CIS5930 Internet Computing

About This Presentation

Title:

CIS5930 Internet Computing

Description:

... (ByVal Fahrenheit As Int16) As Int16 Dim celsius As Int16 celsius = (( (Fahrenheit ... myRemoteOp abc def – PowerPoint PPT presentation

Number of Views:33

Avg rating:3.0/5.0

Slides: 85

Provided by: Robertva6

Learn more at: http://www.cs.fsu.edu

Category:

more less

Transcript and Presenter's Notes

Title: CIS5930 Internet Computing

1
CIS5930Internet Computing

XML Web Services Basics
Prof. Robert van Engelen

2
Web Services Basics

Interoperability has highest priority
XML over HTTP
Web services can be created regardless of the
programming language
Reusable application components
Software can be reused as service components in a
service-oriented architecture, i.e. to support
the requirements of software users
Compositionality is realized with open standards
Connect existing software
Publish the application as a service
Applications connect and interact by encoding and
decoding data in XML

3
XML Web Services Protocols

SOAP
Simple Object Access Protocol is an XML
messaging protocol
Typically remote procedure call (RPC)
request-response messages
Or XML-based messages (document/literal style)
WSDL
Web Service Description Language is an XML
document that defines the service interface,
protocol bindings, and service endpoint addresses
Uses XML schema to define XML types
Typically uses SOAP to bind the messaging
protocol
UDDI
Universal Description, Discovery and
Integration is a repository/database of services
(e.g. defined by WSDLs)
Not very popular, wont discuss

4
WSDL

WSDL represents a contract between the service
requestor and the service provider
WSDL is an XML specification that defines four
critical pieces of information of an XML Web
service
Interface information describing all publicly
available functions
Data type information for all message requests
and message responses
Binding information about the transport protocol
to be used
Address information for locating the specified
service

5
WSDL Specification

The definitions root element defines the name and
namespace of the web service
The types element contains a set of XML schemas
with all the data types (XML elements and types)
used between the client and server
One or more message elements define the names of
the messages, each contains zero or more message
part elements, which can refer to message
parameters or message return values
The portType element combines multiple message
elements to form a complete one-way or round-trip
operation
The binding element describes how the service
will be implemented on the wire
The service element defines the endpoint address
for invoking the service

6
Example WSDL

The HelloService service provides a single
publicly available function sayHello
The function expects a single string parameter,
and returns a single string greeting
Request-response message pattern over HTTP using
HTTP POST

7
WSDL definition Root Element

Defines the name and targetNamespaceltdefinition
s name"HelloService targetNamespace"http//www
.ecerami.com/wsdl/HelloService.wsdl
xmlns"http//schemas.xmlsoap.org/wsdl/
xmlnssoap"http//schemas.xmlsoap.org/wsdl/soap/
xmlnstns"http//www.ecerami.com/wsdl/HelloServ
ice.wsdl xmlnsxsd"http//www.w3.org/2001/XMLSc
hemagt
Typically the xmlns namespace bindings are
included in the root element and are used in the
remainder of the WSDL
Note that the WSDL namespace is declared as the
default namespace for all of the other WSDL
elements (http//schemas.xmlsoap.org/wsdl/) so
these elements are not explicitly namespace
qualified

8
The WSDL message Elements

Two message elements are defined
The first represents a request message,
SayHelloRequest, and the second represents a
response message, SayHelloResponseltmessage
name"SayHelloRequest"gt ltpart name"firstName"
type"xsdstring"/gtlt/messagegtltmessage
name"SayHelloResponse"gt ltpart name"greeting"
type"xsdstring"/gtlt/messagegt
For the request, the part specifies the function
parameters
For the response, the part specifies the function
return values
The type is a QName value, indicating the schema
type of the part

9
Built-in XSD SimpleTypes
Simple type Example Value(s) string Web
Services boolean true, false, 1, 0 float -INF,
-1E4, -0, 0, 12.78E-2, 12, INF, NaN double -INF,
-1E4, -0, 0, 12.78E-2, 12, INF,
NaN decimal -1.23, 0, 123.4, 1000.00 integer -12
6789, -1, 0, 1, 126789 nonPositiveInteger -126789,
-1, 0 negativeInteger -126789, -1 long -1,
12678967543233 int -1, 126789675 short -1,
12678 byte -1, 126 nonNegativeInteger 0, 1,
126789 unsignedLong 0, 12678967543233 unsignedInt
0, 1267896754 unsignedShort 0, 12678 unsignedByte
0, 126 positiveInteger 1, 126789 date 1999-05-31
time 132000.000, 132000.000-0500
10
The WSDL portType Element

The portType element defines a single operation,
sayHello
The operation consists of a single input message
(SayHelloRequest) and a single output message
(SayHelloResponse)ltportType name"Hello_PortTyp
e"gt ltoperation name"sayHello"gt ltinput
message"tnsSayHelloRequest"/gt ltoutput
message"tnsSayHelloResponse"/gt
lt/operationgtlt/portTypegt
The input/output elements specify a message
attribute of tnsSayHelloRequest or
tnsSayHelloResponse
The tns prefix references the targetNamespace
defined within the definitions element

