I want to code java program for the below example. I am not able to find the way to add Doctype before the soap envelope.
<?xml version="1.0"?>
<!DOCTYPE order SYSTEM "c:\order.dtd">
<soap:Envelope
xmlns:soap="http://www.w3.org/2001/12/soap-envelope"
soap:encodingStyle="http://www.w3.org/2001/12/soap-encoding">
<soap:Body xmlns:m="http://www.example.org/order">
<order>
<cust_id>1</cust_id>
<cust_name>Bob Smith</cust_name>
<creditcardnum>999999999999</creditcardnum>
<creditcardexpiry>0609</creditcardexpiry>
<item>
<prod_id>1</prod_id>
<quantity>2</quantity>
</item>
</order>
</soap:Body>
</soap:Envelope>
In short, you shouldn't be adding a DOCTYPE to your SOAP messages, even if you somehow get it to work.
The slightly longer answer is that according to the specs for SOAP, a SOAP message MUST NOT contain a DTD. There are most likely a few reasons for this but there are definite concerns allowing DTD's as it opens the door for malicious attacks such as XXE (XML External Entity Attacks).
Here are some additional resources:
http://www.w3schools.com/xml/xml_soap.asp
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
Related
It's a really simple question but which I have no quick answer to it and I need help : I call a service that returns this XML body and need to parse it and get the element's values but for some reason I always get the values as null all the time.
How can I parse this XML body via any recommended method in java ?
<?xml version="1.0" encoding="UTF-8"?>
<Response xmlns="http://tempuri.org/Response.xsd">
<ResponseStatusDescription />
<EntityPaymentReceiptNumber />
<Description>Test</Description>
<OperationName>CheckPayment</OperationName>
<BankID>39</BankID>
<EntityPaymentDate />
<CheckPaymentID>188721103486</CheckPaymentID>
<ResponseStatusCode>INFO2</ResponseStatusCode>
</Response>
Generate a class from the xsd, i.e xjc http://tempuri.org/Response.xsd. Now, have your rest call expect Response as the return type.
I am a newbie to Java programming and trying to do an XML read and updation.
I was able to write a program in Java that will create the following XML file. There will be multiple staff in a XML file and the id's are unique. This example has 2 staff items.
<?xml version="1.0"?>
<company>
<staff id="1001">
<firstname>yong</firstname>
<lastname>mook kim</lastname>
<nickname>mkyong</nickname>
<salary>100000</salary>
</staff>
<staff id="2001">
<firstname>low</firstname>
<lastname>yin fong</lastname>
<nickname>fong fong</nickname>
<salary>200000</salary>
</staff>
</company>
What i want to do is,
Step - 1: Read XML - based on ID provided by user, find the corresponding staff element and read it's salary.
Step-2: Update XML - Change the salary item for the corresponding staff and save the file.
What am looking for is an efficient way of doing this!
You have multiple solutions for that:
Use JAXB for mapping the XML structure to Java classes. Then you can easily marshal/unmarshal to/from XML;
Use XPath/XSLT for quickly accessing the desired XML node in Step #1 and for updating node content in Step #2;
Use one of Java's XML parsers (StAX, DOM, SAX) to read and process the XML.
Option 2 is quick, but I cannot make judgments whether it is the most efficient or not, I guess you can test and take your conclusions.
I am using below format to response for the webservices.
<Name>abc</Name>
<Detail>
<RESPONSE>
<Age>20</Age>
<Address>blahblah</Address>
<Mobile>12345</Mobile>
</RESPONSE>
</Detail>
Due to the requirements, I need to return xml format data insides the <Detail></Detail> tag.
In my java class, I parse using Xstream and format into xml and put insides the Detail tag.
But when I test using SOAPUI , I am getting extra <![CDATA[<RESPONSE>.. <</RESPONSE>]]> insdies Detail tag.
How can I avoid having those CDATA tag for the xml response?
<![CDATAP[......]]> is used to tell that the XML meaning of it should not be taken and to treat it as normal text that is called character data. so Parser won't seek for any XML meaning in it.
As Dave Newton and kshitij told it will automatically removed while converting it into object.
If you are not supposed to parse it as it is no issue to bother about it.
I download an XML-file, I generate using PHP, that looks similar to this
<?xml version="1.0" encoding="utf-8" ?>
<customersXML>
...
<customer id="12" name="Me+%26+My+Brother" swid="1" />
...
</customersXML>
Now I need to parse it in Java, but before that I use URL-Decode, so the XML become this
<?xml version="1.0" encoding="utf-8" ?>
<customersXML>
...
<customer id="12" name="Me & My Brother" swid="1" />
...
</customersXML>
But when I parse the XML-file using SAX, I get a problem with "&". How can I get around this?
The ampersand is a special character in xml (O'reilly Xml: Entities: Handling Special Content) and needs to be encoded. Replace it with & before sending it.
If the XML in question isn't urlencoded in the first place (which it doesn't look like it is), then you shouldn't be urldecoding it. Breaking the xml and then "unbreaking" it really doesn't seem like the best way to go about it. Just use the original xml and parse that.
Never process XML as a string without parsing it, or you are liable to end up with something that is no longer XML. As you have discovered.
You should FIRST parse, THEN url decode.
About Apache XmlBeans. I use AnyType in scheme definition (xsd:anyType) as element in complex type.
Example:
<request xmlns="">
<xml>
<input1>
<string>str</string>
</input1>
</xml>
</request>
in java code
final ProcessRequest processRequest = requestDocument.addNewRequest();
XmlObject xml = processRequest.addNewXml();
xml.changeType(operationType.type);
xml.set(operationType);
and i want to see
<xml xsd:type="*opeation1NSPrefix*:*operation1Type*>
...
</xml>
but i see only <xml/>. What i doing wrong?
stupid mistake: operation1 define as anonymous type <element><complexType>..</></> in wsdl. when i define "<element type=".."/><complexType name=".."/> the problem disappeared