I am working on some web-services based application and I have a question about Apache CXF unmarshalling. In our project we use CXF 2.4.1 version.
When some SOAP request is incorrect (e.g. some field is text instead of numeric) CXF throws standard SOAPFaultException and SOAP response is built up with standard fields like:
<soap:Fault>
<faultcode>soap:Client</faultcode>
<faultstring>Unmarshalling Error: some field missing</faultstring>
</soap:Fault>
Project requirements says that in case of any fault system need to respond in other format, like:
<soap:body>
<ResponseState>
<ErrorCode>2732</ErrorCode>
<ErrorMessage>Unmarshalling Error: some field missing</ErrorMessage>
<ErrorDetails> some details </ErrorDetails>
<some other fields>
...
</ResponseState>
</soap:body>
So the question is: how can I override somehow this error handling and respond in my format, not default?
Thanks in advance.
P.S. I tried to look into some ValidationEventHandler principals, but it works in some other way in CXF 2.0 and higher.
OK, So after lot of research I've found some ways of CXF error handling.
*. ValidationEventHandler gives you possibility to throw your own exception instead of standard one. BUT you can't change responding behavior and you can't change SOAP response format.
*. Another way to alter error handling is to create your own interceptor. CXF workflow is built on chain of interceptors. There's 4 type of interceptors: inInterceptor, outInterceptor, inFaultInterceptor and outFaultInterceptor.
Using some smart hacks you can change workflow through creating your own interceptor (with adding it to chain), and remove standard interceptor from chain (if you know it's class name). So you can actually do anything you need.
BUT as far as all these interceptors marshall response manually (xmlWriter.writeStartElement() etc) it could be a great challenge to write your own interceptors for each flow phase. It could be real huge bunch of work.
Unfortunately, I haven't found good reference about CXF interceptors.
Another thing - if you need to return regular response instead of SOAPFaultException you may need additional information like: actual service that return this response, service parameters passed in request etc. I haven't found this info in accessible parameters in interceptors. And, surely, by doing so you cheat client code that will return OK instead of real exception.
*. Designing your wsdl's with all params as text may be very not very good solution:
a. Consumer of your services may be really confused if no data types and validation rules in wsdl.
b. You'll need to 'reinvent the wheel' for validation. I mean that you'll need to code your own validator that could be very difficult with some complicated rules. At the same time XSD has all of this validations implemented and good tested.
And finally about my situation: we discussed it with requirement manager and decided to allow CXF throw it's own standard exceptions if XML schema requirements violated in request. It's good solution because now we are using all the power of XSD validation and don't waste our time on complicated and useless work.
Great thanks to #ericacm for answer.
You can certainly generate a better error response than the default using ValidationEventHandler and throwing a Fault that conforms to the JAX-WS Fault spec. But it will only allow you so much customization - there will be some elements that you have no control over. For example, here is the ValidationEventHandler response from one of my apps:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Client</faultcode>
<faultstring>Errors in request</faultstring>
<detail>
<ns2:ValidationFault xmlns:ns2="http://notification.ws.foo.com/">
<errors>
<error>
<inputElement>topicId</inputElement>
<errorMessage>java.lang.NumberFormatException: For input string: "" [line:6]</errorMessage>
</error>
</errors>
</ns2:ValidationFault>
</detail>
</soap:Fault>
</soap:Body>
</soap:Envelope>
You can't do anything about the <soap:Fault>, <faultcode> and <faultstring> elements. But everything from <ValidationFault> to </ValidationFault> is custom.
If you need to have more detailed control over the response then you should change the field type from numeric to string and then do the validation in your code instead of letting the unmarshaller catch the error.
Yes, I agree, forcing it to be a string would suck but if the response has to be exactly what you spec'd above it will not be possible without diving deeper into CXF than the JAX-WS layer (for example using an interceptor).
Another option is to use the CXF Transform feature
<entry key="Fault" value="ResponseState=..."/>
This will map the original fault from the server into any other fault so that it can be accepted by your client.
Related
Have hosted soap service using camel-cxf component with default POJO data format. Want to do schema validation and instead fault need to return custom soap message.
There are many places and many techniques to do that. It depends on your requirements and design solution.
You can do it by custom code in one of inbound CXF interceptors before request reaches first processor after Camel from endpoint.
