Okay. I did open up a JIRA issue request (https://issues.apache.org/jira/browse/CXF-3312) based on text from our group related to a different system, "validate published WSDL files for compliance with WS-I Basic Security Profile".
Perhaps the requirement is invalid, and so should be the issue? I guess CXF-3312 could be closed as invalid? On Mon, 7 Feb 2011 10:49:51 -0500, Daniel Kulp <dk...@apache.org> wrote: > On Monday 07 February 2011 10:39:21 am robert wrote: >> My group has a requirement to validate published WSDLs for compliance >> against the WS-I Basic Security Profile. >> >> Perhaps I have misunderstood the requirement, in relationship to the >> 'published' sense? Or perhaps, the requirement could be refined >> further. > > Honestly, I have no idea what the "requirement" would be. The only place > WSDL is mentioned in the WSI-SP is in section 5.4. All the checks > in there > are just pointers to the BP 1.0 and 1.1 specifications. Thus, it's really > just checking the BP. > > Dan > > >> On Mon, 7 Feb 2011 10:20:04 -0500, Daniel Kulp <dk...@apache.org> >> >> wrote: >> > On Monday 07 February 2011 9:55:42 am robert wrote: >> >> Consider the online help for the WSDL validator tool: >> >> http://cxf.apache.org/docs/wsdlvalidator.html. >> >> >> >> The text states that the following check is performed: "Validate the >> >> WSDL document against custom validation rules, such as those defined by >> >> the Web Services Interoperability (WS-I) organization (i.e. WS-I Basic >> >> Profile rules)." >> >> >> >> I have two questions in this regards, >> >> >> >> (1) The checks target what version of WS-I Basic Profile? If it's >> >> not Web Services Interoperability Organization’s Basic Profile, Version >> >> 1.2, could checks be added for this latest version? >> > >> > It's WS-I Basic Profile.. It's not all the rules though. I think >> > WSI-BP defines hundreds, if not thousands, of checks. We're pretty >> > much checking for the common issues. If someone wants to go through >> > the BP spec and write >> > additional checks, that would be great. It's not a priority for >> > *ME* as the >> > existing checks have been fairly adequate. >> > >> >> (2) Are there any checks performed in relationship to "Web Services >> >> Interoperability Organization’s Basic Security Profile, Version 1.1"... >> >> if not, could there be? >> > >> > Well, the WSI-security profile defines on-the-wire rules and such. >> > It really >> > doesn't define any rules for anything in the WSDL. What would a *WSDL* >> > validator validate with this?
