How do I mark SOAP service 'MTOM enabled' - soap

This is not Java specific question, but let's have an example in Java: It is a standard practice in the Java world to add xmime:expectedContentTypes="*/* to base64 elements to enable MTOM processing on the server side - it results in the #XmlMimeType annotation, use of DataHandlers instead of byte arrays etc. While this description is of course greatly simplified, xmime:expectedContentTypes="*/* is usually recognized as 'MTOM ready' by the developers (and more importantly also by the implementing libraries) when seen in the schema. From what I've gathered from the examples, the situation is the same in the C# world.
It does however make no sense to me - the attribute specifies what kind of data we might actually expect in the XML, not that it can be used together with MTOM. I have also not found any direct connection between expected content type and MTOM in any RFC or similar document for SOAP 1.1.
My question can be phrased in two ways:
How does the service make clear that it accepts / serves binary data as MTOM attachments in the request / response?
How does the client correctly recognize that the binary data can be sent / obtained by using MTOM attachments for the given service?

It seems you are slightly confused between attachments, SOAP Attachment and MTOM.
SOAP-Attachment was first introduced in December 2000 as a W3C note (not a specification) and defined an extension to the transport binding mechanisms defined in SOAP 1.1. In particular, this note defined:
a binding for a SOAP 1.1 message to be carried within a MIME multipart/related message in such a way that the processing rules for the SOAP 1.1 message are preserved.The MIME multipart mechanism for encapsulation of compound documents can be used to bundle entities related to the SOAP 1.1 message such as attachments.
In simple terms, it defined a mechanism for multiple documents (attachments) to be associated with SOAP message in their native formats using a multipart mime structure for transport. This was achieved using a combination of "Content-Location" and "Content-ID" headers along with a set of rules for interpreting the URI that was referred to by "Content-Location" headers.
A SOAP message in this format can be visualized as below (encapsulated as multipart/mime):
This is also the format that you might have worked with when you used SAAJ, but is not recommended anymore, unless you are working with legacy code. The W3C note was later revised to a "feature" level in 2004 (along with SOAP 1.2) and was eventually superseded by SOAP MTOM mechanism.
SOAP Message Transmission Optimization Mechanism (MTOM) is officially defined as not one, but three separate features that work together to deliver the functionality:
"Abstract SOAP Transmission Optimization Feature" describes an abstract feature for optimizing the transmission and/or wire format of the SOAP message by selectively encoding portions of the message, while still presenting an XML infoset to the SOAP application.
"An optimized MIME Multipart/Related serialization of SOAP Messages" describes an Optimized MIME Multipart/Related Serialization of SOAP Messages implementing the Abstract SOAP Transmission Optimization Feature in a binding independent way.
"HTTP SOAP Transmission Optimization Feature" describes an implementation of the Abstract Transport Optimization Feature for the SOAP 1.2 HTTP binding.
If you read the second document, you will realize that "attachments" has been replaced with XML binary optimized "packages" or XOP.
A XOP package is created by placing a serialization of the XML Infoset inside of an extensible packaging format (such a MIME Multipart/Related, see [RFC 2387]). Then, selected portions of its content that are base64-encoded binary data are extracted and re-encoded (i.e., the data is decoded from base64) and placed into the package. The locations of those selected portions are marked in the XML with a special element that links to the packaged data using URIs.
In simple terms, this means that instead of encapsulating data as "attachment" in a multipart/mime message, the data is now referred to by a "pointer" or links. The following diagrams may assist in understanding:
Now that we have the background, let us come back to your questions.
How does the service make clear that it accepts / serves binary data as MTOM attachments in the request / response?
It does not. There is no concept of an attachment with MTOM, and thus a server can't declare that it accepts attachments.
How does the client correctly recognize that the binary data can be sent / obtained by using MTOM attachments for the given service?
Like I said above, there is no way for a client to do this as "attachments" are not supported.
Having said that, there is yet another W3C spec on XML media types that states:
The xmime:contentType attribute information item allows Web services applications to optimize the handling of the binary data defined by a binary element information item and should be considered as meta-data. The presence of the xmime:contentType attribute does not changes the value of the element content.
When you enable MTOM using xmime:contentType and xmime:expectedContentTypes="application/octet-stream (* should not be used), the generated WSDL will have an entry like this:
<element name="myImage" xmime:contentType="xsd:base64Binary" xmime:expectedContentTypes="application/octet-stream"/>
This is server's way of declaring that it can receive an XML binary optimized package (which could be broken down into multipart MIME message).
When the client sees the above, the client knows server can accept XML binary optimized packages and generates appropriate HTTP requests as defined Identifying XOP Documents:
XOP Documents, when used in MIME-like systems, are identified with the "application/xop+xml" media type, with the required "type" parameter conveying the original XML serialization's associated content type.
Hope that helps!

