|
See DomiSML Releases |
Install |
Configure |
Get Started |
1. Architecture Description
1.1. Solution Overview
SML was initiated by PEPPOL. The PEPPOL SML specification was submitted as input to the OASIS BDXR TC (Business Document Exchange Technical Committee) with the intent of defining a standardized and federated document transport infrastructure for business document exchange. They resulted into a new committee specification: BDXL (Business Document Metadata Service Location).
In WP6, e-SENS defines the Service Location ABB based upon OASIS BDXL specification, compliant with the legacy SML specification.
The DomiSML is the sample implementation of the Service Location ABB.
This document is the Software Architecture document of the DomiSML sample implementation. It intends to provide detailed information about the project:
-
An overview of the DomiSML implementation
-
The different layers
-
The principles governing its software architecture
Useful References
- SML Specification
-
Defines the profiles for the discovery and management interfaces for the Business Document Exchange Network (BUSDOX) Service Metadata Locator service.
- PEPPOL
-
The OpenPEPPOL Association is responsible for the governance and maintenance of the PEPPOL specifications that enable European businesses to easily deal electronically with any European public sector buyer in their procurement processes.
- OASIS Business Document Metadata Service Location Version 1.0 (BDXL)
-
This specification defines service discovery methods. A method is first specified to query and retrieve a URL for metadata services. Two metadata service types are then defined. Also an auxiliary method pattern for discovering a registration service to enable access to metadata services is described. The methods defined here are instances of the generic pattern defined within IETF RFCs for Dynamic Delegation Discovery Services (DDDS). This specification then defines DDDS applications for metadata and metadata-registration services.
- WP6 from eSENS
-
Work Package 6, eSENS.
1.1.1. Solution’s Specification
eDelivery’s BDMSL is a solution conforming with:
-
SML specification
-
BDXL Core Implementation Conformance specification
Service Metadata Locator (SML)
The SML is the only centrally operated component in the eDelivery Messaging Infrastructure. The dynamic discovery process begins with the establishment of the Service Metadata relating to the particular gateway to which a sender wants to transmit a message. To find the address of the Service Metadata of a participant, the Service Metadata Locator specification is based on the use of DNS (Domain Name System) lookups.
Business Document Metadata Service Location (BDXL)
The functionality of SML has been subsumed in a more general technical specification called the Business Document Metadata Service Location Version (BDXL).
This specification is based on DNS, like SML, but is based on a different type of DNS resource records called URI-enabled Naming Authority Pointer records (U-NAPTR), which are defined to support Dynamic Delegation Discovery Service (DDDS). The result of a query is a full URI, which can use HTTPS and supports server (and optionally client) authentication.
1.1.2. Solution Layers
A multi-layered architecture requires respecting some principles:
-
Structure of the java packages: in a project, every layer is represented as a package containing all the Java components of this layer
-
Calls between the layers: The calls must respect the hierarchy of the layers and must be performed only by using interfaces as shown in the diagram below:
1.1.3. Presentation Layer
The presentation layer manages the Graphical User Interface (GUI: pages, graphical components, etc.) and the page flow.
This layer mainly handles:
-
The GUI
-
Interaction with the user
-
The page flow
-
User sessions
-
Calls to the service layer through a controller
-
Java package for controller: eu.europa.ec.bdmsl.presentation.controller
-
Implementation: eu.europa.ec.bdmsl.presentation.controller.<PageName>Controller
-
Folder for the JSP files : src/main/webapp/WEB-INF/jsp
In this layer, only the following calls are allowed:
-
Calls to technical components
-
Calls to the service layer
-
Calls to the common package
The presentation layer relies on the Spring MVC (Model-View-Controller) framework.
-
Views are represented by JSP files. These files are bound to controllers.
-
Models are built from calls to the service layer. They are then returned to the views.
-
The presentation layer includes the controllers.
For instance, this is the ListDNSController implementation class:
ListDNSControllerpackage eu.europa.ec.bdmsl.presentation.controller;
{empty}[...]
@Controller
public class ListDNSController \{
@Autowired
private ILoggingService loggingService;
@Value("$\{dnsClient.enabled}")
private String dnsEnabled;
@Value("$\{dnsClient.server}")
private String dnsServer;
// Path to the service
@RequestMapping("/listDNS")
public String listDNS(Model model) \{
loggingService.debug("Calling listDNS...");
{empty}[...]
// We can add any object in the model and retrieve them in the views
model.addAttribute("dnsEnabled", dnsEnabled);
// bound to listDNS.jsp file in the src/main/webapp/WEB-INF/jsp folder
return "listDNS";
}
}In the listDNS.jsp file, the model can be accessed like this:
listDNS.jsp file<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<head>
<title>BDMSL Service</title>
</head>
<body>
<h1>ListDNS</h1>
<c:choose>
<!-- Access to the model -->
<c:when test="$\{dnsEnabled}">
{empty}[...]
</c:when>
<c:otherwise>
<ul>
<li>The DNS client is disabled.</li>
</ul>
</c:otherwise>
</c:choose>
</body>
</html>1.1.4. Service Layer
The service layer is the most important layer of the application as it coordinates the calls to the business rules.
The service layer handles the transaction management. It creates the transaction and instantiates the technical objects required (sessions, connection, etc.). The transactions manage the commit/rollback depending on the errors raised by the different layers that it calls (service, business, and persistence).
The transaction management is handled by Spring through the use of the annotation @Transactional. Spring transparently encapsulates the calls to the different services and create if necessary transactions if the configuration requires it.
By default, the transactions are in read-only mode (attribute readOnly = true) at the class level.
...
@Transactional(readOnly = true)
public class ManageServiceMetadataServiceImpl extends
AbstractServiceImpl implements IManageServiceMetadataService\ {
...
@Transactional(readOnly = false, rollbackFor = Exception.class)
public void create(final ServiceMetadataPublisherBO smpBO) throws
BusinessException,
TechnicalException\ {
...
}
public ServiceMetadataPublisherValue read(ServiceMetadataPublisherBO messagePartBO) throws BusinessException,
TechnicalException\ {
...
}
}The service layer performs different calls to the service/business layers.
The objects from the service layer are POJO that implement the singleton pattern. The objects from the different layers are injected by Spring by setters.
Naming convention for:
-
Package:
eu.europa.ec.bdmsl.service -
Interface:
eu.europa.ec.bdmsl.service.I<InterfaceName>Service -
Implementation package:
eu.europa.ec.bdmsl.service.impl -
Implementation:
eu.europa.ec.bdmsl.service.impl.<InterfaceName>ServiceImpl
In this layer, only the following calls are allowed:
-
Calls to technical components;
-
Calls to the business layer;
-
Calls to the common package.
The service layer uses these frameworks:
-
Spring: transaction management, exception handling, dependency injection.
Service Layer’s Development
Interface
public interface IManageServiceMetadataService \{
/**
* Retrieves the Service Metadata Publisher record for the service
metadata.
* @param serviceMetadataPublisherID the unique ID
* of the Service Metadata Publisher for which the record is required
* @return ServiceMetadataPublisherBO the service metadata publisher record.
* @throws TechnicalException Technical exception.
* @throws BusinessException Business exception.
*/
ServiceMetadataPublisherBO read(String serviceMetadataPublisherID)
throws TechnicalException, BusinessException;
...
}Implementation Classes
The implementation classes extend the parent-class AbstractServiceImpl and implement their dedicated interface (here
IManageServiceMetadataService).
@Transactional(readOnly = true)
public class ManageServiceMetadataServiceImpl extends
AbstractServiceImpl implements IManageServiceMetadataService \{
private IManageServiceMetadataServiceBusiness
manageServiceMetadataServiceBusiness;
/*
* (non-Javadoc)
*
* @see eu.europa.ec.bdmsl.service.IManageServiceMetadataService#read
(String)
*/
@Override
@Transactional(readOnly = true)
public ServiceMetadataPublisherBO read(String
serviceMetadataPublisherID)
throws TechnicalException, BusinessException \{
ServiceMetadataPublisherBO smpBO =
manageServiceMetadataServiceBusiness.read(serviceMetadataPublisherID);
return smpValue;
}
...
}The parent-class AbstractServiceImpl contains all common attributes
and methods of the implementation classes of the service layer (logging
service, etc.).
Transaction configuration
The transaction management is managed by Spring.
The JDBC connections to the database are open by Spring if the processing of the service requires access to the database (though the call to the business layer).
The configuration of the transaction management is made by annotations. These annotations define the rollback policy when certain types of exception may be raised. Indeed, if a non-critical error is raised, it could be useful to perform a commit anyway.
The annotations for the transaction management are set in the service class implementations with @Transactional. This way, we scan specify which interface and methods are executed in a transactional context.
There are two types of transaction modes:
-
read-only is used by default: can perform read actions but cannot write anything in the database.
-
read-write is used for CUD methods (Create, Update, Delete).
Propagation attributes manage the opening of the transactions. In this
project, the attribute REQUIRED is used. This attribute, which is used
by default, means that the method must be executed in a transaction
context. If the transaction does not exist at the time of the call, a
new one is created.
Thus, only one transaction is allowed for a call to a method in the service layer. If the method calls itself other services, the transaction will be propagated.
By default, Spring performs a rollback when a runtime exception is thrown. This behaviour can be modified with the attribute rollbackFor by passing a list of exceptions for which a rollback will be performed. In the DomiSML component, we rollback for any type of exception (checked and runtime), so we set the following value: rollbackFor = Exception.class.
1.1.5. Web Service Package
This chapter describes the use of the Apache CXF framework in the web service package to expose SOAP and REST web services.
A web service is a service that can be remotely invoked by another system.
The services of the eDelivery DomiSML application are declared in Spring and implement the Singleton pattern.
To connect the classes exposed by CXF to the service class
managed by Spring, we use an additional package that plays the role of
Façade: eu.europa.ec.bdmsl.ws.
The façades define the same interfaces as the services they are linked to. They have the same methods as the Java implementation classes of the services managed by Spring. The façades implement strictly the interface they reference and serve as a transition with the external systems, taking into consideration matters like database connection, transaction, security, etc. The façade also performs the conversion of the objects from JAXB to BO and vice-versa.
The reference to the underlying service is injected in the façade with Spring. For each method of the interface implemented by the façade, we invoke the same method as on the service implementation class:
[...]
public class ManageParticipantIdentifierWSImpl extends AbstractWSImpl implements IManageParticipantIdentifierWS {
@Autowired
private IManageParticipantIdentifierService manageParticipantIdentifierService;
@Autowired
private MapperFactory mapperFactory;
[...]
@Override
@WebResult(name = "ParticipantIdentifierPage", targetNamespace = "http://busdox.org/serviceMetadata/locator/1.0/", partName = "messagePart")
@WebMethod(operationName = "List", action = "http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/ :listIn")
public ParticipantIdentifierPageType list(@WebParam(partName = "pageRequestType", name = "PageRequest", targetNamespace = "http://busdox.org/serviceMetadata/locator/1.0/") PageRequestType pageRequestType) throws NotFoundFault, InternalErrorFault, UnauthorizedFault, BadRequestFault {
ParticipantIdentifierPageType result = null;
try {
[...]
// convert input from JAXB to BO
PageRequestBO pageRequestBO = mapperFactory.getMapperFacade().map(pageRequestType, PageRequestBO.class);
// call the service layer
ParticipantListBO resultParticipantBOList = manageParticipantIdentifierService.list(pageRequestBO);
loggingService.businessLog(LogEvents.BUS_PARTICIPANT_LIST, pageRequestBO.getSmpId());
// convert output from BO to JAXB
result = mapperFactory.getMapperFacade().map(resultParticipantBOList, ParticipantIdentifierPageType.class);
} catch (Exception exc) {
[...]
handleException(exc);
}
return result;
}
...
}In this package, only the following calls are allowed:
-
Calls to technical components
-
Calls to the service layer
-
Calls to the common package
SOAP Web Services
This section describes the general principles governing SOAP web services.
-
Package:
eu.europa.ec.bdmsl.ws.soap -
Interface:
eu.europa.ec.bdmsl.ws.soap.I<InterfaceName>WS -
Implementation package:
eu.europa.ec.bdmsl.ws.soap.impl -
Implementation:
eu.europa.ec.bdmsl.ws.soap.impl.<InterfaceName>WSImpl
Exposing a Web Service
As from Java 5, the JSR 181, implemented in Apache CXF, allows declaring a Java class as a SOAP web service.
To declare a façade as a web service class, the use of the annotations
@WebService, @SOAPBinding et @BindingType is required as follow:
@WebService(serviceName = "ManageServiceMetadataService", portName = "ManageServiceMetadataServicePort", targetNamespace = Constants.MANAGE_METADATA_SERVICE_NS)
@SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use = SOAPBinding.Use.LITERAL)
@BindingType(javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING)
public class ManageServiceMetadataWSImpl
// ...
}|
Note
|
these annotations are provided by the JSR 181 API and must be set at
both the implementation class and interfaces level. To avoid the exposition of some methods like getter/setters, we use the annotation @WebMethod(exclude=true). |
Exposed Services Declaration
The endpoint and the implementing classes are defined in the
cxf-servlet.xml file. This is how we can expose the service
bdmslservice:
<?xml version="1.0" encoding="UTF-8" ?>
<beans
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd">
{empty}[...]
<jaxws:endpoint
id="bdmslService"
implementor="eu.europa.ec.bdmsl.ws.soap.impl.BDMSLServiceWSImpl"
address="/bdmslservice"></jaxws:endpoint>
</beans>WSDL
The exposed web services are defined in a contract interface file named WSDL. In the eDelivery BDMSL application, we use a WSDL-first approach. It means that we first design the WSDL and generate Java code from the WSDL.
The classes are generated through the use of a maven plugin defined in
the pom.xml file. To generate the classes, the following command line
must be run. Among other operations, this command will automatically
call the wsdl2java goal from the cxf-codegen-plugin plugin:
-
mvn package
For the SML compliance, the WSDL files are defined in the SML specification. In the eDelivery BDMSL application, they are:
-
ManageBusinessIdentifierService-1.0.wsdl -
ManageServiceMetadataService-1.0.wsdl -
BDMSLService-1.0.wsdl
These files are located in the src/main/webapp/WEB-INF/wsdl directory.
Binding
The use of JAXB configuration allows customizing the generated sources like package or class names, and also allowing the definition of adapters between XML and Java types (marshalling/unmarshalling).
These binding files are stored as xjb files in the src/main/webapp/WEB-INF/wsdl directory.
Mapping JAXB objects / BO
JAXB objects are generated from the WSDL. Inside the different layers of the application, we only use Business Objects (BO). We don’t directly use JAXB generated objects in the business logic because this would tightly couple the business logic to the WSDL. A schema change in a WSDL (such as for version update) typically leads to a different package structure for classes generated from that WSDL via JAXB. To mitigate this risk, we use different Java objects: the business objects (BO).
See Object Mapping, for more information on the mapping of JAXB objects to BO.
-
Apache CXF: Exposing SOAP/REST web services. Only in the web module service.
-
Spring: dependency injection
This paragraph provides implementation details of the BDMSL.
There are three interfaces described in this paragraph:
| Interface | Description |
|---|---|
|
Defined in the PEPPOL SML Specification, in Appendix B: WSDLs. |
|
Defined in the PEPPOL SML Specification, in Appendix B: WSDLs. |
|
Contains services not covered by any specification from OASIS or PEPPOL, used by the SMP user. |
|
Contains administration services for managing the SML instance. |
ManageService Metadata Service
-
ManageServiceMetadataService-1.0.wsdl
Operation Create()
-
The user has a valid certificate.
NOTE: We consider a certificate is valid if it has not been revoked or isn’t expired. -
The role associated to the certificate is ROLE_SMP
-
The SMP doesn’t already exists in the system
Establishes a Service Metadata Publisher metadata record, containing the metadata about the Service Metadata Publisher (SMP), as outlined in the ServiceMetadataPublisherService data type.
-
Input CreateServiceMetadataPublisherService: ServiceMetadataPublisherService - contains the service metadata publisher information, which includes the logical and physical addresses for the SMP (Domain name and IP address). It is assumed that the ServiceMetadataPublisherID has been assigned to the calling user out-of-bands.
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the Create operation.
-
Fault: badRequestFault - returned if the supplied CreateServiceMetadataPublisherService does not contain consistent data.
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason.
Operation Read()
-
The user has a valid certificate
-
The role of the user is ROLE_SMP
-
The SMP already exists
Retrieves the Service Metadata Publisher record for the service metadata publisher.
-
Input ReadServiceMetadataPublisherService: ServiceMetadataPublisherID
-
the unique ID of the Service Metadata Publisher for which the record is required
-
-
Output: ServiceMetadataPublisherService - the service metadata publisher record, in the form of a ServiceMetadataPublisherService data type
-
Fault: notFoundFault - returned if the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the Read operation
-
Fault: badRequestFault - returned if the supplied parameter does not contain consistent data
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Operation Update()
-
The user has a valid certificate
-
The role of the user is ROLE_SMP
-
The SMP already exists
Updates the Service Metadata Publisher record for the service metadata publisher.
-
Input UpdateServiceMetadataPublisheServicer: ServiceMetadataPublisherService - contains the service metadata for the service metadata publisher, which includes the logical and physical addresses for the SMP (Domain name and IP address). If the request’s logical address is different from the logical address stored into the database, all participant’s NAPTR records under the specified SMP will be updated with the new logical address passed by request.
-
Fault: notFoundFault - returned if the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the Update operation.
-
Fault: badRequestFault - returned if the supplied UpdateServiceMetadataPublisheServicer does not contain consistent data
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason.
Operation Delete()
-
The user has a valid certificate
-
The role of the user is ROLE_SMP
-
The SMP already exists
Deletes the Service Metadata Publisher record for the service metadata publisher.
-
Input DeleteServiceMetadataPublisherService: ServiceMetadataPublisherID - the unique ID of the Service Metadata Publisher to delete
-
Fault: notFoundFault - returned if the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the Delete operation
-
Fault: badRequestFault - returned if the supplied DeleteServiceMetadataPublisherService does not contain consistent data
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Implementation note: If the SMP is linked to many participants, then the participants are deleted from the database and the DNS by batch of 300 elements. This is to avoid reaching the limit of the DNS protocol. Indeed, the RFC1035 of the DNS standard states that the messages are bound to 65535 bytes length.
Manage Participant Identifier
-
ManageBusinessIdentifierService-1.0.wsdl
Operation Create()
-
The user has a valid certificate
-
The SMP already exists
-
The role of the user is ROLE_SMP
-
The participants do not exist yet
Creates an entry in the Service Metadata Locator Service for information relating to a specific participant identifier. Regardless of the number of services a recipient exposes, only one record corresponding to the participant identifier is created in the Service Metadata Locator Service by the Service Metadata Publisher which exposes the services for that participant.
-
Input CreateParticipantIdentifier: ServiceMetadataPublisherServiceForParticipantType - contains the Participant Identifier for a given participant and the identifier of the SMP which holds its data
-
Fault: notFoundFault - returned if the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the Create operation
-
Fault: badRequestFault - returned if the supplied CreateParticipantIdentifier does not contain consistent data
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Operation CreateList()
-
The user has a valid certificate
-
The SMP already exists
-
The participants do not exist yet
-
The role of the user is ROLE_SMP
-
The number of participants in the list is less than 100
Creates a set of entries in the Service Metadata Locator Service for information relating to a list of participant identifiers. Regardless of the number of services a recipient exposes, only one record corresponding to each participant identifier is created in the Service Metadata Locator Service by the Service Metadata Publisher which exposes the services for that participant.
-
Input CreateList: ParticipantIdentifierPage - contains the list of Participant Identifiers for the participants which are added to the Service Metadata Locator Service. The NextPageIdentifier element is absent.
-
Fault: notFoundFault - returned if the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the CreateList operation
-
Fault: badRequestFault - returned if:
-
The supplied CreateList does not contain consistent data
-
The number of participants in the list is greater than 100
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Operation Delete()
-
The user has a valid certificate
-
The SMP already exists
-
The role of the user is ROLE_SMP
-
The participants already exist
-
The participant is not under migration process and does not have an active migration key
Deletes the information that the SML Service holds for a specific Participant Identifier.
-
Input DeleteParticipantIdentifier: ServiceMetadataPublisherServiceForParticipantType - contains the Participant Identifier for a given participant and the identifier of the SMP that publishes its metadata
-
Fault: notFoundFault - returned if the participant identifier or the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the Delete operation or if the migration to another SMP is in progress
-
Fault: badRequestFault - returned if the supplied DeleteParticipantIdentifier does not contain consistent data
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Operation DeleteList()
-
The user has a valid certificate
-
The SMP already exists
-
The participants already exist
-
The participants are not under migration process
-
The role of the user is ROLE_SMP
-
The number of participants in the list is less than 100
Deletes the information that the SML Service holds for a list of Participant Identifiers.
-
Input DeleteList: ParticipantIdentifier - contains the list of Participant Identifiers for the participants which are removed from the Service Metadata Locator Service. The NextPageIdentifier element is absent.
-
Fault: notFoundFault - returned if one or more participant identifiers or the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the DeleteList operation or if one of the participants is under migration process
-
Fault: badRequestFault - returned if:
-
The supplied DeleteList does not contain consistent data
-
The number of participants in the list is greater than 100
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Operation PrepareToMigrate()
-
The user has a valid certificate
-
The SMP already exists
-
The role of the user is ROLE_SMP
-
The participants already exist
Prepares a Participant Identifier for migration to a new Service Metadata Publisher. This operation is called by the Service Metadata Publisher which currently publishes the metadata for the Participant Identifier. The Service Metadata Publisher supplies a Migration Code which is used to control the migration process. The Migration Code must be passed (out of band) to the Service Metadata Publisher which is taking over the publishing of the metadata for the Participant Identifier and which MUST be used on the invocation of the Migrate() operation. This operation can only be invoked by the Service Metadata Publisher which currently publishes the metadata for the specified Participant Identifier.
-
Input PrepareMigrationRecord: MigrationRecordType - contains the Migration Key and the Participant Identifier which is about to be migrated from one Service Metadata Publisher to another.
-
Fault: notFoundFault - returned if the participant identifier or the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the PrepareToMigrate operation
-
Fault: badRequestFault - returned if the supplied PrepateMigrationRecord does not contain consistent data
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Operation Migrate()
-
The user has a valid certificate
-
The SMP already exists
-
The participants already exist
-
The role of the user is ROLE_SMP
-
The prepareToMigrate service has been called for this participant
Migrates a Participant Identifier already held by the Service Metadata Locator Service to target a new Service Metadata Publisher. This operation is called by the Service Metadata Publisher which is taking over the publishing for the Participant Identifier. The operation requires the new Service Metadata Publisher to provide a migration code which was originally obtained from the old Service Metadata Publisher. The PrepareToMigrate operation MUST have been previously invoked for the supplied Participant Identifier, using the same MigrationCode, otherwise the Migrate() operation fails. Following the successful invocation of this operation, the lookup of the metadata for the service endpoints relating to a particular Participant Identifier will resolve (via DNS) to the new Service Metadata Publisher.
-
Input CompleteMigrationRecord: MigrationRecordType - contains the Migration Key and the Participant Identifier which is to be migrated from one Service Metadata Publisher to another.
-
Fault: notFoundFault - returned if the migration key or the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the Migrate operation
-
Fault: badRequestFault - returned if the supplied CompleteMigrationRecord does not contain consistent data
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Operation List()
-
The user has a valid certificate
-
The role of the user is ROLE_SMP
-
The SMP already exists
List() is used to retrieve a list of all participant identifiers associated with a single Service Metadata Publisher, for synchronization purposes. Since this list may be large, it is returned as pages of data, with each page being linked from the previous page.
-
Input Page: PageRequest - contains a PageRequest containing the ServiceMetadataPublisherID of the SMP and (if required) an identifier representing the next page of data to retrieve. If the NextPageIdentifier is absent, the first page is returned.
-
Output: ParticipantIdentifierPage - a page of Participant Identifier entries associated with the Service Metadata Publisher, also containing a <Page/> element containing the identifier that represents the next page, if any.
-
Fault: notFoundFault - returned if the next page or the identifier of the SMP could not be found
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the List operation
-
Fault: badRequestFault - returned if the supplied NextPage does not contain consistent data
-
Fault: internalErrorFault - returned if the SML service is unable to process the request for any reason
Note that the underlying data may be updated between one invocation of List() and a subsequent invocation of List(), so that a set of retrieved pages of participant identifiers may not represent a consistent set of data.
BDMSLService interface
This interface describes non-core services that are not defined in the SML or BDX specifications. The services are used by SMP and Monitor users.
-
BDMSLService-1.0.wsdl
Operation PrepareChangeCertificate()
-
The current certificate of the user is valid
-
The role of the user is ROLE_SMP
-
The user has the new certificate for the SMP(s)
This operation allows an SMP to prepare a change of its certificate. It is typically called when an SMP has a certificate that is about to expire and already has the new one. This operation MUST be called while the certificate that is already registered in the BDMSL is still valid. If the migrationDate is not empty, then the new certificate MUST be valid at the date provided in the migrationDate element. If the migrationDate element is empty, then the "Valid From" date is extracted from the certificate and is used as the migrationDate. In this case, the "Not Before" date of the certificate must be in the future.
-
Fault: unauthorizedFault - returned if the caller is not authorized to invoke the PrepareChangeCertificate operation
-
Fault: badRequestFault - returned if
-
The supplied request does not contain consistent data
-
The new certificate is not valid at the date provided in the migrationDate element
-
The migrationDate is not in the future.
-
The migrationDate is not provided and the "Not Before" date of the new certificate is not in the future
-
The migrationDate is not provided and the "Valid From" is in the past
-
-
Fault: internalErrorFault - returned if the BDMSL service is unable to process the request for any reason
A nightly job performs an analysis to actually perform the change of certificates. The algorithm is as following:
List<Certificate> certificates = findCertificateWithPessimisticLock()
for each certificate in certificates do
if [certificate.new_cert_migration_date ⇐ today] then
for each allowed_wildcard in bdmsl.allowed_wildcard do
allowed_wildcard.fk_certificate_id = certificate.new_cert_id
end for
for each smp in bdmsl.smp do
smp.fk_certificate_id = certificate.new_cert_id
end for
delete certificate
else if [certificate.new_cert_migration_date < today] then
warn "The migration of the certificate couldn’t be perform in time"
end if
end for
The scheduling of the job can be configured by setting the value of the property certificateChangeCronExpression.
To avoid the job to be performed multiple times on a clustered environment, it is necessary to use a pessimistic lock when finding the certificates. The job must run in a single transaction and the lock is released at the end of the transaction.
Operation IsAlive()
-
The certificate is valid
-
The user has the role ROLE_MONITOR, ROLE_SMP or ROLE_ADMIN
This service has only a monitoring purpose. It can be called to check if the application is up and running.
This service checks if the database and the DNS are accessible by trying to read from the database and to write to and read from DNS.
-
Input : none
-
Output : none. HTTP 200 OK expected
-
Fault: internalErrorFault - returned if the BDMSL service is unable to process the request for any reason
Operation CreateParticipantIdentifier()
-
The certificate is valid
-
The SMP already exists
-
The participant doesn’t already exists
This service has the same behaviour as the Create() operation in the ManageParticipantIdentifier interface but it has one additional and optional input: the serviceName element. In the Create() operation, the service name is "Meta:SMP" by default. In the CreateParticipantIdentifier() operation, this service name can be customized.
-
serviceName: the name of the service for the NAPTR record.
|
Note
|
the flow for the create method of ManageParticipantIdentifierServiceImpl can be found here: Technical Design. |
BDMSLAdminService interface
This interface describes non-core services that are not defined in the SML or BDX specifications. Services are restricted only for role ROLE_ADMIN and it is advised to use the only behind Proxy so that they are not exposed to Internet (They should be used only on intranet).
Operation ClearCache()
-
The certificate is a valid certificate
-
The user has the role ROLE_SMP or ROLE_ADMIN
The application manages in-memory caches to enhance performance. This service can be called to clear all the caches managed by the application. The in-memory caches are used for:
-
The list of trusted aliases and their corresponding domains, because these data are not supposed to be changed frequently
-
The content of the Certificate Revocation List, to avoid the cost of downloading each time the CRLM for each certificate
-
Input : none
-
Output : none. HTTP 200 OK expected
-
Fault: internalErrorFault - returned if the BDMSL service is unable to process the request for any reason
Operation ChangeCertificate()
-
The user credentials are valid
-
The user has the role ROLE_ADMIN
-
The user has the new certificate for the SMP
This operation allows the admin team to change the SMP’s certificate. It is called by the admin team in case the SMP’s certificate has expired and the new one needs to be applied. The new certificate MUST be valid at the date time the request is sent.
