The DataPower Interoperability Test Service Explained

16346699401_55a5c09429_b

Executive Summary

The DataPower Gateway Interoperability Test Client (ITC) is an optional SOAP endpoint that takes XSLT and XML and returns the transformation result. The endpoint is accessed through a script provided by IBM in the Resource Kit. This is used by developers to automate a lengthy manual testing process. It also ensures that your developers are testing their XSLTs directly on the appliance.

The ITC should become a core component of your DataPower development process.

Introduction

The default process for running an XSLT for the DataPower environment involves the developers:

  • Uploading the XSLT to the appliance
  • Creating a Web Service Proxy or XML Firewall that references the transform
  • Running a test from a Third Party Service Test Tool

This is a low value time consuming task that is re-run every time a development artifact changes. Luckily, IBM provides an option to improve this situation. The DataPower Interoperability Test Service is a helper utility that supports:

The service is an endpoint that accepts SOAP requests containing the XML and XSLT and returns the transformed document. The service does not need the developer to upload files or write custom configuration.

Download

The ITC provides as a part of the Resource Kits released with the firmware levels:

The client is found in the ‘interoperability-service/clients’ directory. It consists of a shell script for Linux and a script+jar for other platforms.

Configuring the service

To enable the ITC, start in the default domain. Expand Objects -> Device Management and click on Interoperability Test Service. This will open the configuration page.

The service is exposed over HTTP and/or HTTPS. By default there is no authentication of the connecting client. This could be a security concern. To secure the service, the AAA policy should be updated to restrict access to DataPower developers.

For HTTP, the built-in AAA object will use the HTTP Authorization Header. For HTTPS,  you will need to configure the ITC to use your own custom generated key/certificate pair. The HTTPS built-in AAA can also authenticate based on the provided client certificate, but from what I could figure, the clients in the Resource Kit don’t support sending certificates. You would need to change the scripts to add this functionality to the cURL calls. All other authentication types are not supported out of the box in the Resource Kit.

The firmware strongly recommends that this service should only be enabled on a device that does not process sensitive data. Ensure that this service is only enabled on a development device.

Test Client Parameters

The IBM Knowledge Center has defined all the valid arguments to the test clients. For all the commands, basic auth is added with the -u command in the username:password format.

Testing XSLT

Where:

  • -x is the XSLT file
  • -i is the input XML file
  • -h is the DataPower device hostname
  • -p is the Interop Test Service port

Testing XSLT with Attachments (SWA)

Where:

  • -x is the XSLT file
  • -a is the MIME file or SWA file
  • -h is the DataPower device hostname
  • -p is the Interop Test Service port

Testing XPath

Where:

  • -t is the type of the request (XPath)
  • -e is the XPath expression in quotes
  • -i is the input XML
  • -h is the DataPower device hostname
  • -p is the Interop Test port

Validating an XML against an XSD

Where:

  • -t is the type of request (schema validation)
  • -x is the XSD file
  • -i is the XML file
  • -h is the DataPower device hostname
  • -p is the Interop Test Service port

Validating SOAP messages with WSDL Contracts

Where:

  • -t is the type of the request (schema validation)
  • -v is the type of validation requested (wsdl)
  • -x is the WSDL file
  • -i is the XML
  • -h is the DataPower device hostname
  • -p is the Interop Test port

FFD Transforms

Where:

  • -t is the type of the request (ffd)
  • -x is the XSLT
  • -i is the input document
  • -h is the DataPower device hostname
  • -p is the Interop Test port

WTX Transforms

WebSphere Transformation Extender (WTX) maps can be tested directly on DataPower via the ITC  but not with the script supplied in the Resource Kit. WTX maps must be tested directly from the WTX Design Studio.

Limitations

The ITC does have some limitations:

  • It can only test a XSLT file in isolation. If your XSLT is a part of a chain of related XSLT transforms, you are better off running the real service.
  • SSL support isn’t provided out of the box in the client scripts.

Conclusion

The ITC will help reduce development time through automation and the HTTP service should be enabled, secured and used often.

About the Author

Dan Zrobok

Twitter

Dan is the owner of Orange Specs Consulting, with over 14 years of experience working in enterprise systems integration. He is an advocate of the IBM DataPower Gateway platform and looks to improve environments that have embraced it. He also occasionally fights dragons with his three year old daughter Ruby, and newborn Clementine.

Share this Post