Web Services Transfer (WS-Transfer)

Editor's Draft $Date: 2009/05/06 12:22:10 $

Latest version:
http://www.w3.org/TR/ws-transfer
Previous version:
http://www.w3.org/TR/2009/WD-ws-transfer-20090317
Editors:
Doug Davis, IBM
Ashok Malhotra, Oracle
Katy Warr, IBM
Wu Chou, Avaya

Copyright © 2009 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C liability, trademark and document use rules apply.

Abstract

This specification describes a general SOAP-based protocol for accessing XML representations of Web service-based resources.

Status of this Document

This document is an editors' copy that has no official standing.

Table of Contents

1 Introduction
   1.1 Requirements
2 Terminology and Notation
   2.1 Terminology
   2.2 XML Namespaces
   2.3 Notational Conventions
   2.4 Considerations on the Use of Extensibility Points
   2.5 Compliance
3 Resource Operations
   3.1 Get
   3.2 Put
   3.3 Delete
4 Resource Factory Operations
   4.1 Create
5 Faults
   5.1 InvalidRepresentation
6 Security Considerations
7 Acknowledgements
8 References

Appendices

A XML Schema
B WSDL
C Change Log

1 Introduction

This specification defines a mechanism for acquiring XML-based representations of entities using the Web service infrastructure. It defines two types of entities:

Specifically, it defines two operations for sending and receiving the representation of a given resource and two operations for creating and deleting a resource and its corresponding representation.

It should be noted that the state maintenance of a resource is at most subject to the "best efforts" of the hosting server. When a client receives the server's acceptance of a request to create or update a resource, it can reasonably expect that the resource now exists at the confirmed location and with the confirmed representation, but this is not a guarantee, even in the absence of any third parties. The server may change the representation of a resource, may remove a resource entirely, or may bring back a resource that was deleted.

For instance, the server may store resource state information on a disk drive. If that drive crashes and the server recovers state information from a backup tape, changes that occurred after the backup was made will be lost.

A server may have other operational processes that change resource state information. A server may run a background process that examines resources for objectionable content and deletes any such resources it finds. A server may purge resources that have not been accessed for some period of time. A server may apply storage quotas that cause it to occasionally purge resources.

In essence, the confirmation by a service of having processed a request to create, modify, or delete a resource implies a commitment only at the instant that the confirmation was generated. While the usual case should be that resources are long-lived and stable, there are no guarantees, and clients should code defensively.

There is no requirement for uniformity in resource representations between the messages defined in this specification. For example, the representations required by Create or Put may differ from the representation returned by Get, depending on the semantic requirements of the service. Additionally, there is no requirement that the resource content is fixed for any given endpoint reference. The resource content may vary based on environmental factors, such as the security context, time of day, configuration, or the dynamic state of the service.

As per the SOAP processing model, other specifications may define SOAP headers which may be optionally added to request messages to require the transfer of subsets or the application of transformations of the resource associated with the endpoint reference. When the Action URIs defined by this specification are used, such extension specifications must also allow the basic processing models defined herein.

1.1 Requirements

This specification intends to meet the following requirements:

  • Provide a SOAP-based protocol for managing resources and their representations.

  • Minimize additional mechanism beyond the current Web Services architecture.

2 Terminology and Notation

2.1 Terminology

Resource

A Web service that is addressable by an endpoint reference as defined in WS-Addressing and that can be represented by an XML Infoset using the Get and Put operations defined in this specification.

Resource factory

A Web service that is capable of creating new resources using the Create operation defined in this specification.

2.2 XML Namespaces

The XML Namespace URI that MUST be used by implementations of this specification is: 

http://www.w3.org/2009/02/ws-tra

Table 2-1 lists XML namespaces that are used in this specification. The choice of any namespace prefix is arbitrary and not semantically significant.

Table 2-1: Prefixes and XML Namespaces used in this specification.
Prefix XML Namespace Specification(s)
wst http://www.w3.org/2009/02/ws-tra This specification
s Either SOAP 1.1 or 1.2 SOAP
s11 http://schemas.xmlsoap.org/soap/envelope/ [SOAP 1.1]
s12 http://www.w3.org/2003/05/soap-envelope [SOAP 1.2]
wsa http://www.w3.org/2005/08/addressing [WS-Addressing]
wsdl http://schemas.xmlsoap.org/wsdl/ [WSDL 1.1]
xs http://www.w3.org/2001/XMLSchema XML Schema [XML Schema, Part 1], [XML Schema, Part 2]

The working group intends to update the value of the Web Services Transfer namespace URI each time a new version of this document is published until such time that the document reaches Candidate Recommendation status. Once it has reached Candidate Recommendation status, the working group intends to maintain the value of the Web Services Transfer namespace URI that was assigned in the Candidate Recommendation unless significant changes are made that impact the implementation or break post-CR implementations of the specification. Also see http://www.w3.org/2001/tag/doc/namespaceState.html and http://www.w3.org/2005/07/13-nsuri .

