SOAP n The Simple Object Access Protocol Objectives
SOAP n The Simple Object Access Protocol
Objectives n Provide an Introduction to SOAP n Rationale and history n Protocol description n Syntax structure n Illustrate 2 Infrastructure around SOAP n Security and Authentication n Service description and discovery
Overview n Section 1: Fundamentals n Section 2: Protocol Layers n Section 3: Message Elements n Section 4: Infrastructure n Summary 3
Section 1: Fundamentals n SOAP Definition n Evolution n SOAP as RPC Protocol n SOAP as Messaging Protocol n XML 4 of an Open Standard and HTTP
SOAP Definition n Simple Object Access Protocol 1. 1 n Envelope for XML Letters n Specification definition: "Lightweight mechanism for exchanging structured and typed information between peers [. . . ] using XML. " 5 n Designed both for messaging and RPC n Specifies three parts: n SOAP envelope for message framework n SOAP encoding for standardized marshaling n SOAP RPC as remote procedure call convention
Evolution of an Open Standard n SOAP 0. x by User. Land Develop. Mentor n Predecessor User. Land‘s XML-RPC n SOAP 1. 0 co-authored by Microsoft n SOAP 1. 1 co-authored by IBM, Lotus n Endorsed by Sun, IONA, Apache, etc. n Submitted as a proposal to W 3 C n Foundation for XML Protocol (XP) working group n http: //www. w 3. org/TR/SOAP 6
How it looks n. A Simplified Request: HTTP/1. 1 POST /soap/mycomponent Content-Type: text/xml SOAPAction: My. Component. Method <SOAP: Envelope> <SOAP: Body> <m: My. Method. Arguments. Root> <My. Argument>1</My. Argument> </m: My. Method. Arguments. Root> </SOAP: Body> </SOAP: Envelope> 7
SOAP as RPC Protocol n Marshals procedure calls via XML n Transport can be HTTP, SMTP, etc. n Roughly n No expensive middleware required n Anyone n equivalent to DCOM & IIOP can implement easily Simplicity as a design goal n Designed n Default 8 for existing Internet infrastructure wire-protocol for. NET Remoting
SOAP as Messaging Protocol n Descriptive n Transport container for any XML data exchange can be SMTP, X. 400, Queues etc. n EDI-like: Equivalent to EDIFACT/X 12 headers n Mail-like: Similar to Exchange Forms idea n Basis for Biz. Talk Framework n Interoperable 9 and platform agnostic
Why XML ? XML is a layered, (mostly) simple, text-based and standardized data exchange architecture. SOAP XML Schema (Classes) XML Information Set (Structure) XML + Namespaces (Elements and Attributes) XML (Documents and Entities) 10
XML for Messaging and RPC n Simplicity n XML documents are plain text n Portability n No platform dependencies n No issues as with binary protocols (byte-ordering) n XML parsers exist for virtually every platform n Universally n 11 accepted XML is the #1 data exchange language
Why HTTP for RPC? n #1 application protocol used on the Internet n Available n Simple n Good n Not to implement infrastructure + extensibility Connection oriented n Designed for bad network conditions n Designed to scale n HTTP n 12 on all platforms services are easily deployed No firewall configuration problems
HTTP Characteristics n Connectionless n GET is the access protocol for resources n POST n Calls request/response mechanism is the application protocol for interaction are directed to a URI n Headers specify options n Response codes indicate success/failure/status HTTP/1. 1 POST /signup. aspx Content-Type: text/www-form-urlencoded HTTP/1. 1 200 OK fname=Clemens&lname=Vasters Content-Type: text/html <html><body>Ha!</body></html> 13
Section 2: Protocol Layers n SOAP Envelope n SOAP Encoding n SOAP RPC 14
The Protocol Layers SOAP layers it's own model on top of XML SOAP RPC SOAP Messaging SOAP Encoding Authentication Encryption BTF 2. 0 SOAP Envelope XML Framework 15 Attachments
SOAP Envelope n Purpose: Uniform container for XML messages n SOAP: Envelope n is defined by XML Schema URI: http: //schemas. xmlsoap. org/soap/envelope/ n Contains n SOAP: Header for handling instructions n SOAP: Body for XML Payload n Specifies n Defines 16 order, cardinality for structural elements SOAP: Fault for communication errors.