11
Message Exchange Patterns

The operation in portType uses input and/or
output to define the message exchange pattern
WSDL supports four basic patterns of operation
One-way
Request-response
Solicit-response
Notification
The one-way and request-response are most often
used

12
The WSDL binding Element

The binding element provides specific details on
how a portType operation will actually be
transmitted over the wire
Bindings can be made available via multiple
transports
Multiple bindings for a single portType can be
specified
The binding element itself specifies name and
type attributesltbinding name"Hello_Binding"
type"tnsHello_PortType"gt
The type attribute references the portType

13
WSDL SOAP Bindings

WSDL 1.1 includes built-in extensions for SOAP
1.1ltbinding name"Hello_Binding"
type"tnsHello_PortType"gt
ltsoapbinding style"rpc"
transport"http//schemas.xmlsoap.org/soap/http"/gt
ltoperation name"sayHello"gt
ltsoapoperation soapAction"sayHello"/gt
ltinputgt ltsoapbody
encodingStylehttp//schemas.xmlsoap.org/soap/enc
oding/ namespace"urnexampleshel
loservice use"encoded"/gt
lt/inputgt ltoutputgt
ltsoapbody encodingStylehttp//sc
hemas.xmlsoap.org/soap/encoding/
namespace"urnexampleshelloservice
use"encoded"/gt lt/outputgt
lt/operationgt lt/bindinggt

14
WSDL SOAP Bindings (contd)

The soapbinding element indicates a SOAP binding
over HTTP transport
The style attribute indicates rpc for an RPC
format or document for a document-oriented
message format
The transport attribute defines the transport
mechanism
The soapoperation element indicates the binding
of a specific operation to a SOAP implementation
The soapAction attribute specifies that the
SOAPAction HTTP header should be used for
identifying the service (SOAP 1.1 only)
The soapbody element specifies the details of
the input and output messages
The encodingStyle attribute defines the encoding
format when the use attribute is encoded (RPC
encoded) and the namespace attribute defines the
RPC message namespace
For document/literal messaging, the use attribute
is literal

15
SOAP Request Message

An RPC request message uses the encodingStyle and
namespacelt?xml version'1.0'
encoding'UTF-8'?gtltsoapEnvelope
xmlnsxsi'http//www.w3.org/2001/XMLSchema-instan
ce xmlnsxsd'http//www.w3.org/2001/XMLSchema
xmlnssoap'http//schemas.xmlsoap.org/soap/e
nvelope/ xmlnssoapenc'http//schemas.xmlsoap
.org/soap/encoding/ soapencodingStyle'http/
/schemas.xmlsoap.org/soap/encoding/'gt
ltsoapBodygt ltnsayHello xmlnsn'urnexample
shelloservice'gt ltfirstName
xsitype'xsdstring'gtWorldlt/firstNamegt
lt/nsayHellogt lt/soapBodygtlt/soapEnvelopegt

16
SOAP Response Message

An RPC request messagelt?xml version'1.0'
encoding'UTF-8'?gtltSOAP-ENVEnvelope
xmlnsSOAP-ENV'http//schemas.xmlsoap.org/soap/en
velope/ xmlnsxsi'http//www.w3.org/1999/XMLS
chema-instance xmlnsxsd'http//www.w3.org/19
99/XMLSchema'gt ltSOAP-ENVBodygt
ltns1sayHelloResponse xmlnsns1'urnexampleshell
oservice' SOAP-ENVencodingStyle
'http//schemas.xmlsoap.org/soap/encoding/'gt
ltgreeting xsitype'xsdstring'gtHello,
World!lt/greetinggt lt/ns1sayHelloResponsegt
lt/SOAP-ENVBodygtlt/SOAP-ENVEnvelopegt

17
Using WSDL

Most Web service development toolkits support
WSDL
Generate WSDL from server (interface) code
Translate WSDL to server objects and client
proxies
Dynamic invocation obtains the WSDL, select an
operation, populate the parameters and send the
request message
Generic SOAP client http//www.soapclient.com/soa
ptest.html
http//services.xmethods.net/soap/urnxmethods-del
ayed-quotes.wsdl
Find more WSDLs and code at http//www.xmethods.co
m

18
Generating WSDL and Server Code with gSOAP

Suppose we implement a HelloService with one
operation sayHello that takes a string parameter
s and returns the string Hello s
To bind XML namespaces to C (and C) code, gSOAP
uses a prefix convention for function names and
type names prefix_ _name
The service interface is defined in a header file
containing the lineint ns__sayHello(char
firstName, char greeting)
To generate WSDL and server code (-S) or client
code (-C) in C (-c) for SOAP RPC encoding
(-e) soapcpp2 -S -c -e hello.h

input
output
19
Implementing a Web Service with gSOAP

Add directives to the header file specification
to define the service name, namespace, and
endpoint//gsoap ns service name hello//gsoap
ns service namespace urnhello//gsoap ns
service location
http//www.cs.fsu.edu/engelen/hello.cgiint
ns__sayHello(char firstName, char greeting)