Related

Is my understanding of Media Types correct?

1) Assume that when media type name is set to "X/xml", the software agent SA is capable of identifying Hypermedia controls contained in representation format RF
a) If SA receives the following HTTP reply ( which contains RF ), then "text" part of the media type name text/xml informs SA that it should process RF as plain XML ( thus it shouldn't try to identify Hypermedia controls )?
HTTP/1.1 200 OK
...
Content-Type: text/xml
...
<order xmlns=″...″>
...
<link rel=...″
href=...″/>
</order>
b) But if instead SA receives the following HTTP reply, then "X" part in media type name X/xml which informs SA that while processing RF it should also identify Hypermedia controls?
HTTP/1.1 200 OK
...
Content-Type: X/xml
...
<order xmlns=″...″>
...
<link rel=...″
href=...″/>
</order>
2) If my understanding in 1) is correct, then I assume all values preceding "xml" ( say "X/vnd.Y" in media type name X/vnd.Y+xml ) are used to inform software agent which processing model it should use with xml document?
EDIT:
I apologize in advance for being so verbose
1)
To clarify, XML has no hypermedia controls. I assume you meant a
hypermedia-capable XML format such as Atom (application/atom+xml).
I know XML is just a markup language and thus has no Hypermedia controls. But my understanding is that if my custom media type MyMedia/xml identifies BeMyLink element ( defined within XML Schema namespace MySchemaNamespace ) as Hypermedia control, then when processing the following XML document in accordance with MyMedia/xml ( thus when Content-Type header is set to MyMedia/xml ), the BeMyLink element is considered a Hypermedia control:
<MyCreation xmlns="MySchemaNamespace">
<BeMyLink rel="..."
href="..."/>
</MyCreation >
?
2)
Assuming "X" is "application ..."
Could you clarify what you've meant to say here? Perhaps that media type name is application/xml?
3)
If "X" is not "application" but some other type, it may not be safe
for your agent to parse the document as such.
Doesn't X just describe ( in terms of processing model ) how resource representation should be interpreted/parsed? As such, couldn't I name X part of media type name X/xml anything I want ( say blahblah/xml ), as long as agents trying to process this representation ( received via HTTP response with Content-Type header set to blahblah/xml ) are aware ( ie know how to process this representation according to instructions given by blahblah/xml ) of media type blahblah/xml?
2. EDIT
1)
This is why you should be using standard media types, rather than
custom media types -- because in the end, the media type itself is not
a driver of application behavior
Isn't a downside to using standard media types in that when agent receives a resource representation, it won't know just by checking media type value whether it semantically understands the representation, while with custom media types, agent can figure just by looking at media type value whether it knows the semantic meaning of a resource representation?
2)
This is why you should be using standard media types ...
Then I also assume we should only be using standard ( ie those registered with IANA ) rel values?
3)
Higher level application semantics are communicated through external
documentation, not the media type. Through the documentation of rels
and links and what the named values within the representation mean.
Perhaps I'm nitpicking, but ... you say higher level semantics should be communicated through external documentation and not media type, but then you note that documentation of rel values should convey higher level semantics. But aren't rel values in lots of cases ( not always, as rel values can also be independently defined, such as those registered with IANA ) considered as being part of a media type?
Thank you
To clarify, XML has no hypermedia controls. I assume you meant a hypermedia-capable XML format such as Atom (application/atom+xml).
1a) From RFC 2046 section 3:
Plain text is intended to be displayed "as-is". ... Other subtypes are to be used for enriched text in forms where application software may enhance the appearance of the text, but such software must not be required in order to get the general idea of the content.
In your example, your software agent receiving a response of text/xml may choose to enhance the display of the document (clickable links, syntax highlighting, etc). See note 1.
1b) Assuming "X" is "application" then yes, your agent may freely parse the document for hypermedia controls and use them for deciding future operation. If "X" is not "application" but some other type, it may not be safe for your agent to parse the document as such.
You're basically right. For more information, check out RFC 6839 section 4.1 and RFC 3023.
Response to edits:
A media type takes the form type/[vnd.]subtype[+suffix]. Since "type" is a little ambiguous in this context, we usually call it the "top-level media type." There's only a small handful of reasons to ever declare a new top-level media type, so unless you're absolutely sure you need it, stick with the standards: text, image, audio, video, and application. The [vnd.] is the optional vendor prefix which is used to denote non-standard subtypes. The [+suffix] is used to denote when your custom subtype is a specialization of an existing standard subtype.
If you want to define a custom XML format, use application/vnd.mymedia+xml. Using application indicates that the document is intended to be used in conjunction with programs as opposed to human display. Using vnd. indicates that it's non-standard. Using +xml means, well, that it's an XML document. And mymedia is the name of your subtype.
It's the subtype, not the top-level media type, that indicates what you refer to as the processing model. If an agent knew how to parse vnd.mymedia+xml it wouldn't (theoretically) matter if it was application/vnd.mymedia+xml or audio/vnd.mymedia+xml as both types refer to the same document format. Whether audio/vnd.mymedia+xml makes any sense or not is a separate issue.
Note 1: In practice, you can probably treat text/xml as application/xml without issue. However, you can't treat application/xml as text/xml due to the possibility of non-printable data.
You're basically on track. The media type represents the processing model for the representation. The processing model is what "knows" about hypermedia elements.
So, as mentioned, text/xml is not a hypermedia media type because raw XML has no concept of hypermedia controls. Whereas, XHTML is clearly a hypermedia media type.
The processing model based on the media type effectively represents the syntax of the representation, as well as some level of processing semantics at the MEDIA TYPE level.
What they do not do, is represent semantics at an APPLICATION level.
This is why you should be using standard media types, rather than custom media types -- because in the end, the media type itself is not a driver of application behavior.
Consider application/vnd.invoice+xml. This implies (based on the name) that this media represents some kind of type resource, such as an invoice. in contrast to simply application/xhtml+xml. The html format clearly has no "invoice" semantics, its not even implied.
By using generic media types, the clients and applications can layer their own semantics upon the representation as the application requires. Higher level application semantics are communicated through external documentation, not the media type. Through the documentation of rels and links and what the named values within the representation mean.
Addenda:
The media type is syntax, not semantics. When you get an HTML form from a request, for example, is the form for submitting address information? airport reservations? tax information? The HTML media type can represent all of these, but none of these are related to the HTML media type at all.
If you followed the "registerCar" rel, the odds are pretty high that the form you got back have something to do with registering a car, HTML has no say in it. But the details surrounding the "registerCar" rel are documented externally. There may well be markers in the representation, such as <title>Car Registration Form</title>, but, too is something delegated to the documentation. But there's no criteria that suggest that semantics of a resource representation is necessarily able to convey the semantics under which it is used.
If you got a form back with a name and address, who's name is it? Which address? If you do "GET /person/1/homeaddress", then it's fair to say that you got their home address. But introspection of the payload doesn't necessarily tell you that. It's all a matter of context.
As for media types that document rels, some do, some don't. Atom has some, HTML doesn't. HAL doesn't. IANA has a list of generic standardized rels, but those are independent of media type. They would be applicable in either HTML or HAL. They're orthogonal.
If you're going to use standardized rels, then you should stick close to the semantics as standardized, thus leveraging the standard and the wide knowledge that they bring. But in the end how your application processes different rels is up to your application.

