d68e3804_1
        log.xml
        d68e3829_14
        log.xml
        d68e3802_1
        log.xml
        d68e3809_1
        log.xml
        d68e3829_9
        log.xml
        d68e3798_1
        log.xml
        d68e3829_7
        log.xml
        d68e3829_2
        log.xml
        d68e3829_1
        log.xml
        d68e3829_3
        log.xml
        log.xml
        d68e3829_12
        log.xml
        d68e3829_8
        log.xml
        d68e3829_4
        log.xml
        d68e18155_1
        d68e9999_1
        d68e10043_10
        log.xml
        d68e10043_9
        log.xml
        d68e10043_1
        log.xml
        d68e10043_7
        log.xml
        d68e10043_2
        log.xml
        d68e10043_6
        log.xml
        d68e10043_8
        log.xml
        d68e10043_11
        log.xml
        d68e10043_4
        log.xml
        d68e10037_1
        log.xml
        log.xml
        d68e10043_5
        log.xml
        d68e10043_12
        log.xml
        d68e10043_3
        log.xml
        d68e10001_1
        d68e10063_1
        log.xml
        d68e10065_1
        log.xml
        log.xml
        d68e10003_1
        d68e10094_12
        log.xml
        d68e10087_1
        log.xml
        d68e10081_1
        log.xml
        d68e10085_1
        log.xml
        d68e10094_6
        log.xml
        d68e10094_5
        log.xml
        d68e10083_1
        log.xml
        d68e10094_2
        log.xml
        d68e10094_14
        log.xml
        d68e10094_3
        log.xml
        d68e10094_9
        log.xml
        d68e10094_11
        log.xml
        d68e10079_1
        log.xml
        d68e10094_1
        log.xml
        d68e10094_4
        log.xml
        d68e10094_7
        log.xml
        d68e10094_10
        log.xml
        d68e10094_13
        log.xml
        log.xml
        d68e10094_8
        log.xml
        d68e9987_1
        d68e10023_1
        log.xml
        d68e10021_1
        log.xml
        log.xml
        log.xml
        d68e18142_1
        d68e1543_1
        d68e1697_1
        log.xml
        log.xml
        d68e1699_1
        log.xml
        d68e1695_1
        log.xml
        d68e1539_1
        d68e1625_1
        log.xml
        d68e1629_1
        log.xml
        d68e1627_1
        log.xml
        log.xml
        d68e1541_1
        d68e1662_1
        log.xml
        d68e1643_1
        log.xml
        d68e1673_1
        log.xml
        d68e1647_1
        log.xml
        d68e1675_1
        d68e3063_5
        log.xml
        d68e3074_8
        log.xml
        d68e3063_11
        log.xml
        d68e3063_4
        log.xml
        d68e3074_3
        log.xml
        d68e3063_14
        log.xml
        d68e3063_13
        log.xml
        d68e3063_3
        log.xml
        d68e3063_15
        log.xml
        d68e3063_12
        log.xml
        d68e3063_7
        log.xml
        d68e3074_7
        log.xml
        d68e3074_5
        log.xml
        d68e3074_16
        log.xml
        d68e3074_9
        log.xml
        d68e3074_11
        log.xml
        d68e3063_1
        log.xml
        d68e3063_10
        log.xml
        d68e3074_2
        log.xml
        d68e3063_16
        log.xml
        d68e3074_10
        log.xml
        d68e3074_6
        log.xml
        d68e3074_1
        log.xml
        d68e3063_9
        log.xml
        log.xml
        d68e3063_2
        log.xml
        d68e3063_8
