Title: CIS5930 Internet Computing
1CIS5930Internet Computing
- XML Web Services Basics
- Prof. Robert van Engelen
2Web Services Basics
- Interoperability has highest priority
- XML over HTTP
- Web services can be created regardless of the
programming language - Reusable application components
- Software can be reused as service components in a
service-oriented architecture, i.e. to support
the requirements of software users - Compositionality is realized with open standards
- Connect existing software
- Publish the application as a service
- Applications connect and interact by encoding and
decoding data in XML
3XML Web Services Protocols
- SOAP
- Simple Object Access Protocol is an XML
messaging protocol - Typically remote procedure call (RPC)
request-response messages - Or XML-based messages (document/literal style)
- WSDL
- Web Service Description Language is an XML
document that defines the service interface,
protocol bindings, and service endpoint addresses - Uses XML schema to define XML types
- Typically uses SOAP to bind the messaging
protocol - UDDI
- Universal Description, Discovery and
Integration is a repository/database of services
(e.g. defined by WSDLs) - Not very popular, wont discuss
4WSDL
- WSDL represents a contract between the service
requestor and the service provider - WSDL is an XML specification that defines four
critical pieces of information of an XML Web
service - Interface information describing all publicly
available functions - Data type information for all message requests
and message responses - Binding information about the transport protocol
to be used - Address information for locating the specified
service
5WSDL Specification
- The definitions root element defines the name and
namespace of the web service - The types element contains a set of XML schemas
with all the data types (XML elements and types)
used between the client and server - One or more message elements define the names of
the messages, each contains zero or more message
part elements, which can refer to message
parameters or message return values - The portType element combines multiple message
elements to form a complete one-way or round-trip
operation - The binding element describes how the service
will be implemented on the wire - The service element defines the endpoint address
for invoking the service
6Example WSDL
- The HelloService service provides a single
publicly available function sayHello - The function expects a single string parameter,
and returns a single string greeting - Request-response message pattern over HTTP using
HTTP POST
7WSDL definition Root Element
- Defines the name and targetNamespaceltdefinition
s name"HelloService targetNamespace"http//www
.ecerami.com/wsdl/HelloService.wsdl
xmlns"http//schemas.xmlsoap.org/wsdl/
xmlnssoap"http//schemas.xmlsoap.org/wsdl/soap/
xmlnstns"http//www.ecerami.com/wsdl/HelloServ
ice.wsdl xmlnsxsd"http//www.w3.org/2001/XMLSc
hemagt - Typically the xmlns namespace bindings are
included in the root element and are used in the
remainder of the WSDL - Note that the WSDL namespace is declared as the
default namespace for all of the other WSDL
elements (http//schemas.xmlsoap.org/wsdl/) so
these elements are not explicitly namespace
qualified
8The WSDL message Elements
- Two message elements are defined
- The first represents a request message,
SayHelloRequest, and the second represents a
response message, SayHelloResponseltmessage
name"SayHelloRequest"gt ltpart name"firstName"
type"xsdstring"/gtlt/messagegtltmessage
name"SayHelloResponse"gt ltpart name"greeting"
type"xsdstring"/gtlt/messagegt - For the request, the part specifies the function
parameters - For the response, the part specifies the function
return values - The type is a QName value, indicating the schema
type of the part
9Built-in XSD SimpleTypes
Simple type Example Value(s) string Web
Services boolean true, false, 1, 0 float -INF,
-1E4, -0, 0, 12.78E-2, 12, INF, NaN double -INF,
-1E4, -0, 0, 12.78E-2, 12, INF,
NaN decimal -1.23, 0, 123.4, 1000.00 integer -12
6789, -1, 0, 1, 126789 nonPositiveInteger -126789,
-1, 0 negativeInteger -126789, -1 long -1,
12678967543233 int -1, 126789675 short -1,
12678 byte -1, 126 nonNegativeInteger 0, 1,
126789 unsignedLong 0, 12678967543233 unsignedInt
0, 1267896754 unsignedShort 0, 12678 unsignedByte
0, 126 positiveInteger 1, 126789 date 1999-05-31
time 132000.000, 132000.000-0500
10The WSDL portType Element
- The portType element defines a single operation,
sayHello - The operation consists of a single input message
(SayHelloRequest) and a single output message
(SayHelloResponse)ltportType name"Hello_PortTyp
e"gt ltoperation name"sayHello"gt ltinput
message"tnsSayHelloRequest"/gt ltoutput
message"tnsSayHelloResponse"/gt
lt/operationgtlt/portTypegt - The input/output elements specify a message
attribute of tnsSayHelloRequest or
tnsSayHelloResponse - The tns prefix references the targetNamespace
defined within the definitions element
11Message Exchange Patterns
- The operation in portType uses input and/or
output to define the message exchange pattern - WSDL supports four basic patterns of operation
- One-way
- Request-response
- Solicit-response
- Notification
- The one-way and request-response are most often
used
12The WSDL binding Element
- The binding element provides specific details on
how a portType operation will actually be