-
Input : SMP id, Certificate public key
-
Output : none. HTTP 200 OK expected
-
Fault: unauthorizedFault - returned if:
-
The caller is not authorized to invoke the ChangeCertificate operation (The user doesn’t have the ROLE_ADMIN role)
-
The public key already exists
-
-
Fault: badRequestFault - returned if
-
The supplied request does not contain consistent data
-
Invalid public key
-
The new certificate is not valid at the moment the request is sent
-
The SMP id is unknown
-
-
Fault: internalErrorFault - returned if the BDMSL service is unable to process the request for some reason
Operation SetProperty()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to change BDMSL property in the database such as: passwords, DNS url, etc. The new property is taken into account when the cron task refreshes the properties simultaneously on all nodes in the cluster. Crontab properties are only refreshed with the restart of the BDMSL server.
-
Input : Property name, Property value, optionally: Property description
-
Output : Property data stored to BDMSL database
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: badRequestFault - returned if
-
The supplied request does not contain consistent data
-
Invalid propertyName
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation GetProperty()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to retrieve BDMSL property from the database such as: DNS url, smtp configuration, etc.
-
Input : Property name
-
Output: Property data stored to BDMSL database
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid propertyName
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason
Operation DeleteProperty()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to delete BDMSL non mandatory properties from database.
-
Input : Property name,
-
Output : Property data stored to BDMSL database
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid propertyName
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason
Operation CreateSubDomain()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to create new BDMSL SubDomain. When creating subdomain the DNS types, SMP url scheme restriction, Participant regular expression must be defined.
-
Input : SubDomain name, DNS Zone name, SubDomain DNS RecordTypes, Allowed SubDomain SMPs URL schema, Participant regular expression, expression for client certificate subject validation, list of allowed certificate policy OIDs, max count of participants which can be registered on the domain. Max. count of participants which can be registered by one SMP.
-
Output : Subdomain data stored to BDMSL database
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid SubDomain data
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason
Operation UpdateSubDomain()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to update the BDMSL SubDomain properties. In case of changing DNS Record Type and with DNS integration ON - the records are not updated automatically. Records must be updated manually using operations: AddDNSRecord, DeleteDNSRecord.
-
Input: SubDomain name + Optional: SubDomain DNS RecordTypes, Allowed SubDomain SMPs URL schema, Participant regular expression, expression for client certificate subject validation, list of allowed certificate policy OIDs, max count of participants which can be registered on the domain. Max. count of participants which can be registered by one SMP.
-
Output: Subdomain data stored to BDMSL database
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid SubDomain data
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason
Operation GetSubDomain()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to read BDMSL SubDomain properties.
-
Input : SubDomain name.
-
Output : Subdomain data stored to BDMSL database
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid SubDomain data
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason
Operation DeleteSubDomain()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to delete empty BDMSL SubDomain.
-
Input : SubDomain name.
-
Output : Deleted Subdomain data from BDMSL database
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Subdomain has registered participants
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason
Operation AddSubDomainCertificate()
-
Valid Certificate
-
The user has the role ROLE_ADMIN
This operation allows the admin team to add new Domain certificate to BDMSL SubDomain. Certificate can be flagged as RootPKI certificate and/or as Admin certificate. Admin certificate can be only the certificate which is not flagged as RootPKI certificate.
-
Input : SubDomain name, Certificate, Boolean value for: is certificate root PKI value and is certificate Admin Certificate.
-
Output : Registered new Domain certificate data.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid Subdomain Certificate data
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation UpdateSubDomainCertificate()
-
The certificate is already added to database
-
The user has the role ROLE_ADMIN
This operation allows the admin team to update SubDomain certificate data. Admin can set or clear CRL distribution point, IsAdmin flag and SubDomain name.
-
Input :Certificate Identifier + Optional: SubDomain name, Certificate CRL distribution URL, boolean value for is certificate Admin Certificate Boolean value.
-
Output : Updated Domain certificate data.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid Subdomain Certificate data
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation ListSubDomainCertificate()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to search for domain certificate by partial certificate DN and by the Subdomain.
-
Input: Partial certificate identifier and/or domain name.
-
Output: List of registered Domain certificate data which match the search criteria.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation AddDNSRecord()
-
BDMSL is integrated with DNS server.
-
The user has the role ROLE_ADMIN
This operation allows the admin team to add new record to DNS server for DNS RecordType: A, CNAME and NAPTR.
-
Input: DNS Record name, DNS record Type, DNS record Value and service name in case of NAPTR record type.
-
Output: Inserted DNS record.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid DNS name
-
Invalid DNS value
-
Invalid DNS record type
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation DeleteDNSRecord()
-
BDMSL is integrated with DNS server
-
The user has the role ROLE_ADMIN
This operation allows the admin team to remove records from DNS server. Varoius DNS records can have the same name. The ‘DeleteDNSRecord’ operation removes all DNS records with the same name. The deletion is done from the DNS server even if the DNS record does not exist in the database.
-
Input: DNS Record name.
-
Output: List of deleted DNS records.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid DNS record name
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation AddTruststoreCertificate()
-
Valid Certificate
-
The user has the role ROLE_ADMIN
This operation allows the admin team to add certificate to the truststore. Service is needed for adding a complete certificate chain to the truststore.
-
Input : Base64 encoded X509Certificate + Optional: alias.
-
Output : Inserted X509Certificate with truststore alias.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
Invalid Certificate data
-
Certificate already exists in truststore
-
Certificate with given alias already exists in truststore
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation GetTruststoreCertificate()
-
The certificate with given alias is already added to the truststore
-
The user has the role ROLE_ADMIN
This operation allows the admin team to retrieve the certificate from the truststore by the alias.
-
Input : truststore alias.
-
Output : X509Certificate data.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
alias is not given in parameter
-
-
Fault NotFoundFault - returned if
-
alias is not present in truststore
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation DeleteTruststoreCertificate()
-
The certificate with given alias is in the truststore
-
The user has the role ROLE_ADMIN
This operation allows the admin team to remove the certificate from the truststore by the alias.
-
Input : truststore alias.
-
Output : deleted X509Certificate data.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if
-
alias is not given in parameter
-
-
Fault NotFoundFault - returned if
-
alias is not present in truststore
-
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation ListTruststoreCertificateAliases()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to retrieve all aliases for the certificates registered in the truststore.
-
Input: Optional: partial certificate alias.
-
Output: List of registered aliases, which match the search criteria or all aliases if input value is empty.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation GenerateInconsistencyReport ()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to trigger the generation of the inconsistency report by demand. The report is generated asynchronously, and in large DNS zones/tables can take several 10 minutes.
-
Input: email for receiving the report.
-
Output: email with the report.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if email is invalid
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation GenerateReport()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to trigger generation of any of the reports supported by the BDMSL.
-
Input: email for receiving the report. Report type
-
Output: email with the report.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if email or report type are invalid
-
Fault: InternalFaultError : Returned if the BDMSL service is unable to process the request for any reason.
Operation ManageServiceMetadataPublisher()
-
The user has the role ROLE_ADMIN
This operation allows the admin team to manage (enable, disable, delete, and update) large service metadata instances: the SMPs. The action is executed asynchronously and sends mail to the receiver when it is completed. The method is suitable for managing SMPs with many participants because it updates its participants in smaller batches.
-
Input: email for receiving the action result, Action type: enable,disable, delete or update, SMP instance data: ID, domain and owner certificate identifier. Logical and/or physical for updating the message.
-
Output: email with the result.
-
Fault: UnauthorizedFault : Returned if the certificate provided is not a ADMIN certificate
-
Fault: BadRequestFault - returned if email or other data are invalid
-
Fault: InternalFaultError : Returned if the DomiSML service is unable to process the request for any reason.
1.1.6. Business layer
The business layer manipulates only business objects and defines the business rules.
Business objects are POJO and implement the Singleton pattern. They are defined in the common package described in the Business Objects (BO) section.
-
Package: eu.europa.ec.bdmsl.business
-
Interface: eu.europa.ec.bdmsl.business.I<InterfaceName>Business
-
Implementation package: eu.europa.ec.bdmsl.business.impl
-
Implementation: eu.europa.ec.bdmsl.business.impl.<InterfaceName>BusinessImpl
In this layer, only the following calls are allowed:
-
Calls to technical components
-
Calls to the persistence layer
-
Calls to the common package
This layer handles most of the business logic processing. Therefore, there is no technical aspect. The only framework used is Spring for the dependency injection.
Business Layer’s Development
Interface
public interface IManageServiceMetadataBusiness \{
/**
-
Retrieves the Service Metadata Publisher record for the service metadata.
-
@param serviceMetadataPublisherID the unique ID
-
of the Service Metadata Publisher for which the record is required
-
@return ServiceMetadataPublisherBO the service metadata publisher record.
-
@throws TechnicalException Technical exception.
-
@throws BusinessException Business exception.
*/
ServiceMetadataPublisherBO read(String serviceMetadataPublisherID);
}
Implementation classes
The implementation classes extend the parent-class «AbstractBusinessImpl» and implement their dedicated interface (here «IManageServiceMetadataBusiness»). The AbstractBusinessImpl class only contains the logging service but may be completed with new services if new common requirements are identified for *BusinessImpl classes in future versions.
public class ManageServiceMetadataBusinessImpl extends AbstractBusinessImpl implements IManageServiceMetadataBusiness \{
private IManageServiceMetadataDAO manageServiceMetadataDAO;
/*
-
(non-Javadoc)
*
-
@see eu.europa.ec.bdmsl.service.IManageServiceMetadataBusiness#read (String)
*/
@Override
public ServiceMetadataPublisherBO read(String serviceMetadataPublisherID)
throws TechnicalException, BusinessException \{
ServiceMetadataPublisherBO smpBO = manageServiceMetadataServiceBusiness.read(serviceMetadataPublisherID);
return smpBO;
}
…
}
1.1.7. Data Access Layer
This layer access to the data persisted in the database. The objects of this layer are POJO that implement the Singleton and DAO pattern.
-
Package: eu.europa.ec.bdmsl.dao
-
Interface: eu.europa.ec.bdmsl.dao.I<InterfaceName>DAO
-
Implementation package: eu.europa.ec.bdmsl.dao.impl
-
Implementation: eu.europa.ec.bdmsl.dao.impl.<InterfaceName>DAOImpl
-
Package Entity Object: eu.europa.ec.bdmsl.dao.entity
-
Entity object: eu.europa.ec.bdmsl.dao.entity.<ObjectName>Entity
In this layer, only the following calls are allowed:
-
Calls to technical components
-
Calls to the common package
This layer is the only one to use the JPA framework because it is the only one that actually accesses to the database.
The configuration is managed by Spring.
Data Access Layer’s Development
Interface
public interface ISmpDAO \{
/**
-
Retrieves the Service Metadata Publisher record for the service metadata.
-
@param serviceMetadataPublisherID the unique ID
-
of the Service Metadata Publisher for which the record is required
-
@return ServiceMetadataPublisherBO the service metadata publisher
*/
ServiceMetadataPublisherBO findSMP(String serviceMetadataPublisherID) throws TechnicalException;
}
Implementation Classes
The implementation classes extend the parent-class «AbstractDAOImpl» and implement their dedicated interface (here «IManageServiceMetadataDAO»).
public class ManageServiceMetadataDAOImpl extends AbstractDAOImpl implements ISmpDAO \{
/**
-
@see eu.europa.ec.bdmsl.dao.ISmpDAO#findSMP(String)
*/
@Override
public ServiceMetadataPublisherBO findSMP(String serviceMetadataPublisherID)
throws TechnicalException \{
ServiceMetadataPublisherBO resultBO = null;
SmpEntity resultSmpEntity = getEntityManager().find(SmpEntity.class, id);
if (resultSmpEntity != null) \{
resultBO = mapperFactory.getMapperFacade().map(resultSmpEntity, ServiceMetadataPublisherBO.class);
} else \{
loggingService.debug("No SMP found for id " + id);
}
return resultBO;
}
…
}
Mapping BO/Entity
The data access layer internally uses JPA entities to perform the Object/Relational mapping with the database. However, the methods exposed in the interfaces only expose Business Objects because the Business objects are the only ones that can be used between the layers.
For more information on mapping BO/Entities, see Object Mapping.
Common Package
This package is particular because it can be called without restriction by all the layers of the application: it is transversal.
This common package provides:
-
Business and technical Exceptions.
-
Business objects (BOs) to be used in every layer
-
Constants, error codes, utility classes
-
Enums
-
Package:
eu.europa.ec.bdmsl.common -
Package Business Object:
eu.europa.ec.bdmsl.common.bo -
Business Object:
eu.europa.ec.bdmsl.common.<ObjectName>BO
In this layer, only the following calls are allowed:
-
Calls to technical components
Business Objects (BO)
Business objects (BO) are developed in the common package because they are transversal to all layers and are used in the service, business and persistence layer. They are POJO with no dependency to any framework or database. They can walk through the layers. We use BO because they are linked to the domain, and hide the implementation choices made for façade and for the persistence. Thus, they are not directly linked to any database model, or any web service interface.
Each BO extends the abstract class AbstractBusinessObject provided by
the common library. This class implements java.io.Serializable and
overrides equals, hashCode and toString as abstract methods.
Each BO must define a serialVersionUID and implement the three previous
methods.
1.1.8. Software Architecture
The development of DomiSML involves five different maven projects.
-
bdmsl-api -
bdmsl-common -
bdmsl-webapp -
bdmsl-parent-pom
In this section we describe the content and the role of each project.
Library "bdmsl-api"
Project name : bdmsl-api
It is a SOAP web service client (stub) that is generated from the WSDLs of the main project. The api is a Maven project and the output is packaged as a jar file.
The WSDL files contain all the methods that are exposed, the objects and the exceptions.
The projects that call the web services of the eDelivery BDMSL application can use this web service client.
Library "bdmsl-common"
Project name : bdmsl-common
Packages:
This library is used by all the modules of the eDelivery BDMSL solution. It provides services like:
-
Cryptography
-
Constants
-
Configuration manager
-
Utils (dates, encoding, etc.)
-
Logging
-
Abstract/parent classes common to all eDelivery BDMSL modules
bdmsl-webapp
Project name : bdmsl-webapp
This is a Maven project that contains all the services, business logic and persistence code of the application. It produces a war file that can be deployed in the supported application servers and servlet containers.
Parent POM
Project name: bdmsl-parent-pom
It’s the parent pom of all the Maven module. It contains the version for the dependencies, default configuration of plugins, etc.
1.2. Logging
1.2.1. Implementation
The logs use the Log4j framework. The bdmsl-common library provides the logging manager ILoggingService and its main implementation class LoggingServiceImpl. This logging manager must be used for all the logs within the eDelivery BDMSL application.
There are 3 types of logs: security logs, business logs and miscellaneous logs. Each category of log has its own appender defined in the log4j.xml file. By default, each category will log in a separate file:
-
bdmsl-security.log : This log file contains all the security related information. For example, you can find information about the clients who connect to the application.
-
bdmsl-business.log: This log file contains all the business related information. For example, when a participat is created, when a SMP is deleted, etc.
-
bdmsl.log : This log file contains both the security and business logs plus miscellaneous logs like debug information, logs from one of the framework used by the application, etc.
The security and business logs require a code that is defined in the implementation of the ILogEvent interface. In the eDelivery BDMSL application, all the security and business messages are defined in the LogEvents class.
The pattern of the logs is defined in the log4j.xml file. The default pattern is:
%d{ISO8601}\{Europe/Brussels} [%X{user}] [%X{requestId}] %-5p %c{1}:%L - %m%n
-
user: The client authenticated by its certificate.
-
requestId: the UUID of the request (provided by the application server)
The values for the user and requestId properties can be set by calling the method ILoggingService.putMDC(String key, String value).
1.2.2. Log event codes
| Category | Log event code | Description |
|---|---|---|
SECURITY |
SEC-001 |
The host %s attempted to access %s without any certificate |
SECURITY |
SEC-002 |
The host %s has been granted access to %s with roles %s |
SECURITY |
SEC-003 |
The host %s has been refused access to %s |
SECURITY |
SEC-004 |
The certificate is revoked : %s |
SECURITY |
SEC-005 |
The root certificate of the client certificate is unknown in the database. It means that the certificate is accepted at transport level (SSL) but refused at application level. %s |
SECURITY |
SEC-006 |
Certificate is not valid at the current date %s. Certificate valid from %s to %s |
SECURITY |
SEC-007 |
Certificate is not yet valid at the current date %s. Certificate valid from %s to %s |
BUSINESS |
BUS-001 |
Technical error while authentication process |
BUSINESS |
BUS-002 |
Error while configuring the application. |
BUSINESS |
BUS-003 |
The SMP was successfully created: %s. |
BUSINESS |
BUS-004 |
The SMP couldn’t be created: %s. |
BUSINESS |
BUS-005 |
The following SMP was read: %s. |
BUSINESS |
BUS-006 |
The SMP couldn’t be read: %s. |
BUSINESS |
BUS-007 |
The SMP was successfully deleted: %s. |
BUSINESS |
BUS-008 |
The SMP couldn’t be deleted: %s. |
BUSINESS |
BUS-009 |
The SMP was successfully updated: %s. |
BUSINESS |
BUS-010 |
The SMP couldn’t be updated: %s. |
BUSINESS |
BUS-011 |
The participant was successfully created: %s. |
BUSINESS |
BUS-012 |
The participant couldn’t be created: %s. |
BUSINESS |
BUS-013 |
The list of participant couldn’t be created: %s. |
BUSINESS |
BUS-014 |
The list of participants couldn’t be created: %s. |
BUSINESS |
BUS-015 |
The participant was successfully deleted: %s. |
BUSINESS |
BUS-016 |
The participant couldn’t be deleted: %s. |
BUSINESS |
BUS-017 |
The list of participant couldn’t be deleted: %s. |
BUSINESS |
BUS-018 |
The list of participants couldn’t be deleted: %s. |
BUSINESS |
BUS-019 |
The participants of SMP %s have been successfully listed. |
BUSINESS |
BUS-020 |
The participants of SMP %s couldn’t be listed. |
BUSINESS |
BUS-021 |
The prepare to migrate service was successfully called for participant: %s. |
BUSINESS |
BUS-022 |
The prepare to migrate service failed for participant: %s. |
BUSINESS |
BUS-023 |
The call to migrate service was successfully called for participant: %s. |
BUSINESS |
BUS-024 |
The call to migrate service failed for participant: %s. |
BUSINESS |
BUS-025 |
The call to the list service succeeded |
BUSINESS |
BUS-026 |
The call to the list service failed |
BUSINESS |
BUS-027 |
The new certificate was successfully planned for change for current certificate: %s |
BUSINESS |
BUS-028 |
The certificate change failed for current certificate: %s |
BUSINESS |
BUS-029 |
The following CNAME record has been added to the DNS for the participant %s : %s |
BUSINESS |
BUS-030 |
The following NAPTR record has been added to the DNS for the participant %s : %s |
BUSINESS |
BUS-031 |
The following CNAME record has been added to the DNS for the SMP %s : %s |
BUSINESS |
BUS-032 |
The following A record has been added to the DNS for the SMP %s : %s |
BUSINESS |
BUS-033 |
The CertificateChangeJob ran successfully. %s certificates have been migrated |
BUSINESS |
BUS-034 |
The CertificateChangeJob failed. |
BUSINESS |
BUS-035 |
The ChangeCertificate service has been executed successfully |
BUSINESS |
BUS-036 |
The ChangeCertificate service has failed |
1.3. Caching
To enhance performance, in-memory caches are used in the application. They rely on the ehcache implementation. To put objects in a cache, we use annotations:
@Override
@Cacheable(value = "crlByUrl", key = "#crlDistributionPointURL")
public void verifyCertificateCRLs(String serial, String crlDistributionPointURL)\{
[…]
}
The @Cacheable annotation triggers cache population. In the previous example, the name of the cache is crlByUrl. The key attribute is one of the parameters of the method: crlDistributionPointURL. The next time this method is called, if the cache is already populated with a value for the given key, then the method won’t actually be called and the result will be returned from the cache.
Sometimes, it is useful to clear the caches. This can be done by calling the method IBDMSLService.clearCache().
1.4. Exception handling
1.4.1. Exception types
When exceptions are thrown in the business, persistence and service layers, they are transformed into technical or business exceptions to ensure to the client of the service that all the possible exceptions are declared in the service signature.
All the methods of the exposed interfaces in the persistence, business and service layer can only throw two kinds of exceptions:
-
TechnicalException : Technical exceptions happen when a technical component of a business process acts in an unexpected way. Examples of technical exceptions are: IO exception, timeout, bad configuration, etc.
-
BusinessException : Business Exceptions are exceptions that are designed and managed in the specification of a business process. In other words, Business Exceptions are exceptions which happen at the process or workflow level, and are not related to the technical components.
1.4.2. SOAP Faults
Because of the design of the WSDL in the SML specification, it is not possible to use an interceptor to transform the exceptions into SOAP fault. Thus, it is the AbstractWSImpl class which handles exceptions and convert any type of exception into appropriate SOAP faults. In the eDelivery BDMSL, there are 4 types of SOAP faults, all mapped to TechnicalException:
-
NotFoundFault
-
UnauthorizedFault
-
BadRequestFault
-
InternalErrorFault
A typical SOAP fault example would be:
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>5378C6571DE2DD3FD026704338FF678B</faultstring>
<detail>
<NotFoundFault
xmlns:ns2="http://busdox.org/transport/identifiers/1.0/"
xmlns="http://busdox.org/serviceMetadata/locator/1.0/">
<FaultMessage>[ERR-100] The SMP 'testSMLUpdate' doesn't exist.</FaultMessage>
</NotFoundFault>
</detail>
</soap:Fault>
</soap:Body>
</soap:Envelope>In the previous SOAP fault, the faultstring contains the request unique
identifier provided by the application server. This request unique
identifier is traced in the logs to easily find the logs
associated to an exception:
2015-07-24 10:32:08,562 [unsecure-http-client]
[5378C6571DE2DD3FD026704338FF678B] ERROR LoggingServiceImpl:83 -
[ERR-100] The SMP 'testSMLUpdate' doesn't exist.The error codes are all listed in the IErrorCodes interface (see the table below).
1.4.3. Error Codes
| Error code | Description | Exception type |
|---|---|---|
|
SMP not found error |
|
|
Unauthorized error |
|
|
Certificate authentication issue |
|
|
The root alias is not found in the list of trusted issuers in the database |
TechnicalException |
|
The certificate is revoked |
|
|
Generic technical error |
|
|
Bad request error |
|
|
DNS communication problem |
|
|
Problem with the SIG0 signature |
|
|
Bad configuration |
|
|
Participant not found error |
|
|
Migration data not found |
|
|
Duplicate participant error |
|
|
Error when deleting a SMP |
|
|
The deletion failed because a migration is planned for the givenparticipant or SMP |
|
|
The certificate couldn’t be found |
|
1.5. Object mapping
There are three types of objects used in the application:
-
JAXB objects: Generated objects from the WSDL.
-
Business objects (BO): POJO used in the business logic in the service, business and persistence layers.
-
JPA entities: Persistence domain objects.
Two types of mapping are required:
-
The first type of mapping converts JAXB objects to BO and vice-versa. The implementation class is SoapMappingInitializer.
-
The second type of mapping converts JPA entities to BO and vice-versa. The implementation class is EntityMappingInitializer.
To avoid hand coding value object assemblers to copy data from one object type to another, we use a generic framework named Orika. Orika is a Java Bean mapping framework that recursively copies data from one object to another.
An example of mapping would be:
@Component
public class SoapMappingInitializer {
@Autowired
private MapperFactory mapperFactory;
@PostConstruct
public void init() {
[...]
mapperFactory.classMap(PageRequestType.class, PageRequestBO.class)
.field("serviceMetadataPublisherID", "smpId")
.byDefault()
.register();
[...]
}
}In the previous mapping, we map the field serviceMetadataPublisherID of
the class PageRequestType to the field smpId of the class PageRequestBO.
The other fields have the same name so they are automatically mapped
thanks to the byDefault() method. This mapping is bidirectional.
To map an object, the singleton instance of the MapperFactory object can
be used. For instance, in the Façade layer (ws) :
[...]
public class BDMSLServiceWSImpl extends AbstractWSImpl implements IBDMSLServiceWS {
[...]
@Autowired
private MapperFactory mapperFactory;
[...]
@Override
@WebMethod([...])
public void create(@WebParam ParticipantType participantType) {
[...]
// Convert the ParticipantType JAXB object into a ParticipantBO object
ParticipantBO participantBO = mapperFactory.getMapperFacade().map(participantType, ParticipantBO.class);
[...]
}
[...]
}1.6. Database management
1.6.1. Auditing
To automatically audit the changes in the database, all the DAOs must extend the AbstractDAOImpl class and use its persist() and merge() methods. This way, the date of the changes of any business data is automatically logged.
For each table containing business data, these 2 following columns are present:
-
created_on: date of creation of the row -
last_updated_on: date of the last update of the row
Data changes are also logged with hibernate envers. Each table has an audit table with the suffix '_aud'.
1.6.2. Data model
Java entity classes are located in eu.europa.ec.bdmsl.dao.entity
package. Entity annotations define the Model with the use of JPA2
annotations. Database ddl scripts are generated automatically during the
build time by the maven plugin in the bdmsl-webapp subproject:
<plugin>
<artifactId>maven-antrun-plugin</artifactId>
<executions>
<execution>
<id>generate-ddl</id>
<phase>process-classes</phase>
<goals>
<goal>run</goal>
</goals>
<configuration>
<target>
<!-- ANT Task definition
Class generates ddl scripts
{empty}1. Parameter: comma separated hibernate database dialects
{empty}2. script version
{empty}3. export scripts. -->
<java
classname="eu.europa.ec.bdmsl.dao.utils.SMLSchemaGenerator"
fork="true"
failonerror="true">
<arg
value="org.hibernate.dialect.Oracle10gDialect,org.hibernate.dialect.MySQL5InnoDBDialect"/>
<arg value="$\{project.version}"/>
<arg value="$\{project.basedir}/src/main/sml-setup/database-scripts"/>
<!-- reference to the passed-in classpath reference -->
<classpath refid="maven.compile.classpath"/>
</java>
</target>
</configuration>
</execution>
</executions>
</plugin>By default, the ddl scripts for Oracle10gDialect and MySQL5InnoDBDialect
database are generated.