20
Implementing a Web Service with gSOAP (contd)

The following files are generatedsoapStub.h a
nnotated copy of the header filesoapH.h XML
serializer declarationssoapC.c XML serializers
for C/C typessoapServer.c SOAP server
skeleton and dispatcherhello.nsmap XML
namespace mapping tablehello.wsdl the service
WSDLhello.sayHello.req.xml sample request
messagehello.sayHello.res.xml sample response
message
To complete the service, we create a C
implementation of the sayHello function with the
following parametersint ns__sayHello(struct
soap soap, char firstName, char greeting)
The first arg is the gSOAP engine context
(runtime environment)

21
Implementing a Web Service with gSOAP (contd)

Implementation of the sayHello function in
hello.cint ns__sayHello(struct soap soap,
char firstName, char greeting) if
(!firstName) return soap_sender_fault(soap,
No name!, NULL) greeting
(char)soap_malloc(soap, strlen(firstName)8)
strcpy(greeting, Hello ) strcat(greeting,
firstName) strcat(greeting, !) return
SOAP_OK
For a simple CGI-based service, add the service
dispatcherinclude hello.nsmapint main()
return soap_serve(soap_new())
Compile with gcc -o hello.cgi hello.c stdsoap2.c
soapC.c soapServer.c

22
Implementing a Web Service with gSOAP (contd)

Deploy hello.cgi as a service in Apache (e.g.
cgi-bin dir) and publish hello.wsdl on the Web
site
To test the service over stdin/stdout, modify
hello.sayHello.req.xml to include a name string
and run hello.cgi from the command line
./hello.cgi lt hello.sayHello.req.xml
To deploy as an iterative stand-alone service,
use the followinginclude hello.nsmapint
main() struct soap soap soap_new()
soap_bind(soap, NULL, 8080, 100) for ()
if (soap_accept(soap) lt 0) break
soap_serve(soap) soap_destroy(soap)
soap_end(soap) soap_print_fault(soap,
stderr) soap_done(soap) free(soap)
return 0

23
Implementing a Concurrent Web Service with gSOAP

include hello.nsmapint main() pthread_t
tid struct soap soap soap_new()
soap_bind(soap, NULL, 8080, 100) for ()
if (soap_accept(soap) lt 0) break
pthread_create(tid,NULL,(void()(void))serve,(v
oid)soap_copy(soap)) soap_print_fault(soap
, stderr) soap_done(soap) free(soap)
return 0void serve(void soap)
pthread_detach(pthread_self())
soap_serve((struct soap)soap)
soap_destroy((struct soap)soap)
soap_end((struct soap)soap) soap_done((struct
soap)soap) free(soap) return NULLint
ns__sayHello(struct soap soap, char firstName,
char greeting)

24
Implementing a Client with gSOAP

Since we already have a gSOAP header file with
the service definitions, we can also create a
client from it soapcpp2 -C -c -e hello.h
The client uses the stub call defined in
soapClient.cinclude hello.nsmapint main()
struct soap soap soap_new() char s if
(soap_call_ns__sayHello(soap, NULL, NULL,
Robert, s)) soap_print_fault(soap,
stderr) else printf(The response is
s\n, s) soap_destroy(soap)
soap_end(soap) soap_done(soap) free(soap)
return 0
Compile with gcc -o client client.c stdsoap2.c
soapC.c soapClient.c

25
Implementing a Service with ASP.NET in VB

lt_at_ WebService Language"VB" Class"TempConvert"
gtImports SystemImports System.Web.ServicesPu
blic Class TempConvert Inherits
WebServiceltWebMethod()gt Public Function
FahrenheitToCelsius(ByVal Fahrenheit As Int16)
As Int16 Dim celsius As Int16
celsius ((((Fahrenheit) - 32) / 9) 5)
Return celsiusEnd FunctionltWebMethod()gt
Public Function CelsiusToFahrenheit(ByVal
Celsius As Int16) As Int16 Dim fahrenheit
As Int16 fahrenheit ((((Celsius) 9) /
5) 32) Return fahrenheitEnd
FunctionEnd Class

26
Implementing a Client with SOAPLite for Perl

Example in Perl using the SOAPLite
packageuse SOAPLite print "Connecting to
Hello Service...\n"print SOAPLite -gt
service('http//www.cs.fsu.edu/engelen/hello.wsdl
') -gt sayHello ('World')
The program generates the following
outputConnecting to Hello Service...Hello
World!

27
SOAP Fault messages

The gSOAP service may return a SOAP Fault
return soap_sender_fault(soap, description,
detail)
If the problem is at the receiving side
(SOAP-ENVServer) use return
soap_receiver_fault(soap, description, detail)
Example SOAP Fault messageHTTP/1.1 500 Internal
Server ErrorServer gSOAP/2.7Content-Type
text/xml charsetutf-8Content-Length
520Connection closelt?xml version"1.0"
encoding"UTF-8"?gtltSOAP-ENVEnvelope
xmlnsSOAP-ENV"http//schemas.xmlsoap.org/soap/en
velope/ xmlnsSOAP-ENC"http//schemas.xmlsoap.
org/soap/encoding/ xmlnsxsi"http//www.w3.org
/2001/XMLSchema-instance xmlnsxsd"http//www.
w3.org/2001/XMLSchema xmlnsns"urnhello"gt
ltSOAP-ENVBody SOAP-ENVencodingStyle"http//sche
mas.xmlsoap.org/soap/encoding/"gt
ltSOAP-ENVFaultgt ltfaultcodegtSOAP-ENVClientlt/
faultcodegt ltfaultstringgtNo
name!lt/faultstringgt lt/SOAP-ENVFaultgt
lt/SOAP-ENVBodygtlt/SOAP-ENVEnvelopegt

28
SOAP 1.1 Faults

The SOAP Fault element has the following sub
elements
ltfaultcodegt A code for identifying the fault
ltfaultstringgt A human readable explanation of the
fault
ltfaultactorgt Information about who caused the
fault to happen (opt)
ltdetailgt Holds application specific error
information
The faultcode values defined below must be used
in the faultcode element when describing faults
VersionMismatch Invalid namespace for the SOAP
Envelope element
MustUnderstand An immediate child element of the
Header element, with the mustUnderstand attribute
set to "1", was not understood
Client Message was incorrectly formed or
contained incorrect info
Server There was a problem with the server and
processing could not proceed
Note SOAP 1.2 differs slightly (mostly element
naming)

29
WSDL and SOAP Faults

Faults in portType operations specify which
faults may be returnedltmessage
name"AuthenticationFault"gt ltpart
name"AuthenticationFault elementfAuthenticati
onFault"/gtlt/messagegtltportType namemyPortgt
ltoperation namegetStatusgt ltinput
messagetnsgetStatusRequest/gt ltoutput
messagetnsgetStatusResponse/gt ltfault
namefault messagetnsAthenticiationFault/gt
lt/operationgtlt/portTypegtltbinding
namemyBinding typemyPortgt ltoperation
name"getStatus"gt ltwsdlinputgt
ltsoapbody use"literal"/gt lt/wsdlinputgt
ltwsdloutputgt ltsoapbody use"literal"/gt
lt/wsdloutputgt ltwsdlfault
name"AuthenticationFault"gt ltsoapfault
name"AuthenticationFault" use"literal"/gt
lt/wsdlfaultgt lt/operationgtlt/bindinggt

30
SOAP Headers

The optional SOAP Header element contains SOAP
processing information in one or more
subelements, such as addressing and
authentication, for exampleltSOAP-ENVEnvelope
gt ltSOAP-ENVHeadergt ltwsseSecurity
SOAP-ENVmustUnderstand"1"gt
ltwsseUsernameToken wsuId"User"gt
ltwsseUsernamegtengelenlt/wsseUsernamegt
ltwssePassword Type"http//docs.oasis-open.org/ws
s/2004/01/oasis-200401-wss-username-token-profile-
1.0PasswordDigest"gt/u5faawcfIeve1yHCsdXAWyIlbUlt/
wssePasswordgt ltwsseNoncegtNDU0MGE5YjljYT
UzYzAzZjA2MTclt/wsseNoncegt
ltwsuCreatedgt2006-10-26T122737Zlt/wsuCreatedgt
lt/wsseUsernameTokengt lt/wsseSecuritygt
lt/SOAP-ENVHeadergt ltSOAP-ENVBodygt
lt/SOAP-ENVBodygtlt/SOAP-ENVEnvelopegt

31
SOAP Headers (contd)

The optional actor attribute may be used to
address the Header element to a particular
endpointltSOAP-ENVHeadergt ltmTransaction
SOAP-ENVactorendpoint URL
SOAP-ENVmustUnderstand1gt
lt/mTransactiongt ltwsseSecuritygtlt/wsseSecurity
gtlt/SOAP-ENVHeadergt
This allows the header information to be targeted
at any intermediate SOAP processors for which
this information is intended
The SOAP mustUnderstand attribute is used to
indicate whether a header entry is mandatory or
optional for the recipient to process

32
SOAP Headers (contd)

The SOAP Header is a struct in gSOAP, defined in
the header fileimport wsse.h // get WSSE
Security elementsstruct SOAP_ENV__Header
mustUnderstand _m__Transaction m__Transaction
mustUnderstand _wsse__Security wsse__Security
and accessible in the soap context, for
examplesoap.header.m__Transaction new
_m__Transaction()

