Designing XML Based Applications
ness narrow the set of valid document instances to those that the business logic
can effectively process. Regardless of the schema language, even when perform
ing XML validation, the application is responsible for enforcing any uncovered
domain specific constraints that the document may nevertheless violate. That is,
the application may have to perform its own business logic specific validation in
addition to the XML validation.
To decide where and when to validate documents, you may take into account
certain considerations. Assuming a system by system we mean a set of applica
tions that compose a solution and that define a boundary within which trusted
components can exchange information one can enforce validation according to
the following observations. (See Figure 4.3.)
1. Documents exchanged within the components of the system may not require
2. Documents coming from outside the system, especially when they do not orig
inate from external trusted sources, must be validated on entry.
3. Documents coming from outside the system, once validated, may be ex
changed freely between internal components without further validation.
Validation of Incoming Documents