2.3 Notational Conventions

The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC 2119].

This specification uses the following syntax to define outlines for messages:

  • The syntax appears as an XML instance, but values in italics indicate data types instead of literal values.

  • Characters are appended to elements and attributes to indicate cardinality:

    • "?" (0 or 1)

    • "*" (0 or more)

    • "+" (1 or more)

  • The character "|" is used to indicate a choice between alternatives.

  • The characters "(" and ")" are used to indicate that contained items are to be treated as a group with respect to cardinality or choice.

  • The characters "[" and "]" are used to call out references and property names.

  • Ellipsis (i.e. "...") indicate points of extensibility.

  • XML namespace prefixes (see Table 2-1) are used to indicate the namespace of the element being defined.

In addition to Message Information Header properties [WS-Addressing], this specification uses the following properties to define messages:

[Headers]

Unordered message headers.

[Action]

The value to be used for the wsa:Action URI.

[Body]

A message body.

These properties bind to a SOAP Envelope as follows: 

<s:Envelope>
  <s:Header>
    [Headers]
    <wsa:Action>[Action]</wsa:Action>
    ...
  </s:Header>
  <s:Body>[Body]</s:Body>
</s:Envelope>

2.4 Considerations on the Use of Extensibility Points

The elements defined in this specification MAY be extended at the points indicated by their outlines and schema. Implementations MAY add child elements and/or attributes at the indicated extension points but MUST NOT contradict the semantics of the parent and/or owner, respectively. If a receiver does not recognize an extension, the receiver SHOULD ignore that extension. Senders MAY indicate the presence of an extension that has to be understood through the use of a corresponding SOAP Header with a soap:mustUnderstand attribute with the value "1".

2.5 Compliance

An implementation is not compliant with this specification if it fails to satisfy one or more of the MUST or REQUIRED level requirements defined herein. A SOAP Node MUST NOT use the XML namespace identifier for this specification (listed in 2.2 XML Namespaces) within SOAP Envelopes unless it is compliant with this specification.

Normative text within this specification takes precedence over the XML Schema and WSDL descriptions, which in turn take precedence over outlines, which in turn take precedence over examples.

All messages defined by this specification MUST be sent to a Web service that is addressable by an EPR (see [WS-Addressing]).

Specifically, a compliant SOAP Node that implements a resource MUST provide the Get operation as defined in this specification, and MAY provide the Put and Delete operations.

In any given request-response message exchange, the responses generated by the service server MUST use the same WS-Addressing namespace binding that was used in the request.

3 Resource Operations

3.1 Get

This specification defines one Web service operation (Get) for fetching a one-time snapshot of the representation of a resource.

The Get request message MUST be of the following form:

[Action]
  http://www.w3.org/2009/02/ws-tra/Get

[Body]
    <wst:Get ...>
      xs:any*
    </wst:Get>

The following describes additional, normative constraints on the outline listed above:

[Body]/wst:Get

This REQUIRED element MAY contain child elements that can be used for extensibility purposes.

A Get request MUST be targeted at the resource whose representation is desired as described in 2 Terminology and Notation of this specification.

If the resource accepts a Get request, it MUST reply with a response of the following form:

[Action]
  http://www.w3.org/2009/02/ws-tra/GetResponse

[Body]
  <wst:GetResponse ...>
    xs:any+
  </wst:GetResponse>

The following describes additional, normative constraints on the outline listed above:

[Body]/wst:GetResponse

This REQUIRED element MUST contain at least one child element - the representation of the resource. The presence of subsequent child elements is service-specific and MAY be controlled by the presence or extension-specific SOAP headers in the original request.

Other components of the outline above are not further constrained by this specification.