SOAP Encoding n Purpose: n Uniform type and encoding system for data in SOAP Envelopes n Encoding n http: //schemas. xmlsoap. org/soap/encoding/ n Optional n recommendation Ensures interoperability of data n Defines 17 is defined by XML schema rich type system: n Simple Types, Enums n Compound Values, Structures and References n Arrays (incl. Sparse Arrays, Partial Arrays)
SOAP RPC n SOAP n Key 18 RPC is a set of rules for remote procedure calls Points n Interface/Service identified by URI n Method invocation is modeled as structure n Parameter order for [in/out] in response must be the same as in request. n Behavior on error (return SOAP: Fault)
Section 3: Message Elements n SOAP: Envelope n SOAP: Header element n SOAP: Body element n SOAP: Fault element n SOAPAction HTTP header n SOAP: encoding. Style 19
SOAP: Envelope HTTP/1. 1 POST /soap/myservice Content-Type: text/xml SOAPAction: My. Interface#My. Component. Method <SOAP: Envelope> <SOAP: Header> <m: my. Header xmlns: m=“my. URI“ SOAP: must. Understand=“ 0“> Header. Info </m: my. Header> </SOAP: Header> <SOAP: Body> <m: My. Method. Arguments. Root xmlns: m=“my. URI“ > <My. Argument>1</My. Argument> </m: My. Method. Arguments. Root> </SOAP: Body> </SOAP: Envelope> 20
SOAP: Envelope n Basics: n Top-level (root) element of every SOAP message n Must be present n Must n reference to the SOAP Envelope namespace xmlns: SOAP= “http: //schemas. xmlsoap. org/schemas/envelope/“ n May n have additional, custom attributes If present, they also must be namespace qualified n May n Must contain at most one „Header“ child element 21 contain exactly one „Body“ child element
SOAP: Header HTTP/1. 1 POST /soap/myservice Content-Type: text/xml SOAPAction: My. Interface#My. Component. Method <SOAP: Envelope> <SOAP: Header> <m: my. Header xmlns: m=“my. URI“ SOAP: must. Understand=“ 0“> Header. Info </m: my. Header> </SOAP: Header> <SOAP: Body> <m: My. Method. Arguments. Root xmlns: m=“my. URI“ > <My. Argument>1</My. Argument> </m: My. Method. Arguments. Root> </SOAP: Body> </SOAP: Envelope> 22
SOAP: Header n Basics: n Optional element n If present, must be immediate child of Envelope n May contain multiple child elements (headers) n Specify processing hints for the message n All child elements must be namespace-qualified n Special n SOAP: must. Understand={“ 0“|“ 1“} n n Specifies whether the header must be understood. If the server cannot understand the header, it must fail SOAP: actor=“some. URI“ n 23 attributes for child elements: Specifies who must or should process the header
Headers: Actors and Intermediaries Client <m: destination xmlns: m=“my. Namespace-URI“ SOAP: must. Understand=“ 1“ SOAP: actor=“next“/> <m: dept> 2881 <m: dept> Header </m: destination> Envelope Dept. Server SOAP Router acts on header and routes to appropriate dept. server 24 Dept. Server
SOAP: Body HTTP/1. 1 POST /soap/myservice Content-Type: text/xml SOAPAction: My. Interface#My. Component. Method <SOAP: Envelope> <SOAP: Header> <m: my. Header xmlns: m=“my. URI“ SOAP: must. Understand=“ 0“> Header. Info </m: my. Header> </SOAP: Header> <SOAP: Body> <m: My. Method. Arguments. Root xmlns: m=“my. URI“ > <My. Argument>1</My. Argument> </m: My. Method. Arguments. Root> </SOAP: Body> </SOAP: Envelope> 25
SOAP: Body n Basics: n Must be present n Must be an immediate child of the Envelope n May 26 contain an unlimited number of child elements n Children are called „body entries“ n Body entries may be namespace- qualified n Not subject to any encoding rules by default
SOAP: Fault HTTP/1. 1 POST /soap/myservice Content-Type: text/xml SOAPAction: My. Interface#My. Component. Method <SOAP: Envelope> <SOAP: Body> <SOAP: Fault> <faultcode>Server. Invalid. Arg</faultcode> <faultstring>Type is wrong </faultstring> <detail/> </SOAP: Fault> </SOAP: Body> </SOAP: Envelope> 27
SOAP: Fault n Basics: n SOAP Fault carries status and error information. n Must be a body entry and may appear only once. n Child n faultcode: n n indicates actor detail: n 28 human-readable reason explanation. faultactor: n n machine-readable reason-code faultstring: n n Elements: arbitrary data as detail info.
