Validating WSDLs

WSDL: It stands for Web Services Description Language.It's a document written in XML.The document describes a web service.It specifies the location of the service and the operations(or methods) the service expose.

There are two versions of WSDLs as WSDL1.0 and WSDL2.0.This blog post will explain how you can validate those two types of WSDLs

To validate WSDL 1.0 you can get support of WSDL4J library support and it can be done as follow java code snippet.Relevant wsdl4j API can be found at here.

javax.wsdl.xml.WSDLReader wsdlReader10 =

javax.wsdl.factory.WSDLFactory.newInstance().newWSDLReader();

wsdlReader10.readWSDL(wsdlUrl);

To validate WSDL2.0,you can get support of apache Wooden library and it can be done as following java code snippet.Relevant wooden API can be found at here.

org.apache.woden.WSDLReader wsdlReader20

=org.apache.woden.WSDLFactory.newInstance().newWSDLReader();

wsdlReader20.readWSDL(wsdlUrl);

Once you entered an invalid wsdl url.readWSDL() method will throw an exception and stop reading it fully.

To differentiate WSDL 1.0/WSDL2.0 from your code .you can check wsdl namespace.

Namespace of WSDL1.0: "http://schemas.xmlsoap.org/wsdl/"

Namespace of WSDL2.0: "http://www.w3.org/ns/wsdl"

Comments

Convert an InputStream to XML

For that we can use DocumentBuilder class in java. By using the method parse(InputStream) ; A new DOM Document object will return. InputStream input; DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder parser = factory.newDocumentBuilder(); Document dc= parser.parse(input); In the above code segment,by using the created Document object,the corresponding XML file for the inputStream can be accessed. References: http://www.w3schools.com/dom/dom_intro.asp http:// download.oracle.com/javase/1.4.2/docs/api/javax/xml/parsers/DocumentBuilder.html

CORS support from WSO2 API Manager 2.0.0

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first restricted resource was served. For example, an HTML page of a web application served from http://domain-a.com makes an <img src > request for a different domain as 'domain-b.com' to get an image via an API request. For security reasons, browsers restrict cross-origin HTTP requests initiated from within scripts as in above example and only allows to make HTTP requests to its own domain. To avoid this limitation modern browsers have been used CORS standard to allow cross domain requests. Modern browsers use CORS in an API container - such as XMLHttpRequest or Fetch - to mitigate risks of cross-origin HTTP requests.Thing to note is it's not only sufficient that the browsers handle client side of cross-origin sharing,but also the servers from which these resources getting need to handl

Passing end-user details from client to real backend endpoint via JWT token

In real-world business system,WSO2 API Manager useful on exposing company APIs, in a secured and controlled manner with the features provided by APIManager as; OAuth support [To secure API invocations] Throttling support [To control API invocations] Monitoring support [To track API usage] More technically what happening is when a user sends a particular API request,it will goes to WSO2 APIManager node and from there,the request will route to the real implemented back-end endpoint of the particular API and get back the response and returned it to the API invoked user. There can be a use-case,that this back-end endpoint may expect the details of API invoked user as to pass those details to some internal company usage as; Additional authentication/authorization Track usage data from an internal system. So how to support above requirement from WSO2 AM. There comes the use of JSON Web Token[JWT] implementation done inside WSO2 AM. JWT is a means of representing claims to be

Open Space

Search This Blog