I was going through the WSDL specification 1.1 where I encountered the following lines:
"Note that a request-response operation is an abstract notion; a particular binding must be consulted to determine how the messages are actually sent: within a single communication (such as a HTTP request/response), or as two independent communications (such as two HTTP requests)"
Can someone please provide me with an example for this?
Thanks in advance
Related
I have spent my afternoon getting very excited about the container-native serverless platform 'fn project' - http://fnproject.io/.
I love the idea of the FaaS model but have no intention of locking myself into a particular cloud vendor for most of the lifetime of an app - and several other reasons including the desire to spin up the entire app on a small server anywhere if I choose.
fn project seems great for my needs until I finish perusing the documentation and all the relevant blog posts and suddenly think 'what? Wait....what??? Where are the http operations?'.
I cannot find a single reference anywhere that states if it is even possible to to have http triggers for different http operations (ie POST, PUT, PATCH, DELETE), let alone how I would do it.
I want to build REST api's (or certainly at the very least json-serving http-based RPC apis - if it doesn't have hypermedia links it isn't REST ;) but let's not get into that one in this thread)
Am I missing something here (certainly the correct bit of documentation)??
Can anybody please enlighten me as to how I would do this, or even tell me if I have totally misunderstood what I should use this for?
My excitement has gone soft for now but I'm hoping someone that will change with the right information.
It feels odd that I can't find anyone else complaining about this, so I think that indicates my misunderstanding perhaps.
Other solutions such as OpenFaaS look interesting but I dont wan't to have to learn how to deploy kubernetes and docker swarms if I can avoid it :)
I'm not an expert, but as of now it seems not possible to specify the http method inside the trigger. Check latest trigger spec : as you can see, there is no notion of http method here.
However, handling different HTTP methods can be done inside the function itself.
For example, in Java (with fdk-java v1.0.80), you can use com.fnproject.fn.api.httpgateway.HTTPGatewayContext as the first parameter of the function, as described in the section "Accessing HTTP Information From Functions" of the documentation :
In Fn for Java, when your function is being served by an HTTP trigger (or another compatible HTTP gateway) you can get access to both the incoming request headers for your function by adding a 'com.fnproject.fn.api.httpgateway.HTTPGatewayContext' parameter to your function's parameters.
Using this allows you to :
...
Access the method and request URL for the trigger
...
You can then retrieve the HTTP method by calling getMethod() on the HTTPGatewayContext passed as parameter.
In other languages (with others fdk), it's possible to do the same :
in Go : example calling RequestMethod() on context
in Ruby : class HTTPContext
in Python : class HTTPGatewayContext
in Node : class HTTPGatewayContext
From this different contexts, you'll then be able to get method parameter passed when fn invoke --method=[GET|POST|...] (via fn-http-method header).
The main drawback here is that all HTTP methods should be handled in the same function. Nonetheless, you can structure your code to have only one class per method.
After some further thought it seems fairly clear now what my actual misunderstanding was....
When I have built Serverless framework services in the past (or built and deployed Lambda functions using terraform) I have been deploying to AWS and so have been using AWS's API Gateway offering (their product is actually called API gateway but its important to recognise that API Gateway is a distributed systems / micro-sevices design pattern).
API gateway makes it possible to route specific http request types including the method (GET,POST,PUT,DELETE) to the desired functions.
Platforms such as Fn project and OpenFaaS do not provide an out of the box api gateway solution and it seems we would need to take care of this ourselves.
These above mentioned platforms are about deployment of functions. We find the other bits via our product of choice.
I'm setting up an Asp.Net WebHook receiver for an internal webhook from a different server in the same application. I'm therefore using the built-in CustomWebHookReceiver. The webhook needs to send several different payload types as JSON, which need to be de-serialized into different strong types by the receiver and be processed differently.
Since the only difference between invocations of the webhook are the payload, a single webhook receiver will be configured for a single id, following the pattern of placing the shared secret in the web.config AppSetting as:
MS_WebHookReceiverSecret_<receiver>
What is the best way to implement different webhook handling behavior for the different payload types. Creating separate receivers or separate ids for the different payload types does not seem appropriate, since the security models are identical and writing a new receiver seems like overkill.
