Add Authorization role to access an XML(WSDL) file by using xsl

Question

I have a WSDL and I want to add permission on it that all people can't see all the methods on it:

     <wsdl:types>
    ...
  </wsdl:types>

  <wsdl:message>
    ...
  </wsdl:message>

  <wsdl:portType name="countrySoap">
     <wsdl:operation name="GetCountryByCountryCode">
         <wsdl:documentation>Get country name by country code</wsdl:documentation>
         <wsdl:input message="tns:GetCountryByCountryCodeSoapIn" />
         <wsdl:output message="tns:GetCountryByCountryCodeSoapOut" />
     </wsdl:operation>
    <wsdl:operation name="GetISD">
        <wsdl:documentation>Get International Dialing Code </wsdl:documentation>
        <wsdl:input message="tns:GetISDSoapIn" />
        <wsdl:output message="tns:GetISDSoapOut" />
    </wsdl:operation>
    ...
  </wsdl:portType>

....

Now I want to restrict access to this part of my WSDL :

<wsdl:operation name="GetISD">
    <wsdl:documentation>Get International Dialing Code </wsdl:documentation>
    <wsdl:input message="tns:GetISDSoapIn" />
    <wsdl:output message="tns:GetISDSoapOut" />
</wsdl:operation>

it means: I want to CLient-X has this role for seeing this method but Client-Y doesn't have enough role for seeing this method?

How can I use this issue in .xslt file by using xsl language?

Answer 1

• In Mule, use mulexml:context-property to pass information about the user rights to the XSL,
• In the XSL, use conditional processing primitives to control the output of the wsdl:operation elements based on the user rights information.

And of course, rendering the WSDL differently based on user rights is half of the problem: you'll also have to reject unauthorized SOAP requests.