You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by John Baker <jo...@camelotgroup.co.uk> on 2012/10/30 17:33:39 UTC
Schema validation of SOAP headers
Hello,
I note this topic has been discussed before and I have discovered a JIRA issue (https://issues.apache.org/jira/browse/CXF-4334). However, after upgrading to CXF 2.6.3, I note the SOAP headers are not being fully validated.
Consider this schema extract:
<xs:simpleType name="MessageTypeIDType">
<xs:restriction base="xs:string">
<xs:minLength value="1" />
<xs:pattern value="[0-9a-zA-Z]+" />
</xs:restriction>
</xs:simpleType>
<xs:complexType name="RequestHeaderType">
<xs:sequence>
<xs:element name="MessageTypeID" type="infra:MessageTypeIDType">
<xs:annotation>
<xs:documentation> docs </xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
And this extract from the WSDL:
<wsdl:message name="DIRequestMessage">
<wsdl:part name="requestHeader" element="RequestHeaderType " />
...
</wsdl:message>
<wsdl:portType name="DIPortType_v1_0">
<wsdl:operation name="di">
<wsdl:input message="tns:DIRequestMessage" />
...
<wsdl:fault name="fault" message="tns:Fault" />
</wsdl:operation>
</wsdl:portType>
(I've had to copy, paste and remove some context but I hope it demonstrates what we've implemented.)
And finally, this jaxws:endpoint:
<jaxws:endpoint
implementor="com.x.MyServiceImpl"
address="..">
<jaxws:features>
<bean class="org.apache.cxf.feature.LoggingFeature"/>
</jaxws:features>
<jaxws:properties>
<entry key="schema-validation-enabled" value="true" />
</jaxws:properties>
</jaxws:endpoint>
When I connect to it via SOAP UI, I note CXF correctly validates the existence of the MessageTypeID element but not the value to ensure it meets the restriction.
Any input most welcome.
Thanks
John
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
RE: Schema validation of SOAP headers
Posted by John Baker <jo...@camelotgroup.co.uk>.
Of course, that makes perfect sense. Thanks!
Is that clearly documented somewhere? Perhaps it can go in the FAQs if not. I had trouble finding a solution when Googling, but perhaps I just missed it.
-----Original Message-----
From: Daniel Kulp [mailto:dkulp@apache.org]
Sent: 01 November 2012 16:41
To: users@cxf.apache.org; John Baker
Subject: Re: Schema validation of SOAP headers
This is a problem with the test case. It's not using the wsdl for the service and thus is generating a new schema at runtime based on the annotations. JAXB doesn't have any annotations for the various facet restrictions and such so that information is lost.
If you update the @WebService annotation to:
@WebService(serviceName = "Hello_Service", targetNamespace = "http://www.examples.com/wsdl/HelloService.wsdl")
and then update the ws-context.xml to add:
wsdlLocation="classpath:hello.wsdl"
to the jaxws:endpoint, then your test passes. The fault is raised.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
RE: Schema validation of SOAP headers
Posted by John Baker <jo...@camelotgroup.co.uk>.
So the answer appears to be /META-INF/jax-ws-catalog.xml
-----Original Message-----
From: John Baker [mailto:john.baker@camelotgroup.co.uk]
Sent: 02 November 2012 09:17
To: users@cxf.apache.org
Subject: RE: Schema validation of SOAP headers
Hello
If a schema catalog is required, where is it specified and is there an example somewhere?
John
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
RE: Schema validation of SOAP headers
Posted by John Baker <jo...@camelotgroup.co.uk>.
Hello
If a schema catalog is required, where is it specified and is there an example somewhere?
John
-----Original Message-----
From: Daniel Kulp [mailto:dkulp@apache.org]
Sent: 01 November 2012 16:41
To: users@cxf.apache.org; John Baker
Subject: Re: Schema validation of SOAP headers
This is a problem with the test case. It's not using the wsdl for the service and thus is generating a new schema at runtime based on the annotations. JAXB doesn't have any annotations for the various facet restrictions and such so that information is lost.
