XML-based interface description language
The
Web Services Description Language
(
WSDL
) is an
XML
-based
interface description language
that is used for describing the functionality offered by a
web service
.
[
citation needed
]
The acronym is also used for any specific WSDL description of a web service (also referred to as a
WSDL file
), which provides a machine-readable description of how the service can be called, what parameters it expects, and what data structures it returns. Therefore, its purpose is roughly similar to that of a
type signature
in a programming language.
The latest version of WSDL, which became a W3C recommendation in 2007, is WSDL 2.0. The meaning of the acronym has changed from version 1.1 where the "D" stood for "Definition".
Description
[
edit
]
The WSDL describes services as collections of network
endpoints
, or
ports
. The WSDL specification provides an
XML
format
for documents for this purpose.
The abstract definitions of ports and messages are separated from their concrete use or instance, allowing the reuse of these definitions. A port is defined by associating a
network address
with a reusable binding, and a collection of ports defines a service. Messages are abstract descriptions of the data being exchanged, and port types are abstract collections of supported operations. The concrete protocol and data format specifications for a particular port type constitutes a reusable binding, where the operations and messages are then bound to a concrete network protocol and message format. In this way, WSDL describes the public interface to the Web service.
WSDL is often used in combination with
SOAP
and an
XML Schema
to provide Web services over the
Internet
. A client program connecting to a Web service can read the WSDL file to determine what operations are available on the server. Any special
datatypes
used are embedded in the WSDL file in the form of XML Schema. The client can then use SOAP to actually call one of the operations listed in the WSDL file, using for example XML over
HTTP
.
The current version of the specification is 2.0; version 1.1 has not been endorsed by the
W3C
but version 2.0 is a
W3C recommendation
.
[1]
WSDL 1.2 was renamed WSDL 2.0 because of its substantial differences from WSDL 1.1. By accepting binding to all the
HTTP request methods
(not only GET and POST as in version 1.1), the WSDL 2.0 specification offers better support for
RESTful
web services
, and is much simpler to implement.
[2]
[3]
However support for this specification is still poor in
software development kits
for Web Services which often offer tools only for WSDL 1.1.
[
needs update
]
[
citation needed
]
For example, the version 2.0 of the
Business Process Execution Language (BPEL)
only supports WSDL 1.1.
WSDL 1.1 Term
|
WSDL 2.0 Term
|
Description
|
Service
|
Service
|
Contains a set of system functions that have been exposed to the Web-based protocols.
|
Port
|
Endpoint
|
Defines the address or connection point to a Web service. It is typically represented by a simple HTTP
URL
string.
|
Binding
|
Binding
|
Specifies the interface and defines the
SOAP
binding style (
RPC
/Document) and transport (
SOAP
Protocol). The binding section also defines the operations.
|
PortType
|
Interface
|
Defines a Web service, the operations that can be performed, and the messages that are used to perform the operation.
|
Operation
|
Operation
|
Defines the SOAP actions and the way the message is encoded, for example, "literal." An operation is like a method or function call in a traditional programming language.
|
Message
|
?
|
Typically, a message corresponds to an operation. The message contains the information needed to perform the operation. Each message is made up of one or more logical parts. Each part is associated with a message-typing attribute. The message name attribute provides a unique name among all messages. The part name attribute provides a unique name among all the parts of the enclosing message. Parts are a description of the logical content of a message. In RPC binding, a binding may reference the name of a part in order to specify binding-specific information about the part. A part may represent a parameter in the message; the bindings define the actual meaning of the part. Messages were removed in WSDL 2.0, in which
XML
schema types for defining bodies of inputs, outputs and faults are referred to simply and directly.
|
Types
|
Types
|
Describes the data. The
XML Schema
language (also known as
XSD
) is used (inline or referenced) for this purpose.
|
Example WSDL file
[
edit
]
<?xml version="1.0" encoding="UTF-8"?>
<description
xmlns=
"http://www.w3.org/ns/wsdl"
xmlns:tns=
"http://www.tmsws.com/wsdl20sample"
xmlns:whttp=
"http://schemas.xmlsoap.org/wsdl/http/"
xmlns:wsoap=
"http://schemas.xmlsoap.org/wsdl/soap/"
targetNamespace=
"http://www.tmsws.com/wsdl20sample"
>
<documentation>
This
is
a
sample
WSDL
2.0
document.