You can do it by using Camel Validate component (maybe start looking from here: Apache Camel: Validation Component
Some time ago, after playing with different approaches I ended up with custom Processor to do validation (due to my requirements - must be inside Route, must provide all errors/warnings at once(not first only), must create custom error response with details about all errors, get better as possible performance and so on...
I used standard javax.xml.validation package.
That option is not too hard, but more coding required.
Code must create instance of javax.xml.validation.Schema out of XSD file.
It is thread safe and it can be cached.
Then out of it javax.xml.validation.Validator can be created and used.
It is not thread safe, so new one must be created every time. (It is not costly operation anyway).
Then to collect all errors and warnings at once instead of getting validation exception from first error/warrning custom Error Handler implementing org.xml.sax.ErrorHandler interface need to be provided to validator in that case. There you can collect all exception and warnings from validation and deal with them after full validation completed.
With CXF POJO format - body in Camel Message actually is not a SOAP Message body, but it
is org.apache.cxf.message.MessageContentsList; where SOAP Message body POJO is element 0, and if message has more parts they are there too.
To use javax.xml.validation.Validator Body POJO must be marshalled to javax.xml.transform.Source
MyPojoClass bodyObject = ((MessageContentsList) exchange.getIn().getBody()).get(0);
SchemaFactory schemaFactory = SchemaFactory
.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
Schema requestedSchema = schemaFactory.newSchema(schemaUrl);
Validator validator = requestedSchema.newValidator();
// custom handler to collect all errors and warnings
SchemaValidationErrorHandler errHandler = new SchemaValidationErrorHandler();
validator.setErrorHandler(errHandler);
//Custom method convertPojo - uses JAXB Marshaller in standard way
Source xmlSource = convertPojo(bodyObject);
validator.validate(xmlSource);
After all if Error Handler collects warnings and errors and does not throw Exception right away, all errors/warnings will be in it and can be handled as needed.
P.S. Performance is better when Schema object created ones and cached somewhere. Schema object creation is costly operation.
I would like to add some SOAP Faults to my JAX-WS web service, but I would like not to change content of WSDL schema. As far as I read I would have to use annotation #WebFault to define SOAP Fault and it automatically causes changes in WSDL during next build. Is there any way to use SOAP Faults without changing content of WSDL scheme?
When you throw an Exception from your code it will be automatically mapped to a SOAP fault by JAX-WS in the response. There's no need to define a fault in your WSDL.
Using #WebFault or defining a <soap:fault> element in the WSDL file is used to declare that a specific operation might return a custom SOAP fault.
#WebFault will definitely add a <soap:fault> element in the resulting WSDL.
To recap, throwing an Exception will insert a element in the soap response.
Update
Custom faultstring:
The string message that you pass as a parameter to the Exception constructor represents the faultstring element in the <soap:fault>. Example:
throw new Exception("This is the faultstring text");
Resulting fault in the soap response:
<soap:fault>
<faultcode>soap:Server</faultcode>
<faultstring>This is the faultstring text</faultstring>
</soap:fault>
Custom faultcode:
I don't think you can change the faultcode with normal Java exceptions. If you really need to do that you can take a look at JAX-WS SOAPFaultException.
Keep in mind that faultcodes are used to indicate the type of error produced, and most of the time you are going to return a Server fault from your webservice.
This are the four existing fault codes in SOAP 1.1 and 1.2:
VersionMismatch: Found an invalid namespace for the SOAP Envelope element.
MustUnderstand: An immediate child element of the Header element, with the mustUnderstand attribute set to "1", was not understood.
Client: The message was incorrectly formed or contained incorrect information.
Server: There was a problem with the server so the message could not proceed.
The first three are going to be created by JAX-WS when parsing the SOAP request and unless there's a very specific situation or you are writing your own JAX-WS handlers/interceptors you will not need to return any other faultcode besides 'Server'.
Custom detail:
The <detail> element will be populated with an element representing the Exception. For example if you are throwing a new MyCustomException("custom message") it will be something like this:
<detail>
<MyCustomException>
<message>custom message</message>
</MyCustomException>
</detail>
Test your web service using Soap Ui. I just tested mine, using a custom message in the exception and when I see the Response from Soap Ui, I see that the Fault String has my custom Message.