Global description of the tables
| Table | Description |
|---|---|
|
It is possible for a given Service Metadata Publisher to provide the metadata for all participant identifiers belonging to a particular participant identifier scheme. If this is the case, then it corresponds to the concept of a wildcard CNAME record in the DNS, along the lines:
This table identifies the SMP with their certificates and map them to schemes for which they can create wildcard records. |
|
List of SMPs identified with their certificates. |
|
Associates the root certificates to the DNS domains |
bdmsl_configuration |
Table containing all the configuration |
bdmsl_migrate |
Contains the participants migrated or to be migrated |
bdmsl_participant_identifier |
List of the participants |
bdmsl_smp |
List of the SMPs |
bdmsl_subdomain |
List of Subdomains |
bdmsl_allowed_wildcard_aud |
Audit table for: bdmsl_allowed_wildcard |
bdmsl_certificate_aud |
Audit table for: bdmsl_certificate |
bdmsl_certificate_domain_aud |
Audit table for: bdmsl_certificate_domain |
bdmsl_configuration_aud |
Audit table for: bdmsl_configuration |
bdmsl_migrate_aud |
Audit table for: bdmsl_migrate |
bdmsl_participant_identifier_aud |
Audit table for: bdmsl_participant_identifier |
bdmsl_smp_aud |
Audit table for: bdmsl_smp |
bdmsl_subdomain_aud |
Audit table for: bdmsl_subdomain |
bdmsl_info_rev |
Audit table for: audit info table with date and user who created the change. |
Detailed description of the tables
| Table | Column | Description |
|---|---|---|
bdmsl_allowed_wildcard |
scheme |
The scheme on which the wildcard applies |
fk_certificate_id |
The foreign key to the certificate |
|
created_on |
Date of creation |
|
last_updated_on |
Date of the last update |
|
bdmsl_certificate |
id |
The id is a primary key of the certificate entry. |
certificate_id |
The certificate_id is a natural key composed of the subject and the serial number of the certificate |
|
valid_from |
Start validity date of the certificate |
|
valid_until |
Expiry date of the certificate |
|
pem_encoding |
PEM encoding for the certificate |
|
new_cert_change_date |
The date of the change for the new certificate |
|
new_cert_id |
The new certificate id. Links to the certificate that will be valid after the current one is expired. At the migration date, it aims to replace the existing certificate |
|
created_on |
Date of creation |
|
last_updated_on |
Date of the last update |
|
bdmsl_certificate_domain |
certificate |
Natural key for authorization domain certificate. Value is created from certificate Subject value |
id |
Domain certificate entry primary key. |
|
fk_subdomain_id |
The foreign key to the subdomain |
|
truststore_alias |
Alias which correspond to certificate truststore alias. |
|
crl_url |
URL to the certificate revocation list (CRL) |
|
created_on |
Date of creation |
|
valid_from |
Start validity date of the certificate |
|
valid_until |
Expiry date of the certificate |
|
us_admin |
If user identified by this certificate has role ADMIN |
|
pem_encoding |
PEM encoded certificate |
|
is_root_ca |
If certificate is root CA or not |
|
last_updated_on |
Date of the last update |
|
bdmsl_configuration |
property |
Name of the property |
value |
Value of the property |
|
description |
Description of the property |
|
created_on |
Date of creation |
|
last_updated_on |
Date of the last update |
|
bdmsl_migrate |
scheme |
The scheme of the participant identifier to be migrated |
participant_id |
The participant identifier to be migrated |
|
migration_key |
The migration key is a code that must be passed out-of-band to the SMP which is taking over the publishing of the metadata for the participant identifier. This code must contain:
|
|
new_smp_id |
The id of the SMP after the migration |
|
old_smp_id |
The id of the old SMP (before the migration) |
|
migrated |
True if the migration is done |
|
created_on |
Date of creation |
|
last_updated_on |
Date of the last update |
|
bdmsl_participant_identifier |
id |
Surrogate key of participant |
participant_id |
The participant identifier |
|
disabled |
Disabled status of the partipant: true/false. Disabled participant identifiers do not have DNS records. |
|
naptr_hash |
Hash of participant used for naptr record |
|
cname hash |
Hash of participant used for cname record |
|
scheme |
The scheme of the participant identifier |
|
bdmsl_smp |
fk_smp_id |
The foreign key to the SMP identifier |
created_on |
Date of creation |
|
last_updated_on |
Date of the last update |
|
id |
Surrogate key of smp |
|
smp_id |
The SMP identifier |
|
smp_disabled |
Disabled status of the smp: true/false. Disabled SMPs do not have DNS records. |
|
fk_certificate_id |
The foreign key to the certificate |
|
endpoint_physical_address |
The physical address of the endpoint. This physical address is used as the ALIAS on the CNAME DNS record. |
|
endpoint_logical_address |
The logical address of the endpoint |
|
created_on |
Date of creation |
|
fk_subdomain_id |
The foreign key to the subdomain |
|
last_updated_on |
Date of the last update |
|
bdmsl_subdomain |
subdomain_id |
The subdomain identifier |
subdomain_name |
The subdomain name |
|
created_on |
Date of creation |
|
last_updated_on |
Date of the last update |
|
description |
Subdomain description |
|
dns_record_type |
Type of DNS Record when registering/updating participant, “all” means that both DNS record types are accepted as possible values: [cname, naptr, all]. |
|
dns_zone |
Domain (dns zone) for subdomain. |
|
participant_id_regexp |
Regex allows specific and described ids only or * instead for having wildcards. |
|
smp_url_schemas |
Protocol that MUST be used for LogicalAddress when registering new SMP. “all” means both protocols are accepted as possible values: [http, https, all]. |
|
smp_ia_cert_regexp |
Regex for authorizing certificates when using issuer based domain authorization. |
1.7. Scheduler
The Spring Framework provides abstractions for asynchronous execution and scheduling of tasks.
In the applicationContext.xml file, we can define the jobs to be scheduled:
<task:scheduler id="scheduler" pool-size="1"/>
<task:scheduled-tasks scheduler="scheduler">
<task:scheduled ref="manageCertificateService" method="changeCertificates" cron="${certificateChangeCronExpression}"/>
</task:scheduled-tasks>
The previous example will execute every day at 2 am the method changeCertificate of the bean name manageCertificateService.
In case of the execution of the application on a clustered environment, it is necessary to make sure that multiple jobs do not perform the same task at the same time. The use of a pessimistic lock can be useful:
@Override
public List<CertificateBO> findCertificatesToChange(Calendar currentDate) throws TechnicalException \{
clustered environment. To avoid concurrency issues, we do here a SELECT FOR UPDATE
Query query = getEntityManager().createQuery("SELECT cert from CertificateEntity cert where cert.newCertificateChangeDate ⇐ :currentDate")
currentDate).setLockMode(LockModeType.PESSIMISTIC_WRITE);
[…]
}
All cron expressions are initialized from values in the database. When a parameter is changed, server needs to be restarted.
1.7.1. Change Certificate
This job changes the certificates that have a migration date in the past or at the present day and deletes the older ones.
This task runs according to this parameter:
| BDMSL_CONFIGURATION | ||
|---|---|---|
PROPERTY |
VALUE |
DESCRIPTION |
certificateChangeCronExpression |
0 0 2 ? * * |
Cron expression for the changeCertificate job. Example: 0 0 2 ? * * (everyday at 2:00 am) |
This parameter can be updated manually on the database or by webservice SetProperty().When parameter is changed, the server needs to be restarted.
1.7.2. Update database properties
If SML is set in “cluster mode” (property sml.cluster.enabled) then this job updates application business properties from database. Cron task is used to ensure that all nodes in a cluster update properties at the same time. Task first checks if there are changed properties according to last_update_on values. If there is a last_update_on value newer then the one from the last property update, the update of properties is triggered.
This task runs according to this parameter:
| BDMSL_CONFIGURATION | ||
|---|---|---|
PROPERTY |
VALUE |
DESCRIPTION |
sml.property.refresh.cronJobExpression |
0 53 */1 * * * |
Property refresh cron task expression (every hour, 7 minutes before the hour) |
sml.cluster.enabled |
false |
Property defines if SML is running in cluster mode. |
This parameter can be updated manually on the database or by webservice SetProperty().
1.7.3. Data Inconsistency Analyzer
This job looks for inconsistencies between the database and the DNS. It first accesses the DNS to retrieve all SMPs and Participants. It then compares DNS data against Database. All discrepancies in entries are reported to the user by means of a report email.
As the previous job, this task will run according to the parameters below:
| BDMSL_CONFIGURATION | ||
|---|---|---|
PROPERTY |
VALUE |
DESCRIPTION |
dataInconsistencyAnalyzer.cronJobExpression |
0 0 3 ? * * |
Cron expression: 0 0 3 ? * * (every day at 3:00 am) |
dataInconsistencyAnalyzer.recipientEmail |
Email address to receive Data Inconsistency Checker results |
|
dataInconsistencyAnalyzer.senderEmail |
Sender email address for reporting Data Inconsistency Analyzer. |
|
dataInconsistencyAnalyzer.serverInstance |
localhost |
Server instance (hostname) to generate report. Property is needed in cluster where we define which instance should generate the report. |
These parameters can be updated manually on database or by webservice SetProperty().
1.7.4. SMP with expired certificates Analyzer
This job looks for SMPs with expired certificates. All SMPs with expired certificates are reported to the user by means of a report email.
As the previous job, this task will run according to the parameters below:
| BDMSL_CONFIGURATION | ||
|---|---|---|
PROPERTY |
VALUE |
DESCRIPTION |
report.expiredSMPCertificates.cron |
0 22 6 ? * * |
Cron expression for triggering the report generation of the expired SMP certificates |
report.expiredSMPCertificates.recipientEmail |
Email address to receive the report |
|
report.expiredSMPCertificates.senderEmail |
Sender email address of the report. |
|
report.expiredSMPCertificates.serverInstance |
localhost |
Server instance (hostname) to generate report. Property is needed in cluster where we define which instance should generate the report. |
These parameters can be updated manually on database or by webservice SetProperty().
1.8. Email SMTP configuration
An inconsistency report is sent by email. As a consequence a mail server needs to be configured in the database. Below are smtp server configuration properties.
| BDMSL_CONFIGURATION | ||||
|---|---|---|---|---|
PROPERTY |
VALUE |
DESCRIPTION |
||
mail.smtp.host |
smtp.server.com |
Smtp server host |
||
mail.smtp.port |
465 |
Smtp server port |
||
mail.smtp.protocol |
smtp |
Protocol (smtp, smtps) |
||
mail.smtp.username |
smtpuser |
Username for authentication on server |
||
mail.smtp.password |
P/npBabppDazizAjWkNs6Q== |
Encrypted password |
||
mail.smtp.properties |
mail.smtp.ssl:true;
|
Additional properties |
1.9. Validations
1.9.1. Participant ID validation per Domain
SML provides to each existent domain the possibility to validate its participant ids through Regular Expression. The following property in the table BDMSL_SUBDOMAIN allows validating participant ids:
PARTICIPANT_ID_REGEXP = ^((((1234|45678|9584|9635):).*)|(\*))$-
Example - For subdomain with name: generalerds.acc.edelivery.tech.ec.europa.eu
PARTICIPANT_ID_REGEXP = ^.*$
1.9.2. Logical Address validation per Domain
Two addresses are needed to create a SMP: the Logical and the Physical Addresses. As from SML version 3.1, the configuration allows to specify if the Logical Address may accept HTTP or HTTPS protocol for the Create SMP Operation.
An additional property 'SMP_URL_SCHEMAS' has been introduced in the table BDMSL_ SUBDOMAN in that purpose.
The possible values for this property are (all, http or https). The option 'all' means that both protocols are accepted.
SMP_URL_SCHEMAS = all1.10. Security
1.10.1. DNS
DNS specifications
The SML Specification states in its chapter 5. DNS spoof mitigation:
"The regular lookup of the address of the SMP for a given participant ID is performed using a standard DNS lookup. There is a potential vulnerability of this process if there exists at least one "rogue" certificate (e.g. stolen or otherwise illegally obtained). In this vulnerability, someone possessing such a rogue certificate could perform a DNS poisoning or a man-in-the-middle attack to fool senders of documents into making a lookup for a specific identifier in a malicious SMP (that uses the rogue certificate), effectively routing all messages intended for one or more recipients to a malicious access point. This attack could be used for disrupting message flow for those recipients, or for gaining access to confidential information in these messages (if the messages were not separately encrypted). One mitigation for this kind of attack on the DNS lookup process is to use DNSSEC rather than plain DNS. DNSSEC allow the authenticity of the DNS resolutions to be checked by means of a trust anchor in the domain chain. Therefore, it is recommended that an SML instance uses the DNSSEC infrastructure."
Thus, to mitigate the risk of DNS spoofing, the DNSSEC can be used in the eDelivery BDMSL application. The Domain Name System Security Extensions (DNSSEC) is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks.
Three properties allow the administrator to configure the DNSSEC:
| Property | Description |
|---|---|
dnsClient.SIG0Enabled |
'true' if the SIG0 signing is enabled. Required fr DNSSEC. Possible values: true/false |
dnsClient.SIG0PublicKeyName |
The public key name of the SIG0 key |
dnsClient.SIG0KeyFileName |
The actual SIG0 key file. Should be just the filename if the file is in the classpath or in the 'configurationDir' |
|
Note
|
It’s important to be aware that the BDMSL deployed at the European Commission is not configured to use DNSSEC on the actual public DNS server: |
DNS implementation
The BDMSL registers 1 CNAME record for each SMP. The BDMSL registers 2 types of DNS records for each participant:
-
1 CNAME record with the prefix "B-"
-
1 U-NAPTR record without prefix "B-"
Thus, for each participant, 2 records exist at the same time in the DNS and don’t conflict because they don’t use the same hash algorithm. For example, if a SMP registers the participant 0010:5798000000001 then:
-
The MD5 hash is e49b223851f6e97cbfce4f72c3402aac
-
The SHA-256 Base32 hash is XUKHFQABQZIKI3YKVR2FHR4SNFA3PF5VPQ6K4TONV3LMVSY5ARVQ
As a result, the BDMSL registers two records in the DNS:
>dig CNAME B-e49b223851f6e97cbfce4f72c3402aac.iso6523-actorid-upis.acc.edelivery.tech.ec.europa.eu @ddnsext.tech.ec.europa.eu
B-e49b223851f6e97cbfce4f72c3402aac.iso6523-actorid-upis.edelivery.eu. 60 IN CNAME smp.edelivery.tech.ec.europa.eu
>dig NAPTR XUKHFQABQZIKI3YKVR2FHR4SNFA3PF5VPQ6K4TONV3LMVSY5ARVQ.iso6523-actorid-upis.edelivery.eu @ddnsext.tech.ec.europa.eu
XUKHFQABQZIKI3YKVR2FHR4SNFA3PF5VPQ6K4TONV3LMVSY5ARVQ.iso6523-actorid-upis.edelivery.eu. 60 IN NAPTR 100 10 "U" "Meta:SMP" "!.*!http://smp.edelivery.eu/iso6523-actorid-upis::0010:5798000000001!" .
To mitigate the risk of DNS spoofing, the BDMSL can use the DNSSEC infrastructure. The deployment infrastructure is described in the DNS section.
1.10.2. Encryption Key
SML uses a private key to encrypt and decrypt the keystore password used by SML to sign any response and the proxy password.
How to generate a private key
-
Download one of the latest BDMSL .war files from the repository on the Digital site
-
Extract the .war file using any extracting tool
-
Run the following commands to create a private key
-
cd bdmsl-webapp-XXX-weblogic-oracle (XXX being the SML version number you are intalling)
-
java -cp "WEB-INF/lib/*" eu.europa.ec.bdmsl.common.util.PrivateKeyGenerator c:\temp\encriptionPrivateKey.private
Required parameter = Full directory path where the private key will be created
Example:
Printed result: Private key created at c:\temp\encriptionPrivateKey.private
NOTE: Once the private key is generated, please copy the private key file name "Ex: encriptionPrivateKey.private" to the value of the property encriptionPrivateKey in the table BDMSL_Configuration, and copy the private file to the path configured in the property configurationDir.
How to encrypt a password
After generating a private key at the section 12.2.1, please configure the proxy or keystore (used to sign response) password if needed as follows:
-
Inside the folder already extracted from the BDMSL .war file, please run below command:
java -cp "WEB-INF/lib/*" eu.europa.ec.bdmsl.common.util.EncryptPassword c:\temp\privateKey.private Password123 (1)(2)-
1st parameter is the private key location.
-
2nd parameter is the password in plain text.
-
-
To configure the proxy password, please copy the printed encrypted and base64 encoded password to the value of the property httpProxyPassword in the table BDMSL_CONFIGURATION.
Example:
| Property | Description |
|---|---|
httpProxyPassword |
vXA7JjCy0iDQmX1UEN1Qwg== |
-
To configure keystore password, please copy the printed encrypted and base64 encoded password to the value of the property keystorePassword in the table BDMSL_CONFIGURATION
Example:
| Property | Description |
|---|---|
keystorePassword |
vXA7JjCy0iDQmX1UEN1Qwg== |
1.10.3. Authentication
The authentication relies on the use of a Public Key Infrastructure (PKI). The services are all secured at the transport level with a two-way SSL / TLS connection. The requestor must authenticate using a client certificate issued for use in the infrastructure by a trusted third-party. The server will reject SSL clients that do not authenticate with a certificate issued under a trusted root.
WS-Security is only used for signing the response from the BDMSL to the SMP. It allows the SMP to validate that the request was correctly processed and acknowledged by the BDMSL.
The authentication for the user and admin interface is also performed with 2-way SSL and the user must provide the SMP’s certificate.
The authentication is performed through a custom interceptor named CertificateAuthenticationInterceptor. This interceptor is configured to intercept any incoming request in the cxf-servlet.xml configuration file:
<cxf:bus>
<cxf:inInterceptors>
<ref bean="certificateAuthenticationInterceptor"/>
</cxf:inInterceptors>
[...]
</cxf:bus>The interceptor extracts the certificate information from the request and then validates it.
A certificate is valid if:
-
The direct issuer or certificate itself is trusted in the bdmsl_certificate_domain table and truststore.
-
If certificate is trusted by direct issuer and subject matches the regular expression
-
If the whole certificate chain is registered in truststore and is valid:
-
It is not revoked according to its certificate revocation list (CRL)
-
It is valid for the current date
-
This certificate is then automatically used to authenticate the client using the Spring security framework. If the certificate is valid, then the client is authenticated and the certificate details are stored in the security context. Otherwise, a UnauthorizedFault is thrown.
SSL configured on the application server
The 2-way SSL configuration can be directly set up on the application server hosting the application:
In this type of configuration, the client certificate is passed in the request and can be intercepted in the javax.servlet.request.X509Certificate attribute.
Reverse proxy with SSL
The server can be behind a reverse proxy. In this case, 2-way SSL is set up on the reverse proxy and the application server hosting the application can use the HTTP protocol:
In this configuration, the certificate information is stored in the HTTP header, in the Client-Cert attribute. From BDMSL 4.1 version on, BDMSL supports HTTP header SSLClientCert with base64 encoded Client X509Certificate.
Admin Access
The system administrators can access the services like ChangeCertificate by using certificate authentication. The domain certificate in the bdmsl_certificate_domain must have flag Is_Admin_ set to true. Admin certificate can only be NonRootPKI certificate.
Monitor Access
The Monitor user can only access service isAlive(). User is authenticated by security token included in the HTTP Header in the following way:
-
The HTTP header needs to have the following attributes: Monitor-Token, Admin-Pwd (obsolete)
-
The password needs to be hashed with BCrypt algorithm
-
The password will be stored in the configuration table under the key adminPassword
Enable/disable BlueCoat Authentication flag
To authenticate into SML using the header Client-Cert attribute, the flag authentication.bluecoat.enabled and authorization.domain.legacy.enabled must be enabled in the table BDMSL_CONFIGURATION (BlueCoat Authentications are rejected otherwise).
1.10.4. Authorizations
Roles
There are three roles defined in the application:
| Property | Description | Current condition |
|---|---|---|
ROLE_SMP |
The role specific to SMP clients |
The CN (Common Name) must start with "SMP_" or "DN" (Distinguished name)
and must match regular expression from configuration property:
authorization.smp.certSubjectRegex. For a Non Root Certificate Authority, the CN (Common Name) must contain
|
ROLE_MONITOR |
The role only for invoking isAlive function |
No certificate needed, the right credentials must be sent via the HTTP header attribute Admin-Pwd or Monitor-Token |
ROLE_ADMIN |
The role for the administrator of the BDMSL |
Admin is authenticated by Non Root Certificate Authority in domain certificate table. Certificate must have flag is_admin set to true. |
The authorizations are set using the Spring security framework using the @PreAuthorize annotation on the methods of the service layer:
@Override
@PreAuthorize("hasAnyRole('ROLE_SMP', 'ROLE_ADMIN')")
@Transactional(readOnly = false, rollbackFor = Exception.class)
public void prepareChangeCertificate(PrepareChangeCertificateBO prepareChangeCertificateBO) throws BusinessException, TechnicalException {
[...]
}In the previous example, the method can only be called if the current client has any of the roles ROLE_SMP or ROLE_ADMIN. Otherwise, a UnauthorizedFault SOAP fault is thrown.
Granting ROLE_SMP
The BDMSL application can perform 2 different types of SMP domain authorizations:
-
One is the Domain certificate-issuer-based* authorization* (also known as Root Certificate Authority) method that would automatically authorize all the certificate-issuer trusted certificates.
-
The other is the certificate-based authorization (also known as *NON Root Certificate Authority)*method to authorize an individual SMP X.509 certificate.
Certificate-issuer-based authorization
The authorization is suitable for business domains with a high number of SMP service providers. The SML domain owner must provide a dedicated issuer certificate for issuing all SMP service providers certificates in a particular domain. When the business owner issues a certificate to the SMP service provider, it automatically authorizes the certificate to access the BDMSL business domain. The SMP service provider can then create and manage an SMP entry and its Participant list. At the SMP entry creation, the SMP’s Certificate is automatically registered to the SMP entry. After the SMP entry registration, the SMP entry itselfand its participant listcan be modified only by the SMP entry’s registered certificate.
BDMSL introduces the ability to define regular expressions on the SMP X509 Certificate’s subject DN to filter the SMP authorization to specific certificates issued by the registered domain issuer. The functionality also enables business owners to use certificate issued for other purposes, as the case for also issuing the AP certificates. The regular expression is defined by the BDMSL configuration property, authorization.smp.certSubjectRegex or in the the domain table column: SMP_IA_CERT_REGEXP.
Below is an example of a regular expression where the only SMP certificates allowed have subject CN starting with “SMP_“ or the subject DN containing organization unit (OU) with value: “PRODUCTION SMP:
Regular expression: ^.(CN=SMP_|OU=PRODUCTION SMP).$
|
Note
|
The system administrator must register and authorize the issuer certificate in the BDMSL and associate it to the domain. |
For granting a certificate to the domain, BDMSL checks the issuer of the certificate against the trusted RootCA list provided by the SML database certificate domain table and (optionally) SML truststore. The database flag isRootCA for the issuer certificate must be set to true.
A Root Certificate Authority owns a PKI (Public Key Infrastructure) to manage certificates.
Certificate-based authorization
This authorization is suitable for business domains with fewer SMP service providers and in cases where maintaining a dedicated certificate issuer for the domain’s SMP certificates is not an option. In this case, each SMP certificate must be added and authorized in the BDMSL business domain by the administrator.
For granting a certificate as trusted, BDMSL checks the certificate itself against the trusted NON- RootCA provided by the SML database. The database flag isRootCA must be set false.
A Non Root Certificate Authority does not own any PKI (Public Key Infrastructure) to manage certificates, a third party entity is responsible for managing certificates for such case.
Non Root and Root Certificate Priority
Apart from the aforementioned cases, SML allows certificates that are
configured with Root and Non Root CA simultaneously. In such cases, SML
gives priority to the Non Root CA, meaning that if a certificate matches
Non Root CA, the SML ignores Root CA.
1.10.5. WS-Security
If the property signResponse is set to true, then the responses are signed using the WS-Security framework.
The response signature is performed through a custom interceptor named
SignResponseInterceptor. This interceptor is configured to intercept any
outgoing request in the cxf-servlet.xml configuration file:
<cxf:bus>
[...]
<cxf:outInterceptors>
<ref bean="signResponseInterceptor" />
</cxf:outInterceptors>
</cxf:bus>1.11. Technical requirements
This chapter describes the minimum and recommended system requirements to operate a BDMSL component.
1.11.1. Hardware
| Type | Minimum | Recommended |
|---|---|---|
Processor |
1 CPU core |
4 CPU core |
Memory (RAM) |
2GB |
8GB or more |
Disk space |
5GB |
Depends on usage |
1.11.2. Software
-
Ubuntu 18.04 LTS 64 bits
-
Oracle Java SE 8
-
Oracle WebLogic Server 12c (12.2.1.4+)
-
Oracle Database 11g (11.2.0.4.0)
Any operating system that is compliant with one of the supported JVM.
-
Oracle Java SE JRE 8
-
OpenJDK 8
-
Apache Tomcat 9
-
Oracle WebLogic Server 12c (12.2.1.4+)
-
MySQL 8
-
Oracle Database 11g (11.2.0.4.0)
-
Internet Explorer 8 or newer
-
Mozilla Firefox
-
Google Chrome == Configuration
1.11.3. Application Configuration
| Property | Description | Enc. | ||
|---|---|---|---|---|
Properties listed with (*) are mandatory |
||||
|
BCrypt Hashed password to access admin services Example: |
FALSE |
||
|
Is blue coat enabled. Possible values: TRUE/FALSE.
|
FALSE |
||
|
Enable/Disable SSLClientCert header authentication. Possible values: TRUE/FALSE.
|
FALSE |
||
|
User with ROOT-CA is granted SMP_ROLE only if its certificates Subject matches configured regexp. Example: |
FALSE |
||
|
If legacy
authorization is enabled, then domain authorization is done based only
on domain certificate table data comparing certificate Subject or Issuer
Values. In case of false: BDMSL must have SML truststore configured. And
the Domain Trust is verified also by the BDMSL truststore. In case of
false Example: TRUE |
FALSE |
||
|
In case of
authorization.domain.legacy.enabled is ser to false. All certificate in
truststore chain are validated and CRL url is retrieved from the
certificates directly. Example: TRUE |
FALSE |
||
|
In case of authorization.domain.legacy.enabled is set to false. All
certificate in truststore chain are validated and CRL url is retrieved
from the certificates directly. + Comma separated list of allowed CRL and/or OCSP transport protocols for fetching the CRL list or OCSP validation. Example: |
FALSE |
||
|
Certificate validation strategy. Possible Values: OCSP_CRL, CRL_OCSP, OCSP_ONLY,CRL_ONLY,NO_VALIDATION. |
- |
||
|
True if the use of HTTPS is not required. If the VALUES is set to true, then the user unsecure-http-client is automatically created. Possible Values: TRUE/FALSE. |
FALSE |
||
|
The path to the folder containing all the configuration files (keystore and sig0 key). Example: |
FALSE |
||
|
Property refresh CRON expression (def 7 minutes to each hour)! Example: |
FALSE |
||
|
CRON expression for the changeCertificate job. Example: |
FALSE |
||
|
Maximum number of participants on SMP which are automatically updated/deleted when calling services: +
ManageServiceMetadataService/Update +
If SMP has more participants then for Example: |
FALSE |
||
Properties listed with (*) are mandatory |
||||
|
CRON expression for dataInconsistencyChecker job. Example: |
FALSE |
||
|
Email address to receive Data Inconsistency Checker results. Example: email@domain.com |
FALSE |
||
|
Sender email address for reporting Data Inconsistency Analyzer.
Example: |
FALSE |
||
|
Server instance (hostname) to generate report. Example: localhost |
FALSE |
||
Properties listed with (*) are mandatory |
||||
|
Email server - configuration for submitting the emails. Example: |
FALSE |
||
|
Smtp mail port - configuration for submitting the emails. Example: 25 |
FALSE |
||
|
smtp mail protocol- configuration for submitting the emails. Example: |
FALSE |
||
|
smtp mail protocol- username for submitting the emails. |
FALSE |
||
|
smtp mail protocol - encrypted password for submitting the emails. |
TRUE |
||
|
smtp mail semicolon ( Example: |
FALSE |
||
Properties listed with (*) are mandatory |
||||
|
true if the SIG0 signing is enabled. Required for DNSSEC. Possible values: TRUE/FALSE. |
FALSE |
||
|
If true than service ListDNS transfer and show the DNS entries (not recommended for large zones). Possible values: TRUE/FALSE. |
FALSE |
||
|
DNS TCP timeout in seconds. If the value is not given then tcp timeout is set to default value 60 seconds. Example: TRUE |
FALSE |
||
|
If value is 'true', then OASIS_BDXL regexp '^.$' is used for NAPTR value generation else it is used the regular expression '.' as defined in IETF RFC 4848. Example: FALSE |
FALSE |
||
|
The actual SIG0 key file. Should be just the filename if the file is in the classpath or in the configurationDir. Example: |
FALSE |
||
|
The public key name of the SIG0 key. Example: |
FALSE |
||
|
True if registration of DNS records is required. Must be true in production. Possible values: TRUE/FALSE. |
FALSE |
||
|
This is the prefix for the
publishers (SMP). This is to be concatenated with the associated DNS
domain in the table Example: |
FALSE |
||
|
The DNS server. Example: |
FALSE |
||
|
Name of the 256 bit AES secret key to encrypt or decrypt passwords. Example: |
FALSE |
||
|
The signature algorithm to use when signing responses. Examples: |
FALSE |
||
|
The signature digest algorithm to use when signing responses. |
FALSE |
||
|
True if a proxy is required to connect to the internet. Possible values: TRUE/FALSE. |
FALSE |
||
|
The http proxy host. Example: localhost |
FALSE |
||
|
Base64 encrypted password for Proxy. Example: |
TRUE |
||
|
The http proxy port. Example: |
FALSE |
||
|
The proxy user. Example: |
FALSE |
||
Properties listed with (*) are mandatory |
||||
|
True if the responses must be signed. Possible values: TRUE/FALSE. |
FALSE |
||
|
The keystore type. Possible values: JKS/PKCS12. |
FALSE |
||
|
The alias in the keystore for signing responses.
