Web Services Addressing provides transport-neutral mechanisms to address Web services
and messages. Web Services Addressing 1.0 - Core (this document) defines a set of abstract
properties and an XML Infoset [
This is the
This document has been reviewed by W3C Members, by software developers, and by other W3C groups and interested parties, and is endorsed by the Director as a W3C Recommendation. It is a stable document and may be used as reference material or cited from another document. W3C's role in making the Recommendation is to draw attention to the specification and to promote its widespread deployment. This enhances the functionality and interoperability of the Web.
The Working Group made the following editorial changes to the
Proposed Recommendation in response to comments: normative and
informative references are now more clearly distinguished, and some
typographical errors were fixed. An
Please report errors in this document to the public
This document was produced by a group operating under the
Last Modified: $Date: 2006/05/05 16:05:50 $
Web Services Addressing 1.0 - Core (WS-Addressing) defines two constructs, message addressing properties and endpoint references, that normalize the information typically provided by transport protocols and messaging systems in a way that is independent of any particular transport or messaging system.
A Web service endpoint is a (referenceable) entity, processor, or resource to which
Web service messages can be addressed. Endpoint references convey the information
needed to address a Web service endpoint. Note that WSDL 2.0 has an Endpoint
component [
This specification defines a family of message addressing properties that convey end-to-end message characteristics including references for source and destination endpoints and message identity that allows uniform addressing of messages independent of the underlying transport.
Both of these constructs are designed to be extensible and re-usable so that other specifications can build on and leverage endpoint references and message addressing properties.
The following example illustrates the use of these mechanisms in a SOAP 1.2 message
being sent from http://example.com/business/client1 to
http://example.com/fabrikam/Purchasing (see Web Services Addressing 1.0 - SOAP Binding[
Lines (02) to (09) represent the header of the SOAP message where the mechanisms defined in the specification are used. The body is represented by lines (10) to (12).
Lines (03) to (08) contain the message addressing header blocks. Specifically, line (02) specifies the identifier for this message and lines (04) to (06) specify the endpoint to which replies to this message should be sent as an endpoint reference. Line (07) specifies the address URI of the ultimate receiver of this message. Line (08) specifies an action URI identifying expected semantics.
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD",
"SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
interpreted as described in RFC 2119 [
When describing abstract data models, this specification uses the notational
convention used by the XML Infoset [
When describing concrete XML schemas [
Where pseudo-schemas are provided for a component, they use BNF-style conventions for attributes and elements: "?" denotes optionality (i.e. zero or one occurrences), "*" denotes zero or more occurrences, "+" one or more occurrences, "[" and "]" are used to form groups, and "|" represents choice. Attributes are conventionally assigned a value which corresponds to their type, as defined in the normative schema. Elements with simple content are conventionally assigned a value which corresponds to the type of their content, as defined in the normative schema. Pseudo schemas do not include extensibility points for brevity.
When defining the cardinality of endpoint reference properties and message addressing properties, this specification uses the following notation: (n..m), where n is the minimum allowed number of occurrences of the property and m is the maximum allowed number of occurrences. When n has the same value as m then exactly that number of occurrences of the property must be present in the associated endpoint reference or message.
This specification uses a number of namespace prefixes throughout; they are
listed in
| Prefix | Namespace |
|---|---|
| wsa | http://www.w3.org/2005/08/addressing |
| S | http://www.w3.org/2003/05/soap-envelope |
| xs | http://www.w3.org/2001/XMLSchema |
WS-Addressing may be used with SOAP [
All information items defined by this specification are identified by the XML
namespace URI [
This section defines the information model and syntax of an endpoint reference.
This specification introduces the endpoint reference, a construct designed to support the following usage scenarios:
Dynamic generation and customization of service endpoint descriptions.
Referencing and description of specific service instances that are created as the result of stateful interactions.
Flexible and dynamic exchange of endpoint information in tightly coupled environments where communicating parties share a set of common assumptions about specific policies or protocols that are used during the interaction.
