Have a Web application which connects to a jax-ws service. Want to send security credentials in the header. But.. I know that there are two types of headers:
1) soap header, which I can set with handler in client side
2) http header in transport layer
Can anybody explain pros and cons of setting additional information in each of these headers? What is the best practice?
SOAP headers and HTTP headers are not the same.
The SOAP headers contain routing information, authentication information and so on. It independent of the transport that SOAP uses. If you send the data to the web service then you should place it inside the SOAP headers.
SOAP message passed to the receiver.
HTTP headers contain the content type, the content length, the cache directives for clients, cookies and so on. It independent of the what actually transmitted with HTTP. HTTP headers is intercepted in the web server.
See Also:
XML Soap
SOAP Headers
Message Headers
Related
So, I'm communicating with the server using THttpClient of Thrift. The server is already sending the set-cookie header, but I was not sure on how to extract that from the response (in client side), and send back that cookie as the header of the subsequent requests..
Thanks.
Which HTTP Method is used to send SOAP messages?
I guess, if you are working at the servlet level,you could define the HTTP method(would there still be restrictions?).
But if all that is hidden, and I'm using a simple JAX WS webservice, which HTTP method would(should??) the request and response messages have?
I think JAX-WS and most other implementations use post for transmitting requests
you can verify it by capturing the request in TCP IP monitor
As I understand RESTful webservices use whole power of http, suffice to say all that rest need is http, but in the same time rest!=http. CRUD provides ability to do any action with API resourses, for example we send http request, this request has header for aunthefication, name of method (for example put), and json in body for updating. How this proces is running via SOAP? SOAP uses XML, but how this XML is delivered to API?
SOAP is based on XML and it conveys that messages are delivered in a SOAP envelope that has a header and a body.
When a SOAP message (be it a request or response) is delivered over HTTP you will have the whole envelope put in the HTTP body.
If the implementation is proper, in the HTTP header, in Content-Type you will have application/soap+xml.
Also in SOAP 1.1 you might have the SOAPAction header, which is not mandatory and is discussed in detail in this article.
See this article for sample raw SOAP request and response. Here is an intro to SOAP that you might also find helpful.
Hope this helps! Good luck.
We have a bunch of services that support Post over HTTP similar to normal web app processing where in a form is sent via post and also SOAP over HTTP via the IBM soap gateway, our design is slightly messy today as we had combined a lot of processing logic tied to the transport protocol where we parse the XML contents via DOM parser and have seperate classes for Post and SOAP over HTTP, etc. We want to streamline this such that we have a common service class independent of transport that serves for both SOAP and POST over HTTP. I did find that Apache CXF supports both JAX-RS and JAX-WS via single service class. Does this mean I can use the JAX-RS similar to Form posting over HTTP and JAX-WS for the SOAP. The idea is we don't want to change any of the existing consumers client code and just stream line at the provider end. Any suggestion to this regard is welcome. Thanks.
We have a server process that replies to HTTP POST only.
The framework that I use, gsoap, provides an HTTP GET plugin.
I would like to ask what is the purpose of http GET in soap. What are the benefits?
Could you please share your experience, if any?
It represents different message exchange pattern. When you send POST you are issuing SOAP request and receiving SOAP response - that is called request-response message exchange pattern. When using GET you are calling "resource" by URI and including Accept HTTP header to request SOAP response - that is called response message exchange pattern.
These two patterns are used with HTTP binding defined in SOAP 1.2 (not every API supports this binding). Each message exchange pattern has its own purpose:
Response message exchange pattern is only for data retrieval. It should never change any data on the server.
Request/response message exchange pattern is for both retrieval and data modification on the server.
The benefit of HTTP GET can be anything related to differences between GET request and POST request. For example responses to HTTP GET requests can be cached on HTTP proxies.