        log.xml
        d68e3074_4
        log.xml
        d68e3063_6
        log.xml
        d68e3074_15
        log.xml
        d68e3074_13
        log.xml
        d68e3074_14
        log.xml
        d68e3074_12
        log.xml
        d68e1660_1
        log.xml
        d68e1649_1
        log.xml
        d68e1669_1
        log.xml
        d68e1677_1
        log.xml
        d68e1658_1
        log.xml
        d68e1671_1
        log.xml
        d68e1654_1
        log.xml
        d68e1664_1
        log.xml
        d68e1645_1
        log.xml
        d68e1667_1
        log.xml
        log.xml
        d68e1651_1
        log.xml
        d68e1656_1
        log.xml
        d68e1680_1
        log.xml
        d68e1546_1
        log.xml
        log.xml
        d68e1537_1
        d68e1611_1
        log.xml
        d68e1609_1
        log.xml
        log.xml
        d68e1530_1
        d68e1578_1
        log.xml
        d68e1580_1
        log.xml
        d68e1585_1
        log.xml
        d68e1570_1
        log.xml
        d68e1582_1
        log.xml
        d68e1587_1
        log.xml
        log.xml
        d68e1592_1
        log.xml
        d68e18140_1
        d68e496_1
        d68e514_1
        log.xml
        d68e520_1
        log.xml
        d68e518_1
        log.xml
        log.xml
        d68e516_1
        log.xml
        d68e498_1
        d68e536_1
        log.xml
        d68e534_1
        log.xml
        log.xml
        log.xml
        d68e500_1
        d68e554_1
        log.xml
        d68e552_1
        log.xml
        d68e550_1
        log.xml
        log.xml
        log.xml
        d68e18054_1
        d68e13327_1
        d68e13343_1
        log.xml
        d68e13345_1
        log.xml
        log.xml
        d68e13329_1
        log.xml
        d68e13383_1
        d68e13403_1
        log.xml
        log.xml
        d68e13401_1
        log.xml
        log.xml
        report_logs.xml
        d68e18046_1
        d68e12048_1
        d68e12097_1
        d68e12189_1
        log.xml
        log.xml
        d68e12095_1
        d68e12173_1
        log.xml
        log.xml
        d68e12175_1
        log.xml
        log.xml
        d68e12093_1
        d68e12157_1
        log.xml
        log.xml
        d68e12159_1
        log.xml
        d68e12046_1
        d68e12067_1
        log.xml
        log.xml
        log.xml
        log.xml
        d68e18036_1
        log.xml
        capabilities-pycsw.xml
        conf
        no-schema-refs.xml
        HttpParser+ImageParser.xml
        dtd-ref-wms.xml
        schema-ref-log4j.xml
        schema-inline.xml
        multiple-schema-refs.xml
        schema-refs.xml
        schema-refs-ipo.xml
        index-parsers.xml
        capabilities-invalid.xml
      - java
        com
        occamlab
        te
        parsers
        xml
        UrlSchemaSupplierTest.java
        InMemorySchemaSupplierTest.java
        FileSchemaSupplierTest.java
        SchematronValidatingParserTest.java
        XMLValidatingParserTest.java
        ImageParserTest.java
        HttpParserTest.java
        html
        EarlToHtmlTransformationTest.java
        TECoreTest.java
        SetupOptionsTest.java
        util
        XMLParserUtilsTest.java
        DateTimeUtilsTest.java
        CtlEarlReporterTest.java
  - pom.xml
  - .gitignore
- .gitignore
- LICENSE.txt
- doc
  - en
    - index.rst

