Endpoint Security Ohio

Web Services Part 2 – Interview Questions @JKNB

• What is WSDL?

WSDL stands for Web Service Description Language. It represents the contract between two systems. The WSDL describes all operations that the service provides, locations of the endpoints (i.e. where the services can be invoked), and simple and complex elements that can be passed in requests and responses.

• What are the various implementations of JAX-RS available to choose from in Java?

JAX-RS is RESTful Web Service. There are plenty of implementations, but most common are: CXF(Apache), JERSEY (Oracle).

• How would you go about implemnting the RESTful Web service?

Get the related libraries (jars). If the request and responses are XML based POST, then define an XSD file and generate JAXB annotated classes for marshalling and unmarshalling the request and response. Define the WebService interface and implementation classes. Define any interceptor and filter classes if required to intercept the request and responses for implementing the cross-cutting concerns like security validation, logging, auditing, setting up or initializing the locale, etc Wire up the classes via Spring and CXF config files. For example, webservices-config.xml and cxf.xml. The operations between different software applications, which are running on a variety of platforms and frame-working are supported by web services.

• Explain the web services architecture.

The operations between different software applications, which are running on a variety of platforms and frame-working are supported by web services.

• What is a proxy object?

Component, which can communicate with the WS.

• What are the steps to get a proxy object of a web service at the client side?

Access UDDI node for a list of web services; Services thus responded by UDDI have URL pointing to DISCO or WSDL document; Parse DISCO and WSDL document and build a proxy object which can communicate with the web service;

• What is SOAP?

SOAP is an XML-based protocol that enables 2 components to communicate each other.

• What is UDDI?

UDDI stands for Universal Description Discovery and Integration. It is the directory that is used to publish and discover public web services.

• What is DISCO or Discovery?

It exposes schema document of the web services.

• Explain JAXM messaging models.

JAXM messaging models has two types of messaging model, synchronous and asynchronous. In Synchronous messaging model, client directly interacts with the source. The client sends a request and waits for the response. In Asynchronous messaging model, client sends message to the messaging provider and returns back. Messaging provider then performs the routing of message to the end source.

• What are Transport methods in SOAP?

Application layer and transport layers of a network are used by SOAP. SMTP and HTTP are the valid application layer protocol uses as transport for SOAP. Wider acceptance is gained by HTTP, as it works better with the current internet infrastructure, especially with firewalls.

• What are the elements that should be contained in SOAP message?

Envelope – Translates the XML document to a SOAP message. It is the root element. Header – Contains the header message and application specific information. Body – Contains the call and response message. Fault element – Used for communicating errors. If present, it appears as a child element of the body and can appear only once.

• What is SOAP actor element?

The header element may pass through different endpoints before it reaches the receiver. SOAP actor element is specifically used to address the header element to a specific endpoint.

• Why should we encrypt the SOAP messages?

The main purpose of SOAP is to exchange messages over HTTP. For communication it uses XML. The messages exchanged if done in plain text can be potentially viewed by anyone across the internet. SOAP over HTTPS is secured. The entire HTTP message, including both the headers and the body of the HTTP message is encrypted using public asymmetric encryption algorithms.

• What is the use of having SOAP messages with attachments?

SOAP messages can be attached with MIME extensions that come in multipart/related. It is used to send messages using the binary data with certain defined rules that are applied on it.

• What types of operations are available in WSDL?

There are four operations available: 1. One-way, where the operation can receive a message but will not return a response. (receive) 2. Request-response, where the operation can receive a request and will return a response. (receive) 3. Solicit-response, where the operation can send a request and will wait for a response. (send) 4. Notification, where the operation can send a message but will not wait for a response.(send)

• List all WS Components.

XML, WSDL, SOAP and UDDI.

• Explain WSDL Port.

It defines the operations in a Web Service.

• What are foundation security services?

They are four types – for authentication, authorization, digitl signatures, encryption.

Web Services Documentation can be found .