White Papers
Abstract
When DataPower is used to transform a SOAP/HTTP back-end Web service to a different front-end Web service interface, the configuration should transform the HTTP SOAPAction to the correct value expected by the back end. This article describes different solutions for doing this transformation.
Content
IBM The SOAPAction header is defined as part Web Service Description Language (WSDL) 1.1 specification. Originally, the purpose of this header was to identify the intent of the request -- the operation to be invoked on the back end. Later as part of WS-I Basic Profile V1.1, it was recommended not to depend on it, but some service providers continued to do so. Therefore it is always better when building a mediation layer in front of a SOAP/HTTP Web service to make sure that you correctly rewrite the SOAPAction header as part of your mediation logic. The soapAction attribute is associated with each operation binding in the WSDL and its value is not necessarily the same as the operation name -- it can be any URI. When the SOAP request is sent over HTTP, an HTTP header named SOAPAction is presented with a value equal to the soapAction attribute of the requested operation, surrounded with double quotes. Listing 1 shows a WSDL snippet with the soapAction attribute defined: When creating a new Web Service Proxy on DataPower, one of the proxy settings is the SOAPAction policy, which is highlighted in Figure 1 below and has three options: This policy affects the service that is exposed by DataPower, not the back-end Web service. The service configuration needs to transform the incoming SOAPAction HTTP header to the value expected by the back-end Web service. The following sections describe different ways to do that. In this solution, you develop an XSL file that uses an extension element called Here is an example of using this element: The XSL file above takes the SOAPAction header value as a parameter, so when you configure the transform action, open the Advanced tab, set the SOAPAction header value field, and click Save: This action should be configured in the request rule of your processing policy. In this solution, you may not need to use the exact code shown in Listing 2 above. Specially, if you are going to use one XSL file to set the SOAPAction header depending on which Web service operation is being invoked. In this solution, rewrite the SOAPAction header using one of the advanced actions called Header Rewrite. When configuring the request processing rule: In this solution, you can create multiple URL-rewrite rules, each one responsible for transforming the SOAPAction header for a different operation. Obviously, you will need to change the match expression for the rules to be more specific that the one described in Figure 4 above. In this solution, you don't touch the processing policy. Instead, you configure the SOAPAction header rewrite on the Web service proxy level. Use the following steps: In this solution you don't touch the Web service proxy configuration, but you configure the user agent object of the XML manager, which is referenced by the Web service proxy. Modifying the user agent or the XML manager named default is not recommended because these are used for new services and some existing services may be using them as well. Instead, create a new user agent object and/or an XML manager object before applying the steps above to it. This article explained several ways to rewrite the SOAPAction header using DataPower. It explained that the SOAPAction header is associated with a Web service operation, and not a Web service interface. Solution 3 inserts the SOAPAction headers into all requests passing through the Web service proxy to the back end. Therefore, if the WSDL that is exposed by the Web service proxy has multiple operations, this solution may not be the best fit. A similar rationale applies to Solution 4 -- if the service back end exposes more than one operation, it may not be the best fit. Solution 1 and Solution 2 are flexible and don't suffer from SOAPAction header scope like Solutions 3 and 4. Solution 2 is handled through the Web configuration, and doesn't require any XSLT development. However, if you are not comfortable with regular expressions, then Solution 1 is probably a better fit. The author would like to thank Karim Ouda and Mohab El Hilaly for their work reviewing this article. Related topicsIntroduction
Background
<wsdl:binding name="MyServiceBinding" type="tns:MyServicePortType">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="operation1">
<soap:operation soapAction="OP1"/>
<wsdl:input>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
Solution 1. Using an XSL file
set-http-request-header
. This element has two attributes:
SOAPAction
.
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:dp="http://www.datapower.com/extensions"
xmlns:dpconfig="http://www.datapower.com/param/config"
extension-element-prefixes="dp"
exclude-result-prefixes="dp dpconfig">
<xsl:param name="dpconfig:SOAPAction" />
<dp:param name="dpconfig:SOAPAction">
<display>SOAPAction header value</display>
</dp:param>
<xsl:template match="/">
<xsl:copy-of select="/*"/>
<dp:set-http-request-header name="'SOAPAction'" value="$dpconfig:SOAPAction"/>
</xsl:template>
</xsl:stylesheet>
Solution 2. Using a header rewrite action
header-rewrite
indicates that a request header will be rewritten..*
means that the rule matches any value for the SOAPAction Header.Solution 3. Using Web service proxy header injection
Solution 4. Using the user agent
Conclusion
Acknowledgements
The W3 Standard that defines the WSDL 1.1 specifications
The W3 Standard that defines the SOAP specifications
A single Web portal to all DataPower documentation, with conceptual, task, and reference information on installing, configuring, and using the various Appliances.
Product descriptions, product news, training information, support information, and more.
A searchable database of support problems and their solutions, plus downloads, fixes, and problem tracking.
This retail book shows you how to use DataPower Appliances from the network, security, and ESB perspectives. The book describes installation, configuration, management, monitoring, configuration, build, deployment, DataPower as a network device, and DataPower services, especially the "big three" of XML Firewall, Web Service Proxy, and Multi-Protocol Gateway.
DataPower SOA appliances are purpose-built, easy-to-deploy network devices that simplify, secure, and accelerate your XML and Web services deployments while extending your SOA infrastructure. This IBM Redbook describes DataPower architecture, use cases, deployment scenarios, and implementation details, as well as best practices for SOA message-oriented architecture in a production ESB environment.
The developerWorks newsletter gives you the latest articles and information only on those topics that interest you. In addition to WebSphere, you can select from Java, Linux, Open source, Rational, SOA, Web services, and other topics. Subscribe now and design your custom mailing.
Convenient online ordering through Barnes & Noble.
Conferences, trade shows, Webcasts, and other events around the world of interest to WebSphere developers.
Was this topic helpful?
Document Information
Modified date:
17 July 2023
UID
ibm11109439