1 / 29

Simple Object Access Protocol (SOAP)

Simple Object Access Protocol (SOAP). by Kazi Huque. Presentation Outline. Definition Motivation Characteristics SOAP message format SOAP in code SOAP Security SOAP in action. What is SOAP?.

senta
Télécharger la présentation

Simple Object Access Protocol (SOAP)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Simple Object Access Protocol (SOAP) by Kazi Huque

  2. Presentation Outline • Definition • Motivation • Characteristics • SOAP message format • SOAP in code • SOAP Security • SOAP in action

  3. What is SOAP? • SOAP is a lightweight protocol intended for exchanging structured information in a decentralized, distributed environment. SOAP uses XML technologies to define an extensible messaging framework, which provides a message construct that can be exchanged over a variety of underlying protocols. The framework has been designed to be independent of any particular programming model and other implementation-specific semantics.

  4. WS-Secure Conversation WS-Federation WS-Authorization WS-Privacy WS-Policy WS-Trust WS-Security SOAP SOAP is the Foundation

  5. Simply Put... • SOAP is a way for a program running in one operating system to communicate with a program running in either the same or a different operating system, using HTTP (or any other transport protocol) and XML.

  6. SOAP Messaging Framework • XML-based messaging framework that is • 1) extensible • 2) interoperable • 3) independent • Next we discuss these three characteristics in more detail

  7. Extensible • Simplicity remains one of SOAP's primary design goals • SOAP defines a communication framework that allows for features such as security, routing, and reliability to be added later as layered extensions

  8. Interoperable • SOAP can be used over any transport protocol such as TCP, HTTP, SMTP • SOAP provides an explicit binding today for HTTP

  9. Interoperable Cont…

  10. Independent • SOAP allows for any programming model and is not tied to RPC • SOAP defines a model for processing individual, one-way messages • SOAP also allows for any number of message exchange patterns (MEPs)

  11. One-Way Message

  12. Request/Response

  13. SOAP Message Format • SOAP message consists of three parts: • SOAP Envelope • SOAP Header (optional) • SOAP Body From the http://schemas.xmlsoap.org/soap/envelope/ namespace

  14. SOAP Envelope • The SOAP Envelope construct defines an overall framework for expressing what is in a message and who should deal with it.

  15. SOAP Envelope Cont… • The Envelope is the top element of the XML document representing the message. • The Envelope element is always the root element of a SOAP message. • The Envelope element contains an optional Header element followed by a mandatory Body element.

  16. SOAP Envelope Code <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <!-- optional --> <!-- header blocks go here... --> </soap:Header> <soap:Body> <!-- payload or Fault element goes here... --> </soap:Body> </soap:Envelope>

  17. SOAP Header • The Header element is a generic container for control information • It may contain any number of elements from any namespace • Header blocks should contain information that influences payload processing • Header is optional

  18. SOAP Header Code <soap:Header> <!-- security credentials --> <s:credentials xmlns:s="urn:examples-org:security"> <username>dave</username> <password>evad</password> </s:credentials> </soap:Header>

  19. SOAP Body • The Body element represents the message payload

  20. SOAP Body Code <soap:Body> <x:TransferFunds xmlns:x="urn:examples-org:banking"> <from>22-342439</from> <to>98-283843</to> <amount>100.00</amount> </x:TransferFunds> </soap:Body>

  21. SOAP in Code SOAP Message Embedded in HTTP Request: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"  SOAPENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <SOAP-ENV:Body>       <m:GetLastTradePrice xmlns:m="Some-URI">           <symbol>DIS</symbol>       </m:GetLastTradePrice>   </SOAP-ENV:Body> </SOAP-ENV:Envelope>

  22. SOAP in Code Cont… SOAP Message Embedded in HTTP Response: <SOAP-ENV:Envelope  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"  SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>   <SOAP-ENV:Body>       <m:GetLastTradePriceResponse xmlns:m="Some-URI">           <Price>34.5</Price>       </m:GetLastTradePriceResponse>   </SOAP-ENV:Body> </SOAP-ENV:Envelope>

  23. SOAP Security • The SOAP specification does not define encryption for XML Web Services. • This is left up to the implementer of the SOAP protocol.

  24. Issues About Security • Encryption places a dependency on the transport protocol • Does the transport protocol support secure communication? • What is the cost of encrypting all the data versus part of the data?

  25. SOAP Code with Encryption <%@ WebService Language="C#" Class="CreditCardService" %> using System.Web.Services; public class CreditCardService { [WebMethod] [EncryptionExtension(Encrypt=EncryptMode.Response)] public string GetCreditCardNumber() { return "MC: 4111-1111-1111-1111"; } }

  26. Request Encrypted <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <GetCreditCardNumber xmlns="http://tempuri.org/" /> </soap:Body> </soap:Envelope>

  27. Response Encrypted <soap:Body> <GetCreditCardNumber xmlns="http://tempuri.org/"> <GetCreditCardNumberResult>83 151 243 32 53 95 86 13 190 134 188 241 198 209 72 114 122 38 180 34 194 138 16 97 221 195 239 86 26 152 94 27 </GetCreditCardNumberResult> </GetCreditCardNumber> </soap:Body>

  28. SOAP in Action Demo

  29. References • Understanding SOAP Overall explanation of what SOAP is, and what it can do. http://msdn.microsoft.com/webservices/understanding/webservicebasics/default.aspx?pull=/library/en-us//dnsoap/html/understandsoap.asp • W3C Note Explains how SOAP exchanges messages. Code level details. http://www.w3.org/TR/2000/NOTE-SOAP-20000508/

More Related