I know what is soap,wsdl and uddi.
But what is the relation between them and how to establish the relationship in code.
It will be good if someone can post a sample code which has all of these.
Thanks in advance.
SOAP is the XML-based protocol used to send and receive web service messages. WSDL is the XML-based language used to describe the format of the messages, and the details of the interaction with the service.
UDDI is not used very much. It sounded like a good idea at the time it was invented, but turned out not to be useful.
Related
I have a question regarding authorization for SOAP services. Please note I am asking for authorization, not authentication which I know how to do using WS-Policy specification.
What I would like to do is to define access rights for different SOAP operations. For example: getMeSomeData operation is accessible to simpleUser but getMeSomeSecretData operation is not, but it is accessible to adminUser.
I was assuming this is possible since SOAP standard is quite complex. Is there anyone well oriented in SOAP who knows if it is? And if it is possible, could you give me any guidance or article I could read about how to do it?
Based on my extensive googlig, this is not possible.
About the only way to do this would be with some kind of server integration with whatever the back-end of the soap may be. But this wouldn't be a soap functionality as much as a 'hack' sitting behind it using whatever your authentication layer may happen to be.
Any help here will be greately appreciated :)
Wanted to check if anyone has used ZAPProxy for performing the security testing on the RESTfull WebServices (API). I know this tool provides good out of the box features for doing security testing on WebSites but I'm not sure how effective it on on the WebServices. I know I can use SOAPUI but I have heard that is not comprehensive.
Please suggest !
I use it for making SQL-Injection attack tests.
Great tool!
Receive the manual browsing data of your intercepting proxy via REST Webservices, process the the data, resend malicious web request, evaluate response and if you're not sure in your program if the response is right display it in an eclipse RCP webbrowser.
Am tryin to consume json,csv and xml in a restful webservice? But when i go throughed many links i found its possible by setting it in the header information. But am not sure or pretty much clear wit those concepts..It would be great if somebody helps me out..Thanks in advance..
Look at Content-Type and Accept.
The concept is called content negotiation. .
Please can anyone explain briefly about concepts involved in WS security to protect soap from intermediate web services...
WS-Security does not implement anything new. It says how to use XML Encryption and XML Signature specifications in the SOAP world.
WS-Security is transport independent and provides message level security.
Since it's message level security - when we use encryption the message will be encrypted from a key known to the ultimate receiver, so intermediaries cannot view the message.
Thanks...
It is difficult to provide a simplistic answer unless we know what you are interested in (as Tim mentioned in his comment)
Have a quick read at this to get an idea.
http://www.ibm.com/developerworks/webservices/tutorials/ws-understand-web-services4/
This is not the only reference but think of it as a place to start.
Once you have an idea you will able to ask specific questions and the folks here would be able to help you out with their answers
HTH
Manglu
JSR 109: Implementing Enterprise Web Services
... is also an interesting read. the doc has some further references on the topic.
I thought to practice SOAP API. I know it is a time for REST but I thought to give a try to SOAP. I somehow got Flickr.com API supporting SOAP but it has very difficult documentation. No, working examples are available.
Q1. So, do anyone know where I can learn SOAP. Do anyone has SOAP working example for Flickr API
Q2. Any service other than Flickr providing SOAP interface. I saw Google search api has closed new request for SOAP.
regards
SOAP has been largely superseded by REST on the public Internet - as you have noted in your question and has been alluded to in comments.
There are still large users in the Intranet context, companies with an installed base of SOAP, Service Bus, and other concepts that you may well come across if you end up working at one of them. (There are still CORBA users out there also!) When you control both ends of the application, you may have less reason to be flexible using REST.
So if you are looking for useful public implementations you are mostly out of luck.
That said: do create your own services and try them out on your own. Define a service and implement it. Create a client in a different language. Create another client in a third language.
If you are looking for an educational experience, this will lead you down some of the same paths that has lead to REST use in wide-scale disparate systems (and may also shed light on why the public/private has split the way it has)
Good Luck