My group has a requirement to validate published WSDLs for compliance against the WS-I Basic Security Profile.
Perhaps I have misunderstood the requirement, in relationship to the 'published' sense? Or perhaps, the requirement could be refined further. On Mon, 7 Feb 2011 10:20:04 -0500, Daniel Kulp <dk...@apache.org> wrote: > On Monday 07 February 2011 9:55:42 am robert wrote: >> Consider the online help for the WSDL validator tool: >> http://cxf.apache.org/docs/wsdlvalidator.html. >> >> The text states that the following check is performed: "Validate the >> WSDL document against custom validation rules, such as those defined by >> the Web Services Interoperability (WS-I) organization (i.e. WS-I Basic >> Profile rules)." >> >> I have two questions in this regards, >> >> (1) The checks target what version of WS-I Basic Profile? If it's >> not Web Services Interoperability Organization’s Basic Profile, Version >> 1.2, could checks be added for this latest version? >> > > It's WS-I Basic Profile.. It's not all the rules though. I think WSI-BP > defines hundreds, if not thousands, of checks. We're pretty much checking > for the common issues. If someone wants to go through the BP spec > and write > additional checks, that would be great. It's not a priority for > *ME* as the > existing checks have been fairly adequate. > >> (2) Are there any checks performed in relationship to "Web Services >> Interoperability Organization’s Basic Security Profile, Version 1.1"... >> if not, could there be? > > Well, the WSI-security profile defines on-the-wire rules and such. > It really > doesn't define any rules for anything in the WSDL. What would a *WSDL* > validator validate with this?
