Downloaded 11 times
![· Logging: org.springframework.ws.server.MessageTracing=DEBUG.
5. Creating a Web Service with Spring WS
Spring WS server-side support is designed around a MessageDispatcher that dispatches incoming
messages to endpoints, with configurable endpoint mappings, response generation, and endpoint
interception.
The MessageDispatcherServlet is a standard servlet which conveniently extends from the standard
Spring Web DispatcherServlet, and wraps a MessageDispatcher. It will look for a file named
[servlet-name]-servlet.xml in the WEB-INF directory.
Static WSDL:
<sws:static-wsdl id="orders" location="/WEB-INF/wsdl/orders.wsdl"/>:
The WSDL will be available on http://localhost:8080/spring-ws/orders.wsdl.
Dynamic WSDL:
<sws:dynamic-wsdl id="orders"><sws:xsd location=”file.xsd”/>...
This builds a WSDL from a XSD schema by using conventions.
JMS Transport
Spring WS supports server-side JMS handling through the JMS functionality provided in the Spring
framework. Spring WS provides the WebServiceMessageListener to plug in to a
MessageListenerContainer.
Email Transport](https://image.slidesharecdn.com/spring-ws-141111054403-conversion-gate01/85/Spring-ws-2-320.jpg)
![A. Annex: WSDL
WSDL
· <types>: defines the data types used by the WS
· <message>: defines the data element of the operation
· <portType>: describes a WS, the operations it can perform, and the messages involved; cor-responds
to a class; operations have input/output nodes.
· <binding>: defines the message format and protocol details for each port
Example:
<portType name="glossaryTerms">
<operation name="getTerm">
<input message="getTermRequest"/>
<output message="getTermResponse"/>
</operation>
</portType>
<binding type="glossaryTerms" name="b1">
<soap:binding style="document" transport="http://..." />
<operation>
<soap:operation soapAction="http://example.com/getTerm"/>
<input><soap:body use="literal"/></input>
<output><soap:body use="literal"/></output>
</operation>
</binding>
<service name=”...”>
<port binding=”...” name=”...”>
<soap:address location=”...” />
</port>
</service>
B. Annex: SOAP
Skeleton SOAP Message:
<?xml version="1.0"?>
<soap:Envelope
xmlns:soap="http://www.w3.org/2001/12/soap-envelope"
soap:encodingStyle="http://www.w3.org/2001/12/soap-encoding">
<soap:Header>
[metadata; must be namespace-qualified]
...
</soap:Header>](https://image.slidesharecdn.com/spring-ws-141111054403-conversion-gate01/85/Spring-ws-6-320.jpg)
![<soap:Body>
[actual soap message intended for the ultimate endpoint]
...
<soap:Fault>
[optional element used to indicate error]
...
</soap:Fault>
</soap:Body>
</soap:Envelope>](https://image.slidesharecdn.com/spring-ws-141111054403-conversion-gate01/85/Spring-ws-7-320.jpg)
Uploaded bySouleymane MATO
Spring ws
Spring Web Services allows creating web services using a contract-first approach. It provides components for defining data contracts with XSD, service contracts with WSDL, and implementing endpoints with annotated classes. Shared abstractions like WebServiceMessage and MessageContext provide common client and server functionality, while the MessageDispatcher handles dispatching requests to endpoints. The framework supports various transports including HTTP, JMS, and email.
More Related Content
Spring ws
- 1. Spring Web Services 1. What is Spring WS? Components: · spring-xml.jar: various XML support for Spring WS · spring-ws-core.jar: central part of the Spring’s WS functionality · spring-ws-support.jar: contains additional transport layers · spring-ws-security.jar: WS security implementation (sign and encrypt/decrypt) 2. Why Contract First? Contract first: start with WSDL and use Java to implement the contract. 3. Writing Contract First WS Data contract => XSD Service contract => WSDL Endpoint => created by annotating a class with @Endpoint. Endpoints handle incoming XML messages. WSDL => we don't need to write it ourselves: Spring-WS can generate one for us. 4. Shared Components Shared components = common to client and server. · WebServiceMessage: a protocol-agnostic XML message; provides access to the payload of the message, as javax.xml.transform.Source or Result. · SoapMessage: subclass of WebServiceMessage; contains SOAP-specific methods · WebServiceMessageFactory: creates concrete message implementations for WebServiceMessage. · MessageContext: contains a conversation request/response. · TransportContext: allows access to the underlying WebServiceConnection, typically a HttpServletConnection on the server side. · XPathExpression: abstraction over a compiled XPath expression (single, pre-compiled expression). · XPathTemplate: another way, slower, more flexible.
