Feb 26th, 2008, 08:26 AM
Puzzle: Request Validation in seperate network layer
Corporate Security at my firm has given the green light to expose web services to our client only if the web service itself is in a network tier that is not directly exposed to the internet. Clients would reach the web service via a software proxy running in a network tier with access to both the internet and the web service. The proxy would be responsible for validating that incoming requests were valid (passed schema validation) before proxying them thru.
The ideal proxy would be completely neutral to the web service it proxies and would take as its only configuration the address of the WSDL. It would dynamically consume the WSDL and from it draw the schema against which all messages are validated.
Does such a proxy already exist? Or can someone suggest a starting point for building such a component? Our web serice itself uses spring-ws and this would be the preferred software stack to develop off of.