cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: WSDL validator tool and WS-I checks
Date Mon, 07 Feb 2011 15:49:51 GMT
On Monday 07 February 2011 10:39:21 am robert wrote:
> My group has a requirement to validate published WSDLs for compliance
> against the WS-I Basic Security Profile.
> 
> Perhaps I have misunderstood the requirement, in relationship to the
> 'published' sense?  Or perhaps, the requirement could be refined
> further.

Honestly, I have no idea what the "requirement" would be.   The only place 
WSDL is mentioned in the WSI-SP is in section 5.4.     All the checks in there 
are just pointers to the BP 1.0 and 1.1 specifications.  Thus, it's really 
just checking the BP.

Dan

 
> On Mon, 7 Feb 2011 10:20:04 -0500, Daniel Kulp <dkulp@apache.org>
> 
> wrote:
> > On Monday 07 February 2011 9:55:42 am robert wrote:
> >> Consider the online help for the WSDL validator tool:
> >> http://cxf.apache.org/docs/wsdlvalidator.html.
> >> 
> >> The text states that the following check is performed: "Validate the
> >> WSDL document against custom validation rules, such as those defined by
> >> the Web Services Interoperability (WS-I) organization (i.e. WS-I Basic
> >> Profile rules)."
> >> 
> >> I have two questions in this regards,
> >> 
> >> (1)  The checks target what version of WS-I Basic Profile?  If it's
> >> not Web Services Interoperability Organization’s Basic Profile, Version
> >> 1.2, could checks be added for this latest version?
> > 
> > It's WS-I Basic Profile..   It's not all the rules though.   I think
> > WSI-BP defines hundreds, if not thousands, of checks.   We're pretty
> > much checking for the common issues.   If someone wants to go through
> > the BP spec and write
> > additional checks, that would be great.   It's not a priority for
> > *ME* as the
> > existing checks have been fairly adequate.
> > 
> >> (2) Are there any checks performed in relationship to "Web Services
> >> Interoperability Organization’s Basic Security Profile, Version 1.1"...
> >> if not, could there be?
> > 
> > Well, the WSI-security profile defines on-the-wire rules and such.
> > It really
> > doesn't  define any rules for anything in the WSDL.   What would a *WSDL*
> > validator validate with this?

-- 
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog

Mime
View raw message