/**
 * **************************************************************************
 *
 * Contributor(s): 
 *	C. Heazel (WiSC): Added Fortify adjudication changes
 *
 ***************************************************************************
 */
package com.occamlab.te.parsers;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.CharArrayWriter;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.net.URI;
import java.net.URL;
import java.net.URLConnection;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.net.ssl.SSLProtocolException;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Result;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.validation.Schema;
import javax.xml.validation.Validator;

import org.w3c.dom.Document;
import org.w3c.dom.DocumentType;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.ErrorHandler;
import org.xml.sax.SAXException;

import com.google.common.collect.ImmutableList;
import com.occamlab.te.ErrorHandlerImpl;
import com.occamlab.te.parsers.xml.CachingSchemaLoader;
import com.occamlab.te.parsers.xml.InMemorySchemaSupplier;
import com.occamlab.te.parsers.xml.XsdSchemaLoader;
import com.occamlab.te.parsers.xml.SchemaSupplier;
import com.occamlab.te.util.DomUtils;
import com.occamlab.te.util.URLConnectionUtils;

/**
 * Validates an XML resource against a set of W3C XML Schema or DTD schemas.
 * 
 */
public class XMLValidatingParser {
	static TransformerFactory TF = null;
	static DocumentBuilderFactory nonValidatingDBF = null;
	static DocumentBuilderFactory schemaValidatingDBF = null;
	static DocumentBuilderFactory dtdValidatingDBF = null;
	ArrayList<SchemaSupplier> schemaList = new ArrayList<>();
	ArrayList<Object> dtdList = new ArrayList<Object>();

	/*
	 * For now we create a new cache per instance of XMLValidatingParser, which
	 * means a new cache per test run. These schemas could be cached for a
	 * longer period than that, but then the question because "how long?" Until
	 * the web app shuts down? Try to obey the caching headers in the HTTP
	 * responses?
	 * 
	 * This solution at least fixes the major performance issue.
	 */
	private final CachingSchemaLoader schemaLoader =
			new CachingSchemaLoader(new XsdSchemaLoader());

	private static final Logger jlogger = Logger
			.getLogger("com.occamlab.te.parsers.XMLValidatingParser");

	private List<Object> loadSchemaList(Document schemaLinks,
			String schemaType) throws Exception {
		NodeList nodes = schemaLinks.getElementsByTagNameNS(
				"http://www.occamlab.com/te/parsers", schemaType);
		if (nodes.getLength() == 0) {
			return Collections.emptyList();
		}
		final ArrayList<Object> schemas = new ArrayList<>();
		for (int i = 0; i < nodes.getLength(); i++) {
			Element e = (Element) nodes.item(i);
			Object schema = null;
			String type = e.getAttribute("type");
			// URL, File, or Resource
			if (type.equals("url")) {
				schema = new URL(e.getTextContent());
			} else if (type.equals("file")) {
				schema = new File(e.getTextContent());
			} else if (type.equals("resource")) {
				ClassLoader cl = getClass().getClassLoader();
				String resource = e.getTextContent();
				URL url = cl.getResource(resource);
				if (url == null) {
					String msg = "Can't find schema resource on classpath at "
							+ resource;
					jlogger.warning(msg);
					throw new Exception(msg);
				}
				schema = url;
			} else {
				throw new Exception("Unknown schema resource type " + type);
			}
			jlogger.finer("Adding schema reference " + schema.toString());
			schemas.add(schema);
		}
		return schemas;
	}

	private void loadSchemaLists(Node schemaLinks, ArrayList<SchemaSupplier> schemas,
			ArrayList<Object> dtds) throws Exception {
		if (null == schemaLinks) {
			return;
		}
		jlogger.finer("Received schemaLinks\n"
				+ DomUtils.serializeNode(schemaLinks));
		Document configDoc;
		if (schemaLinks instanceof Document) {
			configDoc = (Document) schemaLinks;
		} else {
			configDoc = schemaLinks.getOwnerDocument();
		}

		final ArrayList<SchemaSupplier> schemaSuppliers = new ArrayList<>();
		for (final Object schemaObj : loadSchemaList(configDoc, "schema")) {
			schemaSuppliers.add(SchemaSupplier.makeSupplier(schemaObj));
		}
		schemas.addAll(schemaSuppliers);
		dtds.addAll(loadSchemaList(configDoc, "dtd"));

		// If instruction body is an embedded xsd:schema, add it to the
		// ArrayList
		NodeList nodes = configDoc.getElementsByTagNameNS(
				"http://www.w3.org/2001/XMLSchema", "schema");
		for (int i = 0; i < nodes.getLength(); i++) {
			Element e = (Element) nodes.item(i);
			CharArrayWriter caw = new CharArrayWriter();
			Transformer t = TF.newTransformer();
			t.transform(new DOMSource(e), new StreamResult(caw));
			schemas.add(new InMemorySchemaSupplier(caw.toCharArray()));
		}
	}