Example: |
FALSE |
||
|
The (JKS or P12) keystore file.
Should be just the filename if the file is in the classpath or in the
Example: |
FALSE |
||
Properties listed with (*) are mandatory |
||||
|
Base64 encrypted password for Keystore. Example: |
TRUE |
||
|
The truststore file (JKS or
p12) should be just the filename if the file is in the classpath or in
the Example: |
FALSE |
||
|
The truststore type. Possible values: JKS/PKCS12. |
FALSE |
||
|
Base64 encrypted password for Truststore.
Example: |
TRUE |
||
|
Regular expression with groups
|
|
||
|
Property defines if scheme for participant identifier is mandatory. Example: FALSE |
FALSE |
||
|
Specifies separated scheme list of participant identifiers that must be considered case-sensitive. Example: |
FALSE |
||
|
CRON expression for triggering the report generation of expired SMP certificates job. Example: |
FALSE |
||
|
Email address to receive expired SMP certificates report. Example: |
FALSE |
||
|
Sender email address for expired SMP certificates report. Example: |
FALSE |
||
|
If Example: |
FALSE |
||
1.11.4. Multiple Domains
SML is able to manage DNS records per domain. Any domain must be linked to only one certificate in the database.
- Domain
-
It is used by the SML to authenticate to the DNS server and gain update privileges.
acc.edelivery.tech.ec.europa.eu or edelivery.tech.ec.europa.eu
- Subdomain
-
It belongs to a domain and must be provided to create DNS entries.
mycompany.acc.edelivery.tech.ec.europa.eu
To configure a subdomain please follow the steps below:
-
Create a subdomain in the table BDMSL_Subdomain:
Figure 1. ExampleNoteIt’s mandatory to define the new subdomain as NON ROOT CAorROOT CAin the columnIS_ROOT_CA.
See Granting theROLE_SMProle. -
Define the subdomain configurations in the table BDMSL_SUBDOMAIN:
DNS_ZON= specify for every domain the name of the domain in the DNS server responsible for the subdomains.
DNS_RECORD_TYPES= specify for every domain the type of DNS Record accepted when registering/updating participant, 'all' means that both DNS record CNAME and NAPTR are accepted, possible values are [cname, naptr, all].
SMP_URL_SCHEMAS= specify for every domain the protocol that must be used for LogicalAddress when registering new SMP, 'all' means that both protocols HTTP and HTTPS are accepted, possible values are [ http, https, all].
PARTICIPANT_ID_REGEXP= specify for every domain the regular expression that validates the participant ID. By default the regular expression "^.*$" is used.
NoteThe values of the properties aforementioned are case insensitive.
1.11.5. Application Server Configuration
To ensure compatibility with all the supported application servers, some configuration is required.
-
For technical reasons, these parameters are not in database but in property file: sml.config.properties. Property file must be located in classpath of application server.
-
The
sml.config.properties propertyfile contains the following properties:
| Property | Example | Description |
|---|---|---|
|
|
Hibernate database dialect for accessing the database. |
|
|
Datasource JNDI name configured on application server. |
|
|
Application server implementation of JSP framework |
|
|
Logging folder. |
Example:
# *********************************
# Hibernate dialect configuration
# *********************************
# Oracle hibernate example
#sml.hibernate.dialect=org.hibernate.dialect.Oracle10gDialect
# Mysql dialect
sml.hibernate.dialect=org.hibernate.dialect.MySQLDialect
# *********************************
# Datasource JNDI configuration
# *********************************
# weblogic datasource JNDI example
#sml.datasource.jndi=jdbc/cipaeDeliveryDs
# tomcat datasource JNDI example
sml.datasource.jndi=java:comp/env/jdbc/edelivery
# *********************************
# JSP implementation configuration
# *********************************
# Weblogic
#sml.jsp.servlet.class=weblogic.servlet.JSPServlet
# tomcat, jboss
sml.jsp.servlet.class=org.apache.jasper.servlet.JspServlet
# *********************************
# Logging implementation
# *********************************
sml.log.folder=./logs/Weblogic
The file src/main/webapp/WEB-INF/weblogic.xml has three purposes in the context of the BDMSL:
-
Defining the context root of the application.
-
Specifying the class loading preferences for some package names (from the weblogic libraries or from the war).
-
Configuring the work manager to optimize the performance of the application.
Tomcat
Tomcat is not an application server because it only supports the servlet API (including JSP, JSTL). An application server supports the whole JavaEE stack.
The file src/main/webapp/META-INF/context.xml has two purposes:
-
Defining the context root of the application;
-
Linking the datasource to the globally defined JNDI datasource.
2. Quick Start Guide
DomiSML was previously named BDMSL, which stands for Business Document
Metadata Service Location.
DomiSML is the sample implementation of the SML maintained by DG DIGIT.
This guide refers to DomiSML/BDMSL 4.x versions.
Version 4 implements the eDelivery BDXL profile.
2.1. Guide Overview
In this guide you can find a the different steps to install the DomiSML on a:
-
Tomcat server with a MySQL database;
-
Weblogic 12.2.1.4 server with an Oracle database.
2.1.1. Software Requirements
Install the following supported software on the target system:
Java Runtime |
Database |
Server |
|
|
|
|
|
2.1.2. Binaries Repository
The eDelivery DomiSML artefacts can be downloaded from the Digital portal.
2.1.3. Source Code Repository
The source code of eDelivery DomiSML is available from the following Git repository →
https://ec.europa.eu/digital-building-blocks/code/projects/EDELIVERY/repos/bdmsl/browse .
|
Important
|
Note as stated in the software requirements, SML deployments has only been tested on Tomcat 9 and WebLogic 12.2.1.4 application servers. |
2.2. Installation
The deployment of the eDelivery DomiSML is made of the following mandatory steps:
-
Database configuration
-
Application Server preparation
-
DomiSML initial configuration
-
DomiSML file deployment
|
Note
|
The environment variable, edelivery_path, is a placeholder for your system’s location,
you have installed the DomiSML package, i.e. CATALINA_HOME for
Tomcat or DOMAIN_HOME for Weblogic.
|
2.2.1. Database
Database Scripts
The scripts to create (or migrate) the Oracle or MySQL databases are
included in the sml-4.x-setup.zip available for download from the Digital portal.
Database Creation
Here you can find the necessary steps to create the database, the
tables and the DomiSML database user
(dbuser, used for database connection purposes).
This step is performed using the script included in the sml-4.x-setup.zip archive
mentioned in the previous section (Database Scripts).
MySQL database
-
Download and copy the mysql5innoDb.ddl script to
edelivery_path/database-scripts. -
Open a command prompt and navigate to the
edelivery_path/database-scriptsfolder. -
Execute the following MySQL commands.
Warningthis step will delete the user schema if it already exists in the database. mysql -h localhost -u <root_user> –-password=<root_password> -e \ "DROP SCHEMA IF EXISTS bdmsl_schema; CREATE SCHEMA bdmsl_schema; ALTER DATABASE bdmsl_schema charset=utf8; CREATE USER sml_dbuser IDENTIFIED BY 'sml_password'; GRANT ALL ON bdmsl_schema.* TO sml_dbuser;"This creates the
bdmsl_schemaand a bdmsl database usersml_dbuserwith all privileges on this schema. -
Create the required objects (tables, etc.) in the database, by executing:
mysql -h localhost -u <root_user> -p<root_password> bdmsl_schema < https://ec.europa.eu/cefdigital/code/projects/EDELIVERY/repos/smp/browse/smp-webapp/src/main/smp-setup/database-scripts/mysql5innoDb-4.1.0.ddl?at=refs%2Fheads%2Fdevelopment[mysql5innoDb.ddl] -
Set up the initial data, by executing:
mysql -h localhost -u root_user -p<root_password> bdmsl_schema <
mysql5innoDb-data.sqlOracle database
-
Download and copy the
oracle10g.ddlscript toedelivery_path/sql-scripts. -
Navigate to
edelivery_path/sql-scriptsdirectory and execute:sqlplus sys as sysdbaWhere:
-
The expected password is the one assigned during Oracle’s installation.
-
-
Once logged in Oracle:
CREATE USER sml_dbuser IDENTIFIED BY sml_dbpassword; GRANT ALL PRIVILEGES TO sml_dbuser; CONNECT sml_dbuser; SHOW USER -
Run the scripts with the
@sign from their location:
@oracle10g.ddl (1)
@oracle10g-data.sql (2)
exit-
Script for Oracle’s database creation.
-
Script for Oracle’s database initialization.
2.3. Configuration
2.3.1. Tomcat Configuration
To deploy the DomiSML on Tomcat, complete the steps in the next sections.
Configuring the Extra CLASSPATH for Tomcat
In the root path of the Tomcat’s installation (CATALINA_HOME), the following directories:
-
keystores - all security artifacts such as Keystore, Truststore, and encryption key.
-
logs
-
classes - the DomiSML configuration file
sml.config.properties.
are created in this Tomcat deployment example.
|
Note
|
The classes folder must be added to a CLASSPATH variable in the Tomcat batch file, CATALINA_HOME/bin/setenv.sh (or CATALINA_HOME/bin/setenv.bat).
|
For Linux
-
Open (or create) and edit the
$CATALINA_HOME/bin/setenv.shfile as in the example below:
#!/bin/sh
# Set CLASSPATH to include sml environment property file:
# sml.config.properties
export CLASSPATH=$CATALINA_HOME/classesFor Windows
-
Open (or create) and edit the
%CATALINA_HOME%/bin/setenv.batfile.REM Set CLASSPATH to include sml environment property file:
REM sml.config.properties
set classpath=%classpath%;%catalina_home%\classes
-
Place the sml.config.properties (DomiSML’s environment property file) in the
classesfolder. -
Download an example,
sml-4.x-setup.zip, from the Digital portal.
For a description of environment properties see Environment Parameters.
For tomcat/mysql configuration the file must have following properties and values:
sml.hibernate.dialect=org.hibernate.dialect.MySQLDialect
sml.datasource.jndi=java:comp/env/jdbc/edelivery
sml.jsp.servlet.class=org.apache.jasper.servlet.JspServlet
# (Absolute/Relative) path to logs folder. Update the value!
sml.log.folder=/opt/tomcat/logs/
# Optional parameter(s) to set the init data at first startup
# The properties are copied to database table BDMSL_CONFIGURATION
# configurationDir: set the absolute path to the “keystores” folder
configurationDir=/opt/tomcat/keystores/Configuring the Datasource for Tomcat
-
Create a new data source in Tomcat named:
java:comp/env/jdbc/edelivery. -
Go to
TOMCAT_HOME/conf/context.xmland add the block:
JDBC Driver
The JDBC driver needs to be downloaded from the manufacturer website:
-
For Mysql: https://www.mysql.com/products/connector/
The JDBC driver (.jar file) must be copied to the following directory: edelivery_path/lib.
2.4. Deployment
Copy the cef_bdmsl-webapp-4.X.war file to the Tomcat edelivery/webapps.
2.4.1. Verification of the Installation
-
In a browser, to go to the following address:
http://<hostname>:<port>/bdmsl-webapp-4.3/ .
|
Note
|
URL context path must match the war file’s name.
If the deployment filename is edelivery-sml.war, then the DomisSML URL is:
|
http:// <hostname>: <port>/edelivery-sml/
If the deployment is successful, the following page is displayed:
|
Important
|
The context path (see example above: /edelivery-sml/) needs to be
the same as is deployment war file. If the war file’s name is sml.war,
then the application’s URL will be http:// <hostname>: <port>/sml/.
|
2.4.2. Weblogic’s Configuration
This guide assumes:
-
WebLogic Server is already installed;
-
WebLogic’s domain is created with an administration server;
-
and a managed server on which the DomiSML is to be deployed.
|
Note
|
In this guide we refer to this WebLogic’s domain (user-defined name) as DOMAIN_HOME.
|
In the examples below, we use the following Domain and Server names:
-
Domain Name:
SMLDOMAIN -
Administration Server:
AdminServer -
SMP Managed Server:
SML_ManagedServer
As seen in the image below:
To deploy the SMP in the WebLogic Application Server platform, you need to complete two preliminary steps:
-
Configure the extra
CLASSPATHfor WebLogic -
Configure a datasource
This is described in the following two sections.
Configuring the extra CLASSPATH for WebLogic
-
Under the
DOMAIN_HOMEdirectory, create the following sub-directories:-
keystores
-
logs
-
classes
-
-
Edit the WebLogic
DOMAIN_HOME/bin/setDomainEnv.sh.For Linux:
Add the EXPORT CLASSPATH=${CLASSPATH}:${DOMAIN_HOME}/classes/ statement at the end of the CLASSPATH definition as shown below:
../ if [ "$\{PRE_CLASSPATH}" != "" ] ; then CLASSPATH="$\{PRE_CLASSPATH}$\{CLASSPATHSEP}$\{CLASSPATH}" export CLASSPATH fi CLASSPATH=$\{CLASSPATH}:$\{DOMAIN_HOME}/classes export CLASSPATH /..For Windows:
../ If NOT "%PRE_CLASSPATH%"=="" ( set CLASSPATH=%PRE_CLASSPATH%;%CLASSPATH% ) set CLASSPATH=%CLASSPATH%;%DOMAIN_HOME%\classes /.. -
Place the
sml.config.properties, DOMISML’s environment property file, in the/classesfolder.You can download an example,
sml-4.x-setup.zip, from the Digital portal. A detailed description of environment properties is provided in the Binaries Repository section.
For weblogic/oracle configuration, the file need the following properties configured as below:
sml.hibernate.dialect=org.hibernate.dialect.Oracle10gDialect
sml.datasource.jndi=jdbc/cipaeDeliveryDs
sml.jsp.servlet.class=weblogic.servlet.JSPServlet
# (Absolute/Relative) path to logs folder. Update the value!
sml.log.folder=/opt/tomcat/logs/
# Optional parameter(s) to set the init data at first startup_
# The properties are copied to database table BDMSL_CONFIGURATION_configurationDir:
# set the absolute path to the “keystores” folder
configurationDir=/opt/tomcat/keystores/Configuring Datasource for WebLogic
-
Click on Services/Data sources on left Domain structure panel.
-
On the Configuration tab click on New and select Generic data source.
This tiggers the New datasource wizard that guides you through the creation of a datasource.
-
On the first wizard page, enter the following values:
Set Name value:
cipaeDeliveryDS
JNDI name:jdbc/_cipaeDeliveryDS
Database Type:oracleClick Next.
-
Next select the Database driver Oracle’s Driver (Thin). Click next twice.
-
On the next wizard page, enter the datasource values. The values below are just an example. Use the values in accordance with your oracle configuration.
Database Name:
xe
Port:1521
Database usersml_dbUser
Pasword:sml_dbPassword
Confirm password:sml_dbPassword
-
Click Next and then Finish.
As a result a new datasource configuration is visible in the datasource table:
2.4.3. War Deployment
-
Deploy the
.warfile within WebLogic using the Oracle Weblogic deployer feature or using the Weblogic Administration Console.
The example below uses the Oracle’s weblogic.deployer.
java weblogic.Deployer -adminurl
t3://$\{WebLogicAdminServerListenAddress}:$\{WebLogicAdminServerPort} \
-username $\{WebLogicAdminUserName} \
-password $\{WebLogicAdminUserPassword} \
-deploy -name edelivery-sml.war \
-targets $\{SMP_ManagedServer} \
-source $TEMP_DIR/edelivery-sml.war2.4.4. Installation Verification
Use your browser to navigate to the following address:
http:// <hostname>: <port>/edelivery-sml/
If the following page is displayed, deployment was successful.
2.4.5. General Configuration
Environment Parameters
The DomiSML application’s environment parameters are stored in the properties file sml.config.properties.
This configuration is in a properties file because these parameters are required before database connection.
You can find a configuration preset for the Tomcat/MySql installation scenario in the setup bundle,sml-4.x-setup.zip (see preset for the Tomcat/MySql installation scenario Database Scripts).
# *********************************
# Hibernate dialect configuration
# *********************************
# Oracle hibernate example
#sml.hibernate.dialect=org.hibernate.dialect.Oracle10gDialect
# Mysql dialect
sml.hibernate.dialect=org.hibernate.dialect.MySQLDialect
# *********************************
# Datasource JNDI configuration
# *********************************
# weblogic datasource JNDI example
#sml.datasource.jndi=jdbc/cipaeDeliveryDs
# tomcat datasource JNDI example
sml.datasource.jndi=java:comp/env/jdbc/edelivery
# *********************************
# JSP implementation configuration
# *********************************
# Weblogic
#sml.jsp.servlet.class=weblogic.servlet.JSPServlet
# tomcat, jboss
sml.jsp.servlet.class=org.apache.jasper.servlet.JspServlet
# *********************************
# Logging implementation
# *********************************
sml.log.folder=./logs/The configuration file has the following parameters:
-
sml.hibernate.dialect- Hibernate dialect used for accessing the database. -
sml.datasource.jndi- JNDI Datasource’s name configured in Configuring the Datasource for Tomcat and Configuring the Datasource for WebLogic. -
sml.jsp.servlet.class- Application server implementation of the JSP framework. -
sml.log.folder- Logs folder.
DomiSML Parameters
The DomiSML application contains its parameters in the database table BDMSL_CONFIGURATION.
Parameters can be updated:
-
using the sql script
-
by calling a webservice operation
mysql -h localhost -u <root_user> -p<root_password> bdmsl_schema -e \
"UPDATE bdmsl_configuration SET value='true', last_updated_on=NOW()
WHERE property='unsecureLoginAllowed'";Call BDMSLAdminServices/SetProperty().
For more details, see the Interface Description.
All properties are refreshed without server restart, except the CRON schedule definitions:
-
sml.property.refresh.cronJobExpression -
certificateChangeCronExpression -
dataInconsistencyAnalyzer.cronJobExpression
The properties mentiones above are refreshed as defined in the cron property sml.property.refresh.cronJobExpression.
By default, properties are refreshed (if updated) every hour.
|
Important
|
If a property is changed using the SQL script, make sure that the value last_updated is also changed, otherwise the properties are not updated.
|
For the list of properties and their description, see the DomiSML’s Architecture Overview.
Generating a Private Key File
DomiSML uses a private key for encrypting/decrypting passwords.
If the key is not present in the folder defined in property
configurationDir at startup, it will automatically create and store it.
When deploying DomiSML (especially in Production), make sure its unique encryption key is generated for the deployment.
Below is an example of how to manually create the key.
-
To create a private key, please follow the steps below:
-
Download one of the latest DomiSML war files (eg: bdmsl-webapp-4.0.x.war ) from the repository https://ec.europa.eu/digital-building-blocks/wikis/display/DIGITAL/SML
-
Extract the war file using any extracting tool
-
Run the following commands to create a private key:
Example - Generating a private keycd bdmsl-webapp-4.3 java -cp "WEB-INF/lib/*" eu.europa.ec.bdmsl.common.util.PrivateKeyGenerator c:\temp\encriptionPrivateKey.privateThe
<key_path>is a required parameter and stands for the full directory path where the generated private key is to be stored.In the example above
<key_path>=c:\temp\encriptionPrivateKey.private. -
Once the private key is generated,
-
Set the
encriptionPrivateKeyproperty’s value (located in theBDMSL_Configurationtable) as the name of the private key file you have just generated. -
Copy the private file into the location configured in the property
configurationDir.
-
Encrypting a password
DomiSML encrypts passwords automatically when setting the password property
using the WebService SetProperty.
After generating a private key at item, if needed, configure the proxy or keystore (used to sign responses) password as follows:
Inside the folder already extracted from BDMSL .war file, run the command:
java -cp "WEB-INF/lib/*" eu.europa.ec.bdmsl.common.util.EncryptPassword c:\temp\privateKey.private Password123Where two parameters are expected:
1) private key location, in this example: c:\temp\privateKey.private
2) plain text password, in this example: Password123 .
To configure the proxy password, set the printed encrypted and base64 encoded password
as the value of the httpProxyPassword property (found in the BDMSL_CONFIGURATION table).
httpProxyPassword= vXA7JjCy0iDQmX1UEN1Qwg==To configure the keystore password, copy the printed encrypted and base64
encoded password as the value of the keystorePassword property
(found in the BDMSL_CONFIGURATION table).
keystorePassword= vXA7JjCy0iDQmX1UEN1Qwg==Certificate revocation list (CRL) Truststore
The DomiSML establishes the HTTPS trust to the server hosting the CLR
list by using the application server system truststore, which is defined
by system variables, such as:
javax.net.ssl.trustStrore,
javax.net.ssl.trustStoreType, etc.
If the truststore is not set, the default java truststore is used in the
following location: ${JAVA_HOME}/jre/lib/security/cacerts
To enable the download of the CRL files over HTTPS, ensure the appropriate certificates are registered in the application server truststore.
Example of how to add/register the crl-server certificate to default java cacerts truststore:
$JAVA_HOME/bin/keytool -importcert -alias crl-server -keystore
$JAVA_HOME/jre/lib/security/cacerts -storepass changeit -file
/opt/smlconf/init-configuration/sml_crl_crl-server.cer -nopromptSign Responses Certificate
If the flag signResponse is TRUE in the BDMSL_CONFIGURATION table, a
keystore file name, its alias and password must be provided in the same
table.
For testing purposes only, the provided keystore.p12 (with password: test123) can
be used. The keystore contains RSA, EC,ED25519 and ED448 key examples.
The keystore is located in the configuration bundle sml-setup-${VERSION}.zip.
===== Add files to Application Server
In the configuration directory that you specified in the configurationDir property,
you need to add the following files:
-
keystore.p12- this keystore must contain your private key with the alias and password defined in the keystoreAlias and keystorePassword properties.NoteThis name can be customized in the keystoreFileNameproperty. -
sig0.private- this file is only required if you use DNSSEC (i.e. property dnsClient.SIG0Enabled set to true).NoteThis name can be changed in the dnsClient.SIG0KeyFileNameproperty. -
encriptionPrivateKey.private- This private key file is only required if you use Proxy or Sign Response.NoteThis name can be changed in the encriptionPrivateKeyproperty.Once the needed files have been copied, restart the server(s).
2.5. DNS integration
DomiSML was developed and tested with using a BIND9 DNS server.
The DNS integration can be switched on/off by setting attribute dnsClient.enabled
to TRUE or FALSE.
If the property is set to TRUE, the parameter dnsClient.server must contain the hostname/IP address of the
DNS server.
To secure the DNS integration, DomiSML has implemented SIG(0). This option can be enabled/disabled by the following parameter:
dnsClient.SIG0Enabled, with values TRUE or FALSE.
If the option is set to FALSE, the DNS should allow updates to any IP address
+ IMPORTANT: This is NOT advised in production environments.
or restrict the update permission to the requester IP address.
Below is example of configuration for BIND9 zone
example.edelivery.eu.local without the use of SIG(0) (in this case the
DomiSML should have dnsClient.SIG0Enabled= false):
zone "example.edelivery.eu.local" \{
type master;
file "/var/lib/bind/db.example.edelivery.eu.local ";
allow-update \{ 10.22.1.3;}
allow-transfer \{ 10.22.0.0/16; };
};2.5.1. Securing DNS integration with SIG(0)
SIG0 are asymmetric key-pairs, usually with a filename ending with .key for a public key, and a filename ending with .private for a private key.
SIG(0) key pair can be created with dnssec-keygen utility (the tool is provided as part of a BIND9 DNS server)
Examples of commands for generating keys:
dnssec-keygen -a DSA -b 1024 -n HOST -T KEY sig0.example.edelivery.eu.localdnssec-keygen -a RSASHA256 -b 4096 -T KEY -n HOST domisml-rsasha256.test.edelivery.localdnssec-keygen -a RSASHA512 -b 4096 -T KEY -n HOST domisml-rsasha512.test.edelivery.localdnssec-keygen -a ECDSAP256SHA256 -T KEY -n HOST domisml-ecdsap256sha256.test.edelivery.localdnssec-keygen -a ECDSAP384SHA384 -T KEY -n HOST domisml-ecdsap384sha384.test.edelivery.localdnssec-keygen -a ED25519 -T KEY -n HOST domisml-ed25519.test.edelivery.localdnssec-keygen -a ED448 -T KEY -n HOST domisml-ed448.test.edelivery.local|
Note
|
DSA algorithm is obsolete on the newer version of the Bind9 server. Older versions of Bind9 do not support ed25519 and ed448 keys. |
The command produces the following files:
-
Ksig0.example.edelivery.eu.local.+003+03054.key -
Ksig0.example.edelivery.eu.local.+003+03054.private
The content of the file is as follows:
Ksig0.example.edelivery.eu.+003+03054.key
It is the DNS Key entry, that should be put in the DNS zone as in the example below:
sig0.example.edelivery.eu.local. 604800 IN KEY 512 3 3
CLC4l6DtbztWAIJIMkYrv4MClWvj2BUclxqCd86vzX/f0ka+oS73dFCp
tb9Yv9oYjGmG1JLNv4EKuPiGPa8O/CQWrbJ5I7Yts3GDMgZNRswxMije
H6OoYkZ6ywRpjv8nommw6JMzDaDhcU5/tLQXhvz3U/c7W5QepAXfHb6Z
gGwL4TkqR/RGp5xcxayID4b/+DJvqi04BjNO9WR3XGRHWZ5aO0pRcRjx
imDtlnIjpsykE59o03UyQ+YT1CYNPjNlmOoT1JVgBEFGgouAm7yEZq3A
HWsqZEHCeucvQKBADmIk5rHwfZJwv7dzXrZR2U5AqE/AxqhrWyTpItRg
oGEkc+piGciuPRtwRZPkD6+GcFn/2knJ3YuRBOiog0+5mtbqaIPOew+B
+BtQk6X5E5tNnEuQJeRjjxznGYdzN7hTDFPvtwGEQvDUoU4SP/6YHoAd
AaH5Vs+YTRHjdISvnJIV6VRxIbQFJWaf3Z+UT4ns0+4pIGXm7C0ADA2a
1wGpj4QF8A37VAofcFWlUErtNv9YmVHQcA2l
When the public key is correctly registered on the DNS server, it can be tested with the dig util as in the example below:
$dig sig0.example.edelivery.eu.local @localhost KEY
ANSWER
; <<>> DiG 9.10.3-P4-Ubuntu <<>> sig0.example.edelivery.eu.local
@localhost KEY
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36443
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL:
2
+
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
; sig0.example.edelivery.eu.local. IN KEY
+
;; ANSWER SECTION:
sig0.example.edelivery.eu.local. 604800 IN KEY 512 3 3
CLC4l6DtbztWAIJIMkYrv4MClWvj2BUclxqCd86vzX/f0ka+oS73dFCp
tb9Yv9oYjGmG1JLNv4EKuPiGPa8O/CQWrbJ5I7Yts3GDMgZNRswxMije
H6OoYkZ6ywRpjv8nommw6JMzDaDhcU5/tLQXhvz3U/c7W5QepAXfHb6Z
gGwL4TkqR/RGp5xcxayID4b/+DJvqi04BjNO9WR3XGRHWZ5aO0pRcRjx
imDtlnIjpsykE59o03UyQ+YT1CYNPjNlmOoT1JVgBEFGgouAm7yEZq3A
HWsqZEHCeucvQKBADmIk5rHwfZJwv7dzXrZR2U5AqE/AxqhrWyTpItRg
oGEkc+piGciuPRtwRZPkD6+GcFn/2knJ3YuRBOiog0+5mtbqaIPOew+B
+BtQk6X5E5tNnEuQJeRjjxznGYdzN7hTDFPvtwGEQvDUoU4SP/6YHoAd
AaH5Vs+YTRHjdISvnJIV6VRxIbQFJWaf3Z+UT4ns0+4pIGXm7C0ADA2a
1wGpj4QF8A37VAofcFWlUErtNv9YmVHQcA2l
+
;; AUTHORITY SECTION:
example.edelivery.eu.local. 604800 IN NS ns.
example.edelivery.eu.local.
+
;; ADDITIONAL SECTION:
ns.example.com.local. 604800 IN A 192.168.56.3
If we want to allow DNS updates on the zone `example.edelivery.eu.local`
only by requests signed by private key of the `sig0.example.edelivery.eu.local`,
we have to update the DNS zone configuration as below:
zone "example.edelivery.eu.local" \{
type master;
file "/var/lib/bind/db.example.edelivery.eu.local ";
allow-update \{ key "sig0.example.edelivery.eu.local.";}
allow-transfer \{ 10.22.0.0/16; };
};2.5.2. Configuration of the SIG(0) in DomiSML
To configure DomiSML to use SIG(0), the following parameters must be set:
-
dnsClient.SIG0PublicKeyName: must be DNS name of the DNS KEY entry. In the example above this value is:
dnsClient.SIG0PublicKeyName= sig0.example.edelivery.eu.local -
dnsClient.SIG0KeyFileName: the private key must be put into to the BDMS configuration folder and Value of the parameterdnsClient.SIG0KeyFileNamemust be the name of the SIG(0) private key filename.
