Publish SOAP Web Service Wizard

The Publish SOAP Web Service Wizard is used to publish a Web service with an existing WSDL document. This wizard supports the WSDL 1.1 standard.
The Publish SOAP Web Service Wizard is used to publish a Web service with an existing WSDL document. This wizard supports the WSDL 1.1 standard.
If the web service does not have a WSDL document, use the Create WSDL Wizard instead.
To access the Publish SOAP Web Service Wizard, do any of the following:
  • Click
    Publish SOAP Web Service
    on the Home Page
  • Select [
    Tasks
    ]
    > Services and APIs >
    Publish SOAP Web Service
    from the Main Menu
  • Right-click a folder within the Services and Policies  list and then select
    Publish SOAP Web Service
    .
Note:
UDDI support is deprecated in
Layer7 API Gateway
.
Complete the wizard as described below.
Wizard Step
Description
Step 1: Web Service Description
The Web Service Description screen locates the WSDL document for the web service using one of the following methods:
  • If you know the URL for the WSDL, enter it in the Location field. If you have a WSDL file, click [
    File
    ] and then select the file.
  • If you are extracting the WSDL URL from a WSIL (Web Services Inspection Language) URL, enter the WSIL URL in the Location field. If you have a WSIL file, click [
    File
    ] and then select the file. Select the target web service when prompted.
  • If you are searching a UDDI Registry for the web service, click [
    UDDI
    ] and proceed to Searching the UDDI Registry for details.
  • The [UDDI] button is available only when a UDDI registry has been configured on the Gateway. For more information, see Manage UDDI Registries.
  • To configure options for the URL (for example, to specify the credentials or configure a proxy), click [
    HTTP Options
    ] to open the Manage HTTP Options dialog.
Note the following about the WSDL document:
  • The WSDL document should not depend on any external documents, otherwise the import process may fail.
  • The WSDL URL supports SSL, SSL + Client authentication, and URL authentication.
  • The maximum size for a WSDL document is controlled by the
    wsdlDownload.maxSize
    cluster property.
Click [
Next
]. The wizard attempts to resolve the WSDL URL. If the resolution is successful, you proceed to Step 2 of the wizard. If the WSDL download fails, try the following troubleshooting steps:
  • Note the errors and then re-enter the WSDL or WSIL URL or search the UDDI registry again, then click [
    Next
    ] to try to move to the next step of the wizard.
  • An error message "Unable to parse WSDL location" may indicate that authentication is required. If you see this message, click [
    HTTP Options
    ] to configure options for the URL (for example, to specify the credentials, SSL, or proxy options). For more information, see Manage HTTP Options.
Once credentials have been supplied, if the UDDI is monitored for changes to this service, you will not be prompted for credentials in the future for WSDL downloads from that location.
Upon publication, the WSDL URL appears as a Route via HTTP(S) assertion in the web service's initial policy and the name of the web service is extracted from the resolved WSDL and added to the [Services] tab.
Step 2: Service Resolution
The Service Resolution screen lets you choose the service resolution path:
  • No resolution path:
    Select this option to set the resolution path to the default Gateway URI "/ssg/soap". This setting is the default.
  • Custom resolution path:
    Select this option to specify a custom resolution URI. Choose a custom URI from the drop-down list or type in the URI if you require one that is not on the list.
You can change the resolution path later using the [HTTP/FTP] tab in the service's properties. Note that the service resolution path applies to both the HTTP and FTP protocols.
Step 3: Access Control
The Access Control screen allows you to define simple Web service encryption, access control, and authentication rules.
  1. Optionally select the Require SSL/TLS Encryption check box to require that all requestors consume the web service through the SSL entry point.
  2. Select Allow Anonymous Access to permit requestors to access the web service anonymously (without credentials).
    OR:
    Select Require Users to Authenticate to require that requestors provide credentials to gain web service access. Define the authentication details for this option as follows:
    • Authentication Method: Select an authentication method from the drop-down list. This determines what information users and groups are required to provide to gain web service access.
    • Identity Provider: Select an identity provider that contains the authorized users and groups from the drop-down list.
    When requiring users to authenticate, the Web access will be restricted to the identity providers indicated above. The policy will initially be populated with an authentication assertion for each Authenticate User or Group assertion corresponding to each selected identity.
  3. Specify which users and groups are authorized to use the web service by moving them between the No Permission and Have Permission lists.
    • Grant permission by selecting entries from No Permission and then clicking [
      Add
      ]. Alternatively, click [
      Add All
      ] without selecting any entry to authorize everyone on the list.
    • Deny permission by selecting entries from Have Permission and then clicking [
      Remove
      ]. Alternatively, click [
      Remove All
      ] without selecting any entry to deny permission to everyone on the list
  4. If you need to authorize users or groups from another identity provider, select the new provider name from the Identity Provider drop-down list and then repeat step 3.
Step 4: Credential Transportation
The Credential Transportation screen specifies how the Gateway can gain access to the web service.
  1. Verify that the Web Service URL is correct. This URL is from the WSDL document and will be used by the Gateway to access the web service. To change the URL:
    1. Click [
      Change
      ] and modify the URL as necessary.
    2. Click [
      Default
      ].
  2. Choose an access control option:
    • Select
      The Gateway can access this protected Web service anonymously
      to instruct the Gateway to access the protected web service without authentication
    • Select
      The Gateway will need to provide credentials to access this Web service
      to instruct the Gateway to provide credentials when connecting to the web service.
  3. Click [
    Finish
    ]. The web service is published and added to the [Services] tab.
(1) If you've specified a conflicting service resolution, you are given the option to correct the conflict, proceed as is, or cancel the publishing. (2) It is recommended that you disable the published web service until its policy is completed. See Published Service Properties.
When the wizard is complete, the newly published service appears in the policy development window, with a Route via HTTP(S) assertion already added. You can now begin constructing your new policy.
If the WSDL document did not declare any HTTP(S) endpoints, the Policy Manager will be unable to automatically add a routing assertion. In this case, manually add the appropriate routing assertion to the policy.
Sending Requests to the Newly Published Service
After creating the new service, you can send requests to it by using one of the following URIs:
http://
<machinename.domain.com>
:8080/ssg/soap
https://
<machinename.domain.com>
:8443/ssg/soap
Where:
  • <machinename.domain.com>
    is the name of the computer hosting the Gateway
  • /ssg/soap
    is the default resolution URI on the Gateway
Then assign a different resolution URI, see Published Service Properties.