If you update the @WebService annotation to:
@WebService(serviceName = "Hello_Service", targetNamespace = "http://www.examples.com/wsdl/HelloService.wsdl")
and then update the ws-context.xml to add:
wsdlLocation="classpath:hello.wsdl"
to the jaxws:endpoint, then your test passes. The fault is raised.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
Re: Schema validation of SOAP headers
Posted by Daniel Kulp <dk...@apache.org>.
On Nov 1, 2012, at 5:29 AM, jbaker.c <jo...@camelotgroup.co.uk> wrote:
> I attach a test case that I modified from a previous JIRA
> (https://issues.apache.org/jira/browse/CXF-4334). It sets two values that do
> not meet the restriction set out in the schema yet the request is not
> rejected, ie no SOAP Fault is generated. If the values are null, an
> exception is thrown as expected (because the element is missing as per the
> schema).
>
> cxf-header-validation-testcase.zip
> <http://cxf.547215.n5.nabble.com/file/n5717681/cxf-header-validation-testcase.zip>
>
This is a problem with the test case. It's not using the wsdl for the service and thus is generating a new schema at runtime based on the annotations. JAXB doesn't have any annotations for the various facet restrictions and such so that information is lost.
If you update the @WebService annotation to:
@WebService(serviceName = "Hello_Service", targetNamespace = "http://www.examples.com/wsdl/HelloService.wsdl")
and then update the ws-context.xml to add:
wsdlLocation="classpath:hello.wsdl"
to the jaxws:endpoint, then your test passes. The fault is raised.
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
Re: Schema validation of SOAP headers
Posted by "jbaker.c" <jo...@camelotgroup.co.uk>.
Hello,
I attach a test case that I modified from a previous JIRA
(https://issues.apache.org/jira/browse/CXF-4334). It sets two values that do
not meet the restriction set out in the schema yet the request is not
rejected, ie no SOAP Fault is generated. If the values are null, an
exception is thrown as expected (because the element is missing as per the
schema).
cxf-header-validation-testcase.zip
<http://cxf.547215.n5.nabble.com/file/n5717681/cxf-header-validation-testcase.zip>
John
--
View this message in context: http://cxf.547215.n5.nabble.com/Schema-validation-of-SOAP-headers-tp5717583p5717681.html
Sent from the cxf-user mailing list archive at Nabble.com.
RE: Schema validation of SOAP headers
Posted by Andrei Shakirin <as...@talend.com>.
You can either attach the test case with nabble[1] (the mailing list generally will filter out all attachment) or create issue in CXF Jira and attach it there.
[1]http://cxf.547215.n5.nabble.com/Schema-validation-of-SOAP-headers-tt5717583.html
Andrei.
-----Original Message-----
From: John Baker [mailto:john.baker@camelotgroup.co.uk]
Sent: Mittwoch, 31. Oktober 2012 15:54
To: users@cxf.apache.org
Subject: RE: Schema validation of SOAP headers
I've nearly finished a test case; how do I go about submitting it.
We're generating source from a WSDL, creating an implementation via a Spring endpoint and working with stub classes and a jaxws:client in a test.
-----Original Message-----
From: Daniel Kulp [mailto:dkulp@apache.org]
Sent: 31 October 2012 14:50
To: users@cxf.apache.org
Subject: Re: Schema validation of SOAP headers
On Oct 31, 2012, at 5:58 AM, John Baker <jo...@camelotgroup.co.uk> wrote:
> I've put a debugger on SoapHeaderInterceptor and I can see:
>
> schema.newValidator().validate(ds);
>
> being called. I'm beginning to think the problem lies in the Xerces schema validator?
I believe the validation of the headers only occurs for headers that are explicitly declared as headers in the wsdl and are mapped to parameters on the method. Is that the case for your header?
Dan
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
RE: Schema validation of SOAP headers
Posted by John Baker <jo...@camelotgroup.co.uk>.
I've nearly finished a test case; how do I go about submitting it.
We're generating source from a WSDL, creating an implementation via a Spring endpoint and working with stub classes and a jaxws:client in a test.