An endpoint reference is a collection of abstract properties. This specification defines a core set of properties, but it is also possible for other specifications to extend these and/or add other properties. The semantics and XML Infoset representation for any such extension properties will be described in their defining specifications. An endpoint reference consists of the following abstract properties:
An absolute IRI [
| URI | Description |
|---|---|
|
|
Some endpoints cannot be located with a meaningful IRI; this URI is used to allow such endpoints to send and receive messages. The precise meaning of this URI is defined by the binding of Addressing to a specific protocol and/or the context in which the EPR is used. |
|
|
Messages sent to EPRs whose [address] is this
value
MUST be discarded (i.e. not sent). This URI
is
typically used in EPRs that designate a reply or fault
endpoint (see section |
A reference may contain a number of individual parameters that are
associated with the endpoint to facilitate a particular interaction.
Reference parameters are namespace-qualified element information
items that are required to properly interact with the endpoint.
Reference parameters are provided by the issuer of the endpoint
reference and are assumed to be opaque to other users of an endpoint
reference. The binding of reference parameters to messages depends
upon the protocol binding used to interact with the endpoint -
Web Services Addressing 1.0 - SOAP Binding[
The reference parameters are not ordered. No significance can be attributed to any order in which they may appear, because they may be bound to a message in a way which does not preserve that ordering.
A reference may contain metadata that describes the behavior, policies and capabilities of the endpoint. Metadata may be included in an endpoint reference to facilitate easier processing by a user of an endpoint reference, or because the metadata was dynamically generated.
The metadata embedded in an EPR is not necessarily a complete statement of the metadata pertaining to the endpoint. Moreover, while embedded metadata is necessarily valid at the time the EPR is initially created it may become stale at a later point in time.
To deal with conflicts between the embedded metadata of two EPRs that
have the same [address], or between embedded metadata and metadata
obtained from a different source, or to ascertain the current
validity of embedded metadata, mechanisms that are outside of the
scope of this specification, such as EPR life cycle information (see
This section defines an XML Infoset-based representation for an endpoint reference as both an XML type (wsa:EndpointReferenceType) and as an XML element (<wsa:EndpointReference>). For brevity simple XML terms are used, e.g. 'element' instead of 'element information item' - this is not intended to constrain use of the constructs defined in this section to textual XML representations.
The wsa:EndpointReferenceType type is used wherever a Web service endpoint is referenced. The following describes the contents of this type:
The following describes the attributes and elements listed in the schema overview above:
This represents some element of type wsa:EndpointReferenceType. This example uses the predefined <wsa:EndpointReference> element, but any element of type wsa:EndpointReferenceType may be used.
This REQUIRED element (whose content is of type xs:anyURI) specifies the [address] property of the endpoint reference.
This is an extensibility mechanism to allow additional attributes to be specified.
This OPTIONAL element may contain elements from any namespace. Such elements form the [reference parameters] of the reference.
This is an extensibility mechanism to allow additional attributes to be specified.
Each element information item found in [reference parameters] (including all of that elements [children], [attributes] and [in-scope namespaces]) is represented as is.
This OPTIONAL element may contain elements from any namespace. Such elements form the metadata that is relevant to the interaction with the endpoint.
Each child element of Metadata represents an individual piece of metadata.
This is an extensibility mechanism to allow additional attributes to
be specified. Some examples in this specification show use of this
extensibility point to include a wsdlLocation[
This is an extensibility mechanism to allow additional elements to be specified.
This is an extensibility mechanism to allow additional attributes to be specified.
Specifications which describe any extension elements or attributes
used to augment the above model will explain any effects those
extensions may have on the abstract properties. They may affect either
the core properties or extension properties as defined in
The following shows an example endpoint reference. This element references the the endpoint at the URI "http://example.com/fabrikam/acct".
