Can I generate a wsdl file without binding and service information? - web-services

I came across an issue where a customer is able to open a SAP wsdl using net-beans as well as in .Net but not in soap UI.
When i checked the wsdl i found that service as well as binding tags are not defined or no such tags included. wsdl ends with port-type information.
In soap UI i got an error like no content in the file and when i try to open it in eclipse i am able to open it using web explorer window, but service as well binding information fields are empty. I could see ws-policy elements in customers wsdl.
How he might have produced a wsdl without binding and service information ?
What would be the reason he is telling it is working in .Net?
I am not sure about .Net tools.
Is there any web service client tool which can open the operations without endpoint /service information and send request/response ?..
please help
thank you for your time.

I only know a bit about the first question, can't help you with the other ones...
You can request two "flavors" of WSDL from a NW/ABAP system. This is related to the fact that the implementation (programming) of the service is usually performed on a different system and by different people than the configuration of the service.
After the service (or rather a service definition) has been implemented, you can get what's called a "design-time WSDL document". This document does not include the endpoint information - it cannot, because that would require technical information about the target system landscape and its configuration that is simply not available yet.
From the service definition, an administrator can create a configuration. This includes the binding information as well as stuff like base URL, security settings, transport layer settings and so on. With this configuration, you can generate a second WSDL document that contains the actual endpoint configuration.

Related

WS-SecurityPolicy configuration of CXF client

The question: Can CXF automatically configure WS-Security for a client based on a WS-SecurityPolicy file?
If so, is there any documentation on actually doing so? I've spent several hours looking at the CXF site and doing searches without finding an answer.
The CXF documentation says "CXF 2.2 introduced support for using WS-SecurityPolicy to configure WSS4J instead of the custom configuration documented on the WS-Security page", and also says "In CXF 2.2, if the cxf-rt-ws-policy and cxf-rt-ws-security modules are available on the classpath, the WS-SecurityPolicy stuff is automatically enabled." Finally, there's a listing of the properties that may need to be configured (keystore locations, etc). All of that I understand, but the documentation doesn't actually explain what enabling WS-SecurityPolicy does. Is it just for policy generation, or does it actually help configure clients?
The reason I'm asking is that I'm working on an application that uses CXF (JAX-WS front end) via Camel to consume a SOAP service secured with WS-Security. Because of the existing structure of our application, I've been trying to configure the client with WSS4J interceptors, but have been having a tough time actually implementing what they've described.
After a couple of days working on this, the provider mentioned that they had a WS-SecurityPolicy file they could send to me (why they didn't mention this up front is a mystery). Now that I have their policy, I'd really like to figure out a less code-driven way of configuring the security.
Having a WS-SecurityPolicy configures "most" of the security requirements for a client. You still need to specify JAX-WS properties to configure users, passwords, keys etc. I would recommend checking out the CXF source and looking at the systests/ws-security-examples tests.

Creating a New Web Service Consumer Domino

I am trying to import a WSDL in to my Domino Designer 9.0.1 client. I have downloaded the WSDL file and specify it in the Local File part of the wizard.
I click OK and get the error
"The requested operation failed. Server redirected too many times (20)"
I have imported other WSDL's without a problem and the only difference with the one I now need, is that I need to login to see the WSDL.
Does this stop the wizard?
If so, is the only option writing the java agent from scratch to access the data?
Obviously I cannot provide the actual wsdl I am trying to attach to as it is a paid service, so not sure what other information I can provide to help find a solution.
Thanks
Graeme

What is the difference between ?wsdl and ?singleWsdl parameters

My messaging provider gives me two different kinds of WSDLs to use.
http://my.amazonaws.com:8000/webservice/?wsdl
http://my.amazonaws.com:8000/webservice/?singleWsdl
The first one is an embedded WSDL. Can NOT use it to generate WSDL2java packages and
can NOT use JAX-WS to create a connection.
The second one is a single WSDL. It can generate Java packages with CXF 3.0's WSDL2java and can use JAX-WS to create a connection. It works very well.
Please let me know what is the difference between these two kinds of WSDLs.
Without knowing what those links return we can only guess, but here are some details that might help you....
Suffixing the web service endpoint with ?wsdl get's you a WSDL file. The WSDL can be generated by the framework at runtime based on the web service skeleton code or can be an actual physical file that the server just sends back when the URL parameter is specified.
The WSDL contains an XML Schema that can be specified either inside the WSDL itself or as separate files that are imported by the WSDL. And now a problem occurs...
Some web service stub generators can only handle a full WSDL, with the Schema inside. If the WSDL imports other files the tools can't resolve the imports and fails. This made web services hard to consume because clients had issues creating stubs to interact with the web service. So much so that service providers either used an actual WSDL to respond to the ?wsdl request or started writing all sorts of hacks and plugins to make the web service generate the full WSDL.
But some providers didn't even bother so clients had to write the hacks to parse the WSDL or they had to download all files, assemble them manually into a single file and use that instead.
With time people recognized this as a problem and frameworks adapted to provide the full WSDL, not one with imports. But this generated another problem. Changing what the ?wsdl URL returned could break all those hacks created around it to fix the import problem. For this reason another convention was chosen to return the full WSDL: ?singleWsdl.
So there are frameworks that generate a full WSDL, some that generate it with imports, some allow you to specify an actual physical file, some that support the ?singleWsdl convention, some that don't. Not relevant to this question, but just for completion, there is also a ?wsdl2 convention that get's you a WSDL 2.0 definition (?wsdl get you a WSDL 1.1). Some frameworks support ?wsdl2, some don't.
My guess is the issues you have are caused by Schema imports, but without the WSDLs themselves I can't tell. Hope at least that these details help you better identify the problem.