transmitted over the wire - Bindings can be made available via multiple
transports - Multiple bindings for a single portType can be
specified - The binding element itself specifies name and
type attributesltbinding name"Hello_Binding"
type"tnsHello_PortType"gt - The type attribute references the portType
13WSDL SOAP Bindings
- WSDL 1.1 includes built-in extensions for SOAP
1.1ltbinding name"Hello_Binding"
type"tnsHello_PortType"gt - ltsoapbinding style"rpc"
transport"http//schemas.xmlsoap.org/soap/http"/gt
ltoperation name"sayHello"gt
ltsoapoperation soapAction"sayHello"/gt
ltinputgt ltsoapbody
encodingStylehttp//schemas.xmlsoap.org/soap/enc
oding/ namespace"urnexampleshel
loservice use"encoded"/gt
lt/inputgt ltoutputgt
ltsoapbody encodingStylehttp//sc
hemas.xmlsoap.org/soap/encoding/
namespace"urnexampleshelloservice
use"encoded"/gt lt/outputgt
lt/operationgt lt/bindinggt
14WSDL SOAP Bindings (contd)
- The soapbinding element indicates a SOAP binding
over HTTP transport - The style attribute indicates rpc for an RPC
format or document for a document-oriented
message format - The transport attribute defines the transport
mechanism - The soapoperation element indicates the binding
of a specific operation to a SOAP implementation - The soapAction attribute specifies that the
SOAPAction HTTP header should be used for
identifying the service (SOAP 1.1 only) - The soapbody element specifies the details of
the input and output messages - The encodingStyle attribute defines the encoding
format when the use attribute is encoded (RPC
encoded) and the namespace attribute defines the
RPC message namespace - For document/literal messaging, the use attribute
is literal
15SOAP Request Message
- An RPC request message uses the encodingStyle and
namespacelt?xml version'1.0'
encoding'UTF-8'?gtltsoapEnvelope
xmlnsxsi'http//www.w3.org/2001/XMLSchema-instan
ce xmlnsxsd'http//www.w3.org/2001/XMLSchema
xmlnssoap'http//schemas.xmlsoap.org/soap/e
nvelope/ xmlnssoapenc'http//schemas.xmlsoap
.org/soap/encoding/ soapencodingStyle'http/
/schemas.xmlsoap.org/soap/encoding/'gt
ltsoapBodygt ltnsayHello xmlnsn'urnexample
shelloservice'gt ltfirstName
xsitype'xsdstring'gtWorldlt/firstNamegt
lt/nsayHellogt lt/soapBodygtlt/soapEnvelopegt
16SOAP Response Message
- An RPC request messagelt?xml version'1.0'
encoding'UTF-8'?gtltSOAP-ENVEnvelope
xmlnsSOAP-ENV'http//schemas.xmlsoap.org/soap/en
velope/ xmlnsxsi'http//www.w3.org/1999/XMLS
chema-instance xmlnsxsd'http//www.w3.org/19
99/XMLSchema'gt ltSOAP-ENVBodygt
ltns1sayHelloResponse xmlnsns1'urnexampleshell
oservice' SOAP-ENVencodingStyle
'http//schemas.xmlsoap.org/soap/encoding/'gt
ltgreeting xsitype'xsdstring'gtHello,
World!lt/greetinggt lt/ns1sayHelloResponsegt
lt/SOAP-ENVBodygtlt/SOAP-ENVEnvelopegt
17Using WSDL
- Most Web service development toolkits support
WSDL - Generate WSDL from server (interface) code
- Translate WSDL to server objects and client
proxies - Dynamic invocation obtains the WSDL, select an
operation, populate the parameters and send the
request message - Generic SOAP client http//www.soapclient.com/soa
ptest.html - http//services.xmethods.net/soap/urnxmethods-del
ayed-quotes.wsdl - Find more WSDLs and code at http//www.xmethods.co
m
18Generating WSDL and Server Code with gSOAP
- Suppose we implement a HelloService with one
operation sayHello that takes a string parameter
s and returns the string Hello s - To bind XML namespaces to C (and C) code, gSOAP
uses a prefix convention for function names and
type names prefix_ _name - The service interface is defined in a header file
containing the lineint ns__sayHello(char
firstName, char greeting) - To generate WSDL and server code (-S) or client
code (-C) in C (-c) for SOAP RPC encoding
(-e) soapcpp2 -S -c -e hello.h
input
output
19Implementing a Web Service with gSOAP
- Add directives to the header file specification
to define the service name, namespace, and
endpoint//gsoap ns service name hello//gsoap
ns service namespace urnhello//gsoap ns
service location
http//www.cs.fsu.edu/engelen/hello.cgiint
ns__sayHello(char firstName, char greeting)
20Implementing a Web Service with gSOAP (contd)
- The following files are generatedsoapStub.h a
nnotated copy of the header filesoapH.h XML
serializer declarationssoapC.c XML serializers
for C/C typessoapServer.c SOAP server
skeleton and dispatcherhello.nsmap XML
namespace mapping tablehello.wsdl the service
WSDLhello.sayHello.req.xml sample request
messagehello.sayHello.res.xml sample response
message - To complete the service, we create a C
implementation of the sayHello function with the
following parametersint ns__sayHello(struct
soap soap, char firstName, char greeting) - The first arg is the gSOAP engine context
(runtime environment)
21Implementing a Web Service with gSOAP (contd)
- Implementation of the sayHello function in
hello.cint ns__sayHello(struct soap soap,
char firstName, char greeting) if
(!firstName) return soap_sender_fault(soap,
No name!, NULL) greeting
(char)soap_malloc(soap, strlen(firstName)8)
strcpy(greeting, Hello ) strcat(greeting,
firstName) strcat(greeting, !) return
SOAP_OK - For a simple CGI-based service, add the service
dispatcherinclude hello.nsmapint main()
return soap_serve(soap_new()) - Compile with gcc -o hello.cgi hello.c stdsoap2.c
soapC.c soapServer.c
22Implementing a Web Service with gSOAP (contd)
- Deploy hello.cgi as a service in Apache (e.g.