	public XMLValidatingParser() {

		if (nonValidatingDBF == null) {
			String property_name = "javax.xml.parsers.DocumentBuilderFactory";
			String oldprop = System.getProperty(property_name);
			System.setProperty(property_name,
					"org.apache.xerces.jaxp.DocumentBuilderFactoryImpl");
			nonValidatingDBF = DocumentBuilderFactory.newInstance();
			// Fortify Mod: Disable entity expansion to foil External Entity Injections
			nonValidatingDBF.setExpandEntityReferences(false);
			nonValidatingDBF.setNamespaceAware(true);
			schemaValidatingDBF = DocumentBuilderFactory.newInstance();
			schemaValidatingDBF.setNamespaceAware(true);
			schemaValidatingDBF.setValidating(true);
			schemaValidatingDBF.setAttribute(
					"http://java.sun.com/xml/jaxp/properties/schemaLanguage",
					"http://www.w3.org/2001/XMLSchema");
			dtdValidatingDBF = DocumentBuilderFactory.newInstance();
			dtdValidatingDBF.setNamespaceAware(true);
			dtdValidatingDBF.setValidating(true);
			// Fortify Mod: Disable entity expansion to foil External Entity Injections
			dtdValidatingDBF.setExpandEntityReferences(false);
			if (oldprop == null) {
				System.clearProperty(property_name);
			} else {
				System.setProperty(property_name, oldprop);
			}
		}

		if (TF == null) {
                  // Fortify Mod: prevent external entity injection
			  // includes try block to capture exceptions to setFeature. 
			TF = TransformerFactory.newInstance();
			try {
               	    TF.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
			} catch (Exception e) {
		         jlogger.warning("Failed to secure Transformer");
			}
		}
	}

	public XMLValidatingParser(Document schema_links) throws Exception {
		this();
		if (null != schema_links) {
			loadSchemaLists(schema_links, this.schemaList, this.dtdList);
		}
	}

	/**
	 * Attempts to parse a resource read using the given connection to a URL.
	 * 
	 * @param uc
	 *            A connection for reading from some URL.
	 * @param instruction
	 *            An Element node (ctlp:XMLValidatingParser) containing
	 *            instructions, usually schema references.
	 * @param logger
	 *            A log writer.
	 * @return A Document, or null if the resource could not be parsed.
	 * @throws SSLProtocolException 
	 */
	public Document parse(URLConnection uc, Element instruction,
			PrintWriter logger) throws SSLProtocolException {
		if (null == uc) {
			throw new NullPointerException(
					"Unable to parse resource: URLConnection is null.");
		}
		jlogger.fine("Received URLConnection object for " + uc.getURL());
		Document doc = null;
		try (InputStream inStream = URLConnectionUtils.getInputStream(uc)) {
			doc = parse(inStream, instruction, logger);
		} catch (SSLProtocolException sslep){
			throw new SSLProtocolException("[SSL ERROR] Failed to connect with the requested URL due to \"Invalid server_name\" found!! :" + uc.getURL() +":" + sslep.getClass() +" : "+ sslep.getMessage());
		} catch (Exception e) {
			throw new RuntimeException(
					String.format("Failed to parse resource from %s", uc.getURL()),
					e);
		}
		return doc;
	}

	/**
	 * Parses and validates an XML resource using the given schema references.
	 * 
	 * @param input
	 *            The XML input to parse and validate. It must be either an
	 *            InputStream or a Document object.
	 * @param parserConfig
	 *            An Element
	 *            ({http://www.occamlab.com/te/parsers}XMLValidatingParser)
	 *            containing configuration info. If it is {@code null} or empty
	 *            validation will be performed by using location hints in the
	 *            input document.
	 * @param logger
	 *            The PrintWriter to log all results to
	 * @return {@code null} If any non-ignorable errors or warnings occurred;
	 *         otherwise the resulting Document.
	 * 
	 */
	Document parse(Object input, Element parserConfig, PrintWriter logger)
			throws Exception {
		jlogger.finer("Received XML resource of type "
				+ input.getClass().getName());
		Document resultDoc = null;
		ErrorHandlerImpl errHandler = new ErrorHandlerImpl("Parsing", logger);