The following shows a sample SOAP envelope containing a Get request: 

<s:Envelope  
    xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing" 
    xmlns:xxx="http://fabrikam123.example.com/resource-model" >
  <s:Header>
    <wsa:ReplyTo>
      <wsa:Address>
        http://www.fabrikam123.example.org/pullport
      </wsa:Address>
    </wsa:ReplyTo>
    <wsa:To>http://www.example.org/repository</wsa:To>
    <xxx:CustomerID>732199</xxx:CustomerID>
    <xxx:Region>EMEA</xxx:Region>
    <wsa:Action>
      http://www.w3.org/2009/02/ws-tra/Get
    </wsa:Action>
    <wsa:MessageID>
      uuid:00000000-0000-0000-C000-000000000046
    </wsa:MessageID>
  </s:Header>
  <s:Body>
    <wst:Get/>
  </s:Body>
</s:Envelope>

The following shows the corresponding response message:

<s:Envelope  
    xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing" 
    xmlns:xxx="http://fabrikam123.example.com/resource-model" >
  <s:Header>
    <wsa:To>http://www.fabrikam123.example.org/pullport</wsa:Address>
    <wsa:Action>
      http://www.w3.org/2009/02/ws-tra/GetResponse
    </wsa:Action>
    <wsa:MessageID>
      uuid:0000010e-0000-0000-C000-000000000046
    </wsa:MessageID>
    <wsa:RelatesTo>
      uuid:00000000-0000-0000-C000-000000000046
    </wsa:RelatesTo>
  </s:Header>
  <s:Body>
    <wst:GetResponse>
      <xxx:Customer>
        <xxx:first>Roy</xxx:first><xxx:last>Hill</xxx:last>
        <xxx:address>123 Main Street</xxx:address>
        <xxx:city>Manhattan Beach</xxx:city>
        <xxx:state>CA</xxx:state>
        <xxx:zip>90266</xxx:zip>
      </xxx:Customer>
    </wst:GetResponse>
  </s:Body>
</s:Envelope>

In this example, the representation of the resource is the following XML element:

  <xxx:Customer>
    <xxx:first>Roy</xxx:first><xxx:last>Hill</xxx:last>
    <xxx:address>123 Main Street</xxx:address>
    <xxx:city>Manhattan Beach</xxx:city>
    <xxx:state>CA</xxx:state>
    <xxx:zip>90266</xxx:zip>
  </xxx:Customer>

3.2 Put

This specification defines one Web service operation (Put) for updating a resource by providing a replacement representation. A resource MAY accept updates that provide different XML representations than that returned by the resource; in such a case, the semantics of the update operation is defined by the resource.

The Put request message MUST be of the following form:

[Action]
  http://www.w3.org/2009/02/ws-tra/Put

[Body]
  <wst:Put ...>
    xs:any+
  </wst:Put>

The following describes additional, normative constraints on the outline listed above:

[Body]/wst:Put

This REQUIRED element MUST contain at least one child element - the representation to be used for the update. All other children SHOULD be ignored by the service.

A Put request MUST be targeted at the resource whose representation is desired to be replaced, as described in 2 Terminology and Notation of this specification.

Implementations MAY use the fault code wst:InvalidRepresentation if the presented representation is invalid for the target resource. See 5 Faults. Other components of the outline above are not further constrained by this specification.

A successful Put operation updates the current representation associated with the targeted resource.

If the resource accepts a Put request and performs the requested update, it MUST reply with a response of the following form:

[Action]
  http://www.w3.org/2009/02/ws-tra/PutResponse

[Body]
  <wst:PutResponse ...>
    xs:any?
  </wst:PutResponse>
[Body]/wst:PutResponse

This REQUIRED element MUST contain at least one child element (the current representation of the resource) if the updated representation differs from the representation sent in the Put request message. The presence of additional child elements which contain other information pertaining to the update is service-specific.

As an optimization and as a service to the requester, this element SHOULD be empty if the updated representation does not differ from the representation sent in the Put request message; that is, if the service accepted the new representation verbatim.

Such a response (an empty wst:PutResponse) implies that the update request was successful in its entirety (assuming no intervening mutating operations are performed). A service MAY return the current representation of the resource as the initial child of the wst:PutResponse element even in this case, however.

Other components of the outline above are not further constrained by this specification.