RESTful design for handling requests differentiated as either JSON or multpart/form-data

I am designing a REST API for text analysis, and I want to accept submitted content as either JSON or in file format (which is more convenient for large submissions). The JSON format has a "text" field, from which the text is extracted. Uploaded files just contain raw textual content. So I will be handling these two types of content as either a JSON-encoded body, or in the latter case as a multipart/form-data upload. My question is really related to how I should design my API with respect to handling these two different types of submissions, whilst remaining as RESTful as possible.
My initial thought was to have two different endpoints, /json for JSON, and /files for uploaded files. It doesn't seem right, however, to have two endpoints differentiated only by the type of content submitted by clients, rather than functionality. As an alternative I then considered differentiating according to request method, using PUT for JSON and POST for files. Again this seems wrong, since it is add odds with the semantics of the request methods themselves.
It seems the only alternative is to accept the two types of encodings via the same endpoint. I'm still not sure if this is the right way to proceed from a design perspective, however, hence my question. I guess this is precisely what the Content-Type header is for, as stated here. But there seems a more radical distinction between JSON and multipart/form-data than between JSON and XML.
When doing REST design my inclination is to stick with:
Unified methods (PUT is PUT regardless of Content-Type, POST is always POST)
I think that Content-Type is ultimately the correct differentiator, but if you'd prefer to embed it in the URL, I'd go with a content suffix of some sort.
.json for application/JSON and .file for form-data?
Once you move afield of Content-Type as the differentiator, it's sort wibbly wobbly freeformy at that point.