		if (input instanceof InputStream) {
			DocumentBuilderFactory dbf = nonValidatingDBF;
			DocumentBuilder db = dbf.newDocumentBuilder();
			db.setErrorHandler(errHandler);
			try (InputStream xmlInput = (InputStream) input) {
				resultDoc = db.parse(xmlInput);
			} catch (Exception e) {
				jlogger.log(Level.INFO, "Error parsing InputStream", e);
			}
		} else if (input instanceof Document) {
			resultDoc = (Document) input;
		} else {
			throw new IllegalArgumentException(
					"XML input must be an InputStream or a Document object.");
		}
		if (null == resultDoc) {
			throw new RuntimeException("Failed to parse input: "
					+ input.getClass().getName());
		}
		errHandler.setRole("Validation");
		validate(resultDoc, parserConfig, errHandler);
		int error_count = errHandler.getErrorCount();
		int warning_count = errHandler.getWarningCount();
		if (error_count > 0 || warning_count > 0) {
			String msg = "";
			if (error_count > 0) {
				msg += error_count + " validation error"
						+ (error_count == 1 ? "" : "s");
				if (warning_count > 0)
					msg += " and ";
			}
			if (warning_count > 0) {
				msg += warning_count + " warning"
						+ (warning_count == 1 ? "" : "s");
			}
			msg += " detected.";
			logger.println(msg);
		}

		if (error_count > 0) {
			String s = (null != parserConfig) ? parserConfig
					.getAttribute("ignoreErrors") : "false";
			if (s.length() == 0 || Boolean.parseBoolean(s) == false) {
				resultDoc = null;
			}
		}

		if (warning_count > 0) {
			String s = (null != parserConfig) ? parserConfig
					.getAttribute("ignoreWarnings") : "true";
			if (s.length() > 0 && Boolean.parseBoolean(s) == false) {
				resultDoc = null;
			}
		}
		return resultDoc;
	}

	/**
	 * A method to validate a pool of schemas outside of the request element.
	 * 
	 * @param Document
	 *            doc The file document to validate
	 * @param Document
	 *            instruction The xml encapsulated schema information (file
	 *            locations)
	 * @return false if there were errors, true if none.
	 * 
	 */
	public boolean checkXMLRules(Document doc, Document instruction)
			throws Exception {

		if (doc == null || doc.getDocumentElement() == null)
			return false;
		Element e = instruction.getDocumentElement();
		PrintWriter logger = new PrintWriter(System.out);
		Document parsedDoc = parse(doc, e, logger);
		return (parsedDoc != null);
	}

	/**
	 * Validates the given document against the schema references supplied in
	 * the accompanying instruction document.
	 * 
	 * @param doc
	 *            The document to be validated.
	 * @param instruction
	 *            A document containing schema references; may be null, in which
	 *            case embedded schema references will be used instead.
	 * @return A list of Element nodes ({@code <error>}) containing error
	 *         messages.
	 * @throws Exception
	 *             If any error occurs.
	 */
	public NodeList validate(Document doc, Document instruction)
			throws Exception {
		return schemaValidation(doc, instruction).toNodeList();
	}

	public Element validateSingleResult(Document doc, Document instruction)
			throws Exception {
		return schemaValidation(doc, instruction).toRootElement();
	}

	XmlErrorHandler schemaValidation(Document doc, Document instruction)
			throws Exception {
		if (doc == null || doc.getDocumentElement() == null) {
			throw new NullPointerException("Input document is null.");
		}
		XmlErrorHandler errHandler = new XmlErrorHandler();
		validate(doc, instruction, errHandler);
		return errHandler;
	}

