I got an interesting question on how to find out WSDL files are used by vSphere Web Services at the VI Java API forum. After some clarification, it turns out the questioner just wanted to know what methods are called, so that the proxy between client and vCenter server can decide whether it should be allowed to go through.
Although a rare use case, but it’s a valid and sophisticated one. In general, you can use vSphere built in feature for security, for example, assign permissions to a specific role. Still every request reaches the server. With proxy approach, you can filter out some requests before it reaches the vCenter.
Bothered by SLOW Web UI to manage vSphere? Want to manage ALL your VMware vCenters, AWS, Azure, Openstack, container behind a SINGLE pane of glass? Want to search, analyze, report, visualize VMs, hosts, networks, datastores, events as easily as Google the Web? Find out more about vSearch 3.0: the search engine for all your private and public clouds.
But do you need the WSDL for that? The answer is no. The WSDL is for defining interfaces. It includes schemas of all the requests and responses, and their parameters/return types. Definitely it helps to understand the messages on the wire during the development time.
In the runtime, you don’t need WSDL anymore. Your code can inspect the SOAP request for the method names. Based on this information and your policy, you can decide whether to let it go through or not. It should be fairly straight-forward.
To make it a bit more sophisticated, you can also decide what user’s which methods can pass through or not. For that, you need to track the http session cookies used for tracking a particular user. Check this article for details.