XML Schema Validation
With the XML Schema Validation Policy, the part of the incoming message specified with XPath is validated.
If the part of the incoming message specified with XPath does not conform to the schema, the message is blocked from being sent to the Backend API. Thus, the Backend API is prevented from processing such erroneous or malicious messages, ensuring that it remains stable or does not perform unnecessary operations.
The use of this policy makes sense if the message body from the client is XML.
The picture below shows the policy settings:
The policy fields are shown in the table below.
Field | Description |
|---|---|
Name | The name can be written to facilitate the use and management of the policy. You will need this name during the management and selection of policies. |
Description | An optional description of the policy that may be useful for usage and management activities. |
| XPath | It specifies which part of the request message will undergo the validation process. A XPath expression is entered as the value. If left blank, it processes the entire message body. The default value is set to retrieve the "body" part of the message body. |
| Test XPath | XPath can be tested with an example XML data. |
Validate against WSDL | When this field is selected, there is no need to add XSD; validation is performed based on the schema definitions found in the default WSDL file where the service is created. |
Schema | The XML schema is entered. Since the XML Schema may contain another XML schema, if there are schemas that reference each other, they must all be included here. |
System ID | It is the identifier value given for the schema, it can be a name or a URL. This value must be used in the expression written in the include value of schemas that reference each other. This ensures that schemas can find each other. For example, let's say we have 2 schemas. Let the names of these two schemas be Schema1.xsd and Schema2.xsd. Let the Schema1 file contain the Schema2 file. In this case, the System ID value for Schema1.xsd may be empty, but the System Id value for Schema2.xsd must be "Schema2.xsd". Schema1.xsd içeriği:
CODE
|
You can visit the Policies page for the details of the Conditions and Error Message Customization panels.