Advanced XML Programming Training

Course #:TP1023

Advanced XML Programming Training

This course provides indoctrination in the practical use of W3C standards (including XSL and XML Schema) and of implementing tools and technologies. This course is programming language independent, making it useful for Java, .NET, C++, and any other programming orientation. Graduates will hit the ground running, applying XML to projects at both an architectural as well as a line by line coding level.  We can easily adapt this course to industry and client specific needs.

In addition to valuable knowledge and working examples, students receive a copy of the "Xtensil" product.   This unique software was developed to assist in implementing, testing, and fielding XML applications.  Xtensil is used as both a teaching aid and a straightforward, basic, fully functional XML toolkit that students can use on Windows and Linux platforms.

Throughout the course students will be led through a series of progressively advanced topics, where each topic consists of lecture, group discussion, comprehensive hands-on lab exercises, and lab review.

What you will Learn

This class is “technology-centric”, designed to train attendees in essential XML development skills coupling the most current, effective techniques with the soundest coding practices.  Working in a hands-on learning environment student will learn to:

  • Design and implement changes to XML Schemas
  • Apply advanced XSLT constructs such as calling named templates with parameters
  • Use XSLT constructs such as messages, keys, and copy
  • Generate linked, dynamic table of contents using XSLT
  • Use XML Digital Signature and XML Encryption
  • Defend XML-based services and functions from malicious attacks

Audience

This is an intermediate and beyond-level level XML training course, designed for those needing in-depth knowledge and a working knowledge of XML, XML Schema, XSLT, and XML-related security. A working knowledge of XML is required.

Prerequisites

Attending students should have recently attended the following course(s) or have practical experience in this area:

  • WA1035 Fundamentals of XML

Duration

2 Days

Outline of Advanced XML Programming Training

Session: XML Structure

Lesson: XML Schema Review

  • XML Namespaces
  • W3C XML Schemas
  • Elements, Attributes, and Types
  • Restricting Simple Types: Facets

Lesson: Advanced XML Schema

  • Complex Types Can be Derived
  • Derivation by Extension
  • Elements vs. Attributes: When to use them?
  • Using XML Schema with Namespaces
  • Managing Large Schemas

Lesson: Processing XML

  • Parsers and API’s
  • Deciding When to Use SAX
  • Deciding When to Use DOM
  • Parsing With a DTD or Schema

Session: XML Formatting

Lesson: XPath and XSLT Review

  • XPath Data Model
  • XPath Operators and Functions
  • Conflict Resolution for Templates
  • Calling Templates
  • Looping, Sorting and Conditional Processing Constructs

Lesson: Advanced XSL Topics

  • ID Attributes Uniquely Identify Elements
  • generate-id() is Used to Create Unique Strings
  • <xsl:key> and key() Work to Select Groups
  • xsl:copy and xsl:copy-of
  • Managing Whitespace
  • XInclude
  • <xsl:message> Signals Conditions
  • Extending XSLT Using Java

Lesson: XPath 2.0 and XSLT 2.0 Overview

  • XPath 2.0 Improvements
  • XPath 2.0 and XQuery 1.0
  • XSLT 2.0 Improvements

Lesson: XSL FO (Formatting Objects)

  • XSL Family Working Together
  • Apache’s FOP: Rendering XML
  • Page Types Can Be Conditional
  • Content Flows Into Page Regions

Session: Advanced XML Topics

Lesson: XML Interoperability

  • XML From a Data Perspective
  • XML/Database Interfacing
  • Challenges to Mapping XML

Lesson: Web Services Overview

  • XML in Web Services
  • WSDL: Description
  • Many Web Services Challenges

Lesson: Defending XML

  • XML Signature
  • XML Encryption
  • XML Attacks: Structure
  • XML Attacks: Injection
  • Safe XML Processing

Lesson: Defending Web Services

  • Web Service Security Exposures
  • When Transport-Level Alone is NOT Enough
  • Message-Level Security
  • WS-Security Roadmap
  • XWSS Provides Many Functions
  • Web Service Attacks
  • Web Service Appliance/Gateways

Lesson: Defending Rich Interfaces and REST

  • How Attackers See Rich Interfaces
  • Attack Surface Changes When Moving to Rich Interfaces
  • Bridging and its Potential Problems
  • Three Basic Tenets for Safe Rich Interfaces
  • OWASP REST Security Recommendations
We regularly offer classes in these and other cities. Atlanta, Austin, Baltimore, Calgary, Chicago, Cleveland, Dallas, Denver, Detroit, Houston, Jacksonville, Miami, Montreal, New York City, Orlando, Ottawa, Philadelphia, Phoenix, Pittsburgh, Seattle, Toronto, Vancouver, Washington DC.