Hi Dims/Deepal I was in the morning axis2 tutorial presentation and it was definitely very helpful. I had asked a question related to the WS-policy implementation [neethi I guess] and I had some question on the facts Dims mentioned in that session abt the policy implementation.
I have a sort of legacy application which I am web service enabling using axis. I need the dynamic deployment feature of axis2 [ie dropping the aar file with the WSDL in a folder ]. I create my own wsdl and the services.xmland the schema dynamically at runtime when the user chooses to deploy the legacy service as a Web service. I deal with the Raw xml in my java service class and it has one method say - public OMElement dothis(OMElement om). I let the axis modify the wsdl and hence will not use the useOriginalWSDL param. My WSDL can have n number of methods and I figure that at runtime from the legacy artifact/service the user is trying to deploy. But my java class is fixed as after I get the XML I know what to do with that to invoke the actual legacy service. When it comes to security we suggest the user to go and modify the services.xml and add the inflow and outflow xml blocks at the service level [as I have only one physical operation but n wsdl operation]. I have a major problem here - I want to specify those inflow/outflow security stuff based on the WSDL operation but thats not possible with the current design of services.xml. [remember as I said I have 1 physical operation and N wsdl operation]. I know for a fact that WS specification no way forces the WSDL operation name to be the same as the physical operation name. So In that case even if I come down to the level of deploying each operation in my legacy service as a individual Web services [so I am now at 1 to 1 mapping] still I want to have a separate WSDL operation name as from the java operation name [which is say allways dothis for me]. I want my inflow/outflow stuff to appear as a policy in the WSDL for that operation/service [now say 1 service will have one operation only] - I am not sure how axis will be able to match my java operation to the WSDL operation [If specify the security in the operation level]. My flow of service invocation is like as below: [my java class is like a proxy to the legacy services] axis engine ----> my java class ----->legacy service1 axis engine ----> my java class ----->legacy service2 ......... ....... My java class is pregenerated fixed code which has only one method dothis which takes in the XML and knows which legacy artifact to call and how to get response back. So my question is Q1>Do you suggest me [for WS-policy and operation level security] sake to change my design to 1 legacy service method as one Axis Web service? If I stick with legacy service as one web service then potentially a legacy service may have N wsdl operation and my java class has only one [as its generically handling all requests for any legacy service]. So my services xml has only one operation and I have to declare security policy only at the service level. Q2>Also I am generating my own WSDL but letting Axis modify it - so I am hoping that the policy stuff should appear as pasrt of the Axis modified WSDL - right? [given I just specify the inflow/outflow sec parameters.] -- thanks Rishi