As example:dnsClient.SIG0KeyFileName= Ksig0.example.edelivery.eu.local.+003+03054.private -
dnsClient.SIG0Enabled: to enable SIG(0) the configuration parameter must be set to true:
dnsClient.SIG0Enabled= true.
|
Note
|
The DomiSML does not use the SIG(0) to transfer the DNS records. The DNS records are retrieved from DBS server when generating inconsistency reports and when calling the resource web /listDNS. Above is an example of how to secure a transfer to a network: 10.22.0.0/16. |
3. Interface Description
BDMSL stands for Business Document Metadata Service Location. DomiSML is the sample implementation of the SML maintained by DG DIGIT. The DomiSML version described in this document implements the eDelivery BDXL profile.
About this Guide
This guides defines the:
-
participant’s interface to the BDMSL.
-
WSDL and the observable behaviour of the interface(s).
In this guide we describe the following interfaces:
| Interface | Description | V. | Use Cases Link |
|---|---|---|---|
|
Definition of the service to Manage Service Metadata. |
1.0 |
|
|
Definition of the service to Manage Participant Identifier’s. |
1.0 |
|
|
Definition of the services to Manage Service Metadata and to monitor SML specific to this implementation. |
1.0 |
|
|
Definition of the services for administration of the SML application. Services are specific to this implementation. |
1.0 |
Scope of the document
This document covers the service interface of the BDMSL. It includes information regarding the description of the services available, the list of use cases, the information model and the sequence of message exchanges for the services provided. This specification is limited to the service interface of the BDMSL. All other aspects of its implementation are not covered by this document. The ICD specification provides both the provider (i.e. the implementer) of the services and their consumers with a complete specification of the following aspects:
-
Interface Functional Specification, this specifies the set of services and the operations provided by each service and this is represented by the flows explained in the use cases.
-
Interface Behavioural Specification, this specifies the expected sequence of steps to be respected by the participants in the implementation when calling a service or a set of services and this is represented by the sequence diagrams presented in the use cases.
-
Interface Message standards, this specifies the syntax and semantics of the data.
Target Audience
This document is intended for the Directorate Generals and Services of the European Commission, Member States (MS) and also companies of the private sector wanting
access DomiSML services.
In particular:
-
Architects - useful for determining how to best exploit BDMSL services to create a fully-fledged solution integrating other components like the SMP, the DNS and the administration application;
-
Analysts - useful to understand the communication between the BDMSL and its major peer component the SMP which will enable them to have an holistic and detailed view of the operations and data involved in the use cases;
-
Developers - essential as a basis of their development concerning the interaction mainly between the DOMISML and the SMP, and also with the DNS and the administration application;
-
Testers - useful as a basis to test the interface by following the use cases described; in particular the communications of the BDMSL with the SMP.
Relevant Resources
Here are some relevant sources for further reading:
-
Business Document Metadata Service Location Version 1.0
This specification defines service discovery methods. A method is first specified to query and retrieve an URL for metadata services. Two metadata service types are then defined. Also an auxiliary method pattern for discovering a registration service to enable access to metadata services is described. The methods defined here are instances of the generic pattern defined within IETF RFCs for Dynamic Delegation Discovery Services (DDDS). This specification then defines DDDS applications for metadata and metadata-registration services. -
PEPPOL
The OpenPEPPOL Association is responsible for the governance and maintenance of the PEPPOL specifications that enable European businesses to easily deal electronically with any European public sector buyer in their procurement processes. -
Service Metadata Locator (SML)
This document defines the profiles for the discovery and management interfaces for the Business Document Exchange Network (BUSDOX) Service Metadata Locator service.The Service Metadata Locator service exposes three interfaces: Service Metadata discovery, Manage participant identifiers and Manage service metadata interfaces.
-
Service Metadata Publishing (SMP) Version 1.0
This document describes a protocol for publishing service metadata within a 4-corner network. In a 4-corner network, entities are exchanging business documents through intermediary gateway services (sometimes called Access Points). To successfully send a business document in a 4-corner network, an entity must be able to discover critical metadata about the recipient (endpoint) of the business document, such as types of documents the endpoint is capable of receiving and methods of transport supported. The recipient makes this metadata available to other entities in the network through a Service Metadata Publisher service. This specification describes the request/response exchanges between a Service Metadata Publisher and a client wishing to discover endpoint information. A client can either be an end-user business application or a gateway/access point in the 4-corner network. It also defines the request processing that must happen at the client side. -
eDelivery BDXL profile
Specifications of eDelivery BDXL profile. -
Policy for use of Identifiers (PEPPOL Transport Infrastructure)
This document describes a PEPPOL policy and guidelines for use of identifiers within the PEPPOL network.
3.1. Functional Specification
3.1.1. Purpose of the DomiSML Component
The DomiSML component enables Access Points to dynamically discover the IP address of the destination Access Point. Instead of looking at a static list of IP addresses, the Access Point consults a Service Metadata Publisher (SMP) where information about every participant in the document/data exchange network is kept up to date, including the IP addresses of their Access Point. As at any point in time there can be one or several active SMPs in a same network.
For dynamic discovery to work, every participant must be given a unique ID in the form of a website’s URL which must be known on the internet’s Domain Name System (DNS) thanks to the Service Metadata Locator (SML).
By knowing this URL, the Access Point is able to dynamically locate the right SMP and therefore the right Access Point.
More…
By combining the SMP services with a Service Location solution building block like the DomiSML component, the participants of a document/data exchange network can benefit from dynamic discovery. In such a configuration, a participant about to send a document or data will first use the service location service (e.g. the DomiSML) to retrieve the endpoint address of the SMP. As a second step, he will query the SMP to obtain "Metadata"of the receiving participant, i.e. its capabilities and settings, which includes the endpoint address of the receiver’s access point. The sender has then enough information and can send the message to the receiver using the adequate transport protocol, security settings, etc.
The eDelivery Service Metadata Locator (SML) enables Access Points to dynamically discover the IP address of the destination Access Point. Instead of looking at a static list of IP addresses, the Access Point consults a Service Metadata Publisher (SMP) where information about every participant in the document/ data exchange network is kept up to date, including the IP addresses of their Access Point. As at any point in time there can be one or several active SMPs in a same network. For dynamic discovery to work, every participant must be given a unique ID in the form of a website’s URL which must be known on the internet’s Domain Name System (DNS) thanks to the Service Metadata Locator (SML). By knowing this URL, the Access Point is able to dynamically locate the right SMP and therefore the right Access Point.
The current SML software component maintained by the European Commission implements the PEPPOL Transport Infrastructure SML specifications.
3.1.2. Use Cases Overview
| Actor | Definition |
|---|---|
SMP |
Holds the service metadata information about participants in the network. |
SML |
Provides controlled access to the creation and updating of entries in the DNS. |
ADMIN |
Application user with administrative privileges. |
Monitor user |
The Monitor user who is allowed to call the isAlive service for monitoring health of SML application. |
List of Use Cases per Interface
ManageServiceMetadataService-1.0.wsdl
| Use Case | Actors | Description |
|---|---|---|
SMP |
Establishes a Service Metadata Publisher metadata record, containing the metadata about the Service Metadata Publisher-information as outlined in the ServiceMetadataPublisherService data type. |
|
SMP |
Retrieves the Service Metadata Publisher record for the service metadata publisher. |
|
SMP |
Updates the Service Metadata Publisher record for the service metadata publisher. |
|
SMP |
Deletes the Service Metadata Publisher record for the service metadata publisher. |
ManageBusinessIdentifierService-1.0.wsdl
| Use Case | Actors | Description |
|---|---|---|
SMP |
Creates an entry in the Service Metadata Locator service for information relating to a specific participant identifier. Regardless of the number of services a recipient exposes, only one record corresponding to the participant identifier is created in the Service Metadata Locator service by the Service Metadata Publisher which exposes the services for that participant. |
|
SMP |
Creates a set of entries in the Service Metadata Locator service for information relating to a list of participant identifiers. Regardless of the number of services, a recipient exposes, only one record corresponding to each participant identifier is created in the Service Metadata Locator service by the Service Metadata Publisher which exposes the services for that participant. |
|
SMP |
Deletes the information that the Service Metadata Locator service holds for a specific Participant Identifier. |
|
SMP |
Deletes the information that the Service Metadata Locator service holds for a list of Participant Identifiers. |
|
SMP |
Prepares a Participant Identifier for migration to a new Service Metadata Publisher. This operation is called by the Service Metadata Publisher which currently publishes the metadata for the Participant Identifier. The Service Metadata Publisher supplies a Migration Code which is used to control the migration process. The Migration Code must be passed (out of band) to the Service Metadata Publisher which is taking over the publishing of the metadata for the Participant Identifier and which MUST be used on the invocation of the Migrate() operation. This operation can only be invoked by the Service Metadata Publisher which currently publishes the metadata for the specified Participant Identifier. |
|
SMP |
Migrates a Participant Identifier already held by the Service Metadata Locator service to target a new Service Metadata Publisher. This operation is called by the Service Metadata Publisher which is taking over the publishing for the Participant Identifier. The operation requires the new Service Metadata Publisher to provide a migration code which was originally obtained from the replaced Service Metadata Publisher. The PrepareToMigrate operation MUST have been previously invoked for the supplied Participant Identifier, using the same MigrationCode, otherwise the Migrate() operation fails. Following the successful invocation of this operation, the lookup of the metadata for the service endpoints relating to a particular Participant Identifier will resolve (via DNS) to the new Service Metadata Publisher. |
|
SMP |
Used to retrieve a list of all participant identifiers associated with a single Service Metadata Publisher for synchronization purposes. Since this list may be large, it is returned as pages of data, with each page being linked from the previous page. |
BDMSLService-1.0.wsdl
| Use Case | Actors | Description |
|---|---|---|
SMP |
Allows a SMP to prepare a change of its certificate when the current one is about to expire, and the future one is available. |
|
SMP |
This service has the same behaviour as the |
|
SMP |
The method enables an SMP to verify if the SMP was already registered the participant into the DomiSML. |
|
SMP, |
Confirms that the application is up and running (monitoring purposes) |
BDMSLAdminService-1.0.wsdl
| Use Case | Actors | Description |
|---|---|---|
ADMIN |
Clears all the caches managed by the application. |
|
ADMIN |
This operation allows the admin team to change the SMP certificate. It is called by the admin team in case the SMP certificate has expired and the new one needs to be applied. |
|
ADMIN |
This operation allows the admin team to change DomiSML property in database. New property is taken into account when CRON task refresh the properties |
|
ADMIN |
This operation allows the admin team to verify DomiSML property in database. |
|
ADMIN |
This operation allows the admin team to delete DomiSML property from database. |
|
ADMIN |
This operation allows the admin team to create new DomiSML SubDomain. |
|
ADMIN |
This operation allows the admin team to update DomiSML SubDomain properties. |
|
ADMIN |
This operation allows the admin team to read DomiSML SubDomain properties. |
|
ADMIN |
This operation allows the admin team to delete empty DomiSML SubDomain. |
|
ADMIN |
This operation allows the admin team to add new Domain certificate to DomiSML SubDomain. |
|
ADMIN |
This operation allows the admin team to update Domain certificate properties. |
|
ADMIN |
This operation allows the admin team to search for domain certificate by partial certificate DN and by the Subdomain. |
|
ADMIN |
This operation allows the admin team to add new record to DNS for DNS RecordType: A, CNAME and NAPTR. |
|
ADMIN |
This operation allows the admin team to delete record from DNS by the DNS name. |
|
ADMIN |
This operation allows the admin team to add certificate to the truststore. Service is needed for adding complete certificate chain to the truststore. |
|
ADMIN |
This operation allows the admin team to retrieve the certificate from the truststore by the alias. |
|
ADMIN |
This operation allows the admin team to delete the certificate from the truststore by the alias. |
|
ADMIN |
This operation allows the admin team to retrieve all aliases for the certificates registered in the truststore. |
|
ADMIN |
This operation allows the admin team to Enable, Disable, Delete or Update ServiceMetadataPublisher instances. |
3.1.3. Use Cases Detail
Besides in the use cases detailed description found in this guide, you can find sample requests and responses in the SoapUI project.
These examples are additional to the ones structure found in the interface’s definition (see Data Model (WSDL)) based on their WSDL files and related XSDs.
ManageServiceMetadataService Use Cases
The ManageServiceMetadataService interface allows Service Metadata Publishers
to manage the metadata held in the Service Metadata Locator service
about their service metadata publisher services, such as binding, interface
profile and key information.
This interface requires user authentication.
The user’s identity is derived from the authentication process and identifies the Service
Metadata Publisher associated with the service metadata which is managed via this interface.
UC1 Create
- Description
-
Establishes a Service Metadata Publisher metadata record, containing the metadata about the Service Metadata Publisher (SMP), as outlined in the ServiceMetadataPublisherService data type.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate |
C2 |
The role associated to the user is ROLE_SMP |
C3 |
The SMP does not already exist in the SML |
C4 |
Input: CreateServiceMetadataPublisherService: ServiceMetadataPublisherService - contains the service metadata publisher information, which includes the logical and physical addresses for the SMP (Domain name and IP address). It is assumed that the ServiceMetadataPublisherID has been assigned to the calling user out-of-bands. |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the Create() operation. |
SML |
2 |
Authenticates the user, validates the request, and adds the metadata record into its configuration database. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the creation confirmation. |
SMP |
5 |
Use case ends |
- Alternative Flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester |
2.1.2 |
SMP |
Receives the error response |
2.1.3 |
- |
Use case ends |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
Any other error occurred that prevented the SML to process the request |
|
2.3.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.3.2 |
SMP |
Receives the error response |
2.3.3 |
- |
Use case ends |
- Post conditions
-
-
- Successful conditions
-
The Metadata record has been created into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation (E1) |
|
Returned when the supplied CreateServiceMetadataPublisherService does not contain consistent data (E2) |
|
Returned when the SML service is unable to process the request for any reason (E3) |
UC2 Read
- Description
-
Retrieves the Service Metadata Publisher record for the service metadata publisher.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate |
C2 |
The role associated to the user is |
C3 |
The SMP already exists in the SML |
C4 |
Input ReadServiceMetadataPublisherService, |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the Read() operation. |
SML |
2 |
Authenticates the user, validates the request, and reads the requested SMP metadata from its configuration database. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the metadata. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester |
2.1.2 |
SMP |
Receives the error response |
2.1.3 |
Use case ends |
|
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
Any other occurred error preventing SML from processing the request |
|
2.3.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.3.2 |
SMP |
Receives the error response |
2.3.3 |
- |
Use case ends |
E4 |
The identifier of the SMP could not be found |
|
2.4.1 |
SML |
Returns an HTTP error 404 as response to the requester |
2.4.2 |
SMP |
Receives the error response |
2.4.3 |
- |
Use case ends |
- Post conditions
-
-
- Successful conditions
-
The Metadata has been provided to the requester.
Output:ServiceMetadataPublisherService, the service metadata publisher record, in the form of aServiceMetadataPublisherServicedata type.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the Create operation(E1). |
|
Returned when the supplied parameter does not contain consistent data(E2). |
|
Returned when the SML service was unable to process the request(E3). |
|
Returned when SMP’s identifier was not found(E4). |
UC3 Update
- Description
-
Updates the Service Metadata Publisher record for the service metadata publisher.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate |
C2 |
The role associated to the user is |
C3 |
The SMP already exists in the SML |
C4 |
Input |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the Update() operation |
SML |
2 |
Authenticates the user, validates the request, and updates the requested metadata record from its configuration database. |
SML |
3 |
Returns a positive response to the requester |
SMP |
4 |
Receives the update confirmation |
- |
5 |
Use case ends |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester |
2.1.2 |
SMP |
Receives the error response |
2.1.3 |
- |
Use case ends |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
The identifier of the SMP could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester |
2.3.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E4 |
Any other error occurred that prevented the SML to process the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.4.2 |
SMP |
Receives the error response |
2.4.3 |
- |
Use case ends |
- Post conditions
-
None
- Successful conditions
-
The SMP record has been created into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation (E1). |
|
Returned when the supplied UpdateServiceMetadataPublisheServicer does not contain consistent data (E2). |
|
Returned when SMP’s identifier was not found (E3). |
|
Returned when the SML service is unable to process the request(E4). |
UC4 Delete
- Description UC04 Delete
-
Deletes the Service Metadata Publisher record for the service metadata publisher.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate |
C2 |
The role associated to the user is |
C3 |
The SMP already exists in the SML |
C4 |
Input |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the Delete() operation |
SML |
2 |
Authenticates the user, validates the request, and deletes the requested metadata record from its configuration database. |
SML |
3 |
Returns a positive response to the requester |
SMP |
4 |
Receives the deletion confirmation |
- |
5 |
Use case ends |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester |
2.1.2 |
SMP |
Receives the error response |
2.1.3 |
Use case ends |
|
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
Use case ends |
|
E3 |
The identifier of the SMP could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester |
2.3.2 |
SMP |
Receives the error response |
2.3.3 |
- |
Use case ends |
E4 |
Any other occurred error preventing SML from processing the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.4.2 |
SMP |
Receives the error response |
2.4.3 |
- |
Use case ends |
- Post conditions
-
None
- Successful conditions
-
The SMP record has been created into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation (E1). |
|
Returned when the |
|
Returned when the identifier of the SMP was not found(E3). |
|
Returned when the SML service is unable to process the request for any reason(E4). |
ManageBusinessIdentifierService Use Cases
The ManageParticipantIdentifier interface allows Service Metadata Publishers to manage the information in the Service Metadata Locator service relating to individual participant identifiers for which they hold metadata.
This interface requires authentication of the Service Metadata Publisher. The identity of the Service Metadata Publisher derived from the authentication process identifies the Service Metadata Publisher associated with the Participant Identifier(s) which is (are) managed via this interface.
→ UC5 Create → UC6 CreateList → UC7 Delete → UC8 DeleteList → UC9 PrepareToMigrate → UC10 Migrate → UC11 List
UC5 Create
- Description
-
Creates an entry in the Service Metadata Locator service for information relating to a specific participant identifier. Regardless of the number of services a recipient exposes, only one record corresponding to the participant identifier is created in the Service Metadata Locator Service by the Service Metadata Publisher which exposes the services for that participant.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate |
C2 |
The role associated to the user is |
C3 |
The SMP does already exist in the SML |
C4 |
The participant does not already exist |
C5 |
Input |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the Create() operation |
SML |
2 |
Authenticates the user, validates the request, and adds the SMP record into its configuration database. |
SML |
3 |
Returns a positive response to the requester |
SMP |
4 |
Receives the creation confirmation |
- |
5 |
Use case ends |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester |
2.1.2 |
SMP |
Receives the error response |
2.1.3 |
- |
Use case ends |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
The SMP could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester |
2.3.2 |
SMP |
Receives the error response |
2.3.3 |
- |
Use case ends |
E4 |
Any other error occurred that prevented the SML to process the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.4.2 |
SMP |
Receives the error response |
2.4.3 |
- |
Use case ends |
- Post conditions
-
None
- Successful conditions
-
The SMP record has been created into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the supplied CreateParticipantIdentifier does not contain consistent data (E2). |
|
Returned when the identifier of the SMP could not be found (E3). |
|
Returned when the SML service is unable to process the request for any reason(E4). |
UC6 CreateList
Description::Creates a set of entries in the Service Metadata Locator service for information relating to a list of participant identifiers. Regardless of the number of services a recipient exposes, only one record corresponding to each participant identifier is created in the Service Metadata Locator service by the Service Metadata Publisher which exposes the services for that participant.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate. |
C2 |
The role associated to the user is |
C3 |
SMP already exists in the SML. |
C4 |
The participants don’t already exist. |
C5 |
Input |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the CreateList() operation |
SML |
2 |
Authenticates the user, validates the request, and adds the SMP records into its configuration database. |
SML |
3 |
Returns a positive response to the requester |
SMP |
4 |
Receives the creation confirmation |
- |
5 |
Use case ends |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester |
2.1.2 |
SMP |
Receives the error response |
2.1.3 |
- |
Use case ends |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
One or several SMP or participants could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester |
2.3.2 |
SMP |
Receives the error response |
2.3.3 |
- |
Use case ends |
E4 |
Any other error occurred that prevented the SML to process the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.4.2 |
SMP |
Receives the error response |
2.4.3 |
- |
Use case ends |
- Post conditions
-
None
- Successful conditions
-
The SMP records have been created into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the:
|
|
Returned when SMP’s or a participants' identifier was not found(E3). |
|
Returned when the SML service is unable to process the request(E4). |
UC7 Delete
- Description
-
Deletes the information that the SML Service holds for a specific Participant Identifier.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate |
C2 |
The role associated to the user is |
C3 |
SMP already exists in the SML. |
C4 |
The participant already exists. |
C5 |
Input |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the Delete() operation |
SML |
2 |
Authenticates the user, validates the request, and adds the SMP records into its configuration database. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the deletion confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
SMP or participant could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester. |
2.3.2 |
SMP |
Receives the error response. |
2.3.3 |
- |
Use case ends. |
E4 |
Any other occurred error preventing SML from processing the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.4.2 |
SMP |
Receives the error response. |
2.4.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
The SMP record has been deleted from the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the supplied DeleteParticipantIdentifier does not contain consistent data (E2). |
|
Returned when SMP’s or a participants' identifier was not found(E3). |
|
Returned when the SML service is unable to process the request for any reason(E4). |
UC8 DeleteList
- Description
-
Deletes the information that the SML Service holds for a list of Participant Identifiers.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate |
C2 |
The role associated to the user is |
C3 |
SMP already exists in the SML. |
C4 |
The participant already exists. |
C5 |
Input |
C6 |
The number of participants in the list is less than 100. |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the DeleteList() operation |
SML |
2 |
Authenticates the user, validates the request, and adds the SMP records into its configuration database. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the deletion confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
SMP or participant could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester. |
2.3.2 |
SMP |
Receives the error response. |
2.3.3 |
- |
Use case ends. |
E4 |
Any other occurred error preventing SML from processing the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.4.2 |
SMP |
Receives the error response. |
2.4.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
The SMP records have been deleted from the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the: * supplied DeleteList does not contain consistent data; * number of participants in the list is greater than 100(E2). |
|
Returned when SMP’s or a participants' identifier was not found(E3). |
|
Returned when the SML service is unable to process the request(E4). |
UC9 PrepareToMigrate
- Description
-
Prepares a Participant Identifier for migration to a new Service Metadata Publisher. This operation is called by the Service Metadata Publisher which currently publishes the metadata for the Participant Identifier. The Service Metadata Publisher supplies a Migration Code which is used to control the migration process. The Migration Code must be passed (out of band) to the Service Metadata Publisher which is taking over the publishing of the metadata for the Participant Identifier and which MUST be used on the invocation of the Migrate() operation. This operation can only be invoked by the Service Metadata Publisher which currently publishes the metadata for the specified Participant Identifier.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
The user has a valid certificate. |
C2 |
The role associated to the user is |
C3 |
SMP already exists in the SML. |
C4 |
The participant already exists. |
C5 |
Input |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the PrepareToMigrate() operation |
SML |
2 |
Authenticates the user, validates the request, and adds the SMP records into its configuration database. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the prepared to migrate confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
SMP or participant could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester. |
2.3.2 |
SMP |
Receives the error response. |
2.3.3 |
- |
Use case ends. |
E4 |
Any other occurred error preventing SML from processing the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.4.2 |
SMP |
Receives the error response. |
2.4.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
The SMP record is ready to be migrated into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the supplied |
|
Returned when SMP’s or a participants' identifier was not found(E3). |
|
Returned when the SML service is unable to process the request(E4). |
UC10 Migrate
- Description
-
Migrates a Participant Identifier already held by the Service Metadata Locator service to target a new Service Metadata Publisher. This operation is called by the Service Metadata Publisher which is taking over the publishing for the Participant Identifier. The operation requires the new Service Metadata Publisher to provide a migration code which was originally obtained from the old Service Metadata Publisher.
The PrepareToMigrate operation MUST have been previously invoked for the supplied Participant Identifier, using the same MigrationCode, otherwise the Migrate() operation fails. Following the successful invocation of this operation, the lookup of the metadata for the service endpoints relating to a particular Participant Identifier will resolve (via DNS) to the new Service Metadata Publisher.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The role associated to the user is |
C3 |
SMP already exists in the SML. |
C4 |
Participant already exists. |
C5 |
The operation was previously invoked for the supplied Participant Identifier using the same |
C6 |
Input |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the Migrate() operation |
SML |
2 |
Authenticates the user, validates the request, and migrates the SMP record into its configuration database. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the migration confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
The SMP or migration key could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester. |
2.3.2 |
SMP |
Receives the error response. |
2.3.3 |
- |
Use case ends. |
E4 |
Any other occurred error preventing SML from processing the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.4.2 |
SMP |
Receives the error response. |
2.4.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
The participant identifier has been migrated into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the supplied |
|
Returned when the migration key or the identifier of the SMP could not be found (E3). |
|
Returned when the SML service was unable to process the request(E4). |
UC11 List
- Description
-
List() is used to retrieve a list of all participant identifiers associated with a single Service Metadata Publisher, for synchronization purposes. Since this list may be large, it is returned as pages of data, with each page being linked from the previous page.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The role associated to the user is |
C3 |
SMP already exists in the SML. |
C4 |
Participant already exists. |
C5 |
Input Page, |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the List() operation |
SML |
2 |
Authenticates the user, validates the request, and builds the list of SMP from its configuration database. |
SML |
3 |
Returns the requested list to the requester. |
SMP |
4 |
Receives the requested list. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
The SMP or migration key could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester. |
2.3.2 |
SMP |
Receives the error response. |
2.3.3 |
- |
Use case ends. |
E4 |
Any other occurred error preventing SML from processing the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.4.2 |
SMP |
Receives the error response. |
2.4.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
Output,
ParticipantIdentifierPage: a page of Participant Identifier entries associated with the Service Metadata Publisher, also containing a<Page/>element containing the identifier that represents the next page, if any.NoteThe underlying data may be updated between two sequential invocations of List(), this means the pages of participant identifiers retrieved can result in a inconsistent set of data.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the supplied |
|
Returned when the |
|
Returned when the SML service was unable to process the request(E4). |
BDMSLService Use Cases
This interface describes non-core services which are not defined both in the SML and BDX specifications.
The following paragraphs define the use cases related to the BDMSLService service.
→UC12 PrepareChangeCertificate →UC13 CreateParticipantIdentifier →UC14 ExistsParticipantIdentifier → UC15 IsAlive
UC12 PrepareChangeCertificate
- Description
-
This operation allows an SMP to prepare a change of its certificate. It is typically called when an SMP has a certificate that is about to expire and already has the new one. This operation MUST be called while the certificate that is already registered in the DomiSML is still valid. If the migrationDate is not empty, then the new certificate MUST be valid at the date provided in the migrationDate element. If the migrationDate element is empty, then the "Valid From" date is extracted from the certificate and is used as the migrationDate. In this case, the "Not Before" date of the certificate must be in the future.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The role associated to the user is |
C3 |
The user has the new certificate for the SMP(s). |
C4 |
Input: |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the PrepareChangeCertificate() operation. |
SML |
2 |
Authenticates the user, validates the request, and stores the future certificate into its configuration database. |
SML |
3 |
Returns the requested list to the requester. |
SMP |
4 |
Receives the creation confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
E3 |
The SMP or migration key could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester. |
2.3.2 |
SMP |
Receives the error response. |
2.3.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
The Metadata record has been created into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the:
|
|
Returned when the SML service was unable to process the request(E3). |
UC13 CreateParticipantIdentifier
- Description
-
This service has the same behaviour as the
Create()operation in theManageParticipantIdentifierinterface but it has one additional andoptional()Input: theserviceNameelement.