cgi-bin dir) and publish hello.wsdl on the Web
site - To test the service over stdin/stdout, modify
hello.sayHello.req.xml to include a name string
and run hello.cgi from the command line
./hello.cgi lt hello.sayHello.req.xml - To deploy as an iterative stand-alone service,
use the followinginclude hello.nsmapint
main() struct soap soap soap_new()
soap_bind(soap, NULL, 8080, 100) for ()
if (soap_accept(soap) lt 0) break
soap_serve(soap) soap_destroy(soap)
soap_end(soap) soap_print_fault(soap,
stderr) soap_done(soap) free(soap)
return 0
23Implementing a Concurrent Web Service with gSOAP
- include hello.nsmapint main() pthread_t
tid struct soap soap soap_new()
soap_bind(soap, NULL, 8080, 100) for ()
if (soap_accept(soap) lt 0) break
pthread_create(tid,NULL,(void()(void))serve,(v
oid)soap_copy(soap)) soap_print_fault(soap
, stderr) soap_done(soap) free(soap)
return 0void serve(void soap)
pthread_detach(pthread_self())
soap_serve((struct soap)soap)
soap_destroy((struct soap)soap)
soap_end((struct soap)soap) soap_done((struct
soap)soap) free(soap) return NULLint
ns__sayHello(struct soap soap, char firstName,
char greeting)
24Implementing a Client with gSOAP
- Since we already have a gSOAP header file with
the service definitions, we can also create a
client from it soapcpp2 -C -c -e hello.h - The client uses the stub call defined in
soapClient.cinclude hello.nsmapint main()
struct soap soap soap_new() char s if
(soap_call_ns__sayHello(soap, NULL, NULL,
Robert, s)) soap_print_fault(soap,
stderr) else printf(The response is
s\n, s) soap_destroy(soap)
soap_end(soap) soap_done(soap) free(soap)
return 0 - Compile with gcc -o client client.c stdsoap2.c
soapC.c soapClient.c
25Implementing a Service with ASP.NET in VB
- lt_at_ WebService Language"VB" Class"TempConvert"
gtImports SystemImports System.Web.ServicesPu
blic Class TempConvert Inherits
WebServiceltWebMethod()gt Public Function
FahrenheitToCelsius(ByVal Fahrenheit As Int16)
As Int16 Dim celsius As Int16
celsius ((((Fahrenheit) - 32) / 9) 5)
Return celsiusEnd FunctionltWebMethod()gt
Public Function CelsiusToFahrenheit(ByVal
Celsius As Int16) As Int16 Dim fahrenheit
As Int16 fahrenheit ((((Celsius) 9) /
5) 32) Return fahrenheitEnd
FunctionEnd Class
26Implementing a Client with SOAPLite for Perl
- Example in Perl using the SOAPLite
packageuse SOAPLite print "Connecting to
Hello Service...\n"print SOAPLite -gt
service('http//www.cs.fsu.edu/engelen/hello.wsdl
') -gt sayHello ('World') - The program generates the following
outputConnecting to Hello Service...Hello
World!
27SOAP Fault messages
- The gSOAP service may return a SOAP Fault
return soap_sender_fault(soap, description,
detail) - If the problem is at the receiving side
(SOAP-ENVServer) use return
soap_receiver_fault(soap, description, detail) - Example SOAP Fault messageHTTP/1.1 500 Internal
Server ErrorServer gSOAP/2.7Content-Type
text/xml charsetutf-8Content-Length
520Connection closelt?xml version"1.0"
encoding"UTF-8"?gtltSOAP-ENVEnvelope
xmlnsSOAP-ENV"http//schemas.xmlsoap.org/soap/en
velope/ xmlnsSOAP-ENC"http//schemas.xmlsoap.
org/soap/encoding/ xmlnsxsi"http//www.w3.org
/2001/XMLSchema-instance xmlnsxsd"http//www.