-----Original Message-----
From: Daniel Kulp [mailto:dkulp@apache.org]
Sent: 31 October 2012 14:50
To: users@cxf.apache.org
Subject: Re: Schema validation of SOAP headers
On Oct 31, 2012, at 5:58 AM, John Baker <jo...@camelotgroup.co.uk> wrote:
> I've put a debugger on SoapHeaderInterceptor and I can see:
>
> schema.newValidator().validate(ds);
>
> being called. I'm beginning to think the problem lies in the Xerces schema validator?
I believe the validation of the headers only occurs for headers that are explicitly declared as headers in the wsdl and are mapped to parameters on the method. Is that the case for your header?
Dan
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
Re: Schema validation of SOAP headers
Posted by Daniel Kulp <dk...@apache.org>.
On Oct 31, 2012, at 5:58 AM, John Baker <jo...@camelotgroup.co.uk> wrote:
> I've put a debugger on SoapHeaderInterceptor and I can see:
>
> schema.newValidator().validate(ds);
>
> being called. I'm beginning to think the problem lies in the Xerces schema validator?
I believe the validation of the headers only occurs for headers that are explicitly declared as headers in the wsdl and are mapped to parameters on the method. Is that the case for your header?
Dan
> -----Original Message-----
> From: John Baker [mailto:john.baker@camelotgroup.co.uk]
> Sent: 30 October 2012 16:34
> To: users@cxf.apache.org
> Subject: Schema validation of SOAP headers
>
> Hello,
>
> I note this topic has been discussed before and I have discovered a JIRA issue (https://issues.apache.org/jira/browse/CXF-4334). However, after upgrading to CXF 2.6.3, I note the SOAP headers are not being fully validated.
>
> Consider this schema extract:
>
> <xs:simpleType name="MessageTypeIDType">
> <xs:restriction base="xs:string">
> <xs:minLength value="1" />
> <xs:pattern value="[0-9a-zA-Z]+" />
> </xs:restriction>
> </xs:simpleType>
>
> <xs:complexType name="RequestHeaderType">
> <xs:sequence>
> <xs:element name="MessageTypeID" type="infra:MessageTypeIDType">
> <xs:annotation>
> <xs:documentation> docs </xs:documentation>
> </xs:annotation>
> </xs:element>
> </xs:sequence>
> </xs:complexType>
>
> And this extract from the WSDL:
>
> <wsdl:message name="DIRequestMessage">
> <wsdl:part name="requestHeader" element="RequestHeaderType " />
> ...
> </wsdl:message>
> <wsdl:portType name="DIPortType_v1_0">
> <wsdl:operation name="di">
> <wsdl:input message="tns:DIRequestMessage" />
> ...
> <wsdl:fault name="fault" message="tns:Fault" />
> </wsdl:operation>
> </wsdl:portType>
>
> (I've had to copy, paste and remove some context but I hope it demonstrates what we've implemented.)
>
> And finally, this jaxws:endpoint:
>
> <jaxws:endpoint
> implementor="com.x.MyServiceImpl"
> address="..">
> <jaxws:features>
> <bean class="org.apache.cxf.feature.LoggingFeature"/>
> </jaxws:features>
> <jaxws:properties>
> <entry key="schema-validation-enabled" value="true" /> </jaxws:properties> </jaxws:endpoint>
>
> When I connect to it via SOAP UI, I note CXF correctly validates the existence of the MessageTypeID element but not the value to ensure it meets the restriction.
>
> Any input most welcome.
>
> Thanks
>
>
> John
>
>
>
> <FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
--
Daniel Kulp
dkulp@apache.org - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
Schema validation of SOAP headers
Posted by John Baker <jo...@camelotgroup.co.uk>.
Hello,
I've just altered the test to move the problem into the SOAP body:
<xs:simpleType name="TestType">
<xs:restriction base="xs:string">
<xs:minLength value="2" />
<xs:pattern value="[0-9a-zA-Z]+" />
</xs:restriction>
</xs:simpleType>
<xs:complexType name="RequestBodyType">
<xs:sequence>
<xs:element name="Test" type="tns:TestType" />
...