This specification provides no concept of endpoint identity and therefore does not provide any mechanism to determine equality or inequality of EPRs and does not specify the consequences of their equality or inequality. However, note that it is possible for other specifications to provide a comparison function that is applicable within a limited scope.
This specification does not define a lifecycle model for endpoint references and does not address the question of time-to-live for endpoint references. Other specifications that build on or use WS-Addressing may define a lifecycle model for endpoint references created according to that specification.
As noted in
Extension elements and attributes MAY add additional properties to an endpoint
reference in addition to those specified in
Note that this ability to modify existing properties and binding behavior, when coupled with the fact that software can ignore unknown or unrecognized extensions, may result in a difference in behavior depending on whether such an extended endpoint reference is processed by software that understands the extension(s). When designing endpoint reference extensions designers should consider that standard processing per this specification will prevail in cases where their extension is not recognized or understood.
The Architecture of the World Wide Web, Volume One [
This section defines the information model and syntax of message addressing properties.
Message addressing properties provide references for the endpoints involved in an interaction. The use of these properties to support specific interactions is in general defined by both the semantics of the properties themselves and the implicit or explicit contract that governs the message exchange. If explicitly available, this contract can take different forms including but not being limited to WSDL MEPs and interfaces; business processes and e-commerce specifications, among others, can also be used to define explicit contracts between the parties.
In a one-way interaction pattern a source sends a message to a destination without any further definition of the interaction. "Request-response" is a common interaction pattern that consists of an initial message sent by a source endpoint (the request) and a subsequent message sent from the destination of the request back to the source (the response). A response in this case can be either an application message, a fault, or any other message. Note, however, that reply messages may be sent as part of other message exchanges as well, and are not restricted to the usual single Request, single Response pattern, or to a particular WSDL transmission primitive or MEP. The contract between the interacting parties may specify that multiple or even a variable number of replies be delivered.
The set of message addressing properties defined in this specification is sufficient for many simple variations of one-way and request-response MEPs. More advanced MEPs may require additional message addressing properties to augment the facilities provided here.
Message addressing properties collectively augment a message with the following abstract properties to support one-way, request-response, and other interaction patterns:
An absolute IRI representing the address of the intended receiver of this message.
Reference to the endpoint from which the message originated.
An endpoint reference for the intended receiver for replies to this message.
An endpoint reference for the intended receiver for faults related to this message.
An absolute IRI that uniquely identifies the semantics implied by this message.
It is RECOMMENDED that the value of the [action] property is an IRI
identifying an input, output, or fault message within a WSDL
interface or port type. An action may be explicitly or implicitly
associated with the corresponding WSDL definition.
Web Services Addressing 1.0 - WSDL Binding[
An absolute IRI that uniquely identifies the message. When present, it is the responsibility of the sender to ensure that each message is uniquely identified. The behavior of a receiver when receiving a message that contains the same [message id] as a previously received message is unconstrained by this specification.
A pair of values that indicate how this message relates to another
message. The type of the relationship is identified by an absolute
IRI. The related message is identified by an absolute IRI that
corresponds to the related message's [message id] property. The
message identifier IRI may refer to a specific message, or be the
following pre-defined URI that means "unspecified message":
This specification has one predefined relationship type as shown in
| URI | Description |
|---|---|
|
|
Indicates that this is a reply to the message identified by the [message id] IRI. |
Corresponds to the value of the [reference parameters] property of the endpoint reference to which the message is addressed.
The [destination] and [action] properties indicate the target processing location and the verb or intent of the message respectively. The values of these properties can be used to facilitate the dispatch of messages.
A binding of WS-Addressing message addressing properties MUST reflect the
property cardinality shown above. Web Services Addressing 1.0 - SOAP Binding[
The following shows the XML Infoset representation of the message addressing
properties defined in
The following describes the attributes and elements listed in the schema overview above:
This OPTIONAL element (whose content is of type xs:anyURI) provides
the value for the [destination] property. If this element is NOT
present then the value of the [destination] property is
This OPTIONAL element (of type wsa:EndpointReferenceType) provides the value for the [source endpoint] property.