The following shows a sample SOAP envelope containing a Put request:

<s:Envelope  
    xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing"
    xmlns:xxx="http://fabrikam123.example.com/resource-model" >
  <s:Header>
    <wsa:ReplyTo>
      <wsa:Address>
        http://www.fabrikam123.example.org/sender
      </wsa:Address>
    </wsa:ReplyTo>
    <wsa:To>http://www.example.org/pushport</wsa:To>
    <xxx:CustomerID>732199</xxx:CustomerID>
    <xxx:Region>EMEA</xxx:Region>
    <wsa:Action>
      http://www.w3.org/2009/02/ws-tra/Put
    </wsa:Action>
    <wsa:MessageID>
      uuid:00000000-0000-0000-C000-000000000047
    </wsa:MessageID>
  </s:Header>
  <s:Body>
    <wst:Put>
      <xxx:Customer>
        <xxx:first>Roy</xxx:first><xxx:last>Hill</xxx:last>
        <xxx:address>321 Main Street</xxx:address>
        <xxx:city>Manhattan Beach</xxx:city>
        <xxx:state>CA</xxx:state>
        <xxx:zip>90266</xxx:zip>
      </xxx:Customer>
    </wst:Put>
  </s:Body>
</s:Envelope>

The following shows the corresponding response message indicating success:

<s:Envelope  
    xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing"
    xmlns:xxx="http://fabrikam123.example.com/resource-model" >
  <s:Header>
    <wsa:To>http://www.fabrikam123.example.org/sender</wsa:Address>
    <wsa:Action>
      http://www.w3.org/2009/02/ws-tra/PutResponse
    </wsa:Action>
    <wsa:MessageID>
      uuid:0000010e-0000-0000-C000-000000000047
    </wsa:MessageID>
    <wsa:RelatesTo>
      uuid:00000000-0000-0000-C000-000000000047
    </wsa:RelatesTo>
  </s:Header>
  <s:Body>
    <wst:PutResponse/>
  </s:Body>
</s:Envelope>

3.3 Delete

This specification defines one Web service operation (Delete) for deleting a resource in its entirety.

The Delete request message MUST be of the following form:

[Action]
  http://www.w3.org/2009/02/ws-tra/Delete

[Body]
  <wst:Delete ...>
    xs:any*
  </wst:Delete>

The following describes additional, normative constraints on the outline listed above:

[Body]/wst:Delete

This REQUIRED element MAY contain child elements that can be used for extensibility purposes.

A Delete request MUST be targeted at the resource to be deleted as described in 2 Terminology and Notation of this specification.

Implementations may respond with a fault message using the standard fault codes defined in WS-Addressing (e.g., wsa:ActionNotSupported). Other components of the outline above are not further constrained by this specification.

A successful Delete operation invalidates the current representation associated with the targeted resource.

If the resource accepts a Delete request, it MUST reply with a response of the following form:

[Action]
  http://www.w3.org/2009/02/ws-tra/DeleteResponse

[Body]
  <wst:DeleteResponse ...>
    xs:any?
  </wst:DeleteResponse>
[Body]/wst:DeleteResponse

This REQUIRED element MAY contain a child element that can be used for extensibility purposes.

Other components of the outline above are not further constrained by this specification.

The following shows a sample SOAP envelope containing a Delete request:

<s:Envelope  
    xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing"
    xmlns:xxx="http://fabrikam123.example.com/resource-model" >
  <s:Header>
    <wsa:ReplyTo>
      <wsa:Address>
        http://www.fabrikam123.example.org/sender
      </wsa:Address>
    </wsa:ReplyTo>
    <wsa:To>http://www.example.org/pushport</wsa:To>
    <xxx:CustomerID>732199</xxx:CustomerID>
    <xxx:Region>EMEA</xxx:Region>
    <wsa:Action>
      http://www.w3.org/2009/02/ws-tra/Delete
    </wsa:Action>
    <wsa:MessageID>
      uuid:00000000-0000-0000-C000-000000000049
    </wsa:MessageID>
  </s:Header>
  <s:Body>
    <wst:Delete/>
  </s:Body>
</s:Envelope>

The following shows the corresponding response message indicating success:

<s:Envelope  
    xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing"
    xmlns:xxx="http://fabrikam123.example.com/resource-model" >
  <s:Header>
    <wsa:To>http://www.fabrikam123.example.org/sender</wsa:Address>
    <wsa:Action>
      http://www.w3.org/2009/02/ws-tra/DeleteResponse
    </wsa:Action>
    <wsa:MessageID>
      uuid:0000010e-0000-0000-C000-000000000049
    </wsa:MessageID>
    <wsa:RelatesTo>
      uuid:00000000-0000-0000-C000-000000000049
    </wsa:RelatesTo>
  </s:Header>
  <s:Body>
    <wst:DeleteResponse/>
  </s:Body>
</s:Envelope>

4 Resource Factory Operations

4.1 Create

This specification defines one Web service operation (Create) for creating a resource and providing its initial representation. In some cases, the initial representation MAY constitute the representation of a logical constructor for the resource and may thus differ structurally from the representation returned by Get or the one required by Put. This is because the parameterization requirement for creating a resource is often distinct from the steady-state representation of the resource. Implementations should provide metadata which describes the use of the representation and how it relates to the resource which is created, but such mechanisms are beyond the scope of this specification. The resource factory that receives a Create request will allocate a new resource that is initialized from the presented representation. The new resource will be assigned a service-determined endpoint reference that is returned in the response message.

