Forum Discussion
FoleyJH_30150
Jul 11, 2012Nimbostratus
ASM flagging SOAP/XML message content as URL Parameters
I have an inbound POST to my web application that uses a SOAP/XML content format. This is the first time I have had to work with this. I used Policy Builder to generate the majority of the security policy. It has correctly identified the URL's and associated parameters. However, without policy builder enabled the POST fails with illegal parameter and flags the following as a parameter:
< div>
How do I indicate to the ASM that this is content and not parameters and values.
Thanks in advance.
/DIV>
- Ido_Breger_3805Historic F5 AccountHi,
- BT_90520NimbostratusJust to add is that XML profile will need the XSD or WSDL schema to check the XML content. You can extract XSD from WSDL also. can see "Associating an XML profile with a URL" as an example in below link. There are association with parameter in the link as well
- hooleylistCirrostratusYou don't actually need to import and specify a schema in the XML profile. For some implementations, it's enough to just parse the payload or parameter value as XML--not actually validate the schema.
- BT_90520NimbostratusThanks for clarifying Aaron, just another layer of checks for me.
- FoleyJH_30150NimbostratusThanks to all for the information. I have not had an opportunity to revisit this until now. I will implement the suggestions and see if I get the desired results.
- FoleyJH_30150NimbostratusThis is resolved. Thanks to all for the help. I did have to build a new security profile in order for this to work. The original profile was build using the Production Site Deployment Scenario and not the Web Services scenario.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects