SOAP Schema Validation Policy
Policy Name |
SOAP Schema Validation |
Summary |
Validates incoming traffic against a specified WSDL schema |
Category |
Security |
First Flex Gateway version available |
v1.10.0 |
Returned Status Codes |
The policy returns a |
Summary
| The Schema Validation policy only supports SOAP 1.1 and 1.2 APIs. |
Use the SOAP Schema Validation policy to block incoming requests that don’t conform to the the defined WSDL schema. This policy prevents malformed or malicious SOAP messages from reaching the backend and enforces contract compliance between clients and services.
Configuring Policy Parameters
Flex Gateway Local Mode
In Local Mode, you apply the policy to your API via declarative configuration files. Refer to the following policy definition and table of parameters:
- policyRef:
name: soap-validation
config:
wsdlUrl: <string> // REQUIRED
encoding: <string> // REQUIRED, default 'UTF-8'
serviceName: <string> // REQUIRED
servicePort: <string> // REQUIRED
Determines if the schema is specified in this YAML resource, or if it’s specified in the API Context from Exchange (Connected Mode only). Supported values: inline or context. You must specify inline when configuring the policy in Local Mode.
| Parameter | Required | Default Value | Description |
|---|---|---|---|
|
Yes |
NA |
URL of where to access the WSDL |
|
Yes |
UTF-8 |
Encoding of the WSDL |
|
Yes |
NA |
SOAP service name defined in the WSDL that validates requests |
|
Yes |
NA |
SOAP port name defined in the WSDL that validates requests |
Managed Flex Gateway and Flex Gateway Connected Mode
When you apply the policy to your API instance from the UI, the following parameters are displayed:
| Field | Description |
|---|---|
Service Name |
SOAP service name defined in the WSDL that validates requests |
Service Port |
SOAP port name defined in the WSDL that validates requests |