Even though loading the private key from from file works, the preferred way is to keep it securely stored in a java KeyStore. Check out more about it at java.sun.com Your question is little bit confusing and not clear as to what is that you want to do. I'm answering with my best understanding of the question.
Signing a piece of text (could be anything, like just a user id, or user id with url, etc), is two step process.
1. Create a message digest out of the text
2. Encrypt the message digest using the private key, which produces Signature.
Once signature is created, it should not be altered in anyway otherwise signature would be broken and consumer would not be able to validate it.
So in your case, if the consuming party requesting you to add the url, change your generateMessage() method to add the url parameter and sign that generated message.
[ July 03, 2008: Message edited by: Santhosh Kumar ]