Does the existence of a .wsdl file mean files must be generated?

When I'm tasked with dealing with connecting to web services, I've always found the appropriate .wsdl file, ran WSDL2Java.bat, and incorporated those Java files into my Java project. Then I've successfully completed my project that needs to access data via web services.
My question is, are there other ways to use the .wsdl file to access web services? ( I'm not talking about creating classes for different languages ). For example, I have documentation describing one company's web services. The examples it shows in it's documentation are essentially dumps of HTTP Post requests. Is this "web services"? It looks to me that the .wsdl file is merely used as a reference to make the correct Post requests. I could just make text templates and plug in the right values, and send them out, right? I really feel like I'm missing something here.
Am I a web-services illiterati?
To call a SOAP web service over HTTP you just need to send it a properly formatted XML with a POST request. That's it! How you build the request is irrelevant as long as it conforms to the SOAP protocol and the payload corresponds to a proper web service operation that exists on the particular web service you are calling.
But how do you know how to build the proper payload?
The web service needs to have some sort of documentation otherwise you don't know what to put inside the XML. The documentation can be whatever you like as long as people can use it to build valid requests. WSDL fits this criteria but has an extra advantage: you can feed it to a tool that generates code. That code knows how to handle all the SOAP details and exposes objects and methods to your application.
What would you prefer? Generating code from the WSDL in a few minutes and be able to call whatever operation on the web service or, build the requests and parse the responses by hand and spend hours or days doing so. What would your boss or company prefer? :)
It looks to me that the .wsdl file is merely used as a reference to make the correct Post requests. I could just make text templates and plug in the right values, and send them out, right?
Right! But you also have to consider your productivity as an employee in one case as opposed to the other.

Is it mandatory to have a WSDL definition accessible using ?wsdl?

Is it mandated by any standard that a web service should provide a WSDL by appending ?wsdl to the endpoint address?
Is it OK if the WSDL is hosted at a different URL (without appending ?wsdl)?
For example:
Endpoint: http://abc.xyz.com/MyService
WSDL: http://abc.xyz.com/MyServiceDefinition.pqr
Note that I'm even using a different extension for the WSDL definition.
Does using this approach violate any standards or one can host the thing the way they want?
Is it mandatory to have a WSDL definition accessible using ?wsdl?
No, it's not.
A WSDL is used to describe a web service contract and is provided because it allows tools to automate generation of client stub code for calling the specified web service. Exposing the WSDL at the same location as the web service with ?wsdl appended to it is just very handy and that's the convention everybody uses.
People and tools look for the WSDL at that location and frameworks automatically expose it at that location but it's just a convention. As to my knowledge this isn't specified in any specification (or at least none that I could find).
Sometimes though you don't want to provide a WSDL that everybody can look at and try to create a client because it's a private web service and you only want to give access to your partners, not to everybody. At that point you can disallow the ?wsdl URL and provide the WSDL only to your partners by using an alternative channel. You can even e-mail it if you don't want it exposed online.
So you can choose whatever channel to expose it. Just remember that because people and tools are following this convention they are used to see it there and some (poorly written) tools might choke in a different extension, for example.
P.S. One other thing I wanted to mention - which isn't strictly related to this answer but kinda reinforces the convention - is the new ?singleWsdl option in WCF 4.5.
WCF, as most other tools, exposes the WSDL at the ?wsdl address but uses xsd:import statements with external schemas. Some frameworks were not able to process WSDL with imported dependencies so people started to write customizations over WCF to have a flat WSDL exposed, so much so that in the latest version of WCF Microsoft decided to add this feature out of the box.
But for backward compatibility they needed to keep the ?wsdl endpoint as it was (returning a WSDL document with xsd:import statements inside) and were forced to add a new query parameter for the flat WSDL: ?singleWsdl. I'm sure this idea will be picked up by other web service vendors and providers as well.
No, Its not mandatory to have ?wsdl access, but its recommended way.
Its worth noting that most clients will try to append "?wsdl" to your URL and will try to access WSDL file, Hence its highly recommended to setup it.