Consider the following code with JAXB binding,
#XmlRootElement
#XmlAccessorType(XmlAccessType.FIELD)
public class SomeRequest {
#XmlElements(value={#XmlElement(name="objOne", type="ObjectOne.class"),
#XmlElement(name="objTwo", type="ObjectTwo.class")})
private MyObject obj;
}
When I get a request similar to this,
<request>
<objectOne>
<!-- Some Data -->
</objectOne>
<objectTwo>
<!-- Some data -->
</objectTwo>
</request>
Both the values are unmarshalled and processed, but only the last value of objectTwo remains.
I want to avoid this some way, by throwing an exception when both are sent in the request.
Also, I am looking for a way to solve it programmatically, without using wsdl schema validation..
I have tried to use, JAXB XmlAdapter after looking at the following question,
Confused as how to use JAXB XML Adapter for my requirement but there is no way to compare if the object has already a value and throw a soap fault.
I also couldn't think of a way of solving it using Unmarshaller, from the oracle jaxb docs
If you could recommend a solution using some kind of Interceptor or extending some JAXB class and validate and throw an exception, it would be great.
The web service implementation is done using apache cxf on jboss, if it helps. CXF Interceptors are also an option but I would take that only if there is no JAXB related solution.
I have some WSDL from which I need to generate a web service implementation. I'm using Eclipse, and Axis1.4, and running on Weblogic9.2.
Generating the server stubs goes fine, and I've implemented the code I need to. However, for compatibility with the exising implementation we are emulating, I need to return SOAP faults for some specified error conditions.
That is, I need the SOAP body of the response to look like this example:
<soapenv:Body>
<soapenv:Fault>
<faultcode xmlns:ns1="foobar">ns1:1234</faultcode>
<faultstring>The supplied parameter name ABCD is not recognised.</faultstring>
<detail>
<FaultDetail>An error processing the web service [MyService]: Unknown parameter:ABCD</FaultDetail>
<ns2:hostname xmlns:ns2="http://xml.apache.org/axis/">planet</ns2:hostname>
</detail>
</soapenv:Fault>
</soapenv:Body>
From (much) googling, I think I should be able to do this by throwing a SOAPFaultException. But the message stub throws only java.rmi.RemoteException, so I've tried passing the SOAPFaultException to the RemoteException. That gives me something like this:
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server.userException</faultcode>
<faultstring>java.rmi.RemoteException: My remote exception; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: soap fault string</faultstring>
<detail>
<ns1:hostname xmlns:ns1="http://xml.apache.org/axis/">myhostname</ns1:hostname>
</detail>
</soapenv:Fault>
</soapenv:Body>
... in other words, it hasn't resulted in a SOAP fault.
I've tried a lot of other stuff, and I'm pretty much stuck. So can someone tell me (ideally with an example) how to return a SOAP fault response with content I can specify, in my environment?
I'm not wedded to using Axis (but I've more experience with that than anything else). If you suggest an alternative, please note I need in the web service method to invoke another (authenticated) web service, and I've only been able to get that to work in Axis1.4...
Your second code post is a SOAP fault (note the soapenv:Fault inside the soapenv:Body).
Basically all of the frameworks's default behavior is to return the standard SOAP fault and provide you the ability to enter your own information in the fault code, fault string, and fault detail fields.
See the docs on the Axis 1 exception: http://ws.apache.org/axis/java/apiDocs/org/apache/axis/AxisFault.html
It has constructors for setting the qname of various fields, so you should be able to reference your own items there.
Many people will use the fault detail field and serialize their own XML type inside it using DOM.
Last but not least Axis1's prime time was circa 2000-2004, you will find it difficult to get answers and support around it. Most people have moved from Axis1 to Apache CXF, Axis2, or just straight up
JAX-WS (now included in JDK6+). There is also the Spring Web Services project, which provides full customization of all of the behaviors in the stack (marshalling, which bean gets executed, etc).
Just all of these frameworks use WSS4J for their web service security, and can support the standard username token, x509 token, etc. Nevertheless, once you get the basic messages being passed back and forth, you'll likely have to work through the details of WS-Security.
Goal
Java client for Yahoo's HotJobs Resumé Search REST API.
Background
I'm used to writing web-service clients for SOAP APIs, where wsimport generates proxy stubs and you're off and running. But this is a REST API, which is new to me.
Details
REST API
No WADL
No formal XML schema (XSD or DTD files). There are example XML request/response pairs.
No example code provided
Progress
I looked at question Rest clients for Java?, but the automated solutions there assume you are providing both the server and the client, with JAXB invoked on POJOs to generate a schema and a REST API.
