[ http://issues.apache.org/jira/browse/AXIS2-104?page=all ]
Srinath Perera updated AXIS2-104:
---------------------------------
Description:
Currently the content (SoapBody) is not validated against the Schema definition
in the WSDL.
I propose to add a Handler that can be added to the request and/or the response
handling on the server (or even on the client). I think
this would simplify many problems when developing a client.
The request validation might even be switched on in production
environments to reduce the risk af malicious requests or
to reduce the load on the backend in case of DoS attacks
(assuming that Axis is used as a sort of Proxy/Broker that
forwards the (transformed) request to another system).
was:
Currently the content (SoapBody) is not validated against the Schema definition
in the WSDL.
I propose to add a Handler that can be added to the request and/or the response
handling on the server (or even on the client). I think
this would simplify many problems when developing a client.
The request validation might even be switched on in production
environments to reduce the risk af malicious requests or
to reduce the load on the backend in case of DoS attacks
(assuming that Axis is used as a sort of Proxy/Broker that
forwards the (transformed) request to another system).
Environment:
Priority: Minor (was: Major)
Two things
1) If we do code Generation with data binding the xmlbeans will validate the
XML against the schema. So one could say that we support this already.
2) By writing a generic handler that validates soap message against schema
given in the WSDL we can have what you ask for. But I do not think we can
afford to done it in Axis2 1.0 time frame. But if you (or anyone) like to write
the Handlers we will be glad to integrate.
Based on the above two I am moving the issue priority down, this can be moved
up if some one volunteer to work on it!
> validate request and response with Schema
> -----------------------------------------
>
> Key: AXIS2-104
> URL: http://issues.apache.org/jira/browse/AXIS2-104
> Project: Apache Axis 2.0 (Axis2)
> Type: New Feature
> Reporter: Victor Volle
> Priority: Minor
>
> Currently the content (SoapBody) is not validated against the Schema
> definition in the WSDL.
> I propose to add a Handler that can be added to the request and/or the
> response handling on the server (or even on the client). I think
> this would simplify many problems when developing a client.
> The request validation might even be switched on in production
> environments to reduce the risk af malicious requests or
> to reduce the load on the backend in case of DoS attacks
> (assuming that Axis is used as a sort of Proxy/Broker that
> forwards the (transformed) request to another system).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