In the:
-
Create()operation, the service name isMeta:SMPby default. -
CreateParticipantIdentifier()operation, this service name can be customized.
serviceName: the name of the service for the NAPTR record.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The role associated to the user is |
C3 |
SMP already exists in the SML. |
C4 |
Participant doesn’t exist yet. |
C5 |
Input |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the CreateParticipantIdentifier() operation. |
SML |
2 |
Authenticates the user, validates the request, and adds the SMP record into its configuration database. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the creation confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester. |
2.2.2 |
SMP |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
E3 |
The SMP could not be found |
|
2.3.1 |
SML |
Returns an HTTP error 404 as response to the requester. |
2.3.2 |
SMP |
Receives the error response. |
2.3.3 |
- |
Use case ends. |
E4 |
Any other occurred error preventing SML from processing the request |
|
2.4.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.4.2 |
SMP |
Receives the error response. |
2.4.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
The SMP record has been created into the SML.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the supplied |
|
Returned when the SMP’s identifier was not found(E3). |
|
Returned when the SML service was unable to process the request(E4). |
UC14 ExistsParticipantIdentifier
- Description
-
The method enables an SMP to verify if it was already registered the participant into the DomiSML.
- Actors
-
SMP
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The role associated to the user is |
C3 |
SMP already exists in the SML. |
C4 |
Participant doesn’t exist yet. |
C5 |
Input, |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the ExistsParticipantIdentifier() operation. |
SML |
2 |
Authenticates the user, validates the request, and adds the SMP record into its configuration database. |
SML |
3 |
Returns participant’s query data and exists parameter set to:
|
SMP |
4 |
Receives the response. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester. |
2.2.2 |
SMP |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
E3 |
Any other occurring error preventing SML from processing the request |
|
2.3.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.3.2 |
SMP |
Receives the error response. |
2.3.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
The SML successfully read the database status for the participant.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the supplied |
|
Returned when the SML service was unable to process the request(E3). |
UC15 IsAlive
Description::This service has only a monitoring purpose. It can be called to check if the application is up and running. This service checks if the database and the DNS are accessible by trying to read from the database and to write to and read from DNS.
- Actors
-
SMP
ADMIN
Monitor user
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C4 |
Input: None. |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the ExistsParticipantIdentifier() operation. |
SML |
2 |
Authenticates the user. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the alive confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns no response to the requester |
2.1.3 |
- |
Use case ends. |
E2 |
Any other occurring error preventing SML from processing the request |
|
2.2.1 |
SML |
Returns no response to the requester. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
HTTP 200 OK response sent to the requester.
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation (E1). |
|
Returned when the SML service was unable to process the request(E2). |
BDMSLService Use Cases
This interface describes non-core services that are not defined in the SML or BDX specifications.
The following paragraphs define the use cases related to the BDMSLAdminService service.
→UC19 GetProperty |
UC16 ClearCache
- Description
-
The in-memory caches are used for:
-
The list of trusted aliases and their corresponding domains, because these data are not supposed to be changed frequently.
-
The content of the Certificate Revocation List, to avoid the cost of downloading each time the CRLM for each certificate.
-
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: None. |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the ClearCache() operation. |
SML |
2 |
Authenticates the user, validates the request, and clears the in-memory cache. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the alive confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other occurring error preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.2.2 |
SMP |
Receives the error response |
2.2.3 |
- |
Use case ends |
- Post conditions
-
None
- Successful conditions
-
The cache is reset. HTTP 200 OK response sent to the requester.
- Failure Conditions (HTTP errors)
-
No or unspecified type of response (E1, E2).
UC17 ChangeCertificate
- Description
-
This operation allows the admin team to change the SMP certificate. It is called by the admin team in case the SMP certificate has expired and the new one needs to be applied. The new certificate MUST be valid at the date time the request is sent.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
The user has the new certificate for the SMP(s). |
C4 |
Input : SMP ID, New certificate public key. |
| Actor | Step | Description |
|---|---|---|
SMP |
1 |
Invokes the ChangeCertificate() operation. |
SML |
2 |
Authenticates the user, validates the request, and stores the new certificate into its configuration database. |
SML |
3 |
Returns a positive response to the requester. |
SMP |
4 |
Receives the alive confirmation. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
SMP |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Request is not valid |
|
2.2.1 |
SML |
Returns an HTTP error 400 as response to the requester. |
2.2.2 |
SMP |
Receives the error response. |
2.2.3 |
Use case ends. |
|
E3 |
Any other occurring error preventing SML from processing the request |
|
2.3.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.3.2 |
SMP |
Receives the error response |
2.3.3 |
- |
Use case ends |
- Post conditions
-
None
- Successful conditions
-
New Certificate is stored.
-
Output: none.
-
HTTP 200 OK expected.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when(E2): * supplied request does not contain consistent data |
|
Returned when the SML service is unable to process the request(E3). |
UC18 SetProperty
- Description
-
This operation allows the admin team to change DomiSML property in database: as passwords, DNS URL, etc. New property is taken into account when CRON task refresh the properties at the same time on all nodes in cluster. CRON tab properties are refreshed only with restart of DomiSML server.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Property name and property value. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the SetProperty () operation. |
SML |
2 |
Authenticates the user, validates the request, and ,if property is password, the password is encrypted and stored. |
SML |
3 |
Returns returns stored property from database. In case of password property the '**' is returned. |
ADMIN |
4 |
Receives the stored property. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
Use case ends. |
|
- Post conditions
-
None
- Successful conditions
-
-
Output,
PropertyType: the property stored in DomiSML.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke the operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC19 GetProperty
- Description
-
This operation allows the admin team to retrieve DomiSML property from database, DNS URL, smtp configuration, etc.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Property name. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the GetProperty () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Returns returns stored property from database. In case of password property, the '**' is returned. |
ADMIN |
4 |
Receives the stored property. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output,
PropertyType: the property from DomiSML database.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC20 DeleteProperty
Description::This operation allows the admin team to delete DomiSML non mandatory properties from database.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Property name. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the DeleteProperty () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Returns returns stored property from database. In case of password property, the '**' is returned. |
ADMIN |
4 |
Receives the stored property. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other occurring error preventing the SML to process the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: PropertyType : the deleted property from DomiSML database.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1) |
|
Returned when the DomiSML service is unable to process the request(E2) |
UC21 CreateSubDomain
- Description
-
This operation allows the admin team to create new DomiSML SubDomain. When creating subdomain, the DNS types, SMP URL scheme restriction, Participant regular expression must be defined.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Domain name, DNS Zone, DNS Record type, allowed SMP Url scheme, Participant regular expression. Regular expression for validating the Certificate Subject DN, List of allowed Certificate Policy OIDs, Max. allowed number of participants for the domain and for the SMP. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the CreateSubDomain () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Stores the domain in the database. |
ADMIN |
4 |
Receives the stored and normalized values for the SubDomain. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester |
2.2.2 |
ADMIN |
Receives the error response |
2.2.3 |
- |
Use case ends |
- Post conditions
-
None
- Successful conditions
-
-
Output: SubDomainType: the stored SubDomainData from DomiSML database.
-
| Error | Description |
|---|---|
unauthorizedFault (401) |
Returned when the caller is not authorized to invoke this operation (E1). |
internalErrorFault (500) |
Returned when the DomiSML service is unable to process the request(E2). |
UC22 UpdateSubDomain
- Description
-
This operation allows the admin team to update DomiSML SubDomain properties. In case of changing DNS Record Type and with DNS integration ON - the records are not updated automatically. Records must be updated manually using operations: AddDNSRecord, DeleteDNSRecord.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Domain name (optional): DNS Record type, allowed SMP Url scheme, Participant regular expression. Regular expression for validationg the Certificate Subject DN, List of allowed Certificate Policy OIDs, Max. allowed number of participants for the domain and for the SMP. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the UpdateSubDomain () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Updates the subdomain data in the database. |
ADMIN |
4 |
Receives the stored and normalized values for the SubDomain. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: SubDomainType : the stored SubDomainData from DomiSML database.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC23 GetSubDomain
- Description
-
This operation allows the admin team to read DomiSML SubDomain properties.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Domain name. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the GetSubDomain() operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Gets the subdomain data from the database. |
ADMIN |
4 |
Receives the stored values for the SubDomain. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
Use case ends. |
|
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
Use case ends. |
|
- Post conditions
-
None
- Successful conditions
-
-
Output,
SubDomainType: the stored SubDomainData from DomiSML database.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC24 DeleteSubDomain
- Description
-
This operation allows the admin team to delete empty DomiSML SubDomain.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Domain name. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the DeleteSubDomain () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Delete the subdomain data from database. |
ADMIN |
4 |
Receives the deleted SubDomain data. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurred that prevented the SML to process the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output,
SubDomainType: the deleted SubDomainData from DomiSML database.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC25 AddSubDomainCertificate
- Description
-
This operation allows the admin team to add new Domain certificate to DomiSML SubDomain. Certificate can be flagged as RootPKI certificate and as Admin certificate. Admin certificate can be only the certificate which is not flaged as RootPKI certificate. If truststore authentication is enabled, then the certificate is automatically added to the truststore. For the certificate to be fully trusted, the whole PKI chain also has to be added to the truststore using the operation: AddTrustsstoreCertificate.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Certificate (PEM/DER), SubDomain name, IsRootPKI certificate, Is Admin certificate, CRL distribution URL. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the AddSubDomainCertificate () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Adds the new SubDomain certificate to the subdomain. |
ADMIN |
4 |
Receives added Certificate SubDomain data. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: SubDomainCertificateType: the new SubDomain Certificate Data stored to DomiSML database.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation (E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC26 UpdateSubDomainCertificate
- Description
-
This operation allows the admin team to update SubDomain certificate data. Admin can set or clear CRL distribution point, IsAdmin flag and SubDomain name.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Certificate ID, Optional: SubDomain name, Is Admin certificate, CRL distribution URL. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the UpdateSubDomainCertificate () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Update data to SubDomain certificate. |
ADMIN |
4 |
Receives stored Certificate SubDomain data. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: SubDomainCertificateType : the new SubDomain Certificate Data stored to DomiSML database.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC27 ListSubDomainCertificates
- Description
-
This operation allows the admin team to search for domain certificate by partial certificate DN value and/or by the Subdomain.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Optional: Partial Certificate ID, SubDomain name. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the ListSubDomainCertificates () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Returns list of SubDomain certificate data accordint to search paremeters. |
ADMIN |
4 |
Receives list of SubDomain certificate data. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: List of SubDomainCertificateTypes which match search criteria.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC28 AddDNSRecord
- Description
-
This operation allows the admin team to add new record to DNS for DNS RecordType: A, CNAME and NAPTR.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: DNS Record Type, DNS Record Name, DNS Zone, Value and service name for NAPTR Type. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the AddDNSRecordType () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Stores DNS record to SML database and if DNS integration is on inserts record to DNS server. |
ADMIN |
4 |
Receives stored DNS data. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: DNSRecord data which are stored to database and optionally to DNS.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation (E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC29 DeleteDNSRecord
- Description
-
This operation allows the admin team to delete record from DNS by the DNS name. If there are multiple DNS records with the same name in database and DNS server, all of them are deleted.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: DNS Record Name, DNS Zone. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the DeleteDNSRecordType () operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Deleted DNS records from SML database and DNS server if DNS integration is on. |
ADMIN |
4 |
Receives list of deleted DNS data from database. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: List of DNSRecord data, which are deleted from database.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC30 AddTruststoreCertificate
- Description
-
This operation allows the admin team to add X509 certificate to the truststore.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: X509Certificate. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the AddTruststoreCertificate operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Adds the certificate in the Truststore and generates a new alias if not provided in the request. |
ADMIN |
4 |
Receives inserted certificate with alias. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: Certificate with alias.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
UC31 GetTruststoreCertificate
- Description
-
This operation allows the admin team to retrieve X509 certificate from the truststore by the certificate alias.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: certificate alias. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the GetTruststoreCertificate operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Retrieve certificate from Truststore. |
ADMIN |
4 |
Receives certificate with alias. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: certificate with alias.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC32 DeleteTruststoreCertificate
- Description
-
This operation allows the admin team to delete X509 certificate from the truststore.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: certificate alias. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the DeleteTruststoreCertificate operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Deletes the certificate from the truststore. |
ADMIN |
4 |
Receives deleted certificate with alias. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: Deleted X509 Certificate and alias.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC33 ListTruststoreCertificateAliases
- Description
-
This operation allows the admin team to list all X509 certificates in the truststore.
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: search parameter: null or partial certificate alias. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the ListTruststoreCertificate operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Retrieves the aliases which match the search parameter. If the search parameter is not given, then the operation returns all certificates. |
ADMIN |
4 |
Receives truststore aliases which matched search parameter. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: List of truststore aliases.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation(E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
UC34 ManageServiceMetadataPublisher
- Description
- Actors
-
ADMIN
| Precondition | Description |
|---|---|
C1 |
User has a valid certificate. |
C2 |
The user has the role |
C3 |
Input: Action, SMP Id, Email address, Domain Zone, Certificate Id of the owner, Optional: Physical address a Logical address of SMP in case of Update action. |
| Actor | Step | Description |
|---|---|---|
ADMIN |
1 |
Invokes the ManageServiceMetadataPublisher operation. |
SML |
2 |
Authenticates the user, validates the request. |
SML |
3 |
Creates task in new Thread and executes action. |
ADMIN |
4 |
Receives email when the task is completed. |
- |
5 |
Use case ends. |
- Alternative flows
-
None
| Flow | Actor | Description |
|---|---|---|
E1 |
The user is not authorized |
|
2.1.1 |
SML |
Returns an HTTP error 401 as response to the requester. |
2.1.2 |
ADMIN |
Receives the error response. |
2.1.3 |
- |
Use case ends. |
E2 |
Any other error occurring preventing SML from processing the request |
|
2.2.1 |
SML |
Returns an HTTP error 500 as response to the requester. |
2.2.2 |
ADMIN |
Receives the error response. |
2.2.3 |
- |
Use case ends. |
- Post conditions
-
None
- Successful conditions
-
-
Output: The SMP is enabled/disabled/deleted/updated.
-
| Error | Description |
|---|---|
|
Returned when the caller is not authorized to invoke this operation (E1). |
|
Returned when the DomiSML service is unable to process the request(E2). |
3.2. Interface Behavioural Specification
3.2.1. Sequence diagrams
ManageServiceMetadataService
The ManageServiceMetadata interface allows Service Metadata Publishers to manage the metadata held in the Service Metadata Locator service about their service metadata publisher services, e.g., binding, interface profile and key information. This interface requires authentication of the user. The identity of the user derived from the authentication process identifies the Service Metadata Publisher associated with the service metadata which is managed via this interface. The ManageServiceMetadata interface has the following operations:
-
Create
-
Read
-
Update
-
Delete
|
See Also
|
This document defines the profiles for the discovery and management interfaces for the Business Document Exchange Network (BUSDOX) Service Metadata Locator service. The Service Metadata Locator service exposes three interfaces: Service Metadata discovery, Manage participant identifiers and Manage service metadata interfaces. |
ManageBusinessIdentifierService
The ManageParticipantIdentifier interface has the following operations:
-
Create
-
CreateList
-
Delete
-
DeleteList
-
PrepareToMigrate
-
Migrate
-
List
These services are listed in the sequence diagram below:
The usage of the services related to the SMP migration process – involving more than a single step like the others above – are shown in the sequence diagram below:
BDMSLService
This interface describes non-core services that are not defined in the SML or BDX specifications.
BDMSLAdminService
This interface describes non-core administration services that are not defined in the SML or BDX specifications.
3.2.2. Data Model (WSDL)
The interface data model of the DomiSML is described using some conventions.
Model Description Conventions
- 1
-
One paragraph for each of the 3 web services will introduce all their operations.
- 2
-
One paragraph for each operation will specify their Input and Output structures and the fault that these operations may return.
In some cases, there is no argument, in which case there is no related structure (the text below will mention "none" in those cases). - 3
-
For each input or output structure, the related XSD structure is detailed in a graphically, specifying:
-
The arborescence structure;
-
The mandatory (solid lines) and optional (dashed line) fields.
Example: -
The repeated fields and their cardinality (icon
with min/max indication on the bottom right).
Example: -
The sequences (icon
Example: -
The leave attributes as defined in the first paragraph.
Examples (*):
-
ManageServiceMetadataService WSDL Model
Operations Signatures
Create() Signature
Create() Input
Argument: PublisherEndpoint.LogicalAddress |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:anyURI |
|
Argument: PublisherEndpoint.PhysicalAddress |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
This physical address is used as the ALIAS on the CNAME DNS record by
default. However a NAPTR DNS record is also provided in order to give
the possibility to process regular expressions for accessing the domain
if necessary.
|
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
In |
Create() Output
None
Read() Signature
Read() Input
Argument: PublisherEndpoint.LogicalAddress |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:anyURI |
|
Argument: PublisherEndpoint.PhysicalAddress |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
This physical address is used as the ALIAS on the CNAME DNS record by
default. However a NAPTR DNS record is also provided in order to give
the possibility to process regular expressions for accessing the domain
if necessary.
|
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string
ServiceMetadataLocatorTypes-1.0.xsd |
In ManageServiceMetadata service, this establishes the link with the managing SMP of the participant as defined by in the ManageBusinessIdentifier service. |
Read() Output
| Argument: PublisherEndpoint.LogicalAddress | |
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:anyURI |
Must not be null or empty. |
Argument: PublisherEndpoint.PhysicalAddress |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
This physical address is used as the ALIAS on the CNAME DNS record by
default. However a NAPTR DNS record is also provided in order to give
the possibility to process regular expressions for accessing the domain
if necessary.
|
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
In |
Update() Signature
Update() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:anyURI |
|
Argument: PublisherEndpoint.PhysicalAddress |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
This physical address is used as the ALIAS on the CNAME DNS record by
default. However a NAPTR DNS record is also provided in order to give
the possibility to process regular expressions for accessing the domain
if necessary.
|
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description:Unique identifier of the SMP. |
|
Format/XSD/Xpath |
Constraint |
xs:string |
In |
Update() Output
None
Delete() Signature
Delete() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
In ManageServiceMetadata service, this establishes the link with the managing SMP of the participant as defined by in the ManageBusinessIdentifier service. |
Delete() Output
None
ManageBusinessIdentifierService WSDL Model
Operations Signatures
Create() Signature
Create() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
In ManageServiceMetadata service, this establishes the link with the managing SMP of the participant as defined by in the ManageBusinessIdentifier service. |
Argument: ParticipantIdentifier |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
Represents a business level endpoint key that uniquely identifies an end-user entity in the network. Examples of identifiers are company registration and VAT numbers, DUNS numbers, GLN numbers, email addresses, etc… |
The format must comply with ISO 15459 constraints as defined in Policy for the use of Identifiers in PEPPOL Transport Infrastructure. Example: 0088:4035811991014 Identifiers-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ParticipantIdentifierType'] |
Argument: ParticipantIdentifier.scheme |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
Identifier schemes for all schemed identifier types (participants, documents, profiles, transports) may be defined outside of this specification. Any instance of a 4-cornered infrastructure may choose to define identifier schemes that match the type of documents, participants or profiles that are relevant to support in that instance. +
Examples: iso6523-actorid-upis, busdox-actorid-upis |
|
Create() Output
None
CreateList() Signature
CreateList() Input
|
Note
|
the NextPageIndentifier is absent.
|
Argument: ParticipantIdentifier (0..n) |
|||
|---|---|---|---|
Business unique identifier of the Participant. Represents a business level endpoint key that uniquely identifies an end-user entity in the network. Examples of identifiers are company registration and VAT numbers, DUNS numbers, GLN numbers, email addresses, etc. |
|||
Format/XSD/Xpath |
Constraint |
||
Example: 0088:4035811991014
/[local-name()='schema']/ [local-name()='complexType' and @name='ParticipantIdentifierType'] |
|
||
Argument: ParticipantIdentifier.scheme (0..n) |
|
|---|---|
The scheme of the participant identifier. |
|
Format/XSD/Xpath |
Constraints |
Identifier schemes for all schemed identifier types (participants,
documents, profiles, transports) may be defined outside of this
specification. |
May not exceed 25 characters. |
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraints |
|
In |
| Argument: NextPageIdentifier | |
|---|---|
Description |
|
Format/XSD/Xpath |
Constraints |
n/aa |
* Must be null. |
CreateList() Output
None
Delete() Signature
Delete() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
In |
Argument: ParticipantIdentifier |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
Represents a business level endpoint key that uniquely identifies an end-user entity in the network. Examples of identifiers are company registration and VAT numbers, DUNS numbers, GLN numbers, email addresses, etc. |
The format must comply with ISO 15459 constraints as defined in Policy for the use of Identifiers in PEPPOL Transport Infrastructure. Example: 0088:4035811991014 |
Argument: ParticipantIdentifier.scheme |
|
|---|---|
Description |
|
Identifier schemes for all schemed identifier types (participants,
documents, profiles, transports) may be defined outside of this
specification. Any instance of a 4-cornered infrastructure may choose to
define identifier schemes that match the type of documents, participants
or profiles that are relevant to support in that instance. |
May not exceed 25 characters. |
Delete() Output
None
DeleteList() Signature
DeleteList() Input
|
Note
|
the NextPageIndentifier is absent.
|
| Argument | Description | Format/XSD/Xpath | Constraint |
|---|---|---|---|
ParticipantIdentifier (0..n) |
Business unique identifier of the
Participant. |
The format must comply with ISO 15459 constraints as defined in Policy for the use of Identifiers in PEPPOL Transport Infrastructure. Example: 0088:4035811991014 Identifiers-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ParticipantIdentifierType'] |
Must be unique. NOTE: The participant identifier is case insensitive. |
ParticipantIdentifier.scheme (0..n) |
The scheme of the participant identifier |
Identifier schemes for all schemed identifier types (participants, documents, profiles, transports) may be defined outside of this specification. Any instance of a 4-cornered infrastructure may choose to define identifier schemes that match the type of documents, participants or profiles that are relevant to support in that instance. Examples: iso6523-actorid-upis, busdox-actorid-upis +
Identifiers-1.0.xsd + /[local-name()='schema']/[local-name()='complexType' and @name='ProcessIdentifierType']/xs:simpleContent/xs:extension/xs:attribute |
May not exceed 25 characters. |
ServiceMetadataPublisherID |
Unique identifier of the SMP |
xs:string |
In ManageServiceMetadata service, this establishes the link with the managing SMP of the participant as defined by in the ManageBusinessIdentifier service. |
NextPageIdentifier |
This argument is not used in this context. |
n/a |
Must be null |
DeleteList() Output
None
PrepareToMigrate() Signature
PrepareToMigrate() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string +
ServiceMetadataLocatorTypes-1.0.xsd + /[local-name()='schema']/[local-name()='complexType' and @name='ServiceMetadataPublisherServiceForParticipantType']// [local-name()='sequence']/[local-name()='element' and @ref='ServiceMetadataPublisherID'] |
In |
Argument: ParticipantIdentifier |
|||
|---|---|---|---|
Description |
|||
Format/XSD/Xpath |
Constraint |
||
The format must comply with ISO 15459 constraints as defined in Policy for the use of Identifiers in PEPPOL Transport Infrastructure. Example: 0088:4035811991014 Identifiers-1.0.xsd /[local-name()='schema']/[local-name()='complexType' |
|
||
Argument: ParticipantIdentifier.scheme |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
Identifier schemes for all schemed identifier types (participants, documents, profiles, transports) may be defined outside of this specification. Any instance of a 4-cornered infrastructure may choose to define identifier schemes that match the type of documents, participants or profiles that are relevant to support in that instance. + Examples: iso6523-actorid-upis, busdox-actorid-upis + Identifiers-1.0.xsd + /[local-name()='schema']/[local-name()='complexType' and @name='ProcessIdentifierType']/xs:simpleContent/xs:extension/xs:attribute |
|
Argument: MigrationKey |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string +
ServiceMetadataLocatorTypes-1.0.xsd +
/[local-name()='schema']/[local-name()='complexType' |
The migration key is a code that must be passed out-of-band to the SMP which is taking over the publishing of the metadata for the participant identifier. This code:
|
PrepareToMigrate() Output
None
Migrate() Signature
Migrate() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string +
ServiceMetadataLocatorTypes-1.0.xsd + /[local-name()='schema']/[local-name()='complexType' and @name='ServiceMetadataPublisherServiceForParticipantType']//[local-name()='sequence']/[local-name()='element' and @ref='ServiceMetadataPublisherID'] |
In |
Argument: ParticipantIdentifier |
|||
|---|---|---|---|
Description |
|||
Format/XSD/Xpath |
Constraint |
||
The format must comply with ISO 15459 constraints as defined in Policy for the use of Identifiers in PEPPOL Transport Infrastructure. Example: 0088:4035811991014 Identifiers-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ParticipantIdentifierType'] |
|
||
Argument: ParticipantIdentifier.scheme |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
Identifier schemes for all schemed identifier types (participants, documents, profiles, transports) may be defined outside of this specification. Any instance of a 4-cornered infrastructure may choose to define identifier schemes that match the type of documents, participants or profiles that are relevant to support in that instance. + Examples: iso6523-actorid-upis, busdox-actorid-upis + Identifiers-1.0.xsd + /[local-name()='schema']/[local-name()='complexType' and @name='ProcessIdentifierType']/xs:simpleContent/xs:extension/xs:attribute |
|
Argument: MigrationKey |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string + ServiceMetadataLocatorTypes-1.0.xsd +
/[local-name()='schema']/[local-name()='complexType' + and @name='MigrationKey'] |
The migration key is a code that must be passed out-of-band to the SMP which is taking over the publishing of the metadata for the participant identifier. This code:
|
Migrate() Output
None
List() Signature
List() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string ServiceMetadataLocatorTypes-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ServiceMetadataPublisherServiceForParticipantType']//[local-name()='sequence']/[local-name()='element' and @ref='ServiceMetadataPublisherID'] |
In |
Argument: NextPageIdentifier |
|
|---|---|
Description As Input parameter this identifier represents the page of data to
retrieve. If the NextPageIdentifier is absent, the first page is
returned. |
|
Format/XSD/Xpath |
Constraint |
xs:string ServiceMetadataLocatorTypes-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='PageRequestType']/[local-name()='sequence']/[local-name()='element' and @name='NextPageIdentifier'] |
Must be a positive number. |
List() Output
Argument: ParticipantIdentifier (0..n) |
|||
|---|---|---|---|
Description Represents a business level endpoint key that uniquely identifies an end-user entity in the network. Examples of identifiers are company registration and VAT numbers, DUNS numbers, GLN numbers, email addresses, etc. |
|||
Format/XSD/Xpath |
Constraint |
||
The format must comply with ISO 15459 constraints as defined in Policy for the use of Identifiers in PEPPOL Transport Infrastructure. Example: 0088:4035811991014 Identifiers-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ParticipantIdentifierType'] |
|
||
Argument: ParticipantIdentifier.scheme (0..n) |
|
|---|---|
Description + Represents a business level endpoint key that uniquely identifies an end-user entity in the network. Examples of identifiers are company registration and VAT numbers, DUNS numbers, GLN numbers, email addresses, etc. |
|
Format/XSD/Xpath |
Constraint |
Identifier schemes for all schemed identifier types (participants, documents, profiles, transports) may be defined outside of this specification. Any instance of a 4-cornered infrastructure may choose to define identifier schemes that match the type of documents, participants or profiles that are relevant to support in that instance. + Examples: iso6523-actorid-upis, busdox-actorid-upis + Identifiers-1.0.xsd + /[local-name()='schema']/[local-name()='complexType' and @name='ProcessIdentifierType']/xs:simpleContent/xs:extension/xs:attribute |
|
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description + Represents a business level endpoint key that uniquely identifies an end-user entity in the network. Examples of identifiers are company registration and VAT numbers, DUNS numbers, GLN numbers, email addresses, etc. |
|
Format/XSD/Xpath |
Constraint |
xs:string + ServiceMetadataLocatorTypes-1.0.xsd + /[local-name()='schema']/[local-name()='complexType' and @name='ServiceMetadataPublisherServiceForParticipantType']//[local-name()='sequence']/[local-name()='element' and @ref='ServiceMetadataPublisherID'] |
In |
Argument: NextPageIdentifier |
|
|---|---|
Description + As Input parameter this identifier represents the page of data to retrieve. If the NextPageIdentifier is absent, the first page is returned. + As Output parameter, this value can be used as() Input at the next call to the same operation to retrieve the next page of data (to navigate forward). + This parameter is used only for 'read' operations returning list of values. |
|
Format/XSD/Xpath |
Constraint |
xs:string + ServiceMetadataLocatorTypes-1.0.xsd + /[local-name()='schema']/[local-name()='complexType' and @name='PageRequestType']/[local-name()='sequence']/[local-name()='element' and @name='NextPageIdentifier'] |
Must be a positive number. |
WSDL model for BDMSLService
Operations Signatures
PrepareChangeCertificate() Signature
PrepareChangeCertificate() Input
Argument: newCertificatePublicKey |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
base64Binary |
Must be valid and belong to the list of authorized root certificate aliases. |
Argument: migrationDate |
|
|---|---|
Description |
|
xs:date BDMSLService-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='PrepareChangeCertificateType']/[local-name()='sequence']/[local-name()='element' and @name='migrationDate'] |
|
PrepareChangeCertificate() Output
None
CreateParticipantIdentifier() Signature
CreateParticipantIdentifier() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string ServiceMetadataLocatorTypes-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ServiceMetadataPublisherServiceForParticipantType']//[local-name()='sequence']/[local-name()='element' and @ref='ServiceMetadataPublisherID'] |
In ManageServiceMetadata service, this establishes the link with the managing SMP of the participant as defined by in the ManageBusinessIdentifier service. |
Argument: ParticipantIdentifier |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
Business unique identifier of the Participant. |
Example: 0088:4035811991014 Identifiers-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ParticipantIdentifierType'] |
Argument: ParticipantIdentifier.scheme |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
Identifier schemes for all schemed identifier types (participants, documents, profiles, transports) may be defined outside of this specification. Any instance of a 4-cornered infrastructure may choose to define identifier schemes that match the type of documents, participants or profiles that are relevant to support in that instance. Examples: iso6523-actorid-upis, busdox-actorid-upis Identifiers-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ProcessIdentifierType']/xs:simpleContent/xs:extension/xs:attribute |
|
Argument: serviceName |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string |
No constraint is enforced by the DomiSML |
CreateParticipantIdentifier() Output
None
IsAlive() Signature
IsAlive() Input
(empty)
IsAlive() Output
None
ClearCache() Signature
ClearCache() Input
none
ClearCache() Output
none
ChangeCertificate() Signature
ChangeCertificate() Input
Argument: ServiceMetadataPublisherID |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
xs:string ServiceMetadataLocatorTypes-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and @name='ServiceMetadataPublisherServiceForParticipantType']//[local-name()='sequence']/[local-name()='element' + and @ref='ServiceMetadataPublisherID'] |
In |
Argument: newCertificatePublicKey |
|
|---|---|
Description |
|
Format/XSD/Xpath |
Constraint |
base64Binary BDMSLService-1.0.xsd /[local-name()='schema']/[local-name()='complexType' and
@name='PrepareChangeCertificateType']/[local-name()='sequence']/[local-name()='element' |
Must be valid and belong to the list of authorized root certificate aliases. |
ChangeCertificate() Output
None
Faults
Faults generic specifications
All operations above may return all or some of the possible following faults:
-
notFoundFault: the target element(s) (MetadataPublisher, Participant …) on which the operation must be performed is not present into the configuration.