SOAP Request/Response based on Style/Use

I was wondering if someone could explain the differences in a SOAP request/response of a Web service with the following wsdl binding style/use:
Document/literal
RPC/literal
wrapped document style
Thanks in advance
This article from IBM DeveloperWorks [Which style of WSDL should I use?] has an excellent explanation of the differences between these binding styles. In a nutshell, the only differences are the values of the SOAP binding "style" attribute ("rpc" or "document") in the WSDL file and the way the message arguments and return values are defined (and thus how they appear in the SOAP messages themselves):
[Note the reordering of items from the question to emphasize relationships]
RPC/literal - WSDL message element defines arguments and return value(s) of operations.
PROS: simple WSDL, operation name appears in SOAP message, WS-I compliant.
CONS: difficult to validate since arguments are defined in WSDL not XSD.
Document/literal - WSDL message parts are references to elements defined in XML Schema.
PROS: easily validated with XSD, WS-I compliant but allows breakage.
CONS: complicated WSDL, SOAP message does not contain operation name.
Document/literal wrapped (or "wrapped document style") - WSDL message input has single input and output parameters and input refers to XSD element with same local name as WSDL operation.
PROS: easily validated, SOAP message contains operation name, WS-I compliant.
CONS: most complicated WSDL (not an official style but a convention).
In my experience, #3 (Document/literal Wrapped) is very common in large enterprise projects because it is both Microsoft and OSS friendly and it is well suited for a top-down development model (e.g. WSDL/XSD first, then generate code artifacts). Microsoft invented it [1] and popular Java/OSS tools (Axis2, JAX-WS) support it explicitly.
The "real world" difference likely comes down to which styles are supported — and how well — by the tools of your choice.

JSON or SOAP (XML)?