w3.org/2001/XMLSchema xmlnsns"urnhello"gt
ltSOAP-ENVBody SOAP-ENVencodingStyle"http//sche
mas.xmlsoap.org/soap/encoding/"gt
ltSOAP-ENVFaultgt ltfaultcodegtSOAP-ENVClientlt/
faultcodegt ltfaultstringgtNo
name!lt/faultstringgt lt/SOAP-ENVFaultgt
lt/SOAP-ENVBodygtlt/SOAP-ENVEnvelopegt
28SOAP 1.1 Faults
- The SOAP Fault element has the following sub
elements - ltfaultcodegt A code for identifying the fault
- ltfaultstringgt A human readable explanation of the
fault - ltfaultactorgt Information about who caused the
fault to happen (opt) - ltdetailgt Holds application specific error
information - The faultcode values defined below must be used
in the faultcode element when describing faults - VersionMismatch Invalid namespace for the SOAP
Envelope element - MustUnderstand An immediate child element of the
Header element, with the mustUnderstand attribute
set to "1", was not understood - Client Message was incorrectly formed or
contained incorrect info - Server There was a problem with the server and
processing could not proceed - Note SOAP 1.2 differs slightly (mostly element
naming)
29WSDL and SOAP Faults
- Faults in portType operations specify which
faults may be returnedltmessage
name"AuthenticationFault"gt ltpart
name"AuthenticationFault elementfAuthenticati
onFault"/gtlt/messagegtltportType namemyPortgt
ltoperation namegetStatusgt ltinput
messagetnsgetStatusRequest/gt ltoutput
messagetnsgetStatusResponse/gt ltfault
namefault messagetnsAthenticiationFault/gt
lt/operationgtlt/portTypegtltbinding
namemyBinding typemyPortgt ltoperation
name"getStatus"gt ltwsdlinputgt
ltsoapbody use"literal"/gt lt/wsdlinputgt
ltwsdloutputgt ltsoapbody use"literal"/gt
lt/wsdloutputgt ltwsdlfault
name"AuthenticationFault"gt ltsoapfault
name"AuthenticationFault" use"literal"/gt
lt/wsdlfaultgt lt/operationgtlt/bindinggt
30SOAP Headers
- The optional SOAP Header element contains SOAP
processing information in one or more
subelements, such as addressing and
authentication, for exampleltSOAP-ENVEnvelope
gt ltSOAP-ENVHeadergt ltwsseSecurity
SOAP-ENVmustUnderstand"1"gt
ltwsseUsernameToken wsuId"User"gt
ltwsseUsernamegtengelenlt/wsseUsernamegt
ltwssePassword Type"http//docs.oasis-open.org/ws
s/2004/01/oasis-200401-wss-username-token-profile-
1.0PasswordDigest"gt/u5faawcfIeve1yHCsdXAWyIlbUlt/
wssePasswordgt ltwsseNoncegtNDU0MGE5YjljYT
UzYzAzZjA2MTclt/wsseNoncegt
ltwsuCreatedgt2006-10-26T122737Zlt/wsuCreatedgt
lt/wsseUsernameTokengt lt/wsseSecuritygt
lt/SOAP-ENVHeadergt ltSOAP-ENVBodygt
lt/SOAP-ENVBodygtlt/SOAP-ENVEnvelopegt
31SOAP Headers (contd)
- The optional actor attribute may be used to
address the Header element to a particular
endpointltSOAP-ENVHeadergt ltmTransaction
SOAP-ENVactorendpoint URL
SOAP-ENVmustUnderstand1gt
lt/mTransactiongt ltwsseSecuritygtlt/wsseSecurity
gtlt/SOAP-ENVHeadergt - This allows the header information to be targeted
at any intermediate SOAP processors for which
this information is intended - The SOAP mustUnderstand attribute is used to
indicate whether a header entry is mandatory or
optional for the recipient to process
32SOAP Headers (contd)
- The SOAP Header is a struct in gSOAP, defined in
the header fileimport wsse.h // get WSSE
Security elementsstruct SOAP_ENV__Header
mustUnderstand _m__Transaction m__Transaction
mustUnderstand _wsse__Security wsse__Security
and accessible in the soap context, for
examplesoap.header.m__Transaction new
_m__Transaction()
33SOAP RPC Encoding
- SOAP RPC encoding defines rules on representing
primitive types, xssimpleTypes (e.g.