-
unauthorizedFault: the user does not have the permission to execute that operation
-
badRequestFault: the structure of the request is not well-formed
-
internaltFault: any other error occurred during the processing of the request
Error Codes
Whenever a fault occurs, more details on the source of the error will provided in the SOAP fault with the applicable error code as listed in the table below:
| Error code | Description |
|---|---|
100 |
SMP not found error |
101 |
Unauthorized error |
102 |
Certificate authentication issue |
103 |
The root alias is not found in the list of trusted issuers in the database |
104 |
The certificate is revoked |
105 |
Generic technical error |
106 |
Bad request error |
107 |
DNS communication problem |
108 |
Problem with the SIG0 Signature |
109 |
Bad configuration |
110 |
Participant not found error |
111 |
Migration data not found |
112 |
Duplicate participant error |
113 |
Error when deleting a SMP |
114 |
The deletion failed because a migration is planned for the given participant or SMP |
Faults specific usages
The tables that follow show the applicability of each error per operation specified in this specification:
| ManageServiceMetadata | ||||
|---|---|---|---|---|
Error/Operation |
|
|
|
|
Create |
X |
X |
X |
|
Read |
X |
X |
X |
X |
Update |
X |
X |
X |
X |
Delete |
X |
X |
X |
X |
| ManageBusinessIdentifier | ||||
|---|---|---|---|---|
Error/Operation |
|
|
|
|
Create |
X |
X |
X |
X |
CreateList |
X |
X |
X |
X |
Delete |
X |
X |
X |
X |
DeleteList |
X |
X |
X |
X |
PrepareToMigrate |
X |
X |
X |
X |
Migrate |
X |
X |
X |
X |
List |
X |
X |
X |
X |
| BDMSLService | ||||
|---|---|---|---|---|
Error/Operation |
|
|
|
|
PrepareChangeCertificate |
X |
X |
X |
X |
CreateParticipantIdentifier |
X |
X |
X |
X |
IsAlive |
X |
X |
X |
|
| BDMSLAdminService | ||||
|---|---|---|---|---|
Error/Operation |
|
|
|
|
SetProperty |
X |
X |
X |
X |
GetProperty |
X |
X |
X |
X |
DeleteProperty |
X |
X |
X |
X |
CreateSuDomain |
X |
X |
X |
X |
UpdateSubDomain |
X |
X |
X |
X |
GetSubDomain |
X |
X |
X |
X |
DeleteSubDomain |
X |
X |
X |
X |
AddSubDomainCertificate |
X |
X |
X |
X |
UpdateSubDomainCertificate |
X |
X |
X |
X |
ListSubDomainCertificates |
X |
X |
X |
|
AddDNSRecord |
X |
X |
X |
X |
DeleteDNSRecord |
X |
X |
X |
X |
ClearCache |
X |
X |
X |
|
ChangeCertificate |
X |
X |
X |
X |
AddTruststoreCertificate |
X |
X |
X |
|
GetTruststoreCertificate |
X |
X |
X |
X |
DeleteTruststoreCertificate |
X |
X |
X |
X |
ListTruststoreCertificateAliases |
X |
X |
X |
|
ManageServiceMetadaPublisher |
X |
X |
X |
X |
Sample SOAP errors
The following are SOAP faults samples as they are returned to the requester in case of error encountered by the DomiSML.
Sample NotFoundFault
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>[ERR-100] The SMP 'testSMPPrepareToMigrate520'
doesn't exist.
[14ojYP8Op4vWs78XmcVtLBVFsbPat1mOE9h8HChQW0O48XbOOZXu!-2114654990!1469472374542]</faultstring>
<detail>
<NotFoundFault
xmlns:ns2="http://busdox.org/transport/identifiers/1.0/"
xmlns="http://busdox.org/serviceMetadata/locator/1.0/">
<FaultMessage>[ERR-100] The SMP
'testSMPPrepareToMigrate520' doesn't exist.</FaultMessage>
</NotFoundFault>
</detail>
</soap:Fault>
</soap:Body>
</soap:Envelope>
Sample "BadRequestFault":
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring[ERR-106]Participant Identifier value "9999" is
illegal .
[NtsjYc25LzhHUNmQ4_Z6Bv8En5sB2e9WjFhMZrBTUcLHT5QlsR99!-2114654990!1469472427449]</faultstring>
<detail>
<BadRequestFault
xmlns:ns2="http://busdox.org/transport/identifiers/1.0/"
xmlns="http://busdox.org/serviceMetadata/locator/1.0/">
<FaultMessage>[ERR-106] Participant Identifier Value
contains the illegal issuing agency '0185'</FaultMessage>
</BadRequestFault>
</detail>
</soap:Fault>
</soap:Body>
</soap:Envelope>3.3. Annexes
3.3.1. Interface Message standards
The WSDL and XSD documents can all be downloaded from the eDelivery GIT repository at this location:
WSDL’s
ManageBusinessIdentifierService
<!--
(C) Copyright 2018 - European Commission | CEF eDelivery
Licensed under the EUPL, Version 1.2 (the "License");
You may not use this file except in compliance with the License.
You may obtain a copy of the License at
https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/eupl_v1.2_en.pdf
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<wsdl:definitions xmlns:tns="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/" xmlns:soap11="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:lrs="http://busdox.org/serviceMetadata/locator/1.0/" xmlns:s="http://www.w3.org/2001/XMLSchema" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" name="ManageBusinessIdentifierService" targetNamespace="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:types>
<s:schema elementFormDefault="qualified" targetNamespace="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/Schema/">
<s:import namespace="http://busdox.org/serviceMetadata/locator/1.0/" schemaLocation="ServiceMetadataLocatorTypes-1.0.xsd"/>
</s:schema>
</wsdl:types>
<wsdl:message name="createIn">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:part name="messagePart" element="lrs:CreateParticipantIdentifier"/>
</wsdl:message>
<wsdl:message name="createOut">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
</wsdl:message>
<wsdl:message name="deleteIn">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:part name="messagePart" element="lrs:DeleteParticipantIdentifier"/>
</wsdl:message>
<wsdl:message name="deleteOut">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
</wsdl:message>
<wsdl:message name="listIn">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:part name="messagePart" element="lrs:PageRequest"/>
</wsdl:message>
<wsdl:message name="listOut">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:part name="messagePart" element="lrs:ParticipantIdentifierPage"/>
</wsdl:message>
<wsdl:message name="prepareMigrateIn">
<wsdl:part name="prepareMigrateIn" element="lrs:PrepareMigrationRecord"/>
</wsdl:message>
<wsdl:message name="prepareMigrateOut">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
</wsdl:message>
<wsdl:message name="migrateIn">
<wsdl:part name="migrateIn" element="lrs:CompleteMigrationRecord"/>
</wsdl:message>
<wsdl:message name="migrateOut">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
</wsdl:message>
<wsdl:message name="createListIn">
<wsdl:part name="createListIn" element="lrs:CreateList"/>
</wsdl:message>
<wsdl:message name="createListOut">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
</wsdl:message>
<wsdl:message name="deleteListIn">
<wsdl:part name="deleteListIn" element="lrs:DeleteList"/>
</wsdl:message>
<wsdl:message name="deleteListOut">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
</wsdl:message>
<wsdl:message name="badRequestFault">
<wsdl:part name="fault" element="lrs:BadRequestFault"/>
</wsdl:message>
<wsdl:message name="internalErrorFault">
<wsdl:part name="fault" element="lrs:InternalErrorFault"/>
</wsdl:message>
<wsdl:message name="notFoundFault">
<wsdl:part name="fault" element="lrs:NotFoundFault"/>
</wsdl:message>
<wsdl:message name="unauthorizedFault">
<wsdl:part name="fault" element="lrs:UnauthorizedFault"/>
</wsdl:message>
<wsdl:portType name="ManageBusinessIdentifierServiceSoap">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:operation name="Create">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:input message="tns:createIn"/>
<wsdl:output message="tns:createOut"/>
<wsdl:fault message="tns:notFoundFault" name="NotFoundFault"/>
<wsdl:fault message="tns:unauthorizedFault" name="UnauthorizedFault"/>
<wsdl:fault message="tns:internalErrorFault" name="InternalErrorFault"/>
<wsdl:fault message="tns:badRequestFault" name="BadRequestFault"/>
</wsdl:operation>
<wsdl:operation name="Delete">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:input message="tns:deleteIn"/>
<wsdl:output message="tns:deleteOut"/>
<wsdl:fault message="tns:notFoundFault" name="NotFoundFault"/>
<wsdl:fault message="tns:unauthorizedFault" name="UnauthorizedFault"/>
<wsdl:fault message="tns:internalErrorFault" name="InternalErrorFault"/>
<wsdl:fault message="tns:badRequestFault" name="BadRequestFault"/>
</wsdl:operation>
<wsdl:operation name="List">
<wsdl:documentation xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"/>
<wsdl:input message="tns:listIn"/>
<wsdl:output message="tns:listOut"/>
<wsdl:fault message="tns:notFoundFault" name="NotFoundFault"/>
<wsdl:fault message="tns:unauthorizedFault" name="UnauthorizedFault"/>
<wsdl:fault message="tns:internalErrorFault" name="InternalErrorFault"/>
<wsdl:fault message="tns:badRequestFault" name="BadRequestFault"/>
</wsdl:operation>
<wsdl:operation name="PrepareToMigrate">
<wsdl:input message="tns:prepareMigrateIn"/>
<wsdl:output message="tns:prepareMigrateOut"/>
<wsdl:fault message="tns:notFoundFault" name="NotFoundFault"/>
<wsdl:fault message="tns:unauthorizedFault" name="UnauthorizedFault"/>
<wsdl:fault message="tns:internalErrorFault" name="InternalErrorFault"/>
<wsdl:fault message="tns:badRequestFault" name="BadRequestFault"/>
</wsdl:operation>
<wsdl:operation name="Migrate">
<wsdl:input message="tns:migrateIn"/>
<wsdl:output message="tns:migrateOut"/>
<wsdl:fault message="tns:notFoundFault" name="NotFoundFault"/>
<wsdl:fault message="tns:unauthorizedFault" name="UnauthorizedFault"/>
<wsdl:fault message="tns:internalErrorFault" name="InternalErrorFault"/>
<wsdl:fault message="tns:badRequestFault" name="BadRequestFault"/>
</wsdl:operation>
<wsdl:operation name="CreateList">
<wsdl:input message="tns:createListIn"/>
<wsdl:output message="tns:createListOut"/>
<wsdl:fault message="tns:notFoundFault" name="NotFoundFault"/>
<wsdl:fault message="tns:unauthorizedFault" name="UnauthorizedFault"/>
<wsdl:fault message="tns:internalErrorFault" name="InternalErrorFault"/>
<wsdl:fault message="tns:badRequestFault" name="BadRequestFault"/>
</wsdl:operation>
<wsdl:operation name="DeleteList">
<wsdl:input message="tns:deleteListIn"/>
<wsdl:output message="tns:deleteListOut"/>
<wsdl:fault message="tns:notFoundFault" name="NotFoundFault"/>
<wsdl:fault message="tns:unauthorizedFault" name="UnauthorizedFault"/>
<wsdl:fault message="tns:internalErrorFault" name="InternalErrorFault"/>
<wsdl:fault message="tns:badRequestFault" name="BadRequestFault"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="ManageBusinessIdentifierServiceSoap" type="tns:ManageBusinessIdentifierServiceSoap">
<soap11:binding transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="Create">
<soap11:operation soapAction="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/ :createIn" style="document"/>
<wsdl:input>
<soap11:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap11:body use="literal"/>
</wsdl:output>
<wsdl:fault name="NotFoundFault">
<soap:fault name="NotFoundFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="UnauthorizedFault">
<soap:fault name="UnauthorizedFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="InternalErrorFault">
<soap:fault name="InternalErrorFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="BadRequestFault">
<soap:fault name="BadRequestFault" use="literal"/>
</wsdl:fault>
</wsdl:operation>
<wsdl:operation name="CreateList">
<soap11:operation soapAction="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/ :createListIn" style="document"/>
<wsdl:input>
<soap11:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap11:body use="literal"/>
</wsdl:output>
<wsdl:fault name="NotFoundFault">
<soap:fault name="NotFoundFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="UnauthorizedFault">
<soap:fault name="UnauthorizedFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="InternalErrorFault">
<soap:fault name="InternalErrorFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="BadRequestFault">
<soap:fault name="BadRequestFault" use="literal"/>
</wsdl:fault>
</wsdl:operation>
<wsdl:operation name="Delete">
<soap11:operation soapAction="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/ :deleteIn" style="document"/>
<wsdl:input>
<soap11:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap11:body use="literal"/>
</wsdl:output>
<wsdl:fault name="NotFoundFault">
<soap:fault name="NotFoundFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="UnauthorizedFault">
<soap:fault name="UnauthorizedFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="InternalErrorFault">
<soap:fault name="InternalErrorFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="BadRequestFault">
<soap:fault name="BadRequestFault" use="literal"/>
</wsdl:fault>
</wsdl:operation>
<wsdl:operation name="DeleteList">
<soap11:operation soapAction="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/ :deleteListIn" style="document"/>
<wsdl:input>
<soap11:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap11:body use="literal"/>
</wsdl:output>
<wsdl:fault name="NotFoundFault">
<soap:fault name="NotFoundFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="UnauthorizedFault">
<soap:fault name="UnauthorizedFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="InternalErrorFault">
<soap:fault name="InternalErrorFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="BadRequestFault">
<soap:fault name="BadRequestFault" use="literal"/>
</wsdl:fault>
</wsdl:operation>
<wsdl:operation name="List">
<soap11:operation soapAction="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/ :listIn" style="document"/>
<wsdl:input>
<soap11:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap11:body use="literal"/>
</wsdl:output>
<wsdl:fault name="NotFoundFault">
<soap:fault name="NotFoundFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="UnauthorizedFault">
<soap:fault name="UnauthorizedFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="InternalErrorFault">
<soap:fault name="InternalErrorFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="BadRequestFault">
<soap:fault name="BadRequestFault" use="literal"/>
</wsdl:fault>
</wsdl:operation>
<wsdl:operation name="PrepareToMigrate">
<soap11:operation soapAction="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/ :prepareMigrateIn" style="document"/>
<wsdl:input>
<soap11:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap11:body use="literal"/>
</wsdl:output>
<wsdl:fault name="NotFoundFault">
<soap:fault name="NotFoundFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="UnauthorizedFault">
<soap:fault name="UnauthorizedFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="InternalErrorFault">
<soap:fault name="InternalErrorFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="BadRequestFault">
<soap:fault name="BadRequestFault" use="literal"/>
</wsdl:fault>
</wsdl:operation>
<wsdl:operation name="Migrate">
<soap11:operation soapAction="http://busdox.org/serviceMetadata/ManageBusinessIdentifierService/1.0/ :migrateIn" style="document"/>
<wsdl:input>
<soap11:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap11:body use="literal"/>
</wsdl:output>
<wsdl:fault name="NotFoundFault">
<soap:fault name="NotFoundFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="UnauthorizedFault">
<soap:fault name="UnauthorizedFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="InternalErrorFault">
<soap:fault name="InternalErrorFault" use="literal"/>
</wsdl:fault>
<wsdl:fault name="BadRequestFault">
<soap:fault name="BadRequestFault" use="literal"/>
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="ManageBusinessIdentifierService">
<wsdl:port name="ManageBusinessIdentifierServicePort" binding="tns:ManageBusinessIdentifierServiceSoap">
<soap:address location="unknown"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>ServiceGroupReferenceList.xsd reformed
?xml version="1.0" encoding="utf-8"?>
<!--
(C) Copyright 2018 - European Commission | CEF eDelivery
Licensed under the EUPL, Version 1.2 (the "License");
You may not use this file except in compliance with the License.
You may obtain a copy of the License at
https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/eupl_v1.2_en.pdf
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<xs:schema xmlns="http://busdox.org/serviceMetadata/publishing/1.0/" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://busdox.org/serviceMetadata/publishing/1.0/" elementFormDefault="qualified" id="ServiceGroupReferenceList">
<xs:include schemaLocation="ServiceMetadataPublishingTypes-1.0.xsd"/>
<xs:element name="ServiceGroupReferenceList" type="ServiceGroupReferenceListType"/>
<xs:complexType name="ServiceGroupReferenceListType">
<xs:sequence>
<xs:element name="ServiceGroupReference" type="ServiceGroupReferenceType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ServiceGroupReferenceType">
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="href" type="xs:anyURI"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:element name="CompleteServiceGroup" type="CompleteServiceGroupType"/>
<xs:complexType name="CompleteServiceGroupType">
<xs:sequence>
<xs:element ref="ServiceGroup"/>
<xs:element ref="ServiceMetadata" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:schema>ServiceMetadataLocatorTypes-1.0.xsd
<?xml version="1.0" encoding="utf-8"?>
<!--
(C) Copyright 2018 - European Commission | CEF eDelivery
Licensed under the EUPL, Version 1.2 (the "License");
You may not use this file except in compliance with the License. You may obtain a copy of the License at
https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/eupl_v1.2_en.pdf
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and
limitations under the License.
-->
<xs:schema xmlns="http://busdox.org/serviceMetadata/locator/1.0/" xmlns:ids="http://busdox.org/transport/identifiers/1.0/"
xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://busdox.org/serviceMetadata/locator/1.0/"
elementFormDefault="qualified" id="ServiceMetadataPublisherService">
<xs:import namespace="http://busdox.org/transport/identifiers/1.0/" schemaLocation="Identifiers-1.0.xsd"/>
<xs:element name="ServiceMetadataPublisherID" type="xs:string"/>
<xs:element name="CreateServiceMetadataPublisherService" type="ServiceMetadataPublisherServiceType"/> <xs:element name="ReadServiceMetadataPublisherService" type="ServiceMetadataPublisherServiceType"/> <xs:element name="UpdateServiceMetadataPublisherService" type="ServiceMetadataPublisherServiceType"/> <xs:element name="ServiceMetadataPublisherService" type="ServiceMetadataPublisherServiceType"/> <xs:complexType name="ServiceMetadataPublisherServiceType">
<xs:sequence>
<xs:element name="PublisherEndpoint" type="PublisherEndpointType"/> <xs:element ref="ServiceMetadataPublisherID"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="PublisherEndpointType">
<xs:sequence>
<xs:element name="LogicalAddress" type="xs:anyURI"/> <xs:element name="PhysicalAddress" type="xs:string"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ServiceMetadataPublisherServiceForParticipantType">
<xs:sequence>
<xs:element ref="ServiceMetadataPublisherID"/> <xs:element ref="ids:ParticipantIdentifier"/>
</xs:sequence>
</xs:complexType>
<xs:element name="CreateParticipantIdentifier" type="ServiceMetadataPublisherServiceForParticipantType"/> <xs:element name="DeleteParticipantIdentifier" type="ServiceMetadataPublisherServiceForParticipantType"/> <xs:element name="ParticipantIdentifierPage" type="ParticipantIdentifierPageType"/>
<xs:element name="CreateList" type="ParticipantIdentifierPageType"/>
<xs:element name="DeleteList" type="ParticipantIdentifierPageType"/>
<xs:complexType name="ParticipantIdentifierPageType">
<xs:sequence>
<xs:element ref="ids:ParticipantIdentifier" minOccurs="0" maxOccurs="unbounded"/> <xs:element ref="ServiceMetadataPublisherID" minOccurs="0"/>
<xs:element name="NextPageIdentifier" type="xs:string" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:element name="PageRequest" type="PageRequestType"/> <xs:complexType name="PageRequestType">
<xs:sequence>
<xs:element ref="ServiceMetadataPublisherID"/>
<xs:element name="NextPageIdentifier" type="xs:string" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:element name="PrepareMigrationRecord" type="MigrationRecordType"/> <xs:element name="CompleteMigrationRecord" type="MigrationRecordType"/> <xs:complexType name="MigrationRecordType">
<xs:sequence>
<xs:element ref="ServiceMetadataPublisherID"/> <xs:element ref="ids:ParticipantIdentifier"/> <xs:element name="MigrationKey" type="xs:string"/>
</xs:sequence>
</xs:complexType>
<xs:element name="BadRequestFault" type="FaultType"/> <xs:element name="InternalErrorFault" type="FaultType"/> <xs:element name="NotFoundFault" type="FaultType"/> <xs:element name="UnauthorizedFault" type="FaultType"/> <xs:complexType name="FaultType">
<xs:sequence>
<xs:element name="FaultMessage" type="xs:string" minOccurs="0"/>
</xs:sequence> </xs:complexType>
</xs:schema>ServiceMetadataPublishingTypes-1.0.xsd
<?xml version="1.0" encoding="utf-8"?>
<!--
(C) Copyright 2018 - European Commission | CEF eDelivery
Licensed under the EUPL, Version 1.2 (the "License");
You may not use this file except in compliance with the License. You may obtain a copy of the License at
https://joinup.ec.europa.eu/sites/default/files/custom-page/attachment/eupl_v1.2_en.pdf
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<xs:schema xmlns="http://busdox.org/serviceMetadata/publishing/1.0/" xmlns:ids="http://busdox.org/transport/identifiers/1.0/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:wsa="http://www.w3.org/2005/08/addressing" targetNamespace="http://busdox.org/serviceMetadata/publishing/1.0/" elementFormDefault="qualified" id="ServiceMetadataPublishing">
<xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/> <xs:import namespace="http://busdox.org/transport/identifiers/1.0/" schemaLocation="Identifiers-1.0.xsd"/> <xs:import namespace="http://www.w3.org/2005/08/addressing" schemaLocation="ws-addr.xsd"/> <xs:element name="ServiceGroup" type="ServiceGroupType"/>
<xs:element name="ServiceMetadata" type="ServiceMetadataType"/>
<xs:element name="SignedServiceMetadata" type="SignedServiceMetadataType"/> <xs:complexType name="SignedServiceMetadataType">
<xs:annotation>
<xs:documentation>The SignedServiceMetadata structure is a ServiceMetadata structure
that has been signed by the ServiceMetadataPublisher, according to governance policies.</xs:documentation> </xs:annotation>
<xs:sequence>
<xs:element ref="ServiceMetadata">
<xs:annotation>
<xs:documentation>The ServiceMetadata element covered by the Signature.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element ref="ds:Signature"> <xs:annotation>
<xs:documentation>Represents an enveloped XML() Signature over the SignedServiceMetadata element.</xs:documentation>
</xs:annotation> </xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ServiceMetadataType">
<xs:annotation> <xs:documentation>
This data structure represents Metadata about a specific electronic service.
The role of the ServiceMetadata structure is to associate a participant identifier
with the ability to receive a specific document type over a specific transport. It
also describes which business processes a document can participate in, and various operational data such as service activation and expiration times.
The ServiceMetadata resource contains all the metadata about a service that a sender Access Point needs to know in order to send a message to that service.
</xs:documentation> </xs:annotation>
<xs:sequence> <xs:choice>
<xs:element name="ServiceInformation" type="ServiceInformationType"> <xs:annotation>
<xs:documentation>Contains service information for an actual service registration, rather than a redirect to another SMP</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="Redirect" type="RedirectType"> <xs:annotation>
<xs:documentation>
For recipients that want to associate more than one SMP with their participant identifier,
they may redirect senders to an alternative SMP for specific document types. To achieve this, the ServiceMetadata element defines the optional element ‘Redirect’. This element holds the URL of the alternative SMP, as well as the Subject Unique Identifier of the destination SMPs certificate used to sign its resources.
In the case where a client encounters such a redirection element, the client MUST follow the first redirect reference to the alternative SMP. If the SignedServiceMetadata resource at the alternative SMP also contains a redirection element, the client SHOULD NOT follow that redirect. It is the responsibility of the client to enforce this constraint.
</xs:documentation> </xs:annotation>
</xs:element>
</xs:choice> </xs:sequence> </xs:complexType>
<xs:complexType name="ServiceInformationType"> <xs:sequence>
<xs:element ref="ids:ParticipantIdentifier"> <xs:annotation>
<xs:documentation>The participant identifier. Comprises the identifier, and an identifier scheme. This identifier MUST have the same value of the {id} part of the URI of the enclosing ServiceMetadata resource.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element ref="ids:DocumentIdentifier"> <xs:annotation>
<xs:documentation>Represents the type of document that the recipient is able to handle.</xs:documentation> </xs:annotation>
</xs:element>
<xs:element name="ProcessList" type="ProcessListType">
<xs:annotation>
<xs:documentation>Represents the processes that a specific document type can participate in, and endpoint address
and binding information. Each process element describes a specific business process that accepts this type of document as() Input and holds a list of endpoint addresses (in the case that the service supports multiple transports) of services that implement the business process, plus information about the transport used for each endpoint.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="Extension" type="ExtensionType" minOccurs="0"> <xs:annotation>
<xs:documentation>The extension element may contain any XML element. Clients MAY ignore this element.</xs:documentation>
</xs:annotation> </xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ProcessListType">
<xs:annotation>
<xs:documentation>List of processes</xs:documentation>
</xs:annotation> <xs:sequence>
<xs:element name="Process" type="ProcessType" maxOccurs="unbounded"/> </xs:sequence>
</xs:complexType>
<xs:complexType name="ProcessType">
<xs:sequence>
<xs:element ref="ids:ProcessIdentifier">
<xs:annotation>
<xs:documentation>The identifier of the process.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="ServiceEndpointList" type="ServiceEndpointList"> <xs:annotation>
<xs:documentation>List of one or more endpoints that support this process.</xs:documentation> </xs:annotation>
</xs:element>
<xs:element name="Extension" type="ExtensionType" minOccurs="0">
<xs:annotation>
<xs:documentation>
The extension element may contain any XML element. Clients MAY ignore this element.