SOAPAction HTTP/1. 1 POST /soap/myservice Content-Type: text/xml SOAPAction: My. Interface#My. Component. Method <SOAP: Envelope> <SOAP: Header> <m: my. Header xmlns: m=“my. URI“ SOAP: must. Understand=“ 0“> Header. Info </m: my. Header> </SOAP: Header> <SOAP: Body> <m: My. Method. Arguments. Root xmlns: m=“my. URI“ > <My. Argument>1</My. Argument> </m: My. Method. Arguments. Root> </SOAP: Body> </SOAP: Envelope> 29
SOAPAction n Basics n SOAPAction header applies only to HTTP binding n Must be present for HTTP SOAP calls n Must be accompanied by „Content-Type: text/xml“ n SOAPAction n V 1. 1 specification issue n n 30 attribute is a URI and may be empty Role of HTTP URI vs. SOAPAction header vaguely defined Recommended interpretation n Use HTTP URI to specify the service n Use SOAPAction to specify interface and method
SOAP: encoding. Style n Basics n „encoding. Style“ is a global attribute n Encoding identified by URI n May be applied to any element at any level n Enforces common rules for serialization of data n Scope n If present on an element, it applies to all children n Any child may override encoding with own choice n SOAP 31 and Inheritance defines an optional, standard encoding style n Section 5 of the specification n http: //schemas. xmlsoap. org/schemas/encoding
Encoding Simple Types Simple types are specified using the encoding namespace <SOAP: Envelope xmlns: SOAP=“http: //schemas. xmlsoap. org/schemas/envelope/“ xmlns: SOAP-ENC=“http: //schemas. xmlsoap. org/schemas/ encoding/“ SOAP: encoding. Style=“http: //schemas. xmlsoap. org/ schemas/encoding/“> [. . . ] <title xsi: type=„SOAP-ENC: string“> My Life and Work </title> <price xsi: type=„SOAP-ENC: float“> 49. 95 </price> [. . . ] </SOAP: Envelope> 32
Encoding and Referencing Structures <e: Book> <title>My Life and Work</title> <author> <name>Henry Ford</name> <address> <email>mailto: henryford@hotmail. com</email> <web>http: //www. henryford. com</web> </address> </author> </e: Book> „single-reference“ and nested structures are embedded 33
Encoding and Referencing Structures <e: Books> <e: Book> <title>My Life and Work</title> <author href="#Person-1"/> </e: Book> <title>The Success of Tin Lizzy</title> <author href="#Person-1"/> </e: Books> <e: Person id="Person-1"> <name>Henry Ford</name> <address> <email>mailto: henryford@hotmail. com</email> <web>http: //www. henryford. com</web> </address> </e: Person> „multi-reference“ structures use id & href attributes 34
Section 4: Infrastructure n Authentication n Message Encryption and Signature n Service description: WSDL n Service discovery: DISCO and UDDI 35
Authentication n SOAP enables high-capacity web-services n Raw information, no ads. Different business model n Authentication required to control access n Authentication n Can utilize HTTP authentication framework n Can use S/MIME signatures n SOAP shall work „cross-everything“ n Must use standardized authentication schemes n Authentication must be reasonably secure n Resistant against various attack types n Use 36 is intentionally skipped in SOAP 1. 1 Digest Authentication with. NET
Privacy n SOAP n Use HTTPS instead of HTTP n Use S/MIME encoding instead of MIME n SOAP 37 may carry sensitive information Extensions for Privacy underway from IBM
WSDL n Think "Type. Lib for SOAP" n WSDL = Web Service Description Language n Uniform representation for services n Transport Protocol neutral n Access Protocol neutral (not only SOAP) n Describes: 38 n Schema for Data Types n Call Signatures (Message) n Interfaces (Port Types) n Endpoint Mappings (Bindings) n Endpoints (Services)
DISCO n Think "IDispatch for SOAP" n Dynamic n Very, Discovery of Services very easy discovery model for HTTP n Basics: 39 n Call endpoint with GET n Check whether this is a DISCO file or a redirect n DISCO file contains link to WSDL n If redirect goto 1
UDDI n Think "Yahoo!" for Web. Services n Universal Description and Discovery Interface n Web. Service-Programmable n Advertise n May Sites and Services point to DISCO resources n Initiative 40 "Yellow Pages" driven by Microsoft, IBM, Ariba
Summary n Platform agnostic XML based protocol n Can implement anywhere easily n Very Extensible model for messaging and RPC n Embedded n into existing Internet technology set Built for the Internet, works best for the Internet n Open discovery and description infrastructure n Foundation for the Web. Services model n Foundation for. NET Internet Remoting 41
Questions? 42
- Slides: 42