enumerations), array, and records (structs) as
xscomplexTypes in XML - Closer to the notion of programming language
types - Full XML schema support is not possible
- XML attributes not supported
- No element repetitions with maxOccursunbounded
- Only xssequence and xsall, no xschoice
34SOAP RPC Encoding (contd)
- Primitive types
- Built-in XSD types, such as xsstring (see Schema
specification) - Schema xssimpleTypes for elements, such as
enumerationsltxssimpleType nameswitch"gt
ltxsrestriction base"xsdtoken"gt
ltxsenumeration valueon"/gt
ltxsenumeration valueoff"/gt
lt/xsrestrictiongtlt/xssimpleTypegt - Base64 (xsbase64Binary) and hex (xshexBinary)
types
35SOAP RPC Encoding (contd)
- Arrays are SOAP encoded arrays
ltxscomplexType name"ArrayOfstring"gt
ltxscomplexContentgt ltxsrestriction
base"SOAP-ENCArray"gt ltxssequencegt
ltxselement name"item" type"xsdstring
minOccurs"0"
maxOccurs"unbounded/gt lt/xssequencegt
ltxsattribute ref"SOAP-ENCarrayType
wsdlarrayType"xsdstring"/gt
lt/xsrestrictiongt lt/xscomplexContentgt
lt/xscomplexTypegt - Arrays are encoded in SOAP messages
followsltinputStringArray SOAP-ENCarrayType"xs
dstring2"gt ltitem xsitypexsdstringgthellolt
/itemgt ltitem xsitypexsdstringgtworld!lt/itemgt
lt/inputStringArraygt
36SOAP RPC Encoding (contd)
- Struct are just xscomplexTypes with xssequence
(or xsall) ltxscomplexType
namelightSwitch"gt ltxssequencegt
ltxselement namelight typetnsswitch/gt
ltxselement namelevel typexsint/gt
ltxselement nameimage typexsbase64Binary/gt
lt/xssequencegt lt/xscomplexTypegt
37RPC versus Doc/lit in WSDL
- Document/literal SOAP messages dont include
encodingStyle and XML types for request/responses
are not constraint by the SOAP RPC encoding rules - Document style and literal use are declared in
the bindingsltbinding type"glossaryTerms"
name"b1"gtltsoapbinding style"document
transport"http//schemas.xmlsoap.org/soap/http"/gt
ltoperationgt ltsoapoperation
soapAction"http//example.com/getTerm"/gt
ltinputgt ltsoapbody use"literal"/gt
lt/inputgt ltoutputgt ltsoapbody
use"literal"/gt lt/outputgt
lt/operationgtlt/bindinggt
38RPC versus Doc/lit in WSDL (contd)
- The parts in messages now refer to elements,
which will be the request/response elements in
the SOAP Bodyltdefinitions xmlnsmurnexample
stempservice gt ltmessage name"getTermRequest
"gt ltpart name"term" elementmgetTemp"/gt
lt/messagegt ltmessage name"getTermResponse"gt
ltpart name"value" elementmgetTempResult"/gt
lt/messagegt ltportType name"glossaryTerms"gt
ltoperation name"getTerm"gt ltinput
message"getTermRequest"/gt ltoutput
message"getTermResponse"/gt lt/operationgt
lt/portTypegt
39RPC versus Doc/lit in WSDL (contd)
- The parts in messages refer to elements that
define the request and response elements in the
SOAP Body of a messagelttypesgt ltxsschema
xmlnsxshttp//www.w3.org/2001/XMLSchema
targetNamespaceurnexamplestempservice
elementFormDefaultqualified
attributeFormDefaultunqualifiedgt
ltxselement namegetTempgt
ltxscomplexTypegt ltxssequencegt
ltxselement namezipCode typexsstring/gt
lt/xssequencegt lt/xscomplexTypegt
lt/xselementgt ltxselement namegetTempResult
gt ltxscomplexTypegt ltxssequencegt
ltxselement nametemp typexsfloat/gt
lt/xssequencegt lt/xscomplexTypegt
lt/xselementgt lt/xsschemagt lt/typesgt
40SOAP Request Message in Doc/Lit Style
- Note the absence of SOAP-ENCencodingStyle and
xsitype in the messagelt?xml version'1.0'
encoding'UTF-8'?gtltsoapEnvelope
xmlnsxsi'http//www.w3.org/2001/XMLSchema-instan
ce xmlnsxsd'http//www.w3.org/2001/XMLSchema
xmlnssoap'http//schemas.xmlsoap.org/soap/e
nvelope/'gt ltsoapBodygt ltngetTemp
xmlnsn'urnexamplestempservice'gt
ltnzipCodegt32306lt/nzipCodegt lt/ngetTempgt
lt/soapBodygtlt/soapEnvelopegt
41SOAP Multi-ref Encoding
- SOAP operation (request/response)
- The XSD type system to represent values of
primitive types in XML, such as bool, integer,
float, string, base64 - A SOAP array type to encode sparse and partial
arrays - Id-href XML attributes to implement graph edges
to encode multi-ref objects
ltenvEnvelopegt ltenvBody envencodingStylegt
ltnsmyRemoteOpgt ltarg1 xsitypexsdintgt123lt/
arg1gt ltarg2 encarrayTypexsdstring5gt
ltitemgtabclt/itemgt ltitem href_1/gt ltitem
href_1/gt ltitem href_2/gt ltitem
encposition5gtxyzlt/itemgt lt/arg2gt
lt/nsmyRemoteOpgt ltmref id_1gtabclt/mrefgt
ltmref id_2gtdeflt/mrefgt lt/envBodygtlt/envEnvelo
pegt
42Static Structure Analysis forSOAP RPC Encoding
Structure
XML Schema ltcomplexType nameXgt ltsequencegt ltelement namey typetnsY/gt ltelement namez typetnsZ/gt lt/sequencegt lt/complexTypegt ltcomplexType nameXgt ltsequencegtlt/sequencegtlt/complexTypegtltcomplexType nameYgt ltsequencegtlt/sequencegtlt/complexType ltcomplexType nameXgt ltsequencegtlt/sequencegtlt/complexType
Example XML Instance ltxgt ltygtlt/ygt ltzgtlt/zgt lt/xgt ltxgt lty href123/gt lty href123/gt lt/xgtltmref id123gtlt/mrefgt ltxgt ltx href456/gt ltx href456/gt lt/xgtltmref id456gtlt/mrefgt
43gSOAP Constructs a Plausible Object Model for
Serialization
typedef int SSNstruct Node int val int
ptr float num struct Node next
val
ptr
num
next
Node
SSN
Data model graph(arcs denote all
possiblepointer references)
Source code typedefinitions
44Generating an XML Schema Definition for
Serialized XML
ltsimpleType nameSSNgt ltrestriction
baseint/gtlt/simpleTypegtltcomplexType
nameNodegt ltsequencegt ltelement
nameval typeint/gt ltelement
nameptr typeint
minOccurs0/gt ltelement namenum
typefloat/gt ltelement namenext
typetnsNode
minOccurs0/gt lt/sequencegtlt/complexTypegt
val
ptr
num
next
Node
SSN
Data model graph
45Generating Code for Runtime Points-To Analysis
serialize_pointerToint(int p) if (p ! NULL)
// lookup and mark (p,TYPE_int) // as
target in ptr hash table serialize_Node(str
uct Node p) if (p ! NULL) // lookup and
mark (p,TYPE_Node) // as target in ptr hash
table mark_embedded(p-gtval,TYPE_int)
serialize_pointerToint(p-gtptr) // skip
p-gtnum serialize_pointerToNode(p-gtnext)
val
ptr
num
next
Node
SSN
Data model graph
46Generating Serialization Code
put_pointerToint(int p) if (p ! NULL) //
lookup (p,TYPE_int) // if embedded, then
output ref // if single, then output value
// if multi, then output value // with
id and mark embedded put_Node(struct
Node p) if (p ! NULL) // lookup
(p,TYPE_Node) // if embedded, then output
ref // if single, then output value //
if multi, then output value // with id
and mark embedded put_int(p-gtval)
put_pointerToint(p-gtptr) put_float(p-gtnum)
put_pointerToNode(p-gtnext)
val
ptr
num
next
Node
SSN
47Serialization Example
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
NodelocA
NodelocB
789
Ptr hash table after runtime points-to analysis
by thegenerated algorithm constructed from the
data model
SSNlocC
ID PtrLoc PtrType PtrSize PtrCount RefType
1 A Node 16 2 multi
2 B int 4 1 embedded
3 B Node 16 1 single
4 C int 4 1 single
48Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
SSNlocC
49Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt lt/Nodegt
SSNlocC
50Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt lt/Nodegt
SSNlocC
51Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt lt/Nodegt
SSNlocC
52Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt lt/Nodegt
SSNlocC
53Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt lt/nextgt
lt/Nodegt
SSNlocC
54Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt lt/nextgt lt/Nodegt
SSNlocC
55Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
lt/nextgtlt/Nodegt
SSNlocC
56Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt lt/nextgtlt/Nodegt
SSNlocC
57Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt ltnext ref_1/gt
lt/nextgtlt/Nodegt
SSNlocC
58Serialization Example (contd)
multi, id1
single
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
multi, id1
NodelocA
NodelocB
single
embedded, id2
789
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt ltnext ref_1/gt
lt/nextgtlt/Nodegt
SSNlocC
59Deserialization Example
ltNode id_1gt lt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val?
ptr?
num?
next?
id1
Node
60Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt lt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptr?
num?
next?
id1
Node
61Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt lt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptr?
num?
next?
id1
Node
ref2(unresolved)
62Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptr?
num1.4
next?
id1
Node
ref2(unresolved)
63Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt
lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptr?
num1.4
nextB
val?
ptr?
num?
next?
id1
Node
Node
ref2(unresolved)
64Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptr?
num?
next?
id1
id2
Node
Node
65Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptrC
num?
next?
id1
id2
Node
Node
789
66Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
next?
id1
id2
Node
Node
789
SSN
67Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt ltnext ref_1/gt
lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
id1
Node
Node
789
SSN
68Deserialization Example (contd)
ltNode id_1gt ltvalgt123lt/valgt ltptr
ref_2/gt ltnumgt1.4lt/numgt ltnextgt ltval
id_2gt456lt/valgt ltptrgt789lt/ptrgt
ltnumgt2.3lt/numgt ltnext ref_1/gt
lt/nextgtlt/Nodegt
Recursive descent parsingwith object
deserializationoperations as semantic actions
val123
ptrB
num1.4
nextB
val456
ptrC
num2.3
nextA
id1
Node
Node
789
SSN
69Converting a WSDL to Code with gSOAP
- The wsdl2h tool converts a (set of) WSDL files
and schemas to a header file - The header file is then processed by soapcpp2 as
before
70WS- Protocols and Plugins
71SOAP With MTOM Attachments
- Raw binary data can be transported in a SOAP
message as base64 - MTOM (Message Transmission Optimization
Mechanism) using MIME attachments to carry binary
data with a SOAP message - Supports embedding of type and other information
- Allows streaming (attachments produced on demand)
- Example HTTP header for SOAP with MTOMPOST /
HTTP/1.1Host www.example.comContent-Type
multipart/related boundarymimeboundary" ty
pe"application/xopxml" start"ltsoapmsggt" s
tart-info"application/soapxml charsetutf-8"
72SOAP With MTOM Attachments (contd)
- Example HTTP body with SOAP message and MTOM
attachment--mimeboundaryContent-Type
application/xopxmlcharsetutf-8typeapplication
/soapxmlContent-Transfer-Encoding
binaryContent-ID ltsoapmsggtltSOAP-ENVEnvelope
xmlnsSOAP-ENV xmlnsxop"http//www.w3.org/
2004/08/xop/include" xmlnsxmlmime"http//www.
w3.org/2004/11/xmlmime" ltSOAP-ENVBodygt
ltmPutImage xmlnsm"http//www.example.com/test.w
sdl"gt ltmdata xmlmimecontentTypeimage/jpe
g"gt ltxopInclude href"cidimage"/gt
lt/mdatagt lt/mPutImagegt lt/SOAP-ENVBodygtlt/S
OAP-ENVEnvelopegt--mimeboundaryContent-Type
image/jpegContent-Transfer-Encoding
binaryContent-ID ltimagegt image data
--mimeboundary--
73WS-Addressing
- WS-Addressing is a Web services protocol for
routing messages (request, response, and faults) - Supports message transmission through networks
with processing nodes such as endpoint managers,
firewalls, and gatewaysltSEnvelope
xmlnsS"http//www.w3.org/2003/05/soap-envelope"
xmlnswsa"http//schemas.xmlsoap.org/ws/
2004/08/addressing"gt ltSHeadergt
ltwsaMessageIDgt uuid6B29FC40-CA47-1067-B31D-
00DD010662DA lt/wsaMessageIDgt
ltwsaReplyTogt ltwsaAddressgthttp//business456
.example/client1lt/wsaAddressgt lt/wsaReplyTogt
ltwsaTogthttp//fabrikam123.example/Purchasinglt/w
saTogt ltwsaActiongthttp//fabrikam123.example/S
ubmitPOlt/wsaActiongt lt/SHeadergt ltSBodygt
... lt/SBodygtlt/SEnvelopegt
74WS-Addressing (contd)
- WS-Addressing header elements within the SOAP
Header - ltwsaMessageIDgt xsanyURI lt/wsaMessageIDgtdefines
a unique message ID, e.g. UUID (optional) - ltwsaRelatesTo RelationshipType"..."?gt xsanyURI
lt/wsaRelatesTogtconveys the message ID of the
related message, e.g. the request message ID when
this is a reply message (required for responses) - ltwsaTogt xsanyURI lt/wsaTogtthe destination
address (required) - ltwsaActiongt xsanyURI lt/wsaActiongtconveys the
SOAP action property (required) - ltwsaFromgt endpoint-reference lt/wsaFromgtthe
source endpoint information (optional) - ltwsaReplyTogt endpoint-reference
lt/wsaReplyTogtthe reply endpoint (required for
request with an expected reply) - ltwsaFaultTogt endpoint-reference lt/wsaFaultTogt
the fault endpoint (optional)
75WS-Security
- WS-Security provides message-level security
- HTTPS provides end-to-end transport-level
security - Authentication
- Username and (digest) password (with nonce,
timestamps) - Digital signatures
- XML DSig with DSA, HMAC,
- Can sign all or specific parts of the message
- Embedding of security tokens such as certificates
- Support for SAML
- Encryption
- XML Enc with RSA,
76Username Token
- The Username token security header in
wsseSecurity contains a username and password in
plain text or a digest passwordltSOAP-ENVEnvelo
pe xmlnsSOAP-ENV xmlnswsse
xmlnswsugt ltSOAP-ENVHeadergt
ltwsseSecurity SOAP-ENVmustUnderstand"1"gt
ltwsseUsernameToken wsuId"User"gt
ltwsseUsernamegtengelenlt/wsseUsernamegt
ltwssePassword Type"http//docs.oasis-open.org/ws
s/2004/01/oasis-200401-wss-username-token-profile-
1.0PasswordDigest"gt/u5faawcfIeve1yHCsdXAWyIlbUlt/
wssePasswordgt ltwsseNoncegtNDU0MGE5YjljYT
UzYzAzZjA2MTclt/wsseNoncegt
ltwsuCreatedgt2006-10-26T122737Zlt/wsuCreatedgt
lt/wsseUsernameTokengt lt/wsseSecuritygt
lt/SOAP-ENVHeadergt ltSOAP-ENVBodygt
lt/SOAP-ENVBodygtlt/SOAP-ENVEnvelopegt
77Security Timestamps
- A timestamp can be included to define the
lifetime of a message - The timestamp will only be tamper proof when
digitally signed, hence the wsuId which is
referenced by the signature infoltSOAP-ENVEnvelo
pe gt ltSOAP-ENVHeadergt ltwsseSecuritygt
ltwsuTimestamp wsuId"timestamp"gt
ltwsuCreatedgt2001-09-13T084200Zlt/wsuCreatedgt
ltwsuExpiresgt2001-10-13T090000Zlt/wsuExpir
esgt lt/wsuTimestampgt ...