33
SOAP RPC Encoding

SOAP RPC encoding defines rules on representing
primitive types, xssimpleTypes (e.g.
enumerations), array, and records (structs) as
xscomplexTypes in XML
Closer to the notion of programming language
types
Full XML schema support is not possible
XML attributes not supported
No element repetitions with maxOccursunbounded
Only xssequence and xsall, no xschoice

34
SOAP RPC Encoding (contd)

Primitive types
Built-in XSD types, such as xsstring (see Schema
specification)
Schema xssimpleTypes for elements, such as
enumerationsltxssimpleType nameswitch"gt
ltxsrestriction base"xsdtoken"gt
ltxsenumeration valueon"/gt
ltxsenumeration valueoff"/gt
lt/xsrestrictiongtlt/xssimpleTypegt
Base64 (xsbase64Binary) and hex (xshexBinary)
types

35
SOAP RPC Encoding (contd)

Arrays are SOAP encoded arrays
ltxscomplexType name"ArrayOfstring"gt
ltxscomplexContentgt ltxsrestriction
base"SOAP-ENCArray"gt ltxssequencegt
ltxselement name"item" type"xsdstring
minOccurs"0"
maxOccurs"unbounded/gt lt/xssequencegt
ltxsattribute ref"SOAP-ENCarrayType
wsdlarrayType"xsdstring"/gt
lt/xsrestrictiongt lt/xscomplexContentgt
lt/xscomplexTypegt
Arrays are encoded in SOAP messages
followsltinputStringArray SOAP-ENCarrayType"xs
dstring2"gt ltitem xsitypexsdstringgthellolt
/itemgt ltitem xsitypexsdstringgtworld!lt/itemgt
lt/inputStringArraygt

36
SOAP RPC Encoding (contd)

Struct are just xscomplexTypes with xssequence
(or xsall) ltxscomplexType
namelightSwitch"gt ltxssequencegt
ltxselement namelight typetnsswitch/gt
ltxselement namelevel typexsint/gt
ltxselement nameimage typexsbase64Binary/gt
lt/xssequencegt lt/xscomplexTypegt

37
RPC versus Doc/lit in WSDL

Document/literal SOAP messages dont include
encodingStyle and XML types for request/responses
are not constraint by the SOAP RPC encoding rules
Document style and literal use are declared in
the bindingsltbinding type"glossaryTerms"
name"b1"gtltsoapbinding style"document
transport"http//schemas.xmlsoap.org/soap/http"/gt
ltoperationgt ltsoapoperation
soapAction"http//example.com/getTerm"/gt
ltinputgt ltsoapbody use"literal"/gt
lt/inputgt ltoutputgt ltsoapbody
use"literal"/gt lt/outputgt
lt/operationgtlt/bindinggt

38
RPC versus Doc/lit in WSDL (contd)

The parts in messages now refer to elements,
which will be the request/response elements in
the SOAP Bodyltdefinitions xmlnsmurnexample
stempservice gt ltmessage name"getTermRequest
"gt ltpart name"term" elementmgetTemp"/gt
lt/messagegt ltmessage name"getTermResponse"gt
ltpart name"value" elementmgetTempResult"/gt
lt/messagegt ltportType name"glossaryTerms"gt
ltoperation name"getTerm"gt ltinput
message"getTermRequest"/gt ltoutput
message"getTermResponse"/gt lt/operationgt
lt/portTypegt

39
RPC versus Doc/lit in WSDL (contd)

The parts in messages refer to elements that
define the request and response elements in the
SOAP Body of a messagelttypesgt ltxsschema
xmlnsxshttp//www.w3.org/2001/XMLSchema
targetNamespaceurnexamplestempservice
elementFormDefaultqualified
attributeFormDefaultunqualifiedgt
ltxselement namegetTempgt
ltxscomplexTypegt ltxssequencegt
ltxselement namezipCode typexsstring/gt
lt/xssequencegt lt/xscomplexTypegt
lt/xselementgt ltxselement namegetTempResult
gt ltxscomplexTypegt ltxssequencegt
ltxselement nametemp typexsfloat/gt
lt/xssequencegt lt/xscomplexTypegt
lt/xselementgt lt/xsschemagt lt/typesgt

40
SOAP Request Message in Doc/Lit Style

Note the absence of SOAP-ENCencodingStyle and
xsitype in the messagelt?xml version'1.0'
encoding'UTF-8'?gtltsoapEnvelope
xmlnsxsi'http//www.w3.org/2001/XMLSchema-instan
ce xmlnsxsd'http//www.w3.org/2001/XMLSchema
xmlnssoap'http//schemas.xmlsoap.org/soap/e
nvelope/'gt ltsoapBodygt ltngetTemp
xmlnsn'urnexamplestempservice'gt
ltnzipCodegt32306lt/nzipCodegt lt/ngetTempgt
lt/soapBodygtlt/soapEnvelopegt