</xs:documentation>
</xs:annotation>
</xs:element> </xs:sequence> </xs:complexType>
<xs:complexType name="ServiceEndpointList"> <xs:annotation>
<xs:documentation>Contains a list of all endpoint</xs:documentation> </xs:annotation>
<xs:sequence>
<xs:element name="Endpoint" type="EndpointType" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>Endpoint represents the technical endpoint and address type of the recipient, as an
URL.</xs:documentation> </xs:annotation>
</xs:element> </xs:sequence>
</xs:complexType>
<xs:complexType name="EndpointType">
<xs:sequence>
<xs:element ref="wsa:EndpointReference">
<xs:annotation>
<xs:documentation>The address of an endpoint, as an WS-Addressing Endpoint Reference</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="RequireBusinessLevelSignature" type="xs:boolean"> <xs:annotation>
<xs:documentation>Set to "true" if the recipient requires business-level() Signatures for the message, meaning a() Signature applied to the business message before the message is put on the transport. This is independent of the transport- level() Signatures that a specific transport profile, such as the START profile, might mandate. This flag does not indicate which type of business-level() Signature might be required. Setting or consuming business-level() Signatures would typically be the responsibility of the final senders and receivers of messages, rather than a set of APs.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="MinimumAuthenticationLevel" type="xs:string" minOccurs="0"> <xs:annotation>
<xs:documentation>Indicates the minimum authentication level that recipient requires. The specific semantics of this field is defined in a specific instance of the BUSDOX infrastructure. It could for example reflect the value of the "urn:eu:busdox:attribute:assurance-level" SAML attribute defined in the START specification.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="ServiceActivationDate" type="xs:dateTime" minOccurs="0"> <xs:annotation>
<xs:documentation>Activation date of the service. Senders should ignore services that are not yet activated.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="ServiceExpirationDate" type="xs:dateTime" minOccurs="0"> <xs:annotation>
<xs:documentation>Expiration date of the service. Senders should ignore services that are expired.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="Certificate" type="xs:string"> <xs:annotation>
<xs:documentation>Holds the complete signing certificate of the recipient AP, as a PEM base 64 encoded X509 DER formatted value.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="ServiceDescription" type="xs:string"> <xs:annotation>
<xs:documentation>A human readable description of the service</xs:documentation> </xs:annotation>
</xs:element>
<xs:element name="TechnicalContactUrl" type="xs:anyURI">
<xs:annotation>
<xs:documentation>Represents a link to human readable contact information. This might also be an email
address.</xs:documentation> </xs:annotation>
</xs:element>
<xs:element name="TechnicalInformationUrl" type="xs:anyURI" minOccurs="0">
<xs:annotation>
<xs:documentation>A URL to human readable documentation of the service format. This could for example be a web
site containing links to XML Schemas, WSDLs, Schematrons and other relevant resources.</xs:documentation> </xs:annotation>
</xs:element>
<xs:element name="Extension" type="ExtensionType" minOccurs="0">
<xs:annotation>
<xs:documentation>The extension element may contain any XML element. Clients MAY ignore this
element.</xs:documentation> </xs:annotation>
</xs:element> </xs:sequence>
<xs:attribute name="transportProfile" type="xs:string"> <xs:annotation>
<xs:documentation>Indicates the type of BUSDOX transport that is being used between access points, e.g. the BUSDOX START profile. This specification defines the following identifier URI which denotes the BUSDOX START transport: "busdox-transport- start"</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="ServiceGroupType">
<xs:annotation>
<xs:documentation>The ServiceGroup structure represents a set of services
associated with a specific participant identifier that is handled by a specific Service Metadata Publisher. The ServiceGroup structure holds a list of references to SignedServiceMetadata resources in the ServiceList structure.</xs:documentation>
</xs:annotation> <xs:sequence>
<xs:element ref="ids:ParticipantIdentifier"> <xs:annotation>
<xs:documentation>Represents the business level endpoint key and key type, e.g. a DUNS or GLN number that is associated with a group of services. </xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="ServiceMetadataReferenceCollection" type="ServiceMetadataReferenceCollectionType"> <xs:annotation>
<xs:documentation>The ServiceMetadataReferenceCollection structure holds a list of references to SignedServiceMetadata structures. From this list, a sender can follow the references to get each SignedServiceMetadata structure.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="Extension" type="ExtensionType" minOccurs="0"> <xs:annotation>
<xs:documentation>The extension element may contain any XML element. Clients MAY ignore this element.</xs:documentation>
</xs:annotation> </xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ServiceMetadataReferenceCollectionType">
<xs:annotation>
<xs:documentation>Contains the URL to a specific SignedServiceMetadata instance. Note
that references MUST refer to SignedServiceMetadata records that are signed by the certificate of the SMP. It must not point to SignedServiceMetadata resources published by external SMPs.</xs:documentation>
</xs:annotation> <xs:sequence>
<xs:element name="ServiceMetadataReference" type="ServiceMetadataReferenceType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ServiceMetadataReferenceType">
<xs:attribute name="href" type="xs:anyURI"> <xs:annotation>
<xs:documentation>Contains the URL to a specific SignedServiceMetadata instance.</xs:documentation> </xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="RedirectType">
<xs:sequence>
<xs:element name="CertificateUID" type="xs:string">
<xs:annotation>
<xs:documentation>Holds the Subject Unique Identifier of the certificate of the destination SMP. A client SHOULD
validate that the Subject Unique Identifier of the certificate used to sign the resource at the destination SMP matches the Subject Unique Identifier published in the redirecting SMP.</xs:documentation>
</xs:annotation> </xs:element>
<xs:element name="Extension" type="ExtensionType" minOccurs="0"> <xs:annotation>
<xs:documentation>The extension element may contain any XML element. Clients MAY ignore this element.</xs:documentation>
</xs:annotation> </xs:element>
</xs:sequence>
<xs:attribute name="href" type="xs:anyURI">
<xs:annotation>
<xs:documentation>The destination URL of the redirect.</xs:documentation>
</xs:annotation> </xs:attribute>
</xs:complexType>
<xs:complexType name="ExtensionType">
<xs:annotation>
<xs:documentation>
Child elements of the <smp:Extension> element are known as "custom
extension elements". Extension points may be used for optional extensions
of service metadata. This implies:
* Extension elements added to a specific Service Metadata resource MUST be ignorable
by any client of the transport infrastructure. The ability to parse and adjust client
behavior based on an extension element MUST NOT be a prerequisite for a client to
locate a service, or to make a successful request at the referenced service.
* A client MAY ignore any extension element added to specific service metadata
resource instances.
</xs:documentation>
</xs:annotation>
<xs:sequence>
<!-- TODO processContents="skip" will be added after 1.1.0 -->
<xs:any/>
</xs:sequence>
</xs:complexType>
</xs:schema>BDMSLService-1.0.xsds
<?xml version="1.0" encoding="utf-8"?>
<!--
(C) Copyright 2018 - European Commission | CEF eDelivery
Licensed under the EUPL, Version 1.2 (the "License");
You may not use this file except in compliance with the License. You may obtain a copy of the License at
https://joinup.ec.europa.eu/sites/default/files/custom- page/attachment/eupl_v1.2_en.pdf
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
-->
<xs:schema xmlns="ec:services:wsdl:BDMSL:data:1.0" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:bd="http://busdox.org/serviceMetadata/locator/1.0/" xmlns:id="http://busdox.org/transport/identifiers/1.0/" targetNamespace="ec:services:wsdl:BDMSL:data:1.0" elementFormDefault="qualified" id="BDMSLTypes">
<xs:import namespace="http://busdox.org/serviceMetadata/locator/1.0/" schemaLocation="ServiceMetadataLocatorTypes-1.0.xsd"/>
<xs:import namespace="http://busdox.org/transport/identifiers/1.0/" schemaLocation="Identifiers-1.0.xsd"/>
<xs:element name="PrepareChangeCertificate" type="PrepareChangeCertificateType"/>
<xs:element name="SMPAdvancedServiceForParticipantService" type="SMPAdvancedServiceForParticipantType"/>
<xs:element name="IsAlive" type="IsAliveType"/>
<xs:element name="ExistsParticipant" type="ParticipantsType"/> <xs:element name="ExistsParticipantResponse"
type="ExistsParticipantResponseType"/>
<xs:complexType name="PrepareChangeCertificateType">
<xs:sequence>
<xs:element name="newCertificatePublicKey" type="xs:string">
<xs:annotation>
<xs:documentation>The new public key contained in the
certificate.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="migrationDate" type="xs:date" minOccurs="0">
<xs:annotation>
<xs:documentation>The migration date for the new
certificate. Can't be in the past.
</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="SMPAdvancedServiceForParticipantType"> <xs:sequence>
<xs:element name="CreateParticipantIdentifier" type="bd:ServiceMetadataPublisherServiceForParticipantType"/>
<xs:element name="serviceName" type="xs:string"> <xs:annotation>
<xs:documentation>The name of the service for the NAPTR record.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ListParticipantsType">
<xs:sequence>
<xs:element name="participant" type="ParticipantsType"
minOccurs="0" maxOccurs="unbounded"/> </xs:sequence>
</xs:complexType>
<xs:complexType name="ParticipantsType">
<xs:sequence>
<xs:element ref="id:ParticipantIdentifier">
<xs:annotation>
<xs:documentation>The participant
identifier</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element ref="bd:ServiceMetadataPublisherID">
<xs:annotation>
<xs:documentation>The SMP identifier</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="IsAliveType"/>
<xs:complexType name="ExistsParticipantResponseType"> <xs:sequence>
<xs:element ref="id:ParticipantIdentifier"> <xs:annotation>
<xs:documentation>The participant identifier</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element ref="bd:ServiceMetadataPublisherID"> <xs:annotation>
<xs:documentation>The SMP identifier</xs:documentation> </xs:annotation>
</xs:element>
<xs:element name="Exist" type="xs:boolean">
<xs:annotation>
<xs:documentation>True if the participant is already
registered on the SMP.</xs:documentation> </xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:schema>BDMSLAdminService-1.0.xsd
<?xml version="1.0" encoding="utf-8"?>
<!--
(C) Copyright 2019 - European Commission | CEF eDelivery
Licensed under the EUPL, Version 1.2 (the "License");
You may not use this file except in compliance with the License. You may obtain a copy of the License at
https://joinup.ec.europa.eu/sites/default/files/custom- page/attachment/eupl_v1.2_en.pdf
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
-->
<xs:schema xmlns="ec:services:wsdl:BDMSL:admin:data:1.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:bd="http://busdox.org/serviceMetadata/locator/1.0/"
targetNamespace="ec:services:wsdl:BDMSL:admin:data:1.0" elementFormDefault="qualified" id="BDMSLAdminTypes">
<xs:element name="GenerateReport" type="GenerateReportType"/>
<xs:element name="GenerateReportResponse" type="GenerateReportResponseType"/>
<xs:element name="GenerateInconsistencyReport" type="GenerateInconsistencyReportType"/>
<xs:element name="GenerateInconsistencyResponse" type="GenerateInconsistencyResponseType"/>
<xs:element name="CreateSubDomainRequest" type="SubDomainType"/> <xs:element name="CreateSubDomainResponse" type="SubDomainType"/> <xs:element name="CreateDomainCertificateRequest"
type="SubDomainType"/>
<xs:element name="UpdateSubDomainRequest" type="UpdateSubDomainType"/> <xs:element name="UpdateSubDomainResponse" type="SubDomainType"/> <xs:element name="DeleteSubDomainRequest" type="DeleteSubDomainType"/> <xs:element name="DeleteSubDomainResponse" type="SubDomainType"/> <xs:element name="GetSubDomainRequest" type="GetSubDomainType"/> <xs:element name="GetSubDomainResponse" type="SubDomainType"/> <xs:element name="AddSubDomainCertificateRequest"
type="AddDomainCertificateType"/>
<xs:element name="AddSubDomainCertificateResponse"
type="DomainCertificateType"/>
<xs:element name="UpdateSubDomainCertificateRequest"
type="UpdateDomainCertificateType"/>
<xs:element name="UpdateSubDomainCertificateResponse"
type="DomainCertificateType"/>
<xs:element name="ListSubDomainCertificateRequest"
type="ListSubDomainCertificateRequestType"/> <xs:element name="ListSubDomainCertificateResponse"
type="ListSubDomainCertificateResponseType"/> <xs:element name="AddTruststoreCertificateRequest"
type="TruststoreCertificateType"/>
<xs:element name="AddTruststoreCertificateResponse" type="TruststoreCertificateType"/>
<xs:element name="DeleteTruststoreCertificateRequest" type="DeleteTruststoreCertificateType"/>
<xs:element name="DeleteTruststoreCertificateResponse" type="TruststoreCertificateType"/>
<xs:element name="GetTruststoreCertificateRequest" type="GetTruststoreCertificateType"/>
<xs:element name="GetTruststoreCertificateResponse" type="TruststoreCertificateType"/>
<xs:element name="ListTruststoreCertificateAliasesRequest" type="ListTruststoreCertificateAliasesRequestType"/>
<xs:element name="ListTruststoreCertificateAliasesResponse" type="ListTruststoreCertificateAliasesResponseType"/>
<xs:element name="AddDNSRecordRequest" type="DNSRecordType"/> <xs:element name="AddDNSRecordResponse" type="DNSRecordType"/> <xs:element name="DeleteDNSRecordRequest" type="DeleteDNSRecordType"/> <xs:element name="DeleteDNSRecordResponse" type="DNSRecordListType"/> <xs:element name="SetPropertyRequest" type="PropertyType"/> <xs:element name="SetPropertyResponse" type="PropertyType"/> <xs:element name="GetPropertyRequest" type="PropertyKeyType"/> <xs:element name="GetPropertyResponse" type="PropertyType"/> <xs:element name="DeletePropertyRequest" type="PropertyKeyType"/> <xs:element name="DeletePropertyResponse" type="PropertyType"/> <xs:element name="ChangeCertificate" type="ChangeCertificateType"/> <xs:element name="ClearCache" type="ClearCacheType"/>
<xs:complexType name="ClearCacheType"/> <xs:complexType name="ChangeCertificateType">
<xs:sequence>
<xs:element ref="bd:ServiceMetadataPublisherID">
<xs:annotation>
<xs:documentation>The SMP identifier</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="newCertificatePublicKey" type="xs:base64Binary">
<xs:annotation>
<xs:documentation>The new public key contained in the
certificate.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="GenerateInconsistencyReportType">
<xs:sequence>
<xs:element name="ReceiverEmailAddress" type="xs:string">
<xs:annotation>
<xs:documentation>Receiver email
address!</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="GenerateInconsistencyResponseType">
<xs:annotation>
<xs:documentation>Status description</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
<xs:maxLength value="253"/>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="GenerateReportType"> <xs:sequence>
<xs:element name="ReportCode" type="xs:string"> <xs:annotation>
<xs:documentation>Report code. Check documentation for supported codes!</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="ReceiverEmailAddress" type="xs:string"> <xs:annotation>
<xs:documentation>Receiver email
address!</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="GenerateReportResponseType">
<xs:annotation>
<xs:documentation>Status description</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
<xs:maxLength value="253"/>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="SubDomainType"> <xs:sequence>
<xs:element name="SubDomainName" type="SubDomainNameType"> <xs:annotation>
<xs:documentation>SubDomain name. Name must be unique on SML server!</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="SubDomainDescription" minOccurs="0"> <xs:annotation>
<xs:documentation>Short SubDomain description</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:string"> <xs:maxLength value="1024"/>
</xs:restriction>
</xs:simpleType>
</xs:element>
<xs:element name="DNSZone">
<xs:annotation>
<xs:documentation>Domain (dns zone) for
SubDomain.</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:maxLength value="512"/>
<xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
</xs:element>
<xs:element name="ParticipantRegularExpression" type="ParticipantRegularExpressionType">
<xs:annotation>
<xs:documentation>Regex allows specific and described ids only or * instead for having wildcards.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="DNSRecordType" type="DNSRecordTypeType"> <xs:annotation>
<xs:documentation>Type of DNS Record when registering/updating participant, all means that both DNS record types are accepted as possible values: [cname, naptr, all].
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="SmpUrlScheme" type="SmpUrlSchemeType">
<xs:annotation>
<xs:documentation>
Protocol that MUST be used for LogicalAddress when registering new SMP, all means
both protocols are accepted possible values: [http, https, all].
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CertSubjectRegularExpression" type="CertSubjectRegularExpressionType" minOccurs="0">
<xs:annotation>
<xs:documentation>Regex validation of Certificate subject for Issuer based authorization certificates.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CertPolicyOIDs" type="CertPolicyOIDsType" minOccurs="0">
<xs:annotation>
<xs:documentation>User with issuer-authorized SMP
certificate is granted SMP_ROLE only if one of the certificate policy extension matches the list. Value is a list of certificate policy OIDs separated by ','.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="MaxParticipantCountForDomain" type="xs:integer" minOccurs="0">
<xs:annotation>
<xs:documentation>Maximum number of participant allowed
to be registered on the domain.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="MaxParticipantCountForSMP" type="xs:integer" minOccurs="0">
<xs:annotation>
<xs:documentation>Maximum number of participant allowed
to be registered on the SMP.
</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="PropertyType"> <xs:sequence>
<xs:element name="Key">
<xs:annotation>
<xs:documentation>Property key.</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:string"> <xs:maxLength value="512"/> <xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
</xs:element>
<xs:element name="Value">
<xs:annotation>
<xs:documentation>Property Value.</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:string"> <xs:maxLength value="4000"/> <xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
</xs:element>
<xs:element name="Description" minOccurs="0">
<xs:annotation>
<xs:documentation>Property
description.</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:maxLength value="4000"/>
<xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="PropertyKeyType">
<xs:sequence>
<xs:element name="Key">
<xs:annotation>
<xs:documentation>Property key.</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:string"> <xs:maxLength value="512"/> <xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="UpdateSubDomainType">
<xs:sequence>
<xs:element name="SubDomainName" type="SubDomainNameType">
<xs:annotation>
<xs:documentation>SubDomain name. Name must be unique on SML server!
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="ParticipantRegularExpression" type="ParticipantRegularExpressionType" minOccurs="0">
<xs:annotation>
<xs:documentation>Regex allows specific and described
ids only or * instead for having wildcards.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="DNSRecordType" type="DNSRecordTypeType" minOccurs="0">
<xs:annotation>
<xs:documentation>Type of DNS Record when
registering/updating participant, all means that both DNS
record types are accepted as possible values:
[cname, naptr, all].
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="SmpUrlScheme" type="SmpUrlSchemeType" minOccurs="0">
<xs:annotation>
<xs:documentation>Protocol that MUST be used for
LogicalAddress when registering new SMP, all means
both protocols are accepted possible values: [
http, https, all].
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CertSubjectRegularExpression" type="CertSubjectRegularExpressionType" minOccurs="0">
<xs:annotation>
<xs:documentation>Regex validation of Certificate
subject for Issuer based authorization
certificates.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CertPolicyOIDs" type="CertPolicyOIDsType" minOccurs="0">
<xs:annotation>
<xs:documentation>User with issuer-authorized smp
certificate is granted SMP_ROLE only if one of the certificate policy extension match the list. Value is in list of certificate policy OIDs separated by ','.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="MaxParticipantCountForDomain" type="xs:integer" minOccurs="0">
<xs:annotation>
<xs:documentation>Maximum number of participant allowed
to be registered on the domain.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="MaxParticipantCountForSMP" type="xs:integer" minOccurs="0">
<xs:annotation>
<xs:documentation>Maximum number of participant allowed
to be registered on the SMP.
</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="DeleteSubDomainType">
<xs:sequence>
<xs:element name="SubDomainName" type="SubDomainNameType">
<xs:annotation> <xs:documentation>SubDomain name to be
deleted</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="GetSubDomainType">
<xs:sequence>
<xs:element name="SubDomainName" type="SubDomainNameType">
<xs:annotation> <xs:documentation>SubDomain name to be
retrieved</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="ParticipantRegularExpressionType">
<xs:annotation>
<xs:documentation>Regex allows specific and described ids only
or * instead for having wildcards.
</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:maxLength value="1024"/>
<xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="CertSubjectRegularExpressionType">
<xs:annotation>
<xs:documentation>User with issuer-authorized smp certificate
is granted SMP_ROLE only if Subject dn match the regular expression. </xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:maxLength value="1024"/>
<xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="CertPolicyOIDsType">
<xs:annotation>
<xs:documentation>Value is list of certificate policy OIDs
separated by ','.</xs:documentation> </xs:annotation>
<xs:restriction base="xs:string">
<xs:maxLength value="1024"/>
<xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="DNSRecordTypeType"> <xs:annotation>
<xs:documentation>Type of DNS Record when registering/updating participant, all means that both DNS record
types are accepted as possible values: [cname, naptr, all]. </xs:documentation>
</xs:annotation>
<xs:restriction base="xs:token">
<xs:minLength value="1"/>
<xs:maxLength value="128"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="SmpUrlSchemeType">
<xs:annotation>
<xs:documentation>Protocol that MUST be used for LogicalAddress
when registering new SMP, all means both
protocols are accepted possible values: [http, https, all].
</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:token">
<xs:minLength value="1"/>
<xs:maxLength value="128"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="SubDomainNameType">
<xs:restriction base="xs:string">
<xs:minLength value="1"/>
<xs:maxLength value="255"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="CertAliasType"> <xs:restriction base="xs:string">
<xs:minLength value="1"/>
<xs:maxLength value="255"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="CertificateDomainType">
<xs:restriction base="xs:string">
<xs:minLength value="1"/>
<xs:maxLength value="255"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="DNSNameType"> <xs:annotation>
<xs:documentation>Record name. Must end with valid zone name.</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:minLength value="1"/>
<xs:maxLength value="253"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="DNSZoneType">
<xs:annotation>
<xs:documentation>DNS zone name.</xs:documentation>
</xs:annotation>
<xs:restriction base="xs:string">
<xs:minLength value="1"/>
<xs:maxLength value="253"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="CRLDistributionPointsUrlType">
<xs:restriction base="xs:anyURI">
</xs:restriction>
</xs:simpleType>
<xs:complexType name="DomainCertificateType"> <xs:sequence>
<xs:element name="SubDomainName" type="SubDomainNameType"> <xs:annotation>
<xs:documentation>SubDomain name</xs:documentation> </xs:annotation>
</xs:element>
<xs:element name="IsRootCertificate" type="xs:boolean">
<xs:annotation>
<xs:documentation>Flag if certificate is root certificate</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="IsAdminCertificate" type="xs:boolean"> <xs:annotation>
<xs:documentation>Flag if certificate has admin rights. Only non root certificate could have admin
rights.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CertificateDomainId" type="CertificateDomainType">
<xs:annotation>
<xs:documentation>Certificate
identifier</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="Alias" type="CertAliasType" minOccurs="0">
<xs:annotation> <xs:documentation>Certificate alias in
truststore</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CRLDistributionPointsUrl" type="CRLDistributionPointsUrlType" minOccurs="0">
<xs:annotation>
<xs:documentation>Certificate
identifier</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="AddDomainCertificateType">
<xs:sequence>
<xs:element name="SubDomainName" type="SubDomainNameType">
<xs:annotation>
<xs:documentation>SubDomain name</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="IsRootCertificate" type="xs:boolean"> <xs:annotation>
<xs:documentation>Flag if certificate is root certificate</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="IsAdminCertificate" type="xs:boolean"> <xs:annotation>
<xs:documentation>Flag if certificate has admin rights. Only non root certificate can have admin
rights
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CertificatePublicKey" type="xs:base64Binary"> <xs:annotation>
<xs:documentation>Domain
certificate.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="Alias" type="CertAliasType" minOccurs="0">
<xs:annotation>
<xs:documentation>If truststore is enabled this is
Certificate alias for the truststore. If alias is
not given value is generated!
</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="TruststoreCertificateType">
<xs:sequence>
<xs:element name="Alias" type="CertAliasType" minOccurs="0">
<xs:annotation>
<xs:documentation>Certificate alias.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CertificatePublicKey" type="xs:base64Binary"> <xs:annotation>
<xs:documentation>Domain
certificate.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="GetTruststoreCertificateType">
<xs:sequence>
<xs:element name="Alias" type="CertAliasType">
<xs:annotation>
<xs:documentation>Certificate alias.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="DeleteTruststoreCertificateType">
<xs:sequence>
<xs:element name="Alias" type="CertAliasType">
<xs:annotation>
<xs:documentation>Certificate alias.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="UpdateDomainCertificateType">
<xs:sequence>
<xs:element name="CertificateDomainId"
type="CertificateDomainType">
<xs:annotation>
<xs:documentation>Certificate
identifier</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="IsAdminCertificate" type="xs:boolean" minOccurs="0">
<xs:annotation>
<xs:documentation>Flag if certificate has admin rights.
Only non root certificate can have admin
rights
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="SubDomainName" type="SubDomainNameType" minOccurs="0">
<xs:annotation>
<xs:documentation>SubDomain name</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="CrlDistributionPoint" type="xs:string" minOccurs="0">
<xs:annotation>
<xs:documentation>Certificate revocation list
DistributionPoint URL</xs:documentation> </xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ListSubDomainCertificateRequestType">
<xs:sequence>
<xs:element name="CertificateDomainId"
type="CertificateDomainType" minOccurs="0"> <xs:annotation>
<xs:documentation>'Like' parameter for certificate identifier</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="SubDomainName" type="SubDomainNameType" minOccurs="0">
<xs:annotation>
<xs:documentation>SubDomain name</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ListSubDomainCertificateResponseType">
<xs:sequence>
<xs:element name="DomainCertificateType"
type="DomainCertificateType" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence>
</xs:complexType>
<xs:complexType name="ListTruststoreCertificateAliasesRequestType">
<xs:sequence>
<xs:element name="ContainsStringInAlias" type="CertAliasType"
minOccurs="0">
<xs:annotation> <xs:documentation>Contains string in
alias</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="ListTruststoreCertificateAliasesResponseType">
<xs:sequence>
<xs:element name="Alias" type="CertAliasType" minOccurs="0"
maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="DeleteDNSRecordType">
<xs:sequence>
<xs:element name="Name" type="DNSNameType">
<xs:annotation>
<xs:documentation>Dns name. It must be valid
domain.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="DNSZone" type="DNSZoneType">
<xs:annotation>
<xs:documentation>Dns zone on dns
server.</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="DNSRecordListType">
<xs:sequence>
<xs:element name="DNSRecord" type="DNSRecordType" minOccurs="0"
maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>Dns record list.</xs:documentation> </xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="DNSRecordType">
<xs:sequence>
<xs:element name="Type" type="xs:token">
<xs:annotation>
<xs:documentation>Supported dns type: A, CName,
Naptr.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="Name" type="DNSNameType">
<xs:annotation>
<xs:documentation>Dns name. It must be valid
domain.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="DNSZone" type="DNSZoneType">
<xs:annotation>
<xs:documentation>Dns zone on dns
server.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="Value" type="xs:string">
<xs:annotation>
<xs:documentation>Dns Value. For A type it must be IP
address, for CNAME it must valid Domain, for
NAPTR it must be regular expresion.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="Service" type="xs:string" minOccurs="0">
<xs:annotation>
<xs:documentation>Service - part of naptr record. If
not given (for naptr) default value is:
Meta:SMP
</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:schema>3.3.2. List of Valid PEPPOL Issuing Agencies
The network specifies a list of organizations that issue identifiers to network participants. The code is called an International Code Identifier (ICD) and becomes part of the customer identifier. An example of the list ISO/IEC 6523.
The ISO/IEC 6523 list can also be extended by then network governance body as examples:
-
EAS code list: The European standard on eInvoicing defines which code lists may be used for each business term that has the data type "code", such as electronic address, VAT number, currency, etc.
List can be found on pages: https://ec.europa.eu/digital-building-blocks/wikis/display/DIGITAL/Registry+of+supporting+artefacts+to+implement+EN16931 -
Peppol: Non-profit organization that provides governaces of the network and a set of document specifications that integrate global business processes. The ICD list can be found on page: https://docs.peppol.eu/poacc/billing/3.0/codelist/ICD/
4. Support
DomiSML Documentation is maintained by the eDelivery Support Team. For any questions, comments or requests for change, please contact:
-
Hours: 8AM to 6PM (Normal EC working days)