I'm developing a new application for the company.
The application have to exchange data from and to iPhone.
Company server side uses .NET framework.
For example: the class "Customer" (Name, Address etc..) for a specific CustomerNumber should be first downloaded from server to iphone, stored locally and then uploaded back to apply changes (and make them available to other people). Concurrency should not be a problem (at least at this time...)
In any case I have to develop both the server side (webservice or whatever) and the iPhone app.
I'm free to identify the best way to do that (this is the application "number ONE" so it will become the "standard" for the future).
So, what do you suggest me ?
Use SOAP web services (XML parsing etc..) or user JSON ? (it seems lighter...)
Is it clear to me how to "upload" data using SOAP (very long to code the xml soap envelope ... I would avoid) but how can I do the same using JSON ?
The application needs to use date values (for example: last_visit_date etc..) what about date in Json ?
JSON has several advantages over XML. Its a lot smaller and less bloated, so you will be passing much less data over the network - which in the case of a mobile device will make a considerable difference.
Its also easier to use in javascript code as you can simply pass the data packet directly into a javascript array without any parsing, extracting and converting, so it is much less CPU intensive too.
To code with it, instead of an XML library, you will want a JSON library. Dates are handled as you would with XML - encode them to a standard, then let the library recognise them. (eg here's a library with a sample with dates in it)
Here's a primer.
Ah, the big question: JSON or XML?
In general, I would prefer XML only when I need to pass around a lot of text, since XML excels at wrapping and marking up text.
When passing around small data objects, where the only strings are small (ids, dates, etc.), I would tend to use JSON, as it is smaller, easier to parse, and more readable.
Also, note that even if you choose XML, that does not by any means mean you need to use SOAP. SOAP is a very heavy-weight protocol, designed for interoperability between partners. As you control both the client and server here, it doesn't necessarily make sense.
Consider how you'd be consuming the results on the iPhone. What mechansim would you use to read the web service response? NSXMLParser?
How you consume the data would have the biggest impact on how your serve it.
Are JSON and SOAP your only options? What about RESTful services?
Take a look at some big players on the web that have public APIs that are accessible by iPhone clients:
Twitter API
FriendFeed API
Also, review the following related articles:
How to parse nested JSON on iPhone
RESTful WCF service that can still use SOAP
Performance of REST vs SOAP
JSON has following advantages:
it can encode boolean and numeric values ... in XML everything is a string
it has much clearer semantics ... in json you have {"key":"someValue"}, in XML you can have <data><key>someValue</key></data> or <data key="someValue" /> ... any XML node must have a name ... this does not always make sense ... and children may either represent properties of an object, or children, which when occuring multiple times actually represent an array ... to really understand the object structure of an XML message, you need its corresponding schema ... in JSON, you need the JSON only ...
smaller and thus uses less bandwidth and memory during parsing/generation ...
apart from that, i see NO difference between XML and JSON ... i mean, this is so interchangable ... you can use JSON to capture the semantics of SOAP, if you want to ...
it's just that SOAP is so bloated ... if you do want to use SOAP, use a library and generators for that ... it's neither fun nor interesting to build it all by hand ...
using XML RPC or JSON RPC should work faster ... it is more lightweight, and you use JSON or XML at will ... but when creating client<->server apps, a very important thing in my eyes, is to abstract the transport layer on both sides ... your whole business logic etc. should in no way depend on more than a tiny interface, when it comes to communication, and then you can plug in protocols into your app, as needed ...
There are more options than just SOAP vs JSON. You can do a REST-based protocol (Representational State Transfer) using XML. I think it's easier use than SOAP and you get a much nicer XSD (that you design.) It's rather easy for almost any client to access such services.
On the other hand, JSON parsers are available for almost any language and make it really easy to call from JavaScript if you'll use them via AJAX.
However, SOAP can be rather powerful with tons of standardized extensions that support enterprise features.
You could also use Hessian using HessianKit on the iPhone side, and HessianC# on the server side.
The big bonuses are:
1. Hessian in a binary serialization protocol, so smaller data payloads, good for 3G and GSM.
2. You do not need to worry about format in either end, transport is automated with proxies.
So on the server side you just define an C# interface, such as:
public interface IFruitService {
int FruitCount();
string GetFruit(int index);
}
Then you just subclass CHessianHandler and implement the IFruitService, and your web service is done.
On the iPhone just write the corresponding Objective-C protocol:
#protocol IFruitService
-(int)FruitCount;
-(NSString*)GetFruit:(int)index;
#end
That can then be access by proxy by a single line of code:
id<IFruitService> fruitService = [CWHessianConnection proxyWithURL:serviceURL
protocol:#protocol(IFruitService)];
Links:
HessianKit : hessiankit
I would certainly go with JSON, as others already noted - it's faster and data size is smaller. You can also use a data modelling framework like JSONModel to validate the JSON structure, and to autoconvert JSON objects to Obj-C objects.
JSONModel also includes classes for networking and working with APIs - also includes json rpc methods.
Have a look at these links:
http://www.jsonmodel.com - the JSONModel framework
http://json-rpc.org - specification for JSON APIs implementation
http://www.charlesproxy.com - the best tool to debug JSON APIs
http://json-schema.org - tool to define validation schemas for JSON, useful along the way
Short example of using JSONModel:
http://www.touch-code-magazine.com/how-to-make-a-youtube-app-using-mgbox-and-jsonmodel/
Hope these are useful

Generic MIME type for a MIME entity?

Is there such a thing as a generic MIME type for a MIME entity? A MIME entity would be something that consists of a header section, followed by a blank line, followed by a body section (with CRLF line endings) according to RFC 2045/2046.
An example could be the following:
Header1: Some list
Header2: of headers
Arbitrary body content
In other words, is there a MIME "supertype" for things such as message/rfc822, a single multipart-part, etc.?
None I know of. A single multipart part is also message/rfc822, and technically HTTP messages are not MIME entities so there is no common base between them and rfc822. Although parts of an HTTP message may be MIME entities, the actual request/response is not.
RFC2616 blurs the distinction by referencing 822-family specs in places (sometimes erroneously, for example the references to using RFC2047 for encoding parameters). But HTTP defines its own basic productions for headers and values which are slightly different from — and incompatible with — those defined in RFC[2]822. So HTTP should not be parsed using standard RFC822 tools... even disregarding the many, many ways in which real-world web browsers and servers diverge from the HTTP standards.