lt/wsseSecuritygt ... lt/SOAP-ENVHeadergt
ltSOAP-ENVBodygt ... lt/SOAP-ENVBodygtlt/SOAP-EN
VEnvelopegt
78Signatures
- The wsseBinarySecurityToken contains the public
key - The dsSignature element contains signature info
with digest value for each signed message part
and the signature valueltwsseSecuritygt
ltwsseBinarySecurityToken wsuIdX509Token gt
public key lt/wsseBinarySecurityTokengt
ltdsSignaturegt ltdsSignedInfogt what is
signed reference URI to signed part with digest
of that XML message part how it is signed
digests algorithms and canonicalization of XML
lt/dsSignedInfogt ltdsSignatureValuegt
signature lt/dsSignatureValuegt
ltdsKeyInfogt ltwsseSecurityTokenReferencegt
ltwsseReference URI"X509Token"/gt
lt/wsseSecurityTokenReferencegt lt/dsKeyInfogt
lt/dsSignaturegtlt/wsseSecuritygt
79Signature Example
ltwsseSecuritygt ltwsseBinarySecurityToken gt
lt/wsseBinarySecurityTokengt ltdsSignaturegt
ltdsSignedInfogt ltdsCanonicalizationMethod
Algorithm"http//www.
w3.org/2001/10/xml-exc-c14n"/gt
ltdsSignatureMethod Algorithm"http//www.w3.org/2
000/09/xmldsigrsa-sha1"/gt ltdsReference
URI"myBody"gt ltdsTransformsgt
ltdsTransform Algorithm"http//www.w3.org/2001/10
/xml-exc-c14n"/gt lt/dsTransformsgt
ltdsDigestMethod Algorithm"http//www.w3.org/200
0/09/xmldsigsha1"/gt ltdsDigestValuegtEULdd
ytSo1...lt/dsDigestValuegt lt/dsReferencegt
lt/dsSignedInfogt ltdsSignatureValuegtBL8jdfTo
Eb1l/vXcMZNNjPOV...lt/dsSignatureValuegt
ltdsKeyInfogt ltwsseSecurityTokenReferencegt
ltwsseReference URI"X509Token"/gt
lt/wsseSecurityTokenReferencegt lt/dsKeyInfogt
lt/dsSignaturegtlt/wsseSecuritygt
80List of WS- Protocols
- Messaging
- SOAP
- SOAP with Attachments (SwA)
- SOAP with MTOM (Message Transmission Optimization
Mechanism) - XML-RPC a simpler XML RPC format (no WSDL or
schemas) - WS-Addressing routing, endpoints, and addressing
properties - Service description
- WSDL
- WS-MetadataExchange how an endpoint can request
the various types of metadata it may need to
effectively communicate with the service - WS-Policy describes the capabilities,
requirements, and general characteristics of a
service
81List of WS- Protocols
- Directory access and discovery
- UDDI (Universal Description, Discovery, and
Integration) v2/v3 - WS-Discovery a multicast discovery protocol to
locate services on a network - Managing services
- WS-Management for management of servers,
devices, applications - Transaction-based services
- WS-Transaction describes the coordination types
atomic transaction (TA) and business activity
(BA) - Publish/subscribe
- WS-Eventing
- WS-Notification
- Security and reliability
- HTTPS (transport-level)
- WS-Security (message-level)
- WS-ReliableMessaging
82Other Notable WS- Protocols
- Managing resources Web Services Resource
Framework (WSRF) - WS-ResourceProperties defines are resources
properties - WS-ResourceLifetime inspect and monitor the
lifetime of a resource - WS-ServiceGroup defines how resources are
grouped together for a domain specific purpose
(service classification and constraints) - WS-BaseFaults defines faults related to resource
management - Managing resources
- WS-Transfer operations for sending and receiving
the representation of a given resource and
operations for creating and deleting a resource - Best practices
- Provide additional information to improve
interoperability between vendor implementations - WS-I Basic profile (BP1.0a, BP1.1)
- WS-I Basic security profile
83Other Notable WS- Protocols
- Device Profile for Web Services (DPWS)
- Goals similar to universal plug and play (UPnP)
- Seamless integration and discovery of devices
over the Internet - Printing, scanning, etc. over Internet by
discovering these services - Uploading images from camera to PC over the
(wireless) Internet - Microsoft Vista natively integrates DPWS
- Builds on
- WS-Eventing (publish/subscribe)
- WS-Discovery
- WS-Addressing
- WS-Security
- WS-Policy
- WS-MetaExchange
84To be continued