Using Jersey (a JAX-RS implementation), I have been able to make a manual HTTP request:
import com.sun.jersey.api.client.*;
...
ClientConfig clientConfig = new DefaultClientConfig();
Client client = Client.create(clientConfig);
WebResource webResource = client.resource("https://hj.yahooapis.com/v1/HJAuthTokens");
webResource.accept("application/xml");
// body is a hard-coded string, with replacements for the variable bits
String response = webResource.post(String.class, body);
// parse response into a org.w3c.dom.Document
// interface with Document via XPATH, or write my own POJO mappings
The response can look like:
<?xml version="1.0" encoding="utf-8"?>
<Response>
<ResponseCode>0</ResponseCode>
<ResponseMessage>Login successful</ResponseMessage>
<Token>NTlEMTdFNjk3Qjg4NUJBNDA3MkJFOTI3NzJEMTdDNDU7bG9jYWxob3N0LmVnbGJwLmNvcnAueWFob28uY29tO0pVNWpzRGRhN3VhSS4yQVRqRi4wWE5jTWl0RHVVYzQyX3luYWd1TjIxaGx6U0lhTXN3LS07NjY2MzM1OzIzNDY3NTsxMjA5MDE2OTE5OzZCM1RBMVNudHdLbl9VdFFKMFEydWctLQ==</Token>
</Response>
Or, it can look like:
<?xml version="1.0" encoding="utf-8"?>
<yahoo:error xmlns:yahoo="http://www.yahooapis.com/v1/base.rng" xml:lang="en-US">
<yahoo:description>description</yahoo:description>
<yahoo:detail>
<ErrorCode>errorCode</ErrorCode>
</yahoo:detail>
</yahoo:error>
Questions
Is there a way to auto-generate POJOs which can be marshalled/unmarshalled without a formal schema?
Should I attempt to generate those POJOs by hand, with JAXB annotations?
Is there some tool I should be leveraging so I don't have to do all this manually?
It's interesting that they provide an HTTP URL as the namespace URI for the schema, but don't actually save their schema there. That could be an oversight on their part, which an email or discussion-list posting could correct.
One approach is to create your own schema, but this seems like a lot of work for little return. Given how simple the messages are, I wonder if you even need a POJO to wrap them? Why not just have a handler that extracts the data you need using XPath?
Edit: blast from the past, but I saw the comment, reread the question, and realized that the first sentence was hard to understand. So, clarification:
One very good habit, if you're going to write a publicly accessible web service, is to make your schema document available at the same URL that you use for the schema's namespace URI -- or better, have that URL be a link to complete documentation (the W3C XSD namespace is itself a good example: http://www.w3.org/2001/XMLSchema).
I would suggest writing beans by hand, and only annotating with JAXB annotations if you have to. For most accessors/mutators (getters/setters) you do not have to; by default all public bean accessors and fields are considered, name is derived using bean convention, and default is to use elements instead of attributes (so attributes need to be annotated).
Alternatively you can of course write schema by hand, generate beans using JAXB, if you like W3C Schema a lot. And just use resulting code, not schema, for data binding.
As to POJO: that can be very simple. Something like:
#XmlRootElement("Response")
class Response {
public int responseCode;
public String responseMessage;
public String token; // or perhaps byte[] works for automated base64?
}
and similarly for other ones. Or, use getters/setters if you like them and don't mind bit more verbosity. These are just data containers, no need to get too fancy.
And if you must auto-detect type from content, consider using Stax parser to see what the root element, and then bind using JAXB Unmarshaller, handing XMLStreamReader that points to that root element. That way you can pass different object type to bind to.
And finally: sending/receiving requests: plain old HttpURLConnection works ok for GET and POST requests (construct using, say, URL.openConnection()). Jakarta HttpClient has more features if need be. So oftentimes you don't really need a separate REST client -- they may come in handy, but generally build on simple http client pieces.
I find HTTP4E very useful for making REST calls. It is an awesome Eclipse plugin, it has tabs, syntax coloring, auto suggest, code generation, REST HTTP call replay, etc.. It does a great job of HTTP debugging, HTTP tampering, hacking. I am having so much fun with it.
http://www.ywebb.com/
Try JdkRequest from jcabi-http (I'm a developer). This is how it works:
String body = new JdkRequest("http://www.google.com")
.header("User-Agent", "it's me")
.fetch()
.body()
Check this blog post for more details: http://www.yegor256.com/2014/04/11/jcabi-http-intro.html