SOAP Simple Object Access Protocol An Introduction by
SOAP Simple Object Access Protocol An Introduction by Juan J Vargas University of Central Florida CDA 5937 Fall 2002 October 2002 UCF - CDA 5937
Agenda Ü What is SOAP? Ü SOAP History Ü The SOAP Structure Ü The SOAP Message Exchange Model Ü Examples of HTTP / XML / SOAP Ü SOAP Security Ü Conclusions and References October 2002 UCF - CDA 5937 2
What is SOAP? Ü SOAP: “Simple Object Access Protocol” is a lightweight communication protocol for exchange of information in a decentralized, distributed environment. Ü SOAP combines HTTP (medium of communication) with XML (language of communication) SOAP = XML parser + server/client code + HTTP server Ü SOAP invokes methods on servers, services, components, and objects via October 2002 UCF - CDA 5937 3
What is SOAP? (cont. ) Ü SOAP has no explicit programming model, unlike DCOM and CORBA: no special components or tools needed to make an implementation. Ü Can be implemented in any language (Java, Perl, C++, VB, Windows and UNIX) Ü SOAP promotes distributed computing thru communication October 2002 UCF - CDA 5937 4
SOAP goals Ü Developed to be a platform and language independent Ü Simplicity and extensibility SOAP meets these goals by omitting features often found in messaging systems and distributed object systems: –garbage collection, batching of messages, objects-by-reference October 2002 UCF - CDA 5937 5
SOAP goals (cont) Ü Simple standardized mechanism for moving structured information Ü Format for sending messages Ü Enables different programs, written in different languages and running on different platforms, to communicate with each other October 2002 UCF - CDA 5937 6
SOAP History Ü SOAP 0: Developed by User. Land, Microsoft, and Develop. Mentor in 1998 Ü SOAP 1. 0 in 2000 Ü W 3 C (World Wide Web Consortium) v 1. 1 final – May 2000 Ü W 3 C v 1. 2 draft – July 2001 Specification can be found at: http: //www. w 3. org/TR/soap 12/ October 2002 UCF - CDA 5937 7
The SOAP Message Exchange Model (Client/Server) Ü SOAP defines two types of messages: Requests Responses Ü Clients send a request to a server to invoke a service, and the server sends back the results October 2002 UCF - CDA 5937 8
The SOAP 1. 1 Structure A SOAP message contains 3 parts: 1. Envelope: defines the content of the message Must be associated with a namespace, e. g. : http: //www. w 3. org/2001/06/soapenvelope Header (optional): contains header information 3. Body: contains call and response October 2002 UCF - CDA 5937 2. 9
SOAP Header Ü Is an optional component Ü The Header has information about how the message is to be processed Ü Can contain extensions to the message like transaction ids Ü Can also contain security information October 2002 UCF - CDA 5937 10
Sample <soap: Header> <soap: Envelope> … <soap: Header> <t: Transaction xmlns: t=“some-URI” soap: must. Understand=“ 1”> 12345 </t: Transaction> </soap: Header> <soap: Body> … </soap: Body> </soap: Envelope> October 2002 UCF - CDA 5937 11
SOAP Body Ü Contains the message referred to as “payload” Ü Must be a child of the Envelope element Ü Can contain the encoding. Style Ü Can also contain a <Fault> element October 2002 UCF - CDA 5937 12
Sample <soap: Body> <soap: Envelope> … <soap: Header> … </soap: Header> <soap: Body> <w: article xmlns: w=“www. w 3. org” > <w: name> SOAP v 1. 1 </w: name> <w: url> http: //www. w 3. org/TR/SOAP </w: url> </w: article> </soap: Body> </soap: Envelope> October 2002 UCF - CDA 5937 13
Sample <soap: Fault> <soap: Envelope> … <soap: Body> … <soap: Fault> <faultcode>soap: Server</faultcode> <faultstring>Server Error</faultstring> <detail> <e: myfaultdetails xmlns: e="Hello"> <message> Ooops… </message> <errorcode> 1001 </errorcode> </e: myfaultdetails> </detail> </soap: Fault> </soap: Body> </soap: Envelope> October 2002 UCF - CDA 5937 14
