cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arik Gorelik <arikg...@gmail.com>
Subject Re: enforce correct SOAP headers on request
Date Mon, 08 Feb 2010 20:19:09 GMT
Thank you. In what IN Phase would you recommend the interceptor? I am trying
to avoid parsing the header, etc if it is already parsed somewhere in the
interceptor chain on the server side.

On Thu, Feb 4, 2010 at 2:02 PM, Daniel Kulp <dkulp@apache.org> wrote:

> On Tue February 2 2010 1:40:38 pm Arik Gorelik wrote:
> > Hello,
> >
> > I am using CXF 2.2.5 and I am seeing an interesting behavior from some of
> > the client code. In the SOAP Envelope request, the client is able to
> >  specify a completely random namespace and the request header still goes
> >  through, the server is able to fulfill the response and return correct
> >  values.
>
> Which is correct if there isn't a mustUnderstand attribute on the header.
> Without that, we dont have to understand the header and we can safely
> ignore
> it.
>
> >  Now, is there a way to enforce the correct namespace to be used?
>
> Well, normally, if a specific header is required, you would have an
> interceptor or similar registered that would look for it and if it's not
> there, throw an exception.   Thus, in your case, the interceptor would not
> find the header with the proper namespace and thus would throw an
> exception.
>
> Dan
>
>
> >  For example, here is a sample request:
> >
> > <?xml version='1.0' encoding='UTF-8'?>
> > <SOAP-ENV:Envelope
> >  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
> >
> > xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
> > *xmlns:nsXXXX="**http://tempuri.org* <http://tempuri.org/>*">*
> >  <SOAP-ENV:Header>
> >   <password>*****</password>
> >   <username>test</username>
> >  </SOAP-ENV:Header>
> >  <SOAP-ENV:Body>
> >   *<getStudent
> >  xmlns="**http://student.test.com/services/v01*<
> http://student.test.com/ser
>  > vices/v01> *">*
> >    <request>
> >     <studentId>12345</studentId>
> >    </request>
> >   </getStudent>
> >  </SOAP-ENV:Body>
> > </SOAP-ENV:Envelope>
> >
> >  Now, the confusing part for me is the 'xmlns:nsXXXX=http://tempuri.org'
> > (where XXXX is some random 4 digit number), because ideally the request
> > should be generated like this:
> >
> >
> >  <?xml version='1.0' encoding='UTF-8'?>
> > <SOAP-ENV:Envelope
> >  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
> >
> > xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
> > *xmlns:v01="http://student.test.com/services/v01**">*
> >  <SOAP-ENV:Header>
> >   <password>*****</password>
> >   <username>test</username>
> >  </SOAP-ENV:Header>
> >  <SOAP-ENV:Body>
> >   *<v01:getStudent**>*
> >    <*v01:*request>
> >     <*v01:*studentId>12345</*v01:*studentId>
> >    </*v01:*request>
> >   </*v01:*getStudent>
> >  </SOAP-ENV:Body>
> > </SOAP-ENV:Envelope>
> >
> > Is there a way to enforce that somehow?
> >
> > Thank you.
> > Arik.
> >
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message