The Create request message MUST be of the following form:

[Action]
  http://www.w3.org/2009/02/ws-tra/Create

[Body]
  <wst:Create ...>
    xs:any*
  </wst:Create>

The following describes additional, normative constraints on the outline listed above:

[Body]/wst:Create

If this REQUIRED element contains children then the first child MUST be the literal resource representation, a representation of the constructor for the resource, or other instructions for creating the resource. All other children SHOULD be ignored by the service. If this element does not contain any children then the resource will be created using default values.

A Create request MUST be targeted at a resource factory capable of creating the desired new resource. This factory is distinct from the resource being created (which by definition does not exist prior to the successful processing of the Create request message).

In addition to the standard fault codes defined in WS-Addressing, implementations MAY use the fault code wst:InvalidRepresentation if the presented representation is invalid for the target resource. See 5 Faults.

Other components of the outline above are not further constrained by this specification.

If the resource factory accepts a Create request, it MUST reply with a response of the following form:

[Action]
  http://www.w3.org/2009/02/ws-tra/CreateResponse

[Body]
  <wst:CreateResponse ...>
    <wst:ResourceCreated>endpoint-reference</wst:ResourceCreated>
    xs:any?
  </wst:CreateResponse>
[Body]/wst:CreateResponse

This REQUIRED element MUST contain, at a minimum, a resource reference (wst:ResourceCreated element) to the newly created resource.

By default, a service MUST also return the current representation of the new resource as the second child of the wst:CreateResponse element if the created representation logically differs from the representation sent in the Create request message. That is, the initial representation is returned if one or more values present in Create message was specifically overridden with a different value during resource creation. If default values are used to complete a resource creation which were not present in the Create message, then this does not constitute a logical difference. The presence of additional child elements which contain other information pertaining to the result of the Create operation is service-specific.

As an optimization and as a service to the requestor, the wst:CreateResponse element of the response message SHOULD be empty, other than the ResourceCreated element, if the created representation does not logically differ from the representation sent in the Create request message; that is, if the service accepted the new representation or creation instructions verbatim. Such a response indicates that the request was completely successful (assuming no intervening mutating operations are performed). A service MAY return the current representation of the resource as the initial child of the wst:CreateResponse element even in this case, however.

[Body]/wst:CreateResponse/wst:ResourceCreated

This required element MUST contain a resource reference for the newly created resource. This resource reference, represented as an endpoint reference as defined in WS-Addressing, MUST identify the resource for future Get, Put, and Delete operations.

Other components of the outline above are not further constrained by this specification.

The following shows a sample SOAP envelope containing a Create request:

<s:Envelope  
    xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing"
    xmlns:xxx="http://fabrikam123.example.com/resource-model" >
  <s:Header>
    <wsa:ReplyTo>
      <wsa:Address>
        http://www.fabrikam123.example.org/sender
      </wsa:Address>
    </wsa:ReplyTo>
    <wsa:To>http://www.example.org/pushport/CustomerSpace</wsa:To>
    <wsa:Action>
      http://www.w3.org/2009/02/ws-tra/Create
    </wsa:Action>
    <wsa:MessageID>
      uuid:00000000-0000-0000-C000-000000000048
    </wsa:MessageID>
  </s:Header>
  <s:Body>
    <wst:Create>
      <xxx:Customer>
        <xxx:first>Roy</xxx:first><xxx:last>Hill</xxx:last>
        <xxx:address>123 Main Street</xxx:address>
        <xxx:city>Manhattan Beach</xxx:city>
        <xxx:state>CA</xxx:state>
        <xxx:zip>90266</xxx:zip>
      </xxx:Customer>
    </wst:Create>
  </s:Body>
</s:Envelope>

The following shows the corresponding response message indicating success:

