Overview
This course is a structured training for practical use of W3C standards (including XSL and XML Schema) and implementing tools & technologies. This course is programming language independent, making it useful for Java, .NET, C++, and any other programming orientation. In this course, participants will learn to successfully apply XML to projects, at both an architectural as well as a line-by-line coding level. The course adds another valuable input as participants receive a copy of the “Xtensil” product. This unique software was developed to assist in implementing, testing, and fielding XML applications.
What You'll Learn
- Apply XML to projects at both an architectural as well as a line-by-line coding level
- Use Xtensil as a fully functional XML toolkit, to use on Windows and Linux platforms
- Familiarize with the advanced-level concepts of working with XML and XSLT
- Learn how to defend web services, REST and REST services
- Get an overview of XSLT 2.0 and XPath 2.0
Curriculum
- XML Schema review
- XML Namespaces
- W3C XML Schemas
- Elements, attributes, and types
- Restricting simple types: Facets
- Advanced XML Schema
- Complex types can be derived
- Derivation by extension
- Elements vs. attributes: When to use them?
- Using XML Schema with Namespaces
- Managing large Schemas
- Processing XML
- Parsers and API’s
- Deciding when to use SAX
- Deciding when to use DOM
- Parsing with a DTD or Schema
- XPath and XSLT review
- XPath data model
- XPath operators and functions
- Conflict resolution for templates
- Calling templates
- Looping, sorting and conditional processing constructs
- Advanced XSL topics
- ID attributes uniquely identify elements
- generate-id () is used to create unique strings
- <xsl:key> and key () work to select groups
- xsl:copy and xsl:copy-of
- Managing whitespace
- XInclude
- <xsl:message> signals conditions
- Extending XSLT using Java
- XPath 2.0 and XSLT 2.0 overview
- XPath 2.0 improvements
- XPath 2.0 and XQuery 1.0
- XSLT 2.0 improvements
- XSL FO (Formatting Objects)
- XSL family working together
- Apache’s FOP: Rendering XML
- Page types can be conditional
- Content flows into page regions
- XML interoperability
- XML from a data perspective
- XML/Database interfacing
- Challenges to mapping XML
- Web services overview
- XML in web services
- WSDL: Description
- Many web services challenges
- Defending XML
- XML signature
- XML encryption
- XML attacks: Structure
- XML attacks: Injection
- Safe XML processing
- Defending web services
- Web service security exposures
- When transport-level alone is not enough
- Message-level security
- WS-security roadmap
- XWSS provides many functions
- Web service attacks
- Web service appliance/gateways
- Defending Rich Interfaces and REST
- How attackers see Rich Interfaces
- Attack surface changes when moving to Rich Interfaces
- Bridging and its potential problems
- Three basic tenets for safe Rich Interfaces
- OWASP REST security recommendations
Who should attend
This is an intermediate and beyond-level level XML training course, designed for those seeking in-depth knowledge of XML, XML Schema, XSLT, and XML-related security.
This course is highly recommended for:
- Advanced support engineers
- JavaScript developers
- Java developers
- Software engineers
- Software developers
- Application developers
