cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From robert <rob...@gliesian.com>
Subject Re: WSDL validator tool and WS-I checks
Date Mon, 07 Feb 2011 16:09:54 GMT
Okay.  I did open up a JIRA issue request
(https://issues.apache.org/jira/browse/CXF-3312) based on text from our
group related to a different system, "validate published WSDL files for
compliance with WS-I Basic Security Profile".

Perhaps the requirement is invalid, and so should be the issue?  I
guess CXF-3312 could be closed as invalid?

On Mon, 7 Feb 2011 10:49:51 -0500, Daniel Kulp <dkulp@apache.org>
wrote:
> On Monday 07 February 2011 10:39:21 am robert wrote:
>> My group has a requirement to validate published WSDLs for compliance
>> against the WS-I Basic Security Profile.
>>
>> Perhaps I have misunderstood the requirement, in relationship to the
>> 'published' sense?  Or perhaps, the requirement could be refined
>> further.
> 
> Honestly, I have no idea what the "requirement" would be.   The only place 
> WSDL is mentioned in the WSI-SP is in section 5.4.     All the checks
> in there
> are just pointers to the BP 1.0 and 1.1 specifications.  Thus, it's really 
> just checking the BP.
> 
> Dan
> 
>  
>> On Mon, 7 Feb 2011 10:20:04 -0500, Daniel Kulp <dkulp@apache.org>
>>
>> wrote:
>> > On Monday 07 February 2011 9:55:42 am robert wrote:
>> >> Consider the online help for the WSDL validator tool:
>> >> http://cxf.apache.org/docs/wsdlvalidator.html.
>> >>
>> >> The text states that the following check is performed: "Validate the
>> >> WSDL document against custom validation rules, such as those defined by
>> >> the Web Services Interoperability (WS-I) organization (i.e. WS-I Basic
>> >> Profile rules)."
>> >>
>> >> I have two questions in this regards,
>> >>
>> >> (1)  The checks target what version of WS-I Basic Profile?  If it's
>> >> not Web Services Interoperability Organization’s Basic Profile, Version
>> >> 1.2, could checks be added for this latest version?
>> >
>> > It's WS-I Basic Profile..   It's not all the rules though.   I think
>> > WSI-BP defines hundreds, if not thousands, of checks.   We're pretty
>> > much checking for the common issues.   If someone wants to go through
>> > the BP spec and write
>> > additional checks, that would be great.   It's not a priority for
>> > *ME* as the
>> > existing checks have been fairly adequate.
>> >
>> >> (2) Are there any checks performed in relationship to "Web Services
>> >> Interoperability Organization’s Basic Security Profile, Version 1.1"...
>> >> if not, could there be?
>> >
>> > Well, the WSI-security profile defines on-the-wire rules and such.
>> > It really
>> > doesn't  define any rules for anything in the WSDL.   What would a *WSDL*
>> > validator validate with this?


Mime
View raw message