SOAP request POST /Temperature HTTP/1. 1 Http Header Host: www. weather. com Content-Type: text/xml Content-Length: <whatever> Soap Extensions SOAPMethod. Name: <some-URI>#Current. Temp <SOAP: Envelope xmlns: SOAP="urn: schemas-xmlsoap-org: soap. v 1"> <SOAP: Body> <m: Current. Temp xmlns: m="some-URI"> <zip_code>37919</zip_code> <m: Current. Temp> </SOAP: BODY> Xml Payload <SOAP: Envelope> URI- Uniform Resource Identifier some-URI -> www. netsolve. com or www. globus. com October 2002 UCF - CDA 5937 15
SOAP response HTTP/1. 1 200 OK Content-Type: text/xml Content-Length: <whatever> Http Header <SOAP: Envelope xmlns: SOAP="urn: schemas-xmlsoap-org: soap. v 1"> <SOAP: Header> <t: Transaction xmlns: t="some-URI"> 5 </t: Transaction> </SOAP: Header> <SOAP: Body> <m: Current. Temp. Response xmlns: m="some-URI"> <return>42</return> </m: Current. Temp. Response> </SOAP: Body> </SOAP: Envelope> October 2002 UCF - CDA 5937 Xml Payload 16
The SOAP 1. 2 Structure A SOAP message contains 4 parts: 1. Envelope: defines a framework describing what is in the message 2. Set of encoding rules: expresses instances of application-defined data types 3. Convention for representing remote procedure calls (RPCs) and responses 4. A transport binding convention for exchanging messages October 2002 UCF - CDA 5937 17
HTTP Example Ü The following is a legal HTTP request message: POST /foobar HTTP/1. 1 Host: 209. 110. 197. 12 Content-Type: text/plain Content-Length: 12 Hello, World Ü HTTP headers are just plain text. UCF - CDA 5937 October 2002 18
HTTP Example First line of an HTTP request contains three components: Ü The HTTP method: POST The Internet Engineering Task Force (IETF) has standardized a fixed number of HTTP methods: GET is the HTTP method used to surf the Web. POST is the most commonly used HTTP method for building applications. Ü The Request-URI: /foobar URI (Uniform Resource Identifier) to identify target of request Ü The protocol version: HTTP/1. 1 The protocol version in this example is HTTP/1. 1, October 2002 UCF - CDA 5937 19
HTTP Example The third and fourth lines of the request specify the type and size of the request payload: Ü Content-Type: text/plain syntax of the payload information as a MIME type Most DCE (Distributed Computing Environment) applications use NDR (Network Data Representation). Most Web applications use text/html or other text-based syntaxes. SOAP uses text/xml Ü Content-Length: 12 number of bytes of payload information October 2002 UCF - CDA 5937 20
HTTP Example The blank line between the Content. Length header and the request payload is a delimiter. Individual HTTP headers are delimited by a carriage-return / line-feed sequence. The headers are delimited from the payload using an extra carriage-return / line -feed sequence. October 2002 UCF - CDA 5937 21
HTTP Example The following is an HTTP response message: 200 OK Content-Type: text/plain Content-Length: 12 dlro. W , olle. H October 2002 Ü If server unable to decode the request 400 Bad Request Content-Length: 0 307 Temporarily Moved Location: http: //209. 110. 197. 44/foobar Content-Length: 0 UCF - CDA 5937 22
XML Name. Spaces To support extensibility, every element and attribute in XML has a namespace URI associated with it. This URI is specified using the xmlns attribute. October 2002 UCF - CDA 5937 23
XML Name. Spaces: Example <reverse_string xmlns="urn: schemas-develop-com: String. Procs"> <string 1>Hello, World</string 1> <comment xmlns='http: //foo. com/documentation'> This is a comment!! </comment> URIs </reverse_string> October 2002 UCF - CDA 5937 24
