axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Srinath Perera (JIRA)" <j...@apache.org>
Subject [jira] Updated: (AXIS2-104) validate request and response with Schema
Date Thu, 28 Jul 2005 10:43:18 GMT
     [ http://issues.apache.org/jira/browse/AXIS2-104?page=all ]

Srinath Perera updated AXIS2-104:
---------------------------------

    Description: 
Currently the content (SoapBody) is not validated against the Schema definition in the WSDL.

I propose to add a Handler that can be added to the request and/or the response handling on
the server (or even on the client). I think
this would simplify many problems when developing a client.

The request validation might even be switched on in production 
environments to reduce the risk af malicious requests or
to reduce the load on the backend in case of DoS attacks
(assuming that Axis is used as a sort of Proxy/Broker that
forwards the (transformed) request to another system).

  was:
Currently the content (SoapBody) is not validated against the Schema definition in the WSDL.

I propose to add a Handler that can be added to the request and/or the response handling on
the server (or even on the client). I think
this would simplify many problems when developing a client.

The request validation might even be switched on in production 
environments to reduce the risk af malicious requests or
to reduce the load on the backend in case of DoS attacks
(assuming that Axis is used as a sort of Proxy/Broker that
forwards the (transformed) request to another system).

    Environment: 
       Priority: Minor  (was: Major)

Two things
1) If we do code Generation with data binding the xmlbeans will validate the XML against the
schema. So one could say that we support this already.
2) By writing a generic handler that validates soap message against schema given in the WSDL
we can have what you ask for. But I do not think we can afford to done it in Axis2 1.0 time
frame. But if you (or anyone) like to write the Handlers we will be glad to integrate.

Based on the above two I am moving the issue priority down, this can be moved up if some one
volunteer to work on it!

> validate request and response with Schema
> -----------------------------------------
>
>          Key: AXIS2-104
>          URL: http://issues.apache.org/jira/browse/AXIS2-104
>      Project: Apache Axis 2.0 (Axis2)
>         Type: New Feature
>     Reporter: Victor Volle
>     Priority: Minor

>
> Currently the content (SoapBody) is not validated against the Schema definition in the
WSDL.
> I propose to add a Handler that can be added to the request and/or the response handling
on the server (or even on the client). I think
> this would simplify many problems when developing a client.
> The request validation might even be switched on in production 
> environments to reduce the risk af malicious requests or
> to reduce the load on the backend in case of DoS attacks
> (assuming that Axis is used as a sort of Proxy/Broker that
> forwards the (transformed) request to another system).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message