Prev Next

API / Web services

Some of the security best practices for SOAP services.

Diagnostics and Forensics logging: Log service requests and provide a detailed report of who has invoked to find error conditions or to determine what occurred after a breach.

Security logging: Log all administrative activities, changes to privileges, add/removing/changing users and API keys, and so on.

Correlate Execution context: Provide a service feature level execution identity. Many different services may be handling one request. Logs are spread out and will be difficult to correlate all the SQL activities on a persistence service with users' original feature request.

Sensitive information: Do NOT log sensitive information like password and credit card numbers. This included your application code but also web application infrastructure logging.

Business logging: OWASP Security Logging offers some features to correlate your log message traffic.

Invest now in Acorns!!! 🚀 Join Acorns and get your $5 bonus!

Invest now in Acorns!!! 🚀
Join Acorns and get your $5 bonus!

Earn passively and while sleeping

Acorns is a micro-investing app that automatically invests your "spare change" from daily purchases into diversified, expert-built portfolios of ETFs. It is designed for beginners, allowing you to start investing with as little as $5. The service automates saving and investing. Disclosure: I may receive a referral bonus.

Invest now!!! Get Free equity stock (US, UK only)!

Use Robinhood app to invest in stocks. It is safe and secure. Use the Referral link to claim your free stock when you sign up!.

The Robinhood app makes it easy to trade stocks, crypto and more.

Webull! Receive free stock by signing up using the link: Webull signup.

More Related questions...

What are web services? What is REST? What is the difference between a REST and SOAP web service? How do I decide the web service to use between REST and SOAP? What is WSDL in SOAP based web services? What is JAX-WS? What is JAXB in web services? Can we send a soap message with attachments? Web Services: What is MTOM? Web Services: What is XOP? What is a SOAP envelope element? What is SOAP encoding? What does SOAP encodingStyle attribute defines? What are the 2 styles web service endpoint in JAX-WS? What is encoding rules for header entries? Web Services: What is wsimport tool? Web Services: What is wsgen tool? Name the tools that are used to test SOAP services. Difference between SOAP and other remote access techniques. What is a resource in a REST web service? What are the HTTP methods supported by REST? What is the difference between PUT and POST http methods? What is WADL in rest web services? What are frameworks available to implement REST web services? Difference between AJAX and REST web service. What tools are required to test REST services? Explain @Path annotation. Explain @PathParam annotation in spring REST. What @QueryParam annotation does? Explain @MatrixParam annotation in spring REST. Difference between the JAX-RS @QueryParam and @MatrixParam. Jax-RS: Explain @FormParam annotation. How to download a file using JAX-RS? Difference between RPC and document style web service implementation of JAX-RS. Difference between top-down and bottom-up approach of developing web services. Difference between REST and RESTful web service. Difference between SOA and web service. What are the different application integration styles prevalent in real-time systems? What are the advantages of web services? What is UDDI in web services? How do I define web service protocol stack? Differentiate XML, SOAP and WSDL in a SOAP web service. Web services: What is Synchronicity? What are the primary security concerns with web services? Is it possible to maintain an user session in web services? List the frameworks in Java to implement SOAP web services. Name some of the annotations used in JAX-WS API. How do I retrieve WSDL file of a SOAP web service? Purpose of sun-jaxws.xml file in SOAP web services. Advantages of spring web services. Explain Spring-WS contract type. Advantages of contract first over contract last approach in web services. What is Apache Axis? Differentiate web services, CORBA and DCOM. How a SOAP message is structured? What is Richardson Maturity Model? What is JSON? what is the file extension of a JSON document? How JSON objects are defined? what are the JSON syntax rules? Why JSON is preferred over XML? What is JSONP? Difference between JSON and JSONP. Advantages of XML over JSON format. What are Spring web services? What are the modules of Spring-WS? Does Spring-WS support contract last development approach? What is Contract First Web Services? Difference between API and Web services. What are the elements of WSDL? How do you enable Cross Origin Requests for a RESTful Web Service? Explain @Produces and @Consumes annotation. What is Payload? Can you do payload in GET method? What is an idempotent operation? Which web service methods are idempotent? Which web service method is read-only? What is the HTTP OPTIONS method? Explain REST HEAD method. Types of web services. Do SOAP support only HTTP POST method? What are the defining elements in WSDL? What is RAML? What are the APIs available to develop Restful web services? How do you test RESTful web services? Explain Jersey framework. What is JAX-RS API? What is the difference between JAX-RS and JAX-WS? What is the anatomy of a request? Explain the differences between JAX-RS and Spring REST. How do I secure a RESTful Web Service? REST services being stateless, can we make it stateful? Is HTTP protocol stateless? Is SOAP web service stateless? Is JAX-WS web service stateless? Mention few JAX-WS implementations. Advantages of using Apache CXF implementation. How do I intercept/modify request and response in JAX RS? What is Apache Axis? Difference between Apache CXF and Apache AXIS. What is SOAP fault? How do I set status codes in service HTTP response? Explain WS-Security. Does REST support WS-SECURITY? How do I secure RESTful Web Services (JAX-RS)? Explain WS Reliability (Web services). How WS Reliability achieved in SOAP services? What is SAAJ framework? What is service endpoint interface (SEI)? Have you used Apigee Edge in your Project? Why? What is the difference between an XML Schema(XSD) and WSDL? Some of the security best practices for SOAP services. What are the advantages of using RestTemplate? Difference between PUT and PATCH HTTP methods. Difference Between trustStore and keyStore in Java.
Show more question and Answers...

Microservices

Comments & Discussions

Interviews Questions

About Javapedia.net

Javapedia.net is for Java and J2EE developers, technologist and college students who prepare of interview. Also this site includes many practical examples.

This site is developed using J2EE technologies by Steve Antony, a senior Developer/lead at one of the logistics based company.

contact: javatutorials2016[at]gmail[dot]com

Kindly consider donating for maintaining this website. Thanks.

Copyright © 2026, javapedia.net, all rights reserved. privacy policy.

DMCA.com Protection Status