<s:Envelope  
    xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing"
    xmlns:wst="http://www.w3.org/2009/02/ws-tra" 
    xmlns:xxx="http://fabrikam123.example.com/resource-model" >
  <s:Header>
    <wsa:To>http://www.fabrikam123.example.org/sender</wsa:Address>
    <wsa:Action>
      http://www.w3.org/2009/02/ws-tra/CreateResponse
    </wsa:Action>
    <wsa:MessageID>
      uuid:0000010e-0000-0000-C000-000000000048
    </wsa:MessageID>
    <wsa:RelatesTo>
      uuid:00000000-0000-0000-C000-000000000048
    </wsa:RelatesTo>
  </s:Header>
  <s:Body>
    <wst:CreateResponse>
      <wst:ResourceCreated>
        <wsa:Address>http://www.example.org/pushport</wsa:Address>
        <wsa:ReferenceParameters>
          <xxx:CustomerID>732199</xxx:CustomerID>
          <xxx:Region>EMEA</xxx:Region>
        </wsa:ReferenceParameters>
      </wst:ResourceCreated>
    </wst:CreateResponse>
  </s:Body>
</s:Envelope>

5 Faults

All fault messages defined in this specification MUST be sent according to the rules and usage described in WS-Addressing 1.0 SOAP Binding Section 6 for encoding SOAP 1.1 and SOAP 1.2 faults. The [action] property below SHOULD be used for faults defined in this specification:

http://www.w3.org/2009/02/ws-tra/fault

5.1 InvalidRepresentation

This fault is returned when an incorrect representation is sent in a wst:Put or wst:Create message.

[Code]s:Sender
[Subcode]wst:InvalidRepresentation
[Reason]The supplied representation is invalid
[Detail]none

6 Security Considerations

It is strongly recommended that the communication between services be secured using the mechanisms described in [WS-Security].

In order to properly secure messages, the body (even if empty) and all relevant headers need to be included in the signature. Specifically, the WS-Addressing header blocks, WS-Security timestamp, and any header blocks resulting from a <wsa:ReferenceParameters> in references need to be signed along with the body in order to "bind" them together and prevent certain types of attacks.

If a requestor is issuing multiple messages to a resource reference, then it is recommended that a security context be established using the mechanisms described in WS-Trust and WS-SecureConversation. It is further recommended that if shared secrets are used, message-specific derived keys also be used to protect the secret from crypto attacks.

The access control semantics of resource references is out-of-scope of this specification and are specific to each resource reference. Similarly, any protection mechanisms on resource references independent of transfer (e.g. embedded signatures and encryption) are also out-of-scope.

It is recommended that the security considerations of WS-Security also be considered.

While a comprehensive listing of attacks is not feasible, the following list summarizes common classes of attacks that apply to this protocol and identifies the mechanism(s) to prevent/mitigate the attacks.

7 Acknowledgements

This specification has been developed as a result of joint work with many individuals and teams, including: Ashok Malhotra (Oracle Corp.), Asir Vedamuthu (Microsoft Corp.), Bob Freund (Hitachi, Ltd.), Doug Davis (IBM), Fred Maciel (Hitachi, Ltd.), Geoff Bullen (Microsoft Corp.), Gilbert Pilz (Oracle Corp.), Greg Carpenter (Microsoft Corp.), Jeff Mischkinsky (Oracle Corp.), Katy Warr (IBM), Li Li (Avaya Communications), Mark Little (Red Hat), Prasad Yendluri (Software AG), Sreedhara Narayanaswamy (CA), Sumeet Vij (Software AG), Vikas Varma (Software AG), Wu Chou (Avaya Communications), Yves Lafon (W3C)

8 References

RFC 2119
Key words for use in RFCs to Indicate Requirement Levels , S. Bradner, Harvard University, March 1997. (See http://www.ietf.org/rfc/rfc2119.txt.)
SOAP 1.1
Simple Object Access Protocol (SOAP) 1.1 , D. Box, et al, May 2000. (See http://www.w3.org/TR/2000/NOTE-SOAP-20000508/.)
SOAP 1.2
SOAP Version 1.2 Part 1: Messaging Framework , M. Gudgin, et al, June 2003. (See http://www.w3.org/TR/soap12-part1/.)
WS-Addressing
W3C Recommendation, "Web Services Addressing 1.0 (WS-Addressing)" , May 2006. (See http://www.w3.org/2005/08/addressing/.)
WS-Policy
S. Bajaj, et al, "Web Services Policy Framework (WS-Policy)," , September 2004. (See http://schemas.xmlsoap.org/ws/2004/09/policy.)
WS-SecureConversation
href="http://schemas.xmlsoap.org/ws/2005/02/sc/"> Web Services Secure Conversation Language (WS-SecureConversation) , S. Anderson, et al, February 2005.
WS-Security
Web Services Security: SOAP Message Security 1.0 , OASIS standard. (See http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf.)
WS-SecurityPolicy
G. Della-Libera, et al, "Web Services Security Policy Language (WS-SecurityPolicy), Version 1.1" , July 2005. (See http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.)
WSDL 1.1
Web Services Description Language (WSDL) 1.1 , E. Christensen, et al, March 2001. (See http://www.w3.org/TR/2001/NOTE-wsdl-20010315.)
XML Infoset
J. Cowan, et al, "XML Information Set" , February 2004. (See http://www.w3.org/TR/2004/REC-xml-infoset-20040204/.)
XML Schema, Part 1
XML Schema Part 1: Structures , H. Thompson, et al, October 2004. (See http://www.w3.org/TR/2004/REC-xmlschema-1-20041028/.)
XML Schema, Part 2
XML Schema Part 2: Datatypes , James Clark, et al, November 1999. (See http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/.)

