Skip to main content

A quick fix of WS-I BP2703 assertion

A few days ago we have got WS-I conformance report from our third party client that says our web service is not compliant with WS-I guidelines. The report summary was failed with the following error:
Assertion: BP2703
Our team member quick check the WS-I compliance in Jdeveloper and can't reproduce the bug, but with soapUI gave the result with the assertion failed. Here is the WSDL of the web service.
<?xml version="1.0" encoding="utf-8" ?>
<wsdl:definitions 
    xmlns:tns="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/RetailerService.wsdl" 
    targetNamespace="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/RetailerService.wsdl" 
    xmlns:retailer="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/Retailer.wsdl" 
    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
    xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
    xmlns="http://schemas.xmlsoap.org/wsdl/" >
 
  <wsdl:import namespace="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/Retailer.wsdl" 
      location="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/Retailer.wsdl"/>


  <wsdl:service name="RetailerService">
    <wsdl:port name="LocalRetailerPort" binding="retailer:RetailerSoapBinding">
      <soap:address location="http://localhost:9080/Retailer/services/Retailer"/>
    </wsdl:port>
  
  </wsdl:service>
<wsp:Policy wsu:Id="UsernameToken" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy/ws-policy.xsd" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
  <wsp:ExactlyOne>
   <wsp:All>
    <sp:TransportBinding/>
    <sp:SupportingTokens>
     <wsp:Policy>
      <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"/>
     </wsp:Policy>
    </sp:SupportingTokens>
   </wsp:All>
  </wsp:ExactlyOne>
 </wsp:Policy>
</wsdl:definitions>
If we carefully check the error, we have to get that wsdl parser encounter wsp:Policy element after service element and throws exception. If we will check the WS policy specification we could found that Policy element can be anywhere in wsdl document.
But basic WS-I profile doesn't allow the Policy element after the service element by the specification of the wsdl schema. If we put the Policy element before the type or import element the assertion error fixes because according to the wsdl schema WSDL definition could take any number of element before type element, and this the simple fix. The valid wsdl document are as follows:
<?xml version="1.0" encoding="utf-8" ?>

<wsdl:definitions 
    xmlns:tns="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/RetailerService.wsdl" 
    targetNamespace="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/RetailerService.wsdl" 
    xmlns:retailer="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/Retailer.wsdl" 
    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
    xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
    xmlns="http://schemas.xmlsoap.org/wsdl/" >
  
     <wsp:Policy wsu:Id="UsernameToken" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy/ws-policy.xsd" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
  <wsp:ExactlyOne>
   <wsp:All>
   
    <sp:TransportBinding/>
    <sp:SupportingTokens>
     <wsp:Policy>
      <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"/>
     </wsp:Policy>
    </sp:SupportingTokens>
   </wsp:All>
  </wsp:ExactlyOne>
 </wsp:Policy> 
  <wsdl:import namespace="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/Retailer.wsdl" 
      location="http://www.ws-i.org/SampleApplications/SupplyChainManagement/2002-08/Retailer.wsdl"/>


  <wsdl:service name="RetailerService">
    <wsdl:port name="LocalRetailerPort" binding="retailer:RetailerSoapBinding">
      <soap:address location="http://localhost:9080/Retailer/services/Retailer"/>
    </wsdl:port>
  </wsdl:service>

</wsdl:definitions>
Rest of the part of the blog post describes how to configure WS-I testing tools on Mac OS. For some unknown reason SOAPUI doesn't display the conformance report on the window.
First download the Java WS-I testing tool from the following link. Unzip the archive and add the following properties on the .bash_profile
export WSI_HOME=/Users/samim/Development/WS-i/TestTool/wsi-test-tools
export PATH=/opt/subversion/bin:$WSI_HOME/java/bin:$PATH
run the bash_profile . .bash_profile
If we now runs the Analyzer.sh tools we should get the following error
/bin/sh^M: bad interpreter: No such file or directory
Unfortunately all the executable file on the wsi-test-tools/java/bin/ catalog has wrong return endings.
Do the following for the files setenv.sh and Analyzer.sh
cp -p setenv.sh setenv.sh.orig
cat setenv.sh | tr -d '\r' > setenv.sh.new
mv setenv.sh.new setenv.sh
now change the permissions of the files:
chmod +x setenv.sh (also do for the Analyzer.sh)

Now we are ready to execute Analyze tool. From the wsi-test-tools/java/samples/ directory run the following command
./Analyze.sh -config ./analyzerConfig.xml
these will analyze the WSDL and create a report on the current directory. You can examine and edit the analyzerConfig.xml for our purpose. Report.xml can be run on any internet browser and you will see the report.
Labels:

Comments

Post a Comment

Popular posts from this blog

8 things every developer should know about the Apache Ignite caching

Any technology, no matter how advanced it is, will not be able to solve your problems if you implement it improperly. Caching, precisely when it comes to the use of a distributed caching, can only accelerate your application with the proper use and configurations of it. From this point of view, Apache Ignite is no different, and there are a few steps to consider before using it in the production environment. In this article, we describe various technics that can help you to plan and adequately use of Apache Ignite as cutting-edge caching technology. Do proper capacity planning before using Ignite cluster. Do paperwork for understanding the size of the cache, number of CPUs or how many JVMs will be required. Let’s assume that you are using Hibernate as an ORM in 10 application servers and wish to use Ignite as an L2 cache. Calculate the total memory usages and the number of Ignite nodes you have to need for maintaining your SLA. An incorrect number of the Ignite nodes can become a b...
Post a Comment
Read more

Analyse with ANT - a sonar way

After the Javaone conference in Moscow, i have found some free hours to play with Sonar . Here is a quick steps to start analyzing with ANT projects. Sonar provides Analyze with ANT document to play around with ANT, i have just modify some parts. Here is it. 1) Download the Sonar Ant Task and put it in your ${ANT_HOME}/lib directory 2) Modify your ANT build.xml as follows: <?xml version = '1.0' encoding = 'windows-1251'?> <project name="abc" default="build" basedir="."> <!-- Define the Sonar task if this hasn't been done in a common script --> <taskdef uri="antlib:org.sonar.ant" resource="org/sonar/ant/antlib.xml"> <classpath path="E:\java\ant\1.8\apache-ant-1.8.0\lib" /> </taskdef> <!-- Out-of-the-box those parameters are optional --> <property name="sonar.jdbc.url" value="jdbc:oracle:thin:@xyz/sirius.xyz" /> <property na...
Post a Comment
Read more

Writing weblogic logs to database table

By default, oracle weblogic server logging service uses an implementation, based on the Java Logging APIs by using the LogMBean.isLog4jLoggingEnabled attribute. With a few effort you can use log4j with weblogic logging service. In the Administration Console, you can specify Log4j or keep the default Java Logging implementation. In this blog i will describe how to configure log4j with weblogic logging service and writes all the logs messages to database table. Most of all cases it's sufficient to writes log on files, however it's better to get all the logs on table to query on it. In our case we have 3 different web logic servers in our project and our consumer need to get all the logs in one central place to diagnose if something goes wrong. First of all we will create a simple table on our oracle database schema and next configure all other parts. Here we go: 1) CREATE TABLE LOGS (USER_ID VARCHAR2(20), DOMAIN varchar2(50), DATED DATE NOT NULL, LOGGER VARCHAR2(500) NOT...
Post a Comment
Read more