SoapFilter
A new and simpler SOAP filter, which replaces the old XMLValidationFilter. This filter can validate XML and SOAP calls against XML schema and WSDL files. The filter can be turned on/off in a very generic way. Also a log mode is available for easier integration.
ch::nevis::isiweb4::filter::validation::SoapFilter
libInputValidationFilter.so.1
Configuration
BlockOnError
- Type: string
- Usage Constraints: mandatory, basic, conditional
- Default: on
- Supported Pragmas: break
- Syntax: on|off|log
List of conditions defining for which requests SOAP/XML Validation should be performed.
Sample: Condition:HEADER:Content-Type:application/xml on off
This sample will make sure that all requests having Content-Type header=application/xml contain valid Soap data (as per the configured constraints). No other requests will be processed.
StatusCode
- Type: integer
- Usage Constraints: optional, advanced
- Default: 403
- Syntax:
<status-code>
Defines the response status code of a blocked response. Sample: 500
SchemaCatalog
- Type: string
- Usage Constraints: optional, advanced
- Default: see description
- Syntax:
<systemId>:<filename>
- Sample:
<http://www.sample.org/sample.xsd>
: sample_request.xsd.
Defines the mapping between a system ID and a file inside the configured schema directory. This mapping is defined as a newline-separated list of strings.
The SoapFilter does not make any out-calls to download the schema files and the .wsdl files. All files needed by the filter have to be stored in the Schema Directory folder.
The following default schema files are shipped with the nevisProxy package and set as default:
http://schemas.xmlsoap.org/soap/envelope/ : /opt/nevisproxy/xsd/envelope.xsd
http://www.w3.org/2003/05/soap-envelope/ : /opt/nevisproxy/xsd/soap12-envelope.xsd
http://www.w3.org/2001/xml.xsd : /opt/nevisproxy/xsd/xml.xsd
http://schemas.xmlsoap.org/wsdl/ : /opt/nevisproxy/xsd/wsdl.xsd
http://schemas.xmlsoap.org/wsdl/soap/ : /opt/nevisproxy/xsd/soap.xsd
If you need to define additional schemas, redefine the default schemas together with the additional entries.
This parameter is mandatory for all instances created with a nevisProxy version older than 3.13.8.0. For new instances created with nevisProxy version 3.13.8.0 and higher, the system will take the defaults automatically. In this case, setting this parameter is optional.
SchemaDirectory
- Type: string
- Usage Constraints: optional, basic
- Default: No directory is set.
- Syntax:
<path>
- Sample: /var/opt/nevisproxy/sample/conf
Defines the directory where schemas and wsdl files are located.
WSDLFile
- Type: string
- Usage Constraints: optional, advanced
- Syntax:
file://<path>:<filename>
- Example:
file:///var/opt/test/AdminService.wsdl : AdminService.wsdl
Enters the path to the WSDL file if a SOAP request is expected. If no WSDL file is defined, only XML validation is done on the request.
Currently the SoapFilter does not support XSD schemas in WSDL files. Extract any XSD part in a WSDL file manually into a separate XSD file and specify these XSD files in the schema catalog.