cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dennis Sosnoski <>
Subject Re: WSDL validator tool and WS-I checks
Date Thu, 10 Feb 2011 00:37:21 GMT
Hi Robert,

You might be interested in my just-published article on "Understanding
and modeling WSDL 1.1": (This
discussion reminded me of the CXF tool, and I've requested added a link
to that as a resource.) The next one covers extending the model to
include WS-Policy/WS-SecurityPolicy, which sounds similar to what you want.

As Dan said, WS-I BSP is all about the runtime use of WS-Security and
doesn't really cover much at the policy level. There are some common
errors that occur when using WS-Policy/WS-SecurityPolicy, though,
including mixing namespaces and using assertions in the wrong places.
Some of these may be caught and reported by some of the web services
stacks when you try to use a policy, others may slip by and just leave
you scratching your head over apparently-bizarre results. I've
experienced a considerably amount of that myself in writing the
WS-Security articles in my series for devWorks!

I plan to publish an online version of my verification and restructuring
tool next month to go along with the completion of the three-part
series, so I'll update the list when that's available.

  - Dennis

Dennis M. Sosnoski
Java SOA and Web Services Consulting <>
Axis2/CXF/Metro SOA and Web Services Training
Web Services Jump-Start <>

On 02/08/2011 04:39 AM, robert wrote:
> My group has a requirement to validate published WSDLs for compliance
> against the WS-I Basic Security Profile.
> Perhaps I have misunderstood the requirement, in relationship to the
> 'published' sense?  Or perhaps, the requirement could be refined
> further.  
> On Mon, 7 Feb 2011 10:20:04 -0500, Daniel Kulp <>
> wrote:
>> On Monday 07 February 2011 9:55:42 am robert wrote:
>>> Consider the online help for the WSDL validator tool:
>>> The text states that the following check is performed: "Validate the
>>> WSDL document against custom validation rules, such as those defined by
>>> the Web Services Interoperability (WS-I) organization (i.e. WS-I Basic
>>> Profile rules)."
>>> I have two questions in this regards,
>>> (1)  The checks target what version of WS-I Basic Profile?  If it's
>>> not Web Services Interoperability Organization’s Basic Profile, Version
>>> 1.2, could checks be added for this latest version?
>> It's WS-I Basic Profile..   It's not all the rules though.   I think WSI-BP 
>> defines hundreds, if not thousands, of checks.   We're pretty much checking 
>> for the common issues.   If someone wants to go through the BP spec
>> and write
>> additional checks, that would be great.   It's not a priority for
>> *ME* as the
>> existing checks have been fairly adequate.
>>> (2) Are there any checks performed in relationship to "Web Services
>>> Interoperability Organization’s Basic Security Profile, Version 1.1"...
>>> if not, could there be?
>> Well, the WSI-security profile defines on-the-wire rules and such.  
>> It really
>> doesn't  define any rules for anything in the WSDL.   What would a *WSDL* 
>> validator validate with this?

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message