Beruflich Dokumente
Kultur Dokumente
First, we will talk a bit on Web services architecture over J2EE platform. Then we will
spend some time talking about JAX-RPC since JAX-RPC makes up a large chunk of
Web services support over J2EE. Then we will talk about how to develop Web
services and their clients. We will spend some time talking about SOAP message
handlers.
Then we will compare RPC and document-driven model Web services talking about how
they are different and when to use what.
We will then spend some time talking about WS-I and Web services interoperability. We
will then spend last 30 minutes or so talking about various emerging Web services
technologies and standards which we believe you should be aware of. And these
include ebXML as a Business Web services standard, Fast Web service work by Sun
Microsystems, metadata-driven Web service effort driven by JSR 181, Web services
orchestration, Web services transaction, reliable messaging, and Web services security.
Since Web services security will be talked about in another session, here we will just
mention various XML and Web services security standards.
By the way, in this session, we are not going to talk about basic concept of Web services
and we assume you have some basic knowledge on what Web services is and some
basic exposure on what SOAP and WSDL are.
OK, let's talk briefly on Web services architecture over J2EE platform.
What Is a J2EE Web Service?
Container
Now I would like to talk about component and container model of J2EE and how it
relates to web services.
One of the key architectural characteristics of J2ee is that business logic is captured
as components, which are in turn executed in a host execution environment called
containers. And this container and component model will be used for
implementing and deploying web services as well. That is, you will build web
services as components which will be then executed in a web service container. In
other words, web services components are going to be a 1st-class citizen of J2EE
along with servlet, JSP and EJB.
Over J2EE platform, the web services components can be developed and deployed
either at Web-tier or EJB-tier. Web-tier Web services is based on Servlet endpoint
while EJB tier Web services is based on stateless session bean endpoint model.
Service Endpoint Implementation
Under J2EE 1.4, JAX-RPC 1.1 specifies servlet based endpoint model while
JSR 109 and EJB 2.1 specifies stateless session bean endpoint model.
Web Service Components
Web Services
Components
This picture shows what I just explained in the previous slide. Web services
components can reside either at web-tier or EJB-tier. When web services
component is built as a servlet-based endpoint, it is running within the
web container while when it is built as a session bean based endpoint, it
will be running within the EJb container. So you can see we are
leveraging existing container architecture for Web services components.
J2EE 1.4 and Web Services
J2EE J2EE
Service Client
J2EE App Server J2EE App Server
J2EE J2EE
Client Service
Non-J2EE Non-J2EE
Service Client
Service lookup
There are two families of clients, which differ in the
way the code is written, packaged, and invoked:
JAX-RPC Features
It also defines how Java™ and XML data type mapping is to be done. That is, when a SOAP
client invokes a RPC method, the parameters of the method which are in the form of Java™
objects have to be mapped to XML elements. Also on a server side, a SOAP service
provider when it receives a SOAP RPC request message, it has to in turn map the XML
elements into Java™ objects.
JAX-RPC provides extensible type mapping framework in which complex Java™ data types
can be serialized and deserialized from corresponding XML representations.
JAX-RPC also introduces the concept of SOAP message handler framework in which message
handers can be chained and deployed during the deployment time not at the time of
development time. What is message handler? It intercepts incoming SOAP message
request and outgoing SOAP message responses and perform whatever functions necessary,
for example, authentication, authorization, logging, caching, or whatever.
JAX-RPC also defines client programming models which include stub interface, dynamic
proxy, dynamic invocation depending on how dynamic you want to code your client side.
Inside a SOAP Message
Header Entry
Attachment
SOAP Body
Attachment
Body Entry
Body Entry
Attachment
This picture shows SOAP message. As illustrated in the left side of the
slide, a SOAP message is made of Primary mime part and zero or more
attachments. The primary mime part contains SOAP envelope structure,
which in turn is made of Header part and Body part. And both Header
and Body parts can be made of multiple header entries and body entries
respectively.
WSDL View of a Web Service
WSDL Document
Service A
Binding "fooB"
Port "foo"
http://.../foo SOAP/HTTP
Port "bar"
Operation "Op1"
<service name="StockQuoteService">
<documentation>My first service</documentation>
<port name="StockQuotePort" binding="tns:StockQuoteBinding">
<soap:address location="http://example.com/stockquote"/>
</port>
</service>
Package
Service Types
Class 1..n
Port
1 1
Interface
PortType Binding
1..n
Operation 1..n
Method Parameters
Message
JAX-RPC Relationship to WSDL
I mentioned already WSDL is the contact between Web service client and
service. I also mentioned that JAX-RPC specification defines the precise
mapping between WSDL and its corresponding Java™ representation.
Because this mapping is precisely defined in the JAX-RPC specification,
typically this mapping is done using a tool.
And you will see this when we do the demo later on.
Service Description
JAX-RPC JAX-RPC
Client WSDL Document Service Endpoint
Java WSDL WSDL Java
Generated Code
Container Container
SOAP
HTTP
This picture shows JAX-RPC architecture In both client and server side,
there are JAX-RPCruntime systems which are provided by containers.
Again, in the server side, the container will be either Web container or EJB
container depending on whether you are building servlet based or EJB
based endpoint. On the client side, the container could be typically just
collection of jar files.
As was mentioned before, the contract between Web services client and
service is via WSDL document. What this means for the client side is
that from the WSDL document, the container or deployment tool can
generate client side code artifacts such as stub object.
When I say WSDL document is the only contact needed by service provider
and service client, I really mean it.
JAX-RPC
# $!%
" !
Now let's talk about how to develop a JAX-RPC based Web service. We are
going to focus on Web-tier here but pretty much the same process can be
applied to developing EJB stateless session bean based Web service.
Developing a Web Service
(Bottom-up approach)
Interfaces (java.rmi.Remote)
Must follow JAX-RPC conventions
Implementation classes
Servlet-based endpoint model
Optional handler classes
And then create a package which is in the form of WAR file for the Web-
tier Web services.
Example: Interface
package hello;
import java.rmi.Remote;
import java.rmi.RemoteException;
21
package hello;
22
This is an service implementