<warning: long, "best practice" questions to follow>
Interesting to hear you say that, Anne. I've been on a multi-year quest to get automatic, fast validation out of a Web Services engine. Conceptually, it always seemed like the "right" approach (especially for Document-Literal). If you're having to parse XML anyway, and your XML parser can validate when it does so, why not do it, actually enforcing your restrictive WSDL/Schema at the layer that defines and understands it? At the time, Axis did not do this at all, but my Bugzilla feature request seemed to get agreement that this was a good goal: http://issues.apache.org/jira/browse/AXIS-222 Also at that time, I tried out Systinet Wasp, which did do auto-validation. Much later, I came across the DeveloperWorks article about combining Axis and Castor to get auto-validation: http://www-128.ibm.com/developerworks/webservices/library/ws-castor/ This approach was exactly what I was seeking, so we started using it. It's very simple, but it does seem slow. (I'm also not getting pure POJOs for my "schema" beans, which I'd really like, but Castor's aren't too bad. Haven't found an XML framework that generates clean POJOs from a schema and don't want to write mapping files if I can help it.) Along the way, we asked everyone we could whether or not auto-validation was a good approach, and we got responses all across the spectrum. Clearly some people expect and want it, but others don't. Some engines can do it, but others can't. If the only reason not to do it is performance, will the newer parsers or something like JiBX make a significant difference? What if you have access to an XML appliance? Would more people do it in that case? I suppose an engine that let you enable and disable it at will would be nice. I'm not exactly sure where I stand at this point, but I'm not quite willing to give up on the "dream". That is, the dream of wholly specifying my interface via WSDL/Schema, and having a WS engine completely wrap, translate, and validate requests/responses/exceptions, hiding from my business code the fact that it's even being accessed as a Web Service, but ensuring that anything that comes through the Web Service interface doesn't violate the Web Service's specification. I've started accepting the value of having my business code do business validations as well (namely in cases where I want to use it from other interfaces), but it just seems too natural, logically, for the XML parsing layer to do it. Otherwise, you're throwing away much of the information you've carefully specified (in a handwritten, authoritative, contract WSDL, at least). I'd be happy to take this discussion somewhere else, since it's really not specific to Axis, if you'd like and if you have time to participate in it. Thanks. Doug On 7/7/06, Anne Thomas Manes <[EMAIL PROTECTED]> wrote:
Axis makes no attempt to validate messages. (It's very expensive process that would significantly degrade performance). A databinding system will catch many validation issues, but it also does not do true validation. If you pass in elements that it doesn't expect, it will reject the request. But as long as the message matches what the databinding system can deal with, it will pass. If you want to validate the message, then use a handler or intermediary to do so. Anne --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