	/**
	 * Validates the given XML {@link Document} per the given instructions,
	 * recording errors in the given error handler.
	 * 
	 * @param doc must not be null
	 * @param instruction may be null to signify no special instructions
	 * @param errHandler errors will be recorded on this object
	 */
	private void validate(
			final Document doc, final Node instruction, final ErrorHandler errHandler)
			throws Exception {
		ArrayList<SchemaSupplier> schemas = new ArrayList<>();
		ArrayList<Object> dtds = new ArrayList<Object>();
		schemas.addAll(schemaList);
		dtds.addAll(dtdList);
		loadSchemaLists(instruction, schemas, dtds);
		if (null == doc.getDoctype() && dtds.isEmpty()) {
			validateAgainstXMLSchemaList(doc, schemas, errHandler);
		} else {
			validateAgainstDTDList(doc, dtds, errHandler);
		}
	}

	/**
	 * Validates an XML resource against a list of XML Schemas. Validation
	 * errors are reported to the given handler.
	 * 
	 * @param doc
	 *            The input Document node.
	 * @param xsdList
	 *            A list of XML schema references. Must be non-null, but if
	 *            empty, validation will be performed by using location hints
	 *            found in the input document.
	 * @param errHandler
	 *            An ErrorHandler that collects validation errors.
	 * @throws SAXException
	 *             If a schema cannot be read for some reason.
	 * @throws IOException
	 *             If an I/O error occurs.
	 */
	void validateAgainstXMLSchemaList(Document doc, List<SchemaSupplier> xsdList,
			ErrorHandler errHandler) throws SAXException, IOException {
		jlogger.fine("Validating XML resource from " + doc.getDocumentURI()
			+ " with these specified schemas: " + xsdList);
		Schema schema;
		if (!xsdList.isEmpty()) {
			schema = schemaLoader.loadSchema(ImmutableList.copyOf(xsdList));
		} else {
			schema = schemaLoader.defaultSchema();
		}
		Validator validator = schema.newValidator();
		validator.setErrorHandler(errHandler);
		DOMSource source = new DOMSource(doc, doc.getBaseURI());
		validator.validate(source);
	}

	/**
	 * Validates an XML resource against a list of DTD schemas or as indicated by a
	 * DOCTYPE declaration. Validation errors are reported to the given handler. If
	 * no DTD references are provided the external schema reference in the DOCTYPE
	 * declaration is used (Note: an internal subset is ignored).
	 * 
	 * @param doc
	 *            The input Document.
	 * @param dtdList
	 *            A list of DTD schema references. May be empty but not null.
	 * @param errHandler
	 *            An ErrorHandler that collects validation errors.
	 * @throws Exception
	 *             If any errors occur while attempting to validate the document.
	 */
	private void validateAgainstDTDList(Document doc, ArrayList<Object> dtdList,
			ErrorHandler errHandler) throws Exception {
		jlogger.finer("Validating XML resource from " + doc.getDocumentURI());
		DocumentBuilder db = dtdValidatingDBF.newDocumentBuilder();
		db.setErrorHandler(errHandler);
              // Fortify Mod: prevent external entity injection
	         // includes try block to capture exceptions to setFeature.
		TransformerFactory tf = TransformerFactory.newInstance();
		try {
      	        tf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
		    } catch (Exception e) {
		        jlogger.warning("Failed to secure Transformer");
		    }
		// End Fortify Mod
	     Transformer copier = tf.newTransformer();
           ByteArrayOutputStream content = new ByteArrayOutputStream();
		Result copy = new StreamResult(content);
		if (dtdList.isEmpty()) {
			DocumentType doctype = doc.getDoctype();
			if (null == doctype) {
				return;
			}
			URI systemId = URI.create(doctype.getSystemId());
			if (!systemId.isAbsolute() && null != doc.getBaseURI()) {
				systemId = URI.create(doc.getBaseURI()).resolve(systemId);
			}
			copier.setOutputProperty(OutputKeys.DOCTYPE_SYSTEM,
					systemId.toString());
			copier.transform(new DOMSource(doc), copy);
			db.parse(new ByteArrayInputStream(content.toByteArray()));
		} else {
			for (Object dtdRef : dtdList) {
				content.reset();
				copier.setOutputProperty(OutputKeys.DOCTYPE_SYSTEM,
						dtdRef.toString());
				copier.transform(new DOMSource(doc), copy);
				db.parse(new ByteArrayInputStream(content.toByteArray()));
			}
		}
	}
}