- 2. · Logging: org.springframework.ws.server.MessageTracing=DEBUG. 5. Creating a Web Service with Spring WS Spring WS server-side support is designed around a MessageDispatcher that dispatches incoming messages to endpoints, with configurable endpoint mappings, response generation, and endpoint interception. The MessageDispatcherServlet is a standard servlet which conveniently extends from the standard Spring Web DispatcherServlet, and wraps a MessageDispatcher. It will look for a file named [servlet-name]-servlet.xml in the WEB-INF directory. Static WSDL: <sws:static-wsdl id="orders" location="/WEB-INF/wsdl/orders.wsdl"/>: The WSDL will be available on http://localhost:8080/spring-ws/orders.wsdl. Dynamic WSDL: <sws:dynamic-wsdl id="orders"><sws:xsd location=”file.xsd”/>... This builds a WSDL from a XSD schema by using conventions. JMS Transport Spring WS supports server-side JMS handling through the JMS functionality provided in the Spring framework. Spring WS provides the WebServiceMessageListener to plug in to a MessageListenerContainer. Email Transport
- 3. In addition toHTTP and JMS, Spring WS also provides server-side email handling. This functionality is provided through the MailMessageReceiver class. This class monitors a POP3 or IMAP folder, converts the email to a WebServiceMessage, and sends any response using SMTP. Endpoints An endpoint interprets the XML request message and uses that input to invoke a method on the business service (typically). To enable the support for @Endpoint and related Spring WS annotations, you will need to add <sws:annotation-driven /> in the servlet XML file. Endpoints are singleton by default, so they have to be thread-safe. Endpoint interceptors Endpoint interceptors are typically defined by using a <sws:interceptors>. You can specify for which payload root name or SOAP action the interceptor should apply. PayloadLoggingInterceptor: logs the payload of the message. SoapEnvelopeLoggingInterceptor: logs the entire SOAP envelop, including the headers. PayloadTransformingInterceptor: transform the payload to another XML format. Server-side testing The integration test support lives in the org.springframework.ws.test.server package. The core class in that package is the MockWebServiceClient. 6. Using Spring Web Services on the Client WebServiceTemplate The core class for client-side Web service access in Spring WS. It contains methods for sending Source objects, and receiving response messages as either Source or Result. WebServiceGatewaySupport is a convenience base class. JmsMessageSender This class uses the facilities of the Spring framework to transform the WebServiceMessage into a JMS Message, send it on its way on a Queue or Topic, and receive a response (if any). MailMessageSender This class provides an email transport via SMTP, and retrieves them via POP3. 7. Securing the Web Services with Spring WS XWSS = XML Web Services Security package
- 4. XwsSecurityInterceptor Endpoint interceptorbased on XWSS. It requires JSE5, SAAJ and an XML security policy file (what to require, what to add). <bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor"> <property name="policyConfiguration" value="cp:securityPolicy.xml"/> <property name="callbackHandlers"> <list> <ref bean="certificateHandler"/> <ref bean="authenticationHandler"/> </list> </property> </bean> Keystores They are storage facilities for private keys, symmetric keys, and trusted certificates (X509 certificates): <bean id="keyStore" class="org.springframework.*.KeyStoreFactoryBean"> <property name="password" value="password"/> <property name="location" value="cp:*/test-keystore.jks"/> </bean> KeyStoreCallbackHandler This callback must be used with keystores. To validate incoming certificates or signatures, use the truststore. To decrypt incoming certificates or sign outgoing messages, use the keystore. <bean id="keyStoreHandler" class="org.*.KeyStoreCallbackHandler"> <property name="trustStore" ref="trustStore"/> <property name="keyStore" ref="keyStore"/> <property name="privateKeyPassword" value="changeit"/> </bean> <bean id="trustStore" class="org.*.KeyStoreFactoryBean"> <property name="location" value="classpath:truststore.jks"/> <property name="password" value="changeit"/> </bean> <bean id="keyStore" class="org.*.KeyStoreFactoryBean"> <property name="location" value="classpath:keystore.jks"/> <property name="password" value="changeit"/>
- 5. </bean> Authentication Plaintext: the SOAP message contains Username and Password elements with plain text password. <xwss:RequireUsernameToken passwordDigestRequired="false" nonceRequired="false"/> Digest: passwordDigestRequired="true" nonceRequired="true" Simple validation handler SimplePasswordValidationCallbackHandler With Spring security SpringPlainTextPasswordValidationCallbackHandler or SpringDigestPasswordValidationCallbackHandler Decryption <xwss:RequireEncryption /> <bean id="keyStoreHandler" class="org.*.KeyStoreCallbackHandler"> <property name="keyStore" ref="keyStore"/> <property name="privateKeyPassword" value="changeit"/> </bean> Encryption <xwss:Encrypt /> <bean id="keyStoreHandler" class="org.*.KeyStoreCallbackHandler"> <property name="trustStore" ref="trustStore"/> </bean> Wss4jSecurityInterceptor The Wss4jSecurityInterceptor is an Endpoint Interceptor that is based on Apache's WSS4J. WSS4J implements: · OASIS Web Services Security: SOAP Message Security 1.0 · Username Token Profile 1.0 · X509 Token Profile 1.0
- 6. A. Annex: WSDL WSDL · <types>: defines the data types used by the WS · <message>: defines the data element of the operation · <portType>: describes a WS, the operations it can perform, and the messages involved; cor-responds to a class; operations have input/output nodes. · <binding>: defines the message format and protocol details for each port Example: <portType name="glossaryTerms"> <operation name="getTerm"> <input message="getTermRequest"/> <output message="getTermResponse"/> </operation> </portType> <binding type="glossaryTerms" name="b1"> <soap:binding style="document" transport="http://..." /> <operation> <soap:operation soapAction="http://example.com/getTerm"/> <input><soap:body use="literal"/></input> <output><soap:body use="literal"/></output> </operation> </binding> <service name=”...”> <port binding=”...” name=”...”> <soap:address location=”...” /> </port> </service> B. Annex: SOAP Skeleton SOAP Message: <?xml version="1.0"?> <soap:Envelope xmlns:soap="http://www.w3.org/2001/12/soap-envelope" soap:encodingStyle="http://www.w3.org/2001/12/soap-encoding"> <soap:Header> [metadata; must be namespace-qualified] ... </soap:Header>
- 7. <soap:Body> [actual soapmessage intended for the ultimate endpoint] ... <soap:Fault> [optional element used to indicate error] ... </soap:Fault> </soap:Body> </soap:Envelope>