XML Name. Spaces: Example XML allows namespace URIs to be mapped to locally unique prefixes as a convenience. <sp: reverse_string xmlns: sp="urn: schemas-develop-com: String. Procs" xmlns: doc='http: //foo. com/documentation'> <sp: string 1>Hello, World</sp: string 1> <doc: comment> This is a comment!! </doc: comment> </sp: reverse_string> October 2002 UCF - CDA 5937 25
Sample SOAP Namespaces Ü SOAP envelope: http: //www. w 3. org/2001/06/soap-envelope Ü SOAP serialization: http: //www. w 3. org/2001/06/soap-encoding Ü SOAP must. Understand fault: http: //www. w 3. org/2001/06/soap-faults Ü SOAP upgrade: http: //www. w 3. org/2001/06/soap-upgrade October 2002 UCF - CDA 5937 26
Example: SOAP Method Request POST /string_server/Object 17 HTTP/1. 1 Host: 209. 110. 197. 2 URI – delim – method name Content-Type: text/xml Content-Length: 152 SOAPMethod. Name: urn: strings-com: IString#reverse <Envelope> Method must match <Body> <m: reverse xmlns: m='urn: strings-com: IString'> <the. String>Hello, World</the. String> </m: reverse> </Body> </Envelope> October 2002 UCF - CDA 5937 27
Example: SOAP Response 200 OK Content-Type: text/xml Content-Length: 162 Method name + “Response” suffix <Envelope> <Body> <m: reverse. Response xmlns: m='urn: strings-com: IString'> <result>dlro. W , olle. H</result> </m: reverse. Response> </Body> </Envelope> October 2002 UCF - CDA 5937 28
SOAP Request Structure October 2002 UCF - CDA 5937 29
Another SOAP Example Let’s build a service that calculates the tax due on a sales transaction. In traditional VB (Visual Basic) terms we will create a function with the following definition: Public Function Get. Sales. Tax(By. Val p. Sales. Total As Double) As Double Get. Sales. Tax = p. Sales. Total * 0. 04 End Function October 2002 UCF - CDA 5937 30
SOAP Example (cont) If the amount is $100 and Get. Sales. Tax is within the obj. Tax object the VB call looks like: Dim obj. Tax As New CTax. Calc dbl. Sales. Tax = obj. Tax. Get. Sales. Tax(100) October 2002 UCF - CDA 5937 31
SOAP Example (cont) CLIENT side The request is formatted as an XML document, which is passed up to the server. <SOAP: Envelope xmlns: SOAP="urn: schemas-xmlsoap-org: soap. v 1"> <SOAP: Header></SOAP: Header> <SOAP: Body> <Get. Sales. Tax> <Sales. Total>100</Sales. Total> <Get. Sales. Tax> </SOAP: Body> </SOAP: Envelope> October 2002 UCF - CDA 5937 32
How to send the XML document to the server? The request is a simple HTTP post. The internet browser masks all the complexity of sending a form to a server. But if we are going to do the job ourselves, Microsoft's XML HTTP Request object can be used to give us a helping hand. The LHTTPRequest is an object within the MSXML class library (MSXML. DLL), and it comes with IE 5. October 2002 UCF - CDA 5937 33
SOAP Client (cont) Assuming that str. Envelope contains the XML document described above, the request is formatted thus: Dim obj. HTTP As New MSXML. XMLHTTPRequest Dim str. Envelope As String In this example, the server is in the local computer 'Set up to post to our localhost server obj. HTTP. open "post", "http: //localhost/soap. asp" 'Set a standard SOAP/ XML header for the content-type obj. HTTP. set. Request. Header "Content-Type", "text/xml" 'Set a header for the method to be called obj. HTTP. set. Request. Header "SOAPMethod. Name", _ "urn: myserver/soap: Tax. Calc#Get. Sales. Tax" 'Make the SOAP call obj. HTTP. send str. Envelope 'Get the return value str. Return = obj. HTTP. response. Body October 2002 UCF - CDA 5937 34