</documentation>
<!-- Abstract type -->
<types>
<xs:schema
xmlns:xs=
"http://www.w3.org/2001/XMLSchema"
xmlns=
"http://www.tmsws.com/wsdl20sample"
targetNamespace=
"http://www.example.com/wsdl20sample"
>
<xs:element
name=
"request"
>
...
</xs:element>
<xs:element
name=
"response"
>
...
</xs:element>
</xs:schema>
</types>
<!-- Abstract interfaces -->
<interface
name=
"Interface1"
>
<fault
name=
"Error1"
element=
"tns:response"
/>
<operation
name=
"Get"
pattern=
"http://www.w3.org/ns/wsdl/in-out"
>
<input
messageLabel=
"In"
element=
"tns:request"
/>
<output
messageLabel=
"Out"
element=
"tns:response"
/>
</operation>
</interface>
<!-- Concrete Binding Over HTTP -->
<binding
name=
"HttpBinding"
interface=
"tns:Interface1"
type=
"http://www.w3.org/ns/wsdl/http"
>
<operation
ref=
"tns:Get"
whttp:method=
"GET"
/>
</binding>
<!-- Concrete Binding with SOAP-->
<binding
name=
"SoapBinding"
interface=
"tns:Interface1"
type=
"http://www.w3.org/ns/wsdl/soap"
wsoap:protocol=
"http://www.w3.org/2003/05/soap/bindings/HTTP/"
wsoap:mepDefault=
"http://www.w3.org/2003/05/soap/mep/request-response"
>
<operation
ref=
"tns:Get"
/>
</binding>
<!-- Web Service offering endpoints for both bindings-->
<service
name=
"Service1"
interface=
"tns:Interface1"
>
<endpoint
name=
"HttpEndpoint"
binding=
"tns:HttpBinding"
address=
"http://www.example.com/rest/"
/>
<endpoint
name=
"SoapEndpoint"
binding=
"tns:SoapBinding"
address=
"http://www.example.com/soap/"
/>
</service>
</description>
History
[
edit
]
WSDL 1.0 (Sept. 2000) was developed by
IBM
,
Microsoft
, and
Ariba
to describe Web Services for their SOAP toolkit. It was built by combining two service description languages:
NASSL
(Network Application Service Specification Language) from IBM and
SDL
(Service Description Language) from Microsoft.
WSDL 1.1, published in March 2001, is the formalization of WSDL 1.0. No major changes were introduced between 1.0 and 1.1.
WSDL 1.2 (June 2003) was a working draft at W3C, but has become WSDL 2.0. According to W3C: WSDL 1.2 is easier and more flexible for developers than the previous version. WSDL 1.2 attempts to remove non-interoperable features and also defines the HTTP 1.1 binding better. WSDL 1.2 was not supported by most SOAP servers/vendors.
WSDL 2.0 became a W3C recommendation in June 2007. WSDL 1.2 was renamed to WSDL 2.0 because it has substantial differences from WSDL 1.1. The changes are the following:
- Added further semantics to the description language
- Removed message constructs
- Operator overloading not supported
- PortTypes renamed to interfaces
- Ports renamed to endpoints
Subset WSDL
[
edit
]
Subset WSDL (SWSDL)
[4]
is a WSDL with the subset operations of an original WSDL. A developer can use SWSDL to access Subset Service, thus handle subset of web service code. A Subset WSDL can be used to perform web service testing and top down development. Slicing of a web service can be done using a Subset WSDL to access Subset Service. Subset Service can be categorized into layers using SWSDL. SWSDLs are used for Web service analysis, testing and top down development. AWSCM
[5]
is a tool that can identify subset operations in a WSDL file to construct a subset WSDL.
Security considerations
[
edit
]
Since WSDL files are an XML-based specification for describing a web service, WSDL files are susceptible to attack.
[6]
To mitigate vulnerability of these files, limiting access to generated WSDL files, setting proper access restrictions on WSDL definitions, and avoiding unnecessary definitions in web services is encouraged.
See also
[
edit
]
References
[
edit
]
External links
[
edit
]
|
---|
Products and
standards
| |
---|
Organizations
| | Working groups
| |
---|
Community & business groups
| |
---|
Closed groups
| |
---|
|
---|
Software
| |
---|
Conferences
| |
---|