If I set the value of Test to null on the stub, I see the relevant exception, but I don't think it's coming from the same place:
Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content was found starting with element 'ns2:XX. One of '{"xxx":Test}' is expected.
at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
at org.apache.xerces.util.ErrorHandlerWrapper.error(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.xs.XMLSchemaValidator.reportSchemaError(Unknown Source)
at org.apache.xerces.impl.xs.XMLSchemaValidator.handleStartElement(Unknown Source)
at org.apache.xerces.impl.xs.XMLSchemaValidator.startElement(Unknown Source)
at org.apache.xerces.jaxp.validation.ValidatorHandlerImpl.startElement(Unknown Source)
Yet , if I set "" on the value for Test, no exception is thrown. I'll do some more investigation before embarking on a test case.
John
-----Original Message-----
From: Andrei Shakirin [mailto:ashakirin@talend.com]
Sent: 31 October 2012 10:27
To: users@cxf.apache.org
Cc: John Baker
Subject: RE: Schema validation of SOAP headers
Xerces definitely validates such patterns.
From the first view I do not see any problems in your configuration.
Could you distil the use in a small test case (including WSDL, configuration, code)?
Cheers,
Andrei.
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
RE: Schema validation of SOAP headers
Posted by Andrei Shakirin <as...@talend.com>.
Xerces definitely validates such patterns.
>From the first view I do not see any problems in your configuration.
Could you distil the use in a small test case (including WSDL, configuration, code)?
Cheers,
Andrei.
-----Original Message-----
From: John Baker [mailto:john.baker@camelotgroup.co.uk]
Sent: Mittwoch, 31. Oktober 2012 10:59
To: users@cxf.apache.org
Subject: RE: Schema validation of SOAP headers
I've put a debugger on SoapHeaderInterceptor and I can see:
schema.newValidator().validate(ds);
being called. I'm beginning to think the problem lies in the Xerces schema validator?
-----Original Message-----
From: John Baker [mailto:john.baker@camelotgroup.co.uk]
Sent: 30 October 2012 16:34
To: users@cxf.apache.org
Subject: Schema validation of SOAP headers
Hello,
I note this topic has been discussed before and I have discovered a JIRA issue (https://issues.apache.org/jira/browse/CXF-4334). However, after upgrading to CXF 2.6.3, I note the SOAP headers are not being fully validated.
Consider this schema extract:
<xs:simpleType name="MessageTypeIDType">
<xs:restriction base="xs:string">
<xs:minLength value="1" />
<xs:pattern value="[0-9a-zA-Z]+" />
</xs:restriction>
</xs:simpleType>
<xs:complexType name="RequestHeaderType">
<xs:sequence>
<xs:element name="MessageTypeID" type="infra:MessageTypeIDType">
<xs:annotation>
<xs:documentation> docs </xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
And this extract from the WSDL:
<wsdl:message name="DIRequestMessage">
<wsdl:part name="requestHeader" element="RequestHeaderType " />
...
</wsdl:message>
<wsdl:portType name="DIPortType_v1_0">
<wsdl:operation name="di">
<wsdl:input message="tns:DIRequestMessage" />
...
<wsdl:fault name="fault" message="tns:Fault" />
</wsdl:operation>
</wsdl:portType>
(I've had to copy, paste and remove some context but I hope it demonstrates what we've implemented.)
And finally, this jaxws:endpoint:
<jaxws:endpoint
implementor="com.x.MyServiceImpl"
address="..">
<jaxws:features>
<bean class="org.apache.cxf.feature.LoggingFeature"/>
</jaxws:features>
<jaxws:properties>
<entry key="schema-validation-enabled" value="true" /> </jaxws:properties> </jaxws:endpoint>
When I connect to it via SOAP UI, I note CXF correctly validates the existence of the MessageTypeID element but not the value to ensure it meets the restriction.
Any input most welcome.
Thanks
John
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>
RE: Schema validation of SOAP headers
Posted by John Baker <jo...@camelotgroup.co.uk>.
I've put a debugger on SoapHeaderInterceptor and I can see:
schema.newValidator().validate(ds);
being called. I'm beginning to think the problem lies in the Xerces schema validator?