41
SOAP Multi-ref Encoding

SOAP operation (request/response)
The XSD type system to represent values of
primitive types in XML, such as bool, integer,
float, string, base64
A SOAP array type to encode sparse and partial
arrays
Id-href XML attributes to implement graph edges
to encode multi-ref objects

ltenvEnvelopegt ltenvBody envencodingStylegt
ltnsmyRemoteOpgt ltarg1 xsitypexsdintgt123lt/
arg1gt ltarg2 encarrayTypexsdstring5gt
ltitemgtabclt/itemgt ltitem href_1/gt ltitem
href_1/gt ltitem href_2/gt ltitem
encposition5gtxyzlt/itemgt lt/arg2gt
lt/nsmyRemoteOpgt ltmref id_1gtabclt/mrefgt
ltmref id_2gtdeflt/mrefgt lt/envBodygtlt/envEnvelo
pegt
42
Static Structure Analysis forSOAP RPC Encoding
Structure
XML Schema ltcomplexType nameXgt ltsequencegt ltelement namey typetnsY/gt ltelement namez typetnsZ/gt lt/sequencegt lt/complexTypegt ltcomplexType nameXgt ltsequencegtlt/sequencegtlt/complexTypegtltcomplexType nameYgt ltsequencegtlt/sequencegtlt/complexType ltcomplexType nameXgt ltsequencegtlt/sequencegtlt/complexType
Example XML Instance ltxgt ltygtlt/ygt ltzgtlt/zgt lt/xgt ltxgt lty href123/gt lty href123/gt lt/xgtltmref id123gtlt/mrefgt ltxgt ltx href456/gt ltx href456/gt lt/xgtltmref id456gtlt/mrefgt
43
gSOAP Constructs a Plausible Object Model for
Serialization
typedef int SSNstruct Node int val int
ptr float num struct Node next
val
ptr
num
next
Node
SSN
Data model graph(arcs denote all
possiblepointer references)
Source code typedefinitions
44
Generating an XML Schema Definition for
Serialized XML
ltsimpleType nameSSNgt ltrestriction
baseint/gtlt/simpleTypegtltcomplexType
nameNodegt ltsequencegt ltelement
nameval typeint/gt ltelement
nameptr typeint
minOccurs0/gt ltelement namenum
typefloat/gt ltelement namenext
typetnsNode
minOccurs0/gt lt/sequencegtlt/complexTypegt
val
ptr
num
next
Node
SSN
Data model graph
45
Generating Code for Runtime Points-To Analysis
serialize_pointerToint(int p) if (p ! NULL)
// lookup and mark (p,TYPE_int) // as
target in ptr hash table serialize_Node(str
uct Node p) if (p ! NULL) // lookup and
mark (p,TYPE_Node) // as target in ptr hash
table mark_embedded(p-gtval,TYPE_int)
serialize_pointerToint(p-gtptr) // skip
p-gtnum serialize_pointerToNode(p-gtnext)
val
ptr
num
next
Node
SSN
Data model graph
46
Generating Serialization Code
put_pointerToint(int p) if (p ! NULL) //
lookup (p,TYPE_int) // if embedded, then
output ref // if single, then output value
// if multi, then output value // with
id and mark embedded put_Node(struct
Node p) if (p ! NULL) // lookup
(p,TYPE_Node) // if embedded, then output
ref // if single, then output value //
if multi, then output value // with id
and mark embedded put_int(p-gtval)
put_pointerToint(p-gtptr) put_float(p-gtnum)
put_pointerToNode(p-gtnext)
val
ptr
num
next
Node
SSN
47
Serialization Example
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
NodelocA
NodelocB
789
Ptr hash table after runtime points-to analysis
by thegenerated algorithm constructed from the
data model
SSNlocC
ID PtrLoc PtrType PtrSize PtrCount RefType
1 A Node 16 2 multi
2 B int 4 1 embedded
3 B Node 16 1 single
4 C int 4 1 single
48
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
SSNlocC
49
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt lt/Nodegt
SSNlocC
50
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt lt/Nodegt
SSNlocC
51
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt lt/Nodegt
SSNlocC
52
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt lt/Nodegt
SSNlocC
53
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt lt/nextgt
lt/Nodegt
SSNlocC
54
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt lt/nextgt lt/Nodegt
SSNlocC
55
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
lt/nextgtlt/Nodegt
SSNlocC
56
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt lt/nextgtlt/Nodegt
SSNlocC
57
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt ltnext ref_1/gt
lt/nextgtlt/Nodegt
SSNlocC
58
Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt ltnext ref_1/gt
lt/nextgtlt/Nodegt
SSNlocC
59
Deserialization Example
ltNode id_1gt lt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val?
ptr?
num?
next?
id1
Node
60
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt lt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptr?
num?
next?
id1
Node
61
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt lt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptr?
num?
next?
id1
Node
ref2(unresolved)
62
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptr?
num1.4
next?
id1
Node
ref2(unresolved)
63
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt
lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptr?
num1.4
nextB
val?
ptr?
num?
next?
id1
Node
Node
ref2(unresolved)
64
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptr?
num?
next?
id1
id2
Node
Node
65
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptrC
num?
next?
id1
id2
Node
Node
789
66
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
next?
id1
id2
Node
Node
789
SSN
67
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt ltnext ref_1/gt
lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
id1
Node
Node
789
SSN
68
Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt ltnext ref_1/gt
lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
id1
Node
Node
789
SSN
69
Converting a WSDL to Code with gSOAP

