We have seen how it easy it is to write the web service using SOAP as the message protocol, but not how we go about making sure that the web service is secure? Well this downloadable 32 page article will show you how! Here is a taste:
A SOAP Fault message is used to carry error and/or status information within a SOAP message response. The SOAP Fault element has four sub elements, they are as follows:
Here is what a valid SOAP Fault message might look like:
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <soap:Fault> <faultcode>soap:Client</faultcode> <faultstring> The user (timm) could not be authenticated. </faultstring> <faultactor> http://localhost/TestSoapHeadersExample/TestSoapHeaders.asmx </faultactor> <detail>System.Exception: Authentication failed for user (timm) at CustomAuthentication.AuthenticationModule.Authenticate() at CustomAuthentication.AuthenticationModule.OnBeginRequest (Object source, EventArgs eventArgs) </detail> </soap:Fault> </soap:Body></soap:Envelope>
The .NET Framework makes it very easy to both send and consume SOAP Fault messages from web service clients and web service methods. Any time you throw a SoapException inside of a web service, it is automatically serialized into a valid SOAP Fault message. Conversely, any time a web service client receives a SOAP Fault message, that message is then de-serialized back into a SoapException.
Want to read all of this great article written by Tim McCarthy? Click here to download the PDF of the article. After that, click here to download the sample code. Enjoy!