WSDL doesn't validate the incoming messages

D

davidliuh

Hi,

I have a web service which inplements a WSDL. In the WSDL, there're two
lines like:

<s:element minOccurs="1" maxOccurs="1" name="CreateDateTime"
type="s:dateTime" />
<s:element minOccurs="1" maxOccurs="1" name="OriginatorID" type="s:int"
/>

When I tested, I didn't have CreateDateTime and OriginatorID element in
the test message. What I got in the web service is: CreateDateTime:
01/01/0001 and OriginatorID: 0. What I expected is I should get a soap
exception because CreateDateTime and OriginatorID are required
(minOccurs = 1). Why I got two strange values? Does WSDL validate the
incoming messages?

I'll appreciate your response.


David
 
J

John Saunders

Hi,

I have a web service which inplements a WSDL. In the WSDL, there're two
lines like:

<s:element minOccurs="1" maxOccurs="1" name="CreateDateTime"
type="s:dateTime" />
<s:element minOccurs="1" maxOccurs="1" name="OriginatorID" type="s:int"
/>

When I tested, I didn't have CreateDateTime and OriginatorID element in
the test message. What I got in the web service is: CreateDateTime:
01/01/0001 and OriginatorID: 0. What I expected is I should get a soap
exception because CreateDateTime and OriginatorID are required
(minOccurs = 1). Why I got two strange values? Does WSDL validate the
incoming messages?

I'll appreciate your response.

"WSDL" doesn't validate anything. "WSDL" is an XML-based language for
describing web services.

If you mean, "doesn't ASP.NET validate messages against the schemas in a
WSDL describing this web service", then the answer is, "no", and "what made
you think that it did validate"?

First of all, you say that your web service "implements a WSDL". This sounds
like you used WSDL.EXE to create a stub class or interface, and that you
then wrote code which implemented that class or interface. In this case, the
WSDL is out of the picture. WSDL.EXE put attributes on the class or
interface and its methods, and perhaps on types which it generated from the
WSDL file. ASP.NET interacts with those attributes at run time to do things
like serialize and deserialze messages.

Note that ASP.NET is not interacting with the WSDL file. In fact, you won't
find the path to the WSDL file anywhere in the generated code.

Note further that none of these attributes says anything about validation,
or about what to do in the case of a validation error.

If you'd like to add validation, see the excellent article, "Extend the
ASP.NET WebMethod Framework by Adding XML Schema Validation" at
http://msdn.microsoft.com/msdnmag/issues/03/07/xmlschemavalidation/default.aspx. I
have created an implementation of this code for my own web service, and find
it extremely useful, not only for validating incoming messages, but also for
making sure that my web service generates valid output!


John
 
D

davidliuh

Hi John,

Thank you very much. It's very useful. I implemented a test web service
and it provide powerful validation.

However, my product web service uses WSE3.0. If I apply this code, the
soap message I got in the Validation is the encripted data. It should
have a way to get the decripted soap message.


David
 
J

John Saunders

Hi John,

Thank you very much. It's very useful. I implemented a test web service
and it provide powerful validation.

However, my product web service uses WSE3.0. If I apply this code, the
soap message I got in the Validation is the encripted data. It should
have a way to get the decripted soap message.

Can you place your extension after the WSE extensions?

I ask that without knowing how WSE works.

John
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,480
Members
44,900
Latest member
Nell636132

Latest Threads

Top