The wsdl2h tool converts a (set of) WSDL files
and schemas to a header file
The header file is then processed by soapcpp2 as
before

70
WS- Protocols and Plugins
71
SOAP With MTOM Attachments

Raw binary data can be transported in a SOAP
message as base64
MTOM (Message Transmission Optimization
Mechanism) using MIME attachments to carry binary
data with a SOAP message
Supports embedding of type and other information
Allows streaming (attachments produced on demand)
Example HTTP header for SOAP with MTOMPOST /
HTTP/1.1Host www.example.comContent-Type
multipart/related boundarymimeboundary" ty
pe"application/xopxml" start"ltsoapmsggt" s
tart-info"application/soapxml charsetutf-8"

72
SOAP With MTOM Attachments (contd)

Example HTTP body with SOAP message and MTOM
attachment--mimeboundaryContent-Type
application/xopxmlcharsetutf-8typeapplication
/soapxmlContent-Transfer-Encoding
binaryContent-ID ltsoapmsggtltSOAP-ENVEnvelope
xmlnsSOAP-ENV xmlnsxop"http//www.w3.org/
2004/08/xop/include" xmlnsxmlmime"http//www.
w3.org/2004/11/xmlmime" ltSOAP-ENVBodygt
ltmPutImage xmlnsm"http//www.example.com/test.w
sdl"gt ltmdata xmlmimecontentTypeimage/jpe
g"gt ltxopInclude href"cidimage"/gt
lt/mdatagt lt/mPutImagegt lt/SOAP-ENVBodygtlt/S
OAP-ENVEnvelopegt--mimeboundaryContent-Type
image/jpegContent-Transfer-Encoding
binaryContent-ID ltimagegt image data
--mimeboundary--

73
WS-Addressing

WS-Addressing is a Web services protocol for
routing messages (request, response, and faults)
Supports message transmission through networks
with processing nodes such as endpoint managers,
firewalls, and gatewaysltSEnvelope
xmlnsS"http//www.w3.org/2003/05/soap-envelope"
xmlnswsa"http//schemas.xmlsoap.org/ws/
2004/08/addressing"gt ltSHeadergt
ltwsaMessageIDgt uuid6B29FC40-CA47-1067-B31D-
00DD010662DA lt/wsaMessageIDgt
ltwsaReplyTogt ltwsaAddressgthttp//business456
.example/client1lt/wsaAddressgt lt/wsaReplyTogt
ltwsaTogthttp//fabrikam123.example/Purchasinglt/w
saTogt ltwsaActiongthttp//fabrikam123.example/S
ubmitPOlt/wsaActiongt lt/SHeadergt ltSBodygt
... lt/SBodygtlt/SEnvelopegt

74
WS-Addressing (contd)

WS-Addressing header elements within the SOAP
Header
ltwsaMessageIDgt xsanyURI lt/wsaMessageIDgtdefines
a unique message ID, e.g. UUID (optional)
ltwsaRelatesTo RelationshipType"..."?gt xsanyURI
lt/wsaRelatesTogtconveys the message ID of the
related message, e.g. the request message ID when
this is a reply message (required for responses)
ltwsaTogt xsanyURI lt/wsaTogtthe destination
address (required)
ltwsaActiongt xsanyURI lt/wsaActiongtconveys the
SOAP action property (required)
ltwsaFromgt endpoint-reference lt/wsaFromgtthe
source endpoint information (optional)
ltwsaReplyTogt endpoint-reference
lt/wsaReplyTogtthe reply endpoint (required for
request with an expected reply)
ltwsaFaultTogt endpoint-reference lt/wsaFaultTogt
the fault endpoint (optional)

75
WS-Security

WS-Security provides message-level security
HTTPS provides end-to-end transport-level
security
Authentication
Username and (digest) password (with nonce,
timestamps)
Digital signatures
XML DSig with DSA, HMAC,
Can sign all or specific parts of the message
Embedding of security tokens such as certificates
Support for SAML
Encryption
XML Enc with RSA,

76
Username Token

The Username token security header in
wsseSecurity contains a username and password in
plain text or a digest passwordltSOAP-ENVEnvelo
pe xmlnsSOAP-ENV xmlnswsse
xmlnswsugt ltSOAP-ENVHeadergt
ltwsseSecurity SOAP-ENVmustUnderstand"1"gt
ltwsseUsernameToken wsuId"User"gt
ltwsseUsernamegtengelenlt/wsseUsernamegt
ltwssePassword Type"http//docs.oasis-open.org/ws
s/2004/01/oasis-200401-wss-username-token-profile-
1.0PasswordDigest"gt/u5faawcfIeve1yHCsdXAWyIlbUlt/
wssePasswordgt ltwsseNoncegtNDU0MGE5YjljYT
UzYzAzZjA2MTclt/wsseNoncegt
ltwsuCreatedgt2006-10-26T122737Zlt/wsuCreatedgt
lt/wsseUsernameTokengt lt/wsseSecuritygt
lt/SOAP-ENVHeadergt ltSOAP-ENVBodygt
lt/SOAP-ENVBodygtlt/SOAP-ENVEnvelopegt