-----Original Message-----
From: John Baker [mailto:john.baker@camelotgroup.co.uk]
Sent: 30 October 2012 16:34
To: users@cxf.apache.org
Subject: Schema validation of SOAP headers
Hello,
I note this topic has been discussed before and I have discovered a JIRA issue (https://issues.apache.org/jira/browse/CXF-4334). However, after upgrading to CXF 2.6.3, I note the SOAP headers are not being fully validated.
Consider this schema extract:
<xs:simpleType name="MessageTypeIDType">
<xs:restriction base="xs:string">
<xs:minLength value="1" />
<xs:pattern value="[0-9a-zA-Z]+" />
</xs:restriction>
</xs:simpleType>
<xs:complexType name="RequestHeaderType">
<xs:sequence>
<xs:element name="MessageTypeID" type="infra:MessageTypeIDType">
<xs:annotation>
<xs:documentation> docs </xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
And this extract from the WSDL:
<wsdl:message name="DIRequestMessage">
<wsdl:part name="requestHeader" element="RequestHeaderType " />
...
</wsdl:message>
<wsdl:portType name="DIPortType_v1_0">
<wsdl:operation name="di">
<wsdl:input message="tns:DIRequestMessage" />
...
<wsdl:fault name="fault" message="tns:Fault" />
</wsdl:operation>
</wsdl:portType>
(I've had to copy, paste and remove some context but I hope it demonstrates what we've implemented.)
And finally, this jaxws:endpoint:
<jaxws:endpoint
implementor="com.x.MyServiceImpl"
address="..">
<jaxws:features>
<bean class="org.apache.cxf.feature.LoggingFeature"/>
</jaxws:features>
<jaxws:properties>
<entry key="schema-validation-enabled" value="true" /> </jaxws:properties> </jaxws:endpoint>
When I connect to it via SOAP UI, I note CXF correctly validates the existence of the MessageTypeID element but not the value to ensure it meets the restriction.
Any input most welcome.
Thanks
John
<FONT size=1> <P><FONT size=2>****************************************************************************************</FONT></P><P><FONT size=2>The information contained in this email may be confidential. It is intended</FONT></P><P><FONT size=2>only for the use of the named recipient. If you are not the named recipient</FONT></P><P><FONT size=2>please delete this email and notify the sender of the delivery error. If you</FONT></P><P><FONT size=2>have received this email and are not the named recipient, any disclosure,</FONT></P><P><FONT size=2>reproduction, distribution or other dissemination or use of the information</FONT></P><P><FONT size=2>contained in this email is strictly prohibited.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The transmission of email cannot be guaranteed to be secure or error free as</FONT></P><P><FONT size=2>information could be intercepted, corrupted, lost, destroyed, arrive late or</FONT></P><P><FONT size=2>incomplete, or contain viruses. The sender therefore does not accept</FONT></P><P><FONT size=2>liability for any errors or omissions in the contents of this message which</FONT></P><P><FONT size=2>arise as a result of email transmission. If verification is required please</FONT></P><P><FONT size=2>request a hard copy version.</FONT></P><P><FONT size=2> </FONT></P><P><FONT size=2>The Camelot group of companies includes:</FONT></P><P><FONT size=2>Camelot UK Lotteries Limited (reg. no 2822203), Camelot Business Solutions</FONT></P><P><FONT size=2>Limited (reg. no 07553982), Camelot Strategic Solutions Limited (reg. no</FONT></P><P><FONT size=2>07553980), Camelot Global Services Limited (reg. no 02822300) and Camelot</FONT></P><P><FONT size=2>Commercial Services Limited (reg. no 06911097), all of which are registered</FONT></P><P><FONT size=2>in England and Wales and have their registered office at:</FONT></P><P><FONT size=2>Tolpits Lane</FONT></P><P><FONT size=2>Watford</FONT></P><P><FONT size=2>WD18 9RN</FONT></P><P><FONT size=2>Tel : 01923 425000</FONT></P><P><FONT size=2>***************************************************************************************</FONT></P></FONT>