Creating different handlers seems like the right direction, but built-in settings appear to only allow a handler to specify the receiver and the priority. This leaves the option of inspecting the payload inside the handler's ExecuteAsync method and deciding how to process the message.
Is this correct, or is there a better way?
Tom, you can use the {id} part of the URI to receive as many WebHooks using the same handler and then differentiate them based on the {id}. You can find more details about how to set this up here.
Hope this helps!
Henrik
When using PayloadRootAnnotationMethodEndpointMapping together with WS-Security Encryption, I get this error: [EndpointNotFound] No endpoint mapping found for [SaajSoapMessage {http://www.w3.org/2001/04/xmlenc#}EncryptedData]
Spring WS wants first finding the right Endpoint, and only later decrypts the SOAP body. This is obviously not the right thing to do.
Please dont tell me that the SoapActionAnnotationMethodEndpointMapping is the solution. Is not there a better way? I would not like routing based on SOAP Action or WS-A Action.
Unfortunately, using the SoapActionAnnotationMethodEndpointMapping or AnnotationActionEndpointMapping are the only provided mappings you can use. In Spring-WS, the EndpointMapping is queried before any of the interceptors are invoked - including the security interceptor, and such you have to find a mapping that does not depend on the encrypted message payload.
That said, since EndpointMapping is an interface, you can also write your own, and include any kind of routing logic you can think of. Extending from AbstractAnnotationMethodEndpointMapping is a good start for this approach. When your mapping is done, just wire it up in the application context and it should be detected automatically by Spring-WS's MessageDispatcher.
I'm using Savon for a Web Service Client implementation.
However, I get this message:
(a:ActionNotSupported) The message
with Action 'SearchCars' cannot be
processed at the receiver, due to a
ContractFilter mismatch at the
EndpointDispatcher. This may be
because of either a contract mismatch
(mismatched Actions between sender and
receiver) or a binding/security
mismatch between the sender and the
receiver. Check that sender and
receiver have the same contract and
the same binding (including security
requirements, e.g. Message, Transport,
None).
after sending my soap request.
I read it had something to do with a httpBinding or something.
Any ideas?
Do you have a working client another mechanism (eg curl)?
What I find useful is to see look at the differences between the http requests, using something like Charles.
And/or soapUI is a handy tool for inspecting web services and trying them out. Have you tried connecting with that?
HTH, Chris
I am developing some SOAP web services using Ruby on Rails and considering how to handle generic failures. These generic errors are applicable to all the methods within the service and include the following :-
Missing Request element
Missing Authentication element (Custom)
Invalid Authentication details
I can intercept these errors within my controller before calling the relevant method and respond appropriately. My question is which implementation is easiest to manage from a Client perspective. My options for handling these errors seem to be as follows.
Raise an exception and let the SOAP service generate a SoapFault. This would be fine except I have little (no) control over the structure of the message contained within the SOAP fault.
Return an Http 400 response with an agreed data structure to indicate the error message. This structure would not be defined within the WSDL though.
Include a Status element in all responses, whether successful or not and have that status element include a code and an array of error data (Including error messages).
Option three seems like the best solution but is also the most error prone to implement as the implementation of web services in ROR precludes me from implementing this in a generic way and each method becomes responsible for checking the result of the checks and rendering an appropriate response. Admittedly this would be a single function call and return on failure but it is relying on the developer to remember to do this as we add more options.
I appreciate that most ROR developers will say that this should be implemented as a REST service and I agree, in fact we already have REST services to do this but the spread of SOAP in the corporate world, and its impressive tooling support means that we have to provide SOAP services to remain competitive.
In your experience what would be the easiest implementation for clients to handle and does this differ dependant upon the libraries/language of the client process.
A SoapFault would be the preferred way to signify errors. SoapFaults can contain additional information in their <detail> element.
The advantage of a SoapFault over some status element is that the caller can use standard exception handling, instead of checking for some status field.