This OPTIONAL element (of type wsa:EndpointReferenceType) provides
the value for the [reply endpoint] property. If this element is NOT
present then the value of the [address] property of the [reply
endpoint] EPR is
This OPTIONAL element (of type wsa:EndpointReferenceType) provides the value for the [fault endpoint] property.
This REQUIRED element (whose content is of type xs:anyURI) conveys the value of the [action] property.
This OPTIONAL element (whose content is of type xs:anyURI) conveys the [message id] property.
This OPTIONAL (repeating) element information item contributes one abstract [relationship] property value, in the form of an (IRI, IRI) pair. The content of this element (of type xs:anyURI) conveys the [message id] of the related message.
This OPTIONAL attribute (of type xs:anyURI) conveys the relationship
type as an IRI. When absent, the implied value of this attribute is
Each element information item found in [reference parameters] (including all of that elements [children], [attributes] and [in-scope namespaces]) is represented as is.
Note that each of the element information items described above allows attribute
wildcards for future extensibility. A message processor may safely ignore any
extension attribute it does not recognize. Attribute extensibility allows
use of xml:id[
The values of the Message Addressing Properties [action], [message id], and
[relationship] are absolute IRIs. The purpose of these IRIs is primarily
identification, rather than resource retrieval. As such, simple string
comparison, as indicated in Internationalized Resource Identifiers
Comparison of [destination] property values is out of scope, other than using simple string comparison to detect whether the value is anonymous, that is, where [destination] has the value "http://www.w3.org/2005/08/addressing/anonymous".
This section describes the process of constructing a message in accordance to an EPR.
If the EPR's [address] property is
[action]: this property is required, but is not populated from the EPR.
[destination]: this property takes the value of the EPR's [address] property.
[reference parameters]: this property takes the value of the selected EPR's [reference parameters] property
This section specifies the WS-Addressing-specific rules for creating a reply or fault message related to another message.
Select the appropriate EPR:
If the reply is a normal message, select the EPR from the related message's [reply endpoint] message addressing property.
The [reply endpoint] message addressing property will always be
present when using the XML Infoset representation since, in the absence
of a wsa:ReplyTo element, the value of the
[reply endpoint] message addressing property defaults to an EPR with
an [address] property of
If the [reply endpoint] message addressing property is not present the processor MUST fault. This could only occur when using an alternate representation of message addressing properties.
Otherwise, if the reply is a fault message and the related message's [fault endpoint] message addressing property is not empty, select the EPR from that property. If the [fault endpoint] property is empty, select the EPR from the related message's [reply endpoint] message addressing property. Otherwise, if the [reply endpoint] property is empty, the behavior of the recipient of the related message is unconstrained by this specification.
In either of the above cases, if the related message lacks a [message id] property, the processor MUST fault.
Send the message according to the previous section, but also including:
[relationship]: this property MUST include a pair of IRIs as
follows; the relationship type is the predefined reply URI
The following example illustrates a message containing message addressing properties serialized as header blocks in a SOAP 1.2 message:
This message would have the following property values:
[destination]:
[reply endpoint]: The endpoint with [address]
[action]:
[message id]:
The following example illustrates a reply to the above message:
This message would have the following property values:
[destination]:
[action]:
[message id]:
[relationship]: (
Conformance to this specification does not require a message receiver to honor the WS-Addressing constructs within a message if the receiver is not satisfied that the message is safe to process.
WS-Addressing supports capabilities that allow a message sender to instruct a message receiver to send additional unsolicited messages to other receivers of their choice. To an extent the content of such unsolicited messages can also be controlled using reference parameters supplied by the initial message sender. Because of these capabilities it is essential that communications using WS-Addressing are adequately secured and that a sufficient level of trust is established between the communicating parties before a receiver processes WS-Addressing constructs within a message. There are several aspects to securing a message:
EPRs and message addressing properties should be integrity-protected to prevent tampering. Such integrity protection might be provided by the transport, a message level signature, or use of an XML digital signature within EPRs.
