Hi I am trying to evaluate a web service. I am using the Axis API to create the requests. I send requests with some attacks, and then want to validate the obtained response to the response schema. I don't have much idea as to how can I achieve this. Can some one help me to achieve this, or give me some pointers that would give me some idea to obtain this.
+1
A:
If you used the wsdl2java tool that comes with Axis2, the response message will be unmarshalled to the generated classes, and you will get an error if the reponse message does not correspond with the classes generated from the WSDL. So in this way you have a kind of implicit validation.
Jens-Martin
2009-03-11 06:59:04
I dont get you clearly but what i am doing is using the invokeMethod method to call a certain operation. I am trying to attack the particular web service. so now to chk if the WS is vulnerable i intend to match the response to the schema. and dont know how to go about with this comparision.plz help
NewToJava
2009-03-11 07:07:34
A:
Try SOAPUI. It is quite a powerful open source testing tool for web services. You can construct test suites, do performance testing, and specify customized validation criteria.
Hicks
2009-03-11 15:00:04
i dont want to use any tool. I want to have all the validations build into my application, that would chk WS for its validity and then actually start consuming its functionality.
NewToJava
2009-03-12 03:05:59
+1
A:
Jens-Martin is correct. If you're using the client generated by Axis wsdl2java, all the validation you need is happening behind the scenes. There are two kinds of validation going on:
- SOAP has a schema definition, and the response must be a valid SOAP response or the client will throw an exception.
- The WSDL you used to generate the client described what goes in the SOAP envelope of the response. If the response you get doesn't match, the client will throw an exception.
If you really feel compelled to write your own XML parser/validator and SOAP handler, you're on your own.
super_aardvark
2009-06-09 07:06:40