Deepal jayasinghe wrote:
When I deploy a very simple POJO service it generates following as
the service section in WSDL. As I know this is not nice and we
need to fix this as soon as possible.
Why is it not nice? This gives us the ability to apply binding
level security correctly which is not possible with the endpoint
addresses we used to have.
As I replied earlier , you can figure out the SOAP version from the
SOAP message , so you do not need to send the SOAP version in the
end point address.
Why do you say it is redundant code? Previously we had
http://localhost:8080/axis2/services/foo as the SOAP 1.1 and SOAP 1.2
binding endpoints. Now say that client picks the SOAP 1.1 binding
endpoint and accidentally sends SOAP 1.2 request.
IMO which is wrong. If he picks 1.1 then should send a 1.1 request.
That is exactly my point. If he picks SOAP 1.1 then you *should* send a
SOAP 1.1 request. If he sends a SOAP 1.2 request we *should* throw an
exception saying incorrect SOAP version. Earlier we were *not* doing
that because we had the *same* endpoint address for both bindings.
However now we can do that because by looking at the endpoint we can
decide the exact binding which the client has picked.
Here the right thing would be to throw an exception saying incorrect
SOAP version where as Axis2 server won't complain which IMO is a bug.
Now if you use
http://localhost:8080/axis2/services/foo.SOAP11Endpoint as the SOAP
1.1. binding endpoint we can do a prior evaluation of the request and
throw an exception if we receive a SOAP 1.2 request which IMO is the
correct behavior.
Only problem I have is having the SOAP11Endpoint name in the address ,
Please explain why do you have a problem with [service].[port] format ?
I do not mind sending that as some where else.
Where would you suggest that we should have the port name s.t. we can
decide the intended port (or the binding) of the request and do throw an
exception if the client has sent a SOAP 1.2 request by error where he
would have actually intended the SOAP 1.1 endpoint ?
I know that the structure of endpoint address is important that it is
something that we should not be mess around. That is the exact reason
why I posted[1] it to developer mailing list. However I think we
should be flexible enough to change what we agreed on if there are
valid reasons to do so and if we don't lose anything by doing it.
One reason for using [service].[port] would be that it allows the
server to do prior evaluations of SOAP requests hence make it less
error-prone (As I mention in my earlier)
Another reason would be that [service].[port] format makes lot of
sense if we want to support multiple policy alternatives scenario at
the Axis2 server-side. Lets say a service requires strong
authentication, but gives the client multiple options of SSL mutual
authentication, username with a signature, SAML with a signature or
Kerberos. It does it via a policy in the services.xml which contains
an alternative for each scenario.
Now one option would be to do some processing of the request to
figure out the option the client has chosen and then do a complete
evaluation against that policy alternative. But it can be very
expensive depending of the complexity of each policy alternative and
of cause the number of policy alternatives which service exposes.
Further there is a possibility that some policy alternatives are
indeterminate by only looking at the request.
The other option would be to generate multiple endpoints s.t. each
endpoint would correspond to exactly one policy alternative during
the deployment time.
e.g.
<wsdl:service name="Version">
....
<wsdl:port name="VersionHttpSoap11EndpointWithSSL"
binding="ns:VersionSoap11Binding">
<soap:address
location="http://localhost:8080/axis2/services/Version.VersionHttpSoap11EndpointWithSSL"/>
</wsdl:port>
<wsdl:port
name="VersionHttpSoap11EndpointWithUsernameAndSignature"
binding="ns:VersionSoap11Binding">
<soap:address
location="http://localhost:8080/axis2/services/Version.VersionHttpSoap11EndpointWithUsernameAndSignature"/>
</wsdl:port>
<wsdl:port name="VersionHttpSoap11EndpointWithSAMLAndSignature"
binding="ns:VersionSoap11Binding">
<soap:address
location="http://localhost:8080/axis2/services/Version.VersionHttpSoap11EndpointSAMLAndSignature"/>
</wsdl:port>
<wsdl:port name="VersionHttpSoap11EndpointWithKerberos"
binding="ns:VersionSoap11Binding">
<soap:address
location="http://localhost:8080/axis2/services/Version.VersionHttpSoap11EndpointWithSSLWithKerberos"/>
</wsdl:port>
.....
</wsdl:service>
That way we can straight way say the option client as picked and
evaluate the quest based on the target policy alternative with IMO is
a better way of supporting multiple policy alternatives at the
server-side. We need to use [service].[port] format if we are to
implement the support for multiple policy alternatives feature.
Thank you so much for such a descriptive mail. I will think though and
send a reply soon..
-Deepal
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Sanka Samaranayake
WSO2 Inc.
http://sankas.blogspot.com/
http://www.wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]