A XML Schema

A normative copy of the XML Schema [XML Schema, Part 1], [XML Schema, Part 2] description for this specification may be retrieved from the following address: 

http://www.w3.org/2009/02/ws-tra/transfer.xsd

A non-normative copy of the XML schema is listed below for convenience.

<xs:schema 
  targetNamespace="http://www.w3.org/2009/02/ws-tra"
  xmlns:tns="http://www.w3.org/2009/02/ws-tra"
  xmlns:xs="http://www.w3.org/2001/XMLSchema"
  xmlns:wsa="http://www.w3.org/2005/08/addressing"
  elementFormDefault="qualified"
  blockDefault="#all" >
 
  <xs:import
    namespace="http://www.w3.org/2005/08/addressing"
    schemaLocation="http://www.w3.org/2006/03/addressing/ws-addr.xsd" />
 
  <xs:element name="Get">
    <xs:complexType>
      <xs:sequence>
        <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
      </xs:sequence>
      <xs:anyAttribute namespace="##other" processContents="lax" />
    </xs:complexType>
  </xs:element>

  <xs:element name="GetResponse">
    <xs:complexType>
      <xs:sequence>
        <xs:any minOccurs="1" maxOccurs="unbounded" namespace="##other" processContents="lax" />
      </xs:sequence>
      <xs:anyAttribute namespace="##other" processContents="lax" />
    </xs:complexType>
  </xs:element>
 
  <xs:element name="Put">
    <xs:complexType>
      <xs:sequence>
        <xs:any minOccurs="1" maxOccurs="unbounded" namespace="##other" processContents="lax" />
      </xs:sequence>
      <xs:anyAttribute namespace="##other" processContents="lax" />
    </xs:complexType>
  </xs:element>

  <xs:element name="PutResponse">
    <xs:complexType>
      <xs:sequence>
        <xs:any minOccurs="1" namespace="##other" processContents="lax" />
      </xs:sequence>
      <xs:anyAttribute namespace="##other" processContents="lax" />
    </xs:complexType>
  </xs:element>
 
  <xs:element name="Delete">
    <xs:complexType>
      <xs:sequence>
        <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
      </xs:sequence>
      <xs:anyAttribute namespace="##other" processContents="lax" />
    </xs:complexType>
  </xs:element>

  <xs:element name="DeleteResponse">
    <xs:complexType>
      <xs:sequence>
        <xs:any minOccurs="0" namespace="##other" processContents="lax" />
      </xs:sequence>
      <xs:anyAttribute namespace="##other" processContents="lax" />
    </xs:complexType>
  </xs:element>
 
  <xs:element name="ResourceCreated">
    <xs:complexType>
      <xs:sequence>
        <wsa:EndpointReferenceType minOccurs='1' maxOccurs='unbounded'/>
      </xs:sequence>
    </xs:complexType>
  </xs:element>
 
  <xs:element name="Create">
    <xs:complexType>
      <xs:sequence>
        <xs:any minOccurs="0" maxOccurs="unbounded" namespace="##other" processContents="lax" />
      </xs:sequence>
      <xs:anyAttribute namespace="##other" processContents="lax" />
    </xs:complexType>
  </xs:element>
 
  <xs:element name="CreateResponse">
    <xs:complexType>
      <xs:sequence>
        <xs:element ref="tns:ResourceCreated" />
        <xs:any minOccurs="0" namespace="##other" processContents="lax" />
      </xs:sequence>
      <xs:anyAttribute namespace="##other" processContents="lax" />
    </xs:complexType>
  </xs:element>
 
</xs:schema>

B WSDL

A normative copy of the WSDL [WSDL 1.1] description for this specification may be retrieved from the following address:

http://www.w3.org/2009/02/ws-tra/transfer.wsdl

A non-normative copy of the WSDL description is listed below for convenience.