SOAP Server Side The first job is to create the soap. asp page, to listen for, and process SOAP calls to our server. For the basic listener service, we need to parse the body of the request (the SOAP envelope) and pull out the value of the Sales. Total parameter. Because the request is XML, we can load it into an instance of Microsoft's XMLDOM. October 2002 UCF - CDA 5937 35
SOAP Server Side (cont) Soap. asp begins like this: Set obj. Req = Server. Create. Object("Microsoft. XMLDOM") obj. Req. Load Request obj. Req contains the SOAP envelope from the client. October 2002 UCF - CDA 5937 36
SOAP Server Side (cont) The value of Sales. Total can be extracted by running an XSL pattern query, using the Select. Single. Node method of the XML DOM object, and tax is calculated: str. Query = "SOAP: Envelope/SOAP: Body/m: Get. Sales. Tax/Sales. Total“ var. Sales. Total = obj. Req. Select. Single. Node(str. Query). Text var. Sales. Tax = var. Sales. Total * 0. 04 October 2002 UCF - CDA 5937 37
SOAP Server Side (cont) The response is ready to be passed back to the client. The SOAP response envelope conforms to a format-type almost identical to the request. <SOAP: Envelope xmlns: SOAP="urn: schemas-xmlsoap-org: soap. v 1"> <SOAP: Header></SOAP: Header> <SOAP: Body> <m: Get. Sales. Tax. Response xmlns: m="urn: myserver/soap: Tax. Calc"> <Sales. Tax>4</Sales. Tax> </m: Get. Sales. Tax. Response> </SOAP: Body> </SOAP: Envelope> October 2002 UCF - CDA 5937 38
SOAP Client Side (cont) The response document can be built either by stringconcatenation, or by creating a new instance of a DOM (Document Object Model), and appending the appropriate nodes. Back on the client, the response is received, and can be decoded by extracting the appropriate node from the Envelope document: Dim obj. Return As New MSXML. Dom. Document obj. Return. Load. XML str. Return str. Query = _ "SOAP: Envelope/SOAP: Body/m: Get. Sales. Tax. Response/Sales. Tax" dbl. Tax = obj. Return. Select. Single. Node(str. Query). Text October 2002 UCF - CDA 5937 39
Problems with example OK, I got it working by Ned Robinson(nrobinson@baseline. com)Tuesday, August 28, 2001 Here is the trick. You must have Application Protection on your web server set to Low so that the service and the application can run in the same address space. Go to IIS Manager, right click on your Web Site and go to Properties. Go to the Home Directory tab and make the change to Application Protection at the bottom. October 2002 UCF - CDA 5937 40
SOAP Security Ü SOAP specification does not define any protocol-specific security features. Potential security threat due to plain text nature of data. Ü Security features may be added to the SOAP header (e. g. digital signatures). Ü Transport protocols such as SSL (using HTTPS), TLS, and IP SECurity (IPSec) can provide the integrity and confidentiality of the message during transmission. October 2002 UCF - CDA 5937 41
Conclusions Ü SOAP: new and simple protocol. SOAP well suited for internet. Excellent foundation upon which other protocols may be built Ü Primary goal of SOAP is interoperability Ü SOAP = XML (data representation) + HTTP (transport) + RPC (call/response mechanism) Ü Today SOAP does not address some critical distributed services (e. g. security). But SOAP is evolving rapidly. October 2002 UCF - CDA 5937 42
References http: //www. vbip. com/xml/soap_syd. asp http: //msdn. microsoft. com/msdnmag/issues/0300/soap/default. aspx http: //www. w 3. org/TR/SOAP/ http: //www. xml. org/xml/resources_focus_soap. shtml http: //www. javaworld. com/javaworld/jw-03 -2001/jw-0330 soap. html http: //msdn. microsoft. com/library/default. asp? url=/library/enus/dnexxml/html/xml 10152001. asp http: //msdn. microsoft. com/library/default. asp? url=/library/enus/dnwebsrv/html/Xmloverchap 2. asp http: //www. microsoft. com/mind/0100/soap. asp October 2002 UCF - CDA 5937 43
- Slides: 43