Users of EPRs should validate the trustworthiness of an EPR before using it by considering the following aspects:
whether the EPR was obtained from a trusted source
whether the EPR was obtained from a source with authority to represent the [address] of that EPR
whether the [address] of the EPR is a trusted destination
For example, the receiver of a message might rely on the presence of a verifiable signature by a trusted party over the message addressing properties to determine that the message originated from a trusted source and further require that the [reply endpoint] and [fault endpoint] are signed by a principle with authority to represent the [address] of those EPRs to ensure that unsolicted messages are not sent. Alternatively an out-of-band means of establishing trust might be used to determine whether a particular EPR is trustworthy.
To prevent information disclosure, EPR issuers should not put sensitive information into the [address] or [reference parameters] properties unless it has been adequately protected against arbitrary disclosure.
Some processors may use [message id] as part of a uniqueness metric in order to detect message replay. Care should be taken to ensure that, for purposes of replay detection, [message id] is composed from data, such as a timestamp, such that a legitimate retransmission of the message is not confused with a replay attack. It is also advisable to use a [message id] that is not predictable, to prevent attackers from constructing and sending an unsolicited reply to a message without having to see the actual message.
This document is the work of the
Members of the Working Group are (at the time of writing, and by alphabetical order): Abbie Barbir (Nortel Networks), Andreas Bjärlestam (ERICSSON), Dave Chappell (Sonic Software), Eran Chinthaka (WSO2), Francisco Curbera (IBM Corporation), Glen Daniels (Sonic Software), Vikas Deolaliker (Sonoa Systems, Inc.), Paul Downey (BT), Jacques Durand (Fujitsu Limited), Robert Freund (Hitachi, Ltd.), Marc Goodner (Microsoft Corporation), Arun Gupta (Sun Microsystems, Inc.), Hugo Haas (W3C/ERCIM), Marc Hadley (Sun Microsystems, Inc.), David Hull (TIBCO Software, Inc.), Yin-Leng Husband (HP), David Illsley (IBM Corporation), Anish Karmarkar (Oracle Corporation), Paul Knight (Nortel Networks), Philippe Le Hégaret (W3C/MIT), Amelia Lewis (TIBCO Software, Inc.), Bozhong Lin (IONA Technologies, Inc.), Mark Little (JBoss Inc.), Jonathan Marsh (Microsoft Corporation), Jeff Mischkinsky (Oracle Corporation), Nilo Mitra (ERICSSON), Eisaku Nishiyama (Hitachi, Ltd.), Ales Novy (Systinet Inc.), David Orchard (BEA Systems, Inc.), Gilbert Pilz (BEA Systems, Inc.), Alain Regnier (Ricoh Company, Ltd.), Tony Rogers (Computer Associates), Tom Rutt (Fujitsu Limited), Davanum Srinivas (WSO2), Jiri Tejkl (Systinet Inc.), Mike Vernal (Microsoft Corporation), Steve Vinoski (IONA Technologies, Inc.), Katy Warr (IBM Corporation), Pete Wenzel (Sun Microsystems, Inc.), Steve Winkler (SAP AG), Ümit Yalçinalp (SAP AG), Prasad Yendluri (webMethods, Inc.).
Previous members of the Working Group were: Lisa Bahler (SAIC - Telcordia Technologies), Rebecca Bergersen (IONA Technologies, Inc.), Ugo Corda (Sun Microsystems, Inc.), Michael Eder (Nokia), Yaron Goland (BEA Systems, Inc.), Marc Goodner (SAP AG), Martin Gudgin (Microsoft Corporation), Mark Nottingham (BEA Systems, Inc.), Mark Peel (Novell, Inc.), Harris Reynolds (webMethods, Inc.), Rich Salz (IBM Corporation), Davanum Srinivas (Computer Associates), Greg Truty (IBM Corporation).
The people who have contributed to