TT4320: Advanced XML / XSLT

Become an EPIC Affiliate

To view the class schedule you need to become an Affiliate

  • Largest “Guaranteed To Run” public technical training schedules available
  • Easy to become an Affiliate – no charge or fee
Become an EPIC Affiliate

already an Affiliate?  Login

About this Course

Advanced XML / XSLT is a two-day hands-on course that provides indoctrination in the practical use of W3C standards (including XSL and XML Schema) and of implementing tools and technologies. This course is programming language independent, making it useful for Java, .NET, C++, and any other programming orientation. Graduates will hit the ground running, applying XML to projects at both an architectural as well as a line by line coding level. We can easily adapt this course to industry and client specific needs.

Audience Profile

This is an intermediate and beyond level XML training course, designed for those needing in-depth knowledge and a working knowledge of XML, XML Schema, XSLT, and XML-related security.

At Course Completion

Throughout the course students will be led through a series of progressively advanced topics, where each topic consists of lecture, group discussion, comprehensive hands-on lab exercises, and lab review. This class is “technology-centric”, designed to train attendees in essential XML development skills coupling the most current, effective techniques with the soundest coding practices.

Working in a hands-on learning environment student will learn to:

·         Design and implement changes to XML Schemas

·         Apply advanced XSLT constructs such as calling named templates with parameters

·         Use XSLT constructs such as messages, keys, and copy

·         Generate linked, dynamic table of contents using XSLT

·         Use XML Digital Signature and XML Encryption

·         Defend XML-based services and functions from malicious attacks

Outline

Session: XML Structure

Lesson: XML Schema Review

  • XML Namespaces
  • W3C XML Schemas
  • Elements, Attributes, and Types
  • Restricting Simple Types: Facets

Lesson: Advanced XML Schema

  • Complex Types Can be Derived
  • Derivation by Extension
  • Elements vs. Attributes: When to use them?
  • Using XML Schema with Namespaces
  • Managing Large Schemas

 

Lesson: Processing XML

  • Parsers and API’s
  • Deciding When to Use SAX
  • Deciding When to Use DOM
  • Parsing With a DTD or Schema

Session: XML Formatting

Lesson: XPath and XSLT Review

  • XPath Data Model
  • XPath Operators and Functions
  • Conflict Resolution for Templates
  • Calling Templates
  • Looping, Sorting and Conditional Processing Constructs

 

Lesson: Advanced XSL Topics

  • ID Attributes Uniquely Identify Elements
  • generate-id() is Used to Create Unique Strings
  • <xsl:key> and key() Work to Select Groups
  • xsl:copy and xsl:copy-of
  • Managing Whitespace
  • XInclude
  • <xsl:message> Signals Conditions
  • Extending XSLT Using Java

Lesson: XPath 2.0 and XSLT 2.0 Overview

  • XPath 2.0 Improvements
  • XPath 2.0 and XQuery 1.0
  • XSLT 2.0 Improvements

Lesson: XSL FO (Formatting Objects)

  • XSL Family Working Together
  • Apache’s FOP: Rendering XML
  • Page Types Can Be Conditional
  • Content Flows Into Page Regions

Session: Advanced XML Topics

Lesson: XML Interoperability

  • XML From a Data Perspective
  • XML/Database Interfacing
  • Challenges to Mapping XML

Lesson: Web Services Overview

  • XML in Web Services
  • WSDL: Description
  • Many Web Services Challenges

Lesson: Defending XML

  • XML Signature
  • XML Encryption
  • XML Attacks: Structure
  • XML Attacks: Injection
  • Safe XML Processing

Lesson: Defending Web Services

  • Web Service Security Exposures
  • When Transport-Level Alone is NOT Enough
  • Message-Level Security
  • WS-Security Roadmap
  • XWSS Provides Many Functions
  • Web Service Attacks
  • Web Service Appliance/Gateways

Lesson: Defending Rich Interfaces and REST

  • How Attackers See Rich Interfaces
  • Attack Surface Changes When Moving to Rich Interfaces
  • Bridging and its Potential Problems
  • Three Basic Tenets for Safe Rich Interfaces
  • OWASP REST Security Recommendations

Prerequisites

·         TT4300           Introduction to XML