77
Security Timestamps

A timestamp can be included to define the
lifetime of a message
The timestamp will only be tamper proof when
digitally signed, hence the wsuId which is
referenced by the signature infoltSOAP-ENVEnvelo
pe gt ltSOAP-ENVHeadergt ltwsseSecuritygt
ltwsuTimestamp wsuId"timestamp"gt
ltwsuCreatedgt2001-09-13T084200Zlt/wsuCreatedgt
ltwsuExpiresgt2001-10-13T090000Zlt/wsuExpir
esgt lt/wsuTimestampgt ...
lt/wsseSecuritygt ... lt/SOAP-ENVHeadergt
ltSOAP-ENVBodygt ... lt/SOAP-ENVBodygtlt/SOAP-EN
VEnvelopegt

78
Signatures

The wsseBinarySecurityToken contains the public
key
The dsSignature element contains signature info
with digest value for each signed message part
and the signature valueltwsseSecuritygt
ltwsseBinarySecurityToken wsuIdX509Token gt
public key lt/wsseBinarySecurityTokengt
ltdsSignaturegt ltdsSignedInfogt what is
signed reference URI to signed part with digest
of that XML message part how it is signed
digests algorithms and canonicalization of XML
lt/dsSignedInfogt ltdsSignatureValuegt
signature lt/dsSignatureValuegt
ltdsKeyInfogt ltwsseSecurityTokenReferencegt
ltwsseReference URI"X509Token"/gt
lt/wsseSecurityTokenReferencegt lt/dsKeyInfogt
lt/dsSignaturegtlt/wsseSecuritygt

79
Signature Example
ltwsseSecuritygt ltwsseBinarySecurityToken gt
lt/wsseBinarySecurityTokengt ltdsSignaturegt
ltdsSignedInfogt ltdsCanonicalizationMethod
Algorithm"http//www.
w3.org/2001/10/xml-exc-c14n"/gt
ltdsSignatureMethod Algorithm"http//www.w3.org/2
000/09/xmldsigrsa-sha1"/gt ltdsReference
URI"myBody"gt ltdsTransformsgt
ltdsTransform Algorithm"http//www.w3.org/2001/10
/xml-exc-c14n"/gt lt/dsTransformsgt
ltdsDigestMethod Algorithm"http//www.w3.org/200
0/09/xmldsigsha1"/gt ltdsDigestValuegtEULdd
ytSo1...lt/dsDigestValuegt lt/dsReferencegt
lt/dsSignedInfogt ltdsSignatureValuegtBL8jdfTo
Eb1l/vXcMZNNjPOV...lt/dsSignatureValuegt
ltdsKeyInfogt ltwsseSecurityTokenReferencegt
ltwsseReference URI"X509Token"/gt
lt/wsseSecurityTokenReferencegt lt/dsKeyInfogt
lt/dsSignaturegtlt/wsseSecuritygt
80
List of WS- Protocols

Messaging
SOAP
SOAP with Attachments (SwA)
SOAP with MTOM (Message Transmission Optimization
Mechanism)
XML-RPC a simpler XML RPC format (no WSDL or
schemas)
WS-Addressing routing, endpoints, and addressing
properties
Service description
WSDL
WS-MetadataExchange how an endpoint can request
the various types of metadata it may need to
effectively communicate with the service
WS-Policy describes the capabilities,
requirements, and general characteristics of a
service

81
List of WS- Protocols

Directory access and discovery
UDDI (Universal Description, Discovery, and
Integration) v2/v3
WS-Discovery a multicast discovery protocol to
locate services on a network
Managing services
WS-Management for management of servers,
devices, applications
Transaction-based services
WS-Transaction describes the coordination types
atomic transaction (TA) and business activity
(BA)
Publish/subscribe
WS-Eventing
WS-Notification
Security and reliability
HTTPS (transport-level)
WS-Security (message-level)
WS-ReliableMessaging

82
Other Notable WS- Protocols

Managing resources Web Services Resource
Framework (WSRF)
WS-ResourceProperties defines are resources
properties
WS-ResourceLifetime inspect and monitor the
lifetime of a resource
WS-ServiceGroup defines how resources are
grouped together for a domain specific purpose
(service classification and constraints)
WS-BaseFaults defines faults related to resource
management
Managing resources
WS-Transfer operations for sending and receiving
the representation of a given resource and
operations for creating and deleting a resource
Best practices
Provide additional information to improve
interoperability between vendor implementations
WS-I Basic profile (BP1.0a, BP1.1)
WS-I Basic security profile