Coldfusion web service error, "Unable to parse WSDL as an XML document."

Question

I'm trying to get a web service running CF9 IIS7

testpage.cfm

<cfinvoke webservice ="https://nww.eastwickpark.nhs.uk/cfcs/test.cfc?wsdl"
  method ="echoString"
  input = "hello" 
  returnVariable="foo">

<cfoutput>#foo#</cfoutput>

test.cfc

<cfcomponent output="false" access="public"  returntype="string">
  <cffunction 
      name = "echoString" 
      returnType = "string" 
      output = "no" 
      access = "remote">
    <cfargument name = "input" type = "string">
    <cfreturn #arguments.input#>
  </cffunction>
</cfcomponent>

The error message is

 Unable to parse WSDL as an XML document.
Parsing error: Fatal Error: URI=null Line=83: The element type "img" must be terminated by the matching end-tag "".
It is recommended that you use a web browser to retrieve and examine the requested WSDL document to ensure it is correct.

The error occurred in C:\inetpub\wwwroot\cf\testpage.cfm: line 4

2 : <cfinvoke webservice ="https://nww.eastwickpark.nhs.uk/cfcs/test.cfc?wsdl"
3 :   method ="echoString"
4 :   input = "hello" 
5 :   returnVariable="foo">
6 : 

I can go to https://nww.eastwickpark.nhs.uk/cfcs/test.cfc in the browser and get the component info page OK.

If I browse to http://nww.eaastwickpark.nhs.uk/cfcs/test.cfc?wdsl I get

<wsdl:definitions targetNamespace="http://cfcs" xmlns:apachesoap="http://xml.apache.org/xml-soap" xmlns:impl="http://cfcs" xmlns:intf="http://cfcs" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:tns1="http://rpc.xml.coldfusion" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<!--WSDL created by ColdFusion version 9,0,0,251028-->
 <wsdl:types>
  <schema targetNamespace="http://rpc.xml.coldfusion" xmlns="http://www.w3.org/2001/XMLSchema">
   <import namespace="http://schemas.xmlsoap.org/soap/encoding/"/>
   <complexType name="CFCInvocationException">
    <sequence/>
   </complexType>
  </schema>
 </wsdl:types>

   <wsdl:message name="CFCInvocationException">

      <wsdl:part name="fault" type="tns1:CFCInvocationException"/>

   </wsdl:message>

   <wsdl:message name="echoStringRequest">

      <wsdl:part name="input" type="xsd:string"/>

   </wsdl:message>

   <wsdl:message name="echoStringResponse">

      <wsdl:part name="echoStringReturn" type="xsd:string"/>

   </wsdl:message>

   <wsdl:portType name="Test">

      <wsdl:operation name="echoString" parameterOrder="input">

         <wsdl:input message="impl:echoStringRequest" name="echoStringRequest"/>

         <wsdl:output message="impl:echoStringResponse" name="echoStringResponse"/>

         <wsdl:fault message="impl:CFCInvocationException" name="CFCInvocationException"/>

      </wsdl:operation>

   </wsdl:portType>

   <wsdl:binding name="test.cfcSoapBinding" type="impl:Test">

      <wsdlsoap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>

      <wsdl:operation name="echoString">

         <wsdlsoap:operation soapAction=""/>

         <wsdl:input name="echoStringRequest">

            <wsdlsoap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://cfcs" use="encoded"/>

         </wsdl:input>

         <wsdl:output name="echoStringResponse">

            <wsdlsoap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://cfcs" use="encoded"/>

         </wsdl:output>

         <wsdl:fault name="CFCInvocationException">

            <wsdlsoap:fault encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" name="CFCInvocationException" namespace="http://cfcs" use="encoded"/>

         </wsdl:fault>

      </wsdl:operation>

   </wsdl:binding>

   <wsdl:service name="TestService">

      <wsdl:port binding="impl:test.cfcSoapBinding" name="test.cfc">

         <wsdlsoap:address location="https://nww.eastwickpark.nhs.uk/cfcs/test.cfc"/>

      </wsdl:port>

   </wsdl:service>

</wsdl:definitions>

The real path to the cfc is C:\inetpub\wwwroot\cf\cfcs\test.cfc i.e. not directly under web root so i had a mapping as

logical path /cfcs
directory path C:\inetpub\wwwroot\cf\cfcs

I don't get it...

UPdated, getting closer, if I delete out my onRequestStart method from application.cfc it works fine.

<cffunction name="onRequestStart" output="false" returnType="void">

    <cfinvoke component="cfcs.security" method="getControlData" returnvariable="controlData">
        <cfinvokeargument name="dsn" value="#application.dsn#">
    </cfinvoke>
    <!--- if site has been closed force a logout and direct to siteclosed notice--->
    <cfif #controlData.siteOpen# is false>
        <CFSET structDelete(session, 'auth')>
        <cflocation url='siteclosed.cfm' addtoken='No'>
        <cfabort>
    </cfif>
    <!--- If user is not logged in, force them to do so now ---> 
    <cfif not isDefined("session.auth.isLoggedIn")> 
        <!--- Check if page is excluded from authentication --->
        <cfinvoke component="cfcs.security" method="checkIfUnathenticatedPage" returnvariable="pageUnauthenticated">
            <cfinvokeargument name="dsn" value="#application.dsn#">
        </cfinvoke>
        <cfif pageUnauthenticated is 1>
            <cfset currentPage="#listlast(CGI.script_name,"/")#">
            <cfinclude template='#currentPage#'>
            <cfabort>
        <cfelse>
            <!--- page is not excluded from authentication --->             
            <!--- If the user is now submitting "loginForm" form, --->
            <!--- Include "Login Check" code to validate user --->
            <cfif isDefined("form.username")> 
                <cfinclude template="loginCheck.cfm">
            </cfif>
            <cfinclude template="loginForm.cfm">
            <cfabort>
        </cfif>
    </cfif> 

</cffunction> 

There is an image in the login form, which may be where the mysterious img tag is getting sucked in.

Answer 1

The blank Application.cfc in that sub will work for purely public cfcs. But I usually tackle that differently if it is not a wide open cfc (public, all the time). And even if it is, you can still handle that AOP style.

If you want to apply consistent Aspect Oriented security in the onRequestStart method, I typically do something like this (simplified here for example):

function onRequestStart(sRequestedObject) {
  if(sRequestedObject does not contain '.cfc') { // Always suppress output in a cfc
    checkRegularLoginSecurity(sRequestedObject); // This can allow to pass, redirect, etc.
  } else {
    return checkCFCSpecificSecurity(sRequestedObject) // returns true or false 
    // false will effectively kill the request, true will go to the next event
  }
}

This way, I can have some kind of security method check CFCs differently than just redirecting to the login page (maybe it looks up an IP block, or a URL value token, or if it sees the cfc is 'public' in my securityObjects grid, it just lets it continue. Otherwise it can properly take action as needed. There is also the onCFCRequest() which could handle basic AOP security specifically for cfc requests.

Answer 2

have you attempted to do it just using HTTP? I see you are using a mix of HTTP and HTTPS so perhaps there is an issue in there someplace.

Also your cfcomponent tag doesn't need the access and returntype attributes - they are just for the cffunction tag. Not sure if that's messing you up at all.

EDIT:

The problem I think is that your onRequestStart() actually includes a login page if they are not logged in, right? You're do not want that for your web service requests.

You can write a sub-directory CFC that extends the higher level CFC and code that one not to use onRequestStart(). See more info on that here.

Answer 3

Have you tried refreshing the WSDL (either in code, or through the administrator)? Remember, CF caches the WSDL return. If you threw an error earlier, it might still be cached.