Loading…
Loading…
A technical overview of the SOAP-to-REST conversion platform's architecture, including its components, data flow, security model, and operational
This document describes the architecture and core design principles of the SOAP-to-REST conversion platform. The platform is designed to convert a large number of backend SOAP web services into modern RESTful APIs in a scalable and maintainable way.
The system consists of a metadata-driven conversion engine built on a Java and Spring Boot stack. It separates the management of API conversions (the control plane) from the live request processing (the data plane).
Core Components:
soap_to_rest.The platform is deployed as an internal-only service, running on Cloud Run behind an internal Application Load Balancer. This ensures that the conversion runtime is not publicly reachable and integrates privately with API management layers like Apigee over VPC connectivity.
The platform's core function is a metadata-driven conversion process that avoids the need for custom code for each of the 200+ services it is designed to support.
dev, test, and prod as distinct service targets within its metadata, allowing a single conversion definition to point to different backend endpoints for each environment.javax.xml.transform library.Authorization header or injecting a wsse:UsernameToken into the SOAP header.The platform uses a versioning model based on immutable artifacts and an active pointer.
The system has several key operational parameters and default settings. Global defaults and IAM group-to-role bindings are managed in Parameter Manager.
| Parameter | Default Value | Configurable | Description |
|---|---|---|---|
max_sync_payload_mb | 30 | No | The maximum size in megabytes for a synchronous request payload. Requests exceeding this are rejected. |
| Backend Timeout | 1000ms | Yes | The default timeout for requests to the backend SOAP service. |
| Retry Count | 2 | Yes | The default number of retries for failed requests to the backend service. |
| Trace Retention | 60 days | Yes | The default retention period for audit and debug traces. |
The platform supports multiple authentication mechanisms for connecting to backend SOAP services. Authentication is configured on a per-operation or per-backend profile basis using the auth_type parameter.
Credentials for authentication can be sourced from Secret Manager or provided directly in the configuration.
projects/.../secrets/.../versions/... or sm://...). The runtime service account requires the roles/secretmanager.secretAccessor IAM role.inline:<credential>) for use in controlled environments or when network policies temporarily prevent egress to Secret Manager.The following auth_type values are supported:
auth_type | Description |
|---|---|
none | No authentication is performed. |
basic | Adds a standard HTTP Authorization header with Basic authentication credentials. |
username_token | Injects a wsse:UsernameToken into the SOAP header with the password in wsse:Password as PasswordText. |
username_token_digest | Injects a wsse:UsernameToken with the password digest in wsse:Password as PasswordDigest. |
ws_security | An alias for username_token. |
ws_security_timestamp | Same as username_token, but also adds a wsu:Timestamp element to the security header. |
ws_security_digest | An alias for username_token_digest. |
ws_security_digest_timestamp | Same as username_token_digest, but also adds a wsu:Timestamp element to the security header. |
Access to the control plane is managed through a set of predefined roles. These roles are mapped to IAM groups. The data plane runtime does not use these roles for request processing.
| Role | Permissions |
|---|---|
admin | Full create, read, update, and delete (CRUD) permissions. Can publish services, perform rollbacks, and manage role mappings. |
operator | Can enable or disable services, read configurations, run diagnostic tests, and view metrics. Cannot modify service definitions. |
reader | Read-only access to all configurations and metrics. |
Role mappings are configured in Parameter Manager, linking an IAM group to one of the roles (e.g., SOAP-To-REST_Admin@<iam-group-domain> -> admin).
max_sync_payload_mb = 30. Any request with a body larger than this limit will be rejected immediately with an HTTP 413 Payload Too Large status code and a structured error message. Asynchronous handling for larger objects is a deferred capability.roles/secretmanager.secretAccessor IAM role.cpu-boost) enabled for fast scale-out. Minimum instances are set to 1.me-west1.gcloud commands, and then infrastructure state is aligned using Terraform.