<wsdl:definitions 
    targetNamespace="http://www.w3.org/2009/02/ws-tra" 
    xmlns:tns="http://www.w3.org/2009/02/ws-tra" 
    xmlns:wsa="http://www.w3.org/2005/08/addressing"
    xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"
    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
    xmlns:xs="http://www.w3.org/2001/XMLSchema">
 
  <wsdl:types>
    <xs:schema>
      <xs:import 
        namespace="http://www.w3.org/2009/02/ws-tra"
        schemaLocation="http://www.w3.org/2009/02/ws-tra/transfer.xsd"
        />
    </xs:schema>
  </wsdl:types>
 
  <wsdl:message name="GetMessage">
    <wsdl:part name="Body" element="tns:Get"/>
  </wsdl:message>
  <wsdl:message name="GetResponseMessage">
    <wsdl:part name="Body" element="tns:GetResponse"/>
  </wsdl:message>
 
  <wsdl:message name="PutMessage">
    <wsdl:part name="Body" element="tns:Put"/>
  </wsdl:message>
  <wsdl:message name="PutResponseMessage">
    <wsdl:part name="Body" element="tns:PutResponse"/>
  </wsdl:message>
 
  <wsdl:message name="DeleteMessage">
    <wsdl:part name="Body" element="tns:Delete"/>
  </wsdl:message>
  <wsdl:message name="DeleteResponseMessage">
    <wsdl:part name="Body" element="tns:DeleteResponse"/>
  </wsdl:message>
 
  <wsdl:message name="CreateMessage">
    <wsdl:part name="Body" element="tns:Create"/>
  </wsdl:message>
  <wsdl:message name="CreateResponseMessage">
    <wsdl:part name="Body" element="tns:CreateResponse"/>
  </wsdl:message>
 
  <wsdl:portType name="Resource">
    <wsdl:documentation>
      This port type defines a resource that may be read, 
      written, and deleted.
    </wsdl:documentation>
    <wsdl:operation name="Get">
      <wsdl:input 
        message="tns:GetMessage"
        wsam:Action="http://www.w3.org/2009/02/ws-tra/Get"/>
      <wsdl:output 
        message="tns:GetResponseMessage"
        wsam:Action="http://www.w3.org/2009/02/ws-tra/GetResponse" />
    </wsdl:operation>
    <wsdl:operation name="Put">
      <wsdl:input 
        message="tns:PutMessage"
        wsam:Action="http://www.w3.org/2009/02/ws-tra/Put" />
      <wsdl:output 
        message="tns:PutResponseMessage"
        wsam:Action="http://www.w3.org/2009/02/ws-tra/PutResponse" />
    </wsdl:operation>
    <wsdl:operation name="Delete">
      <wsdl:input 
        message="tns:DeleteMessage"
        wsam:Action="http://www.w3.org/2009/02/ws-tra/Delete" />
      <wsdl:output 
        message="tns:DeleteResponseMessage"
        wsam:Action="http://www.w3.org/2009/02/ws-tra/DeleteResponse" />
    </wsdl:operation>
  </wsdl:portType>
 
  <wsdl:portType name="ResourceFactory">
    <wsdl:documentation>
      This port type defines a Web service that can create new 
      resources.
    </wsdl:documentation>
    <wsdl:operation name="Create">
      <wsdl:input 
        message="tns:CreateMessage"
        wsam:Action="http://www.w3.org/2009/02/ws-tra/Create" />
      <wsdl:output 
        message="tns:CreateResponseMessage"
        wsam:Action="http://www.w3.org/2009/02/ws-tra/CreateResponse" />
    </wsdl:operation>
  </wsdl:portType>
    
</wsdl:definitions>

C Change Log

Data Author Description
2009/03/04 DD Added resolution of issue 6391
2009/03/04 DD Added resolution of issue 6588
2009/03/04 DD Added resolution of issue 6519
2009/03/09 DD Added resolution of issue 6398
2009/03/11 DD Added change log
2009/03/11 DD Added resolution of issue 6641
2009/03/11 DD Added resolution of issue 6425
2009/03/23 DD Added resolution of issue 6666
2009/03/24 DD Added resolution of issue 6648
2009/04/20 DD Added resolution of issue 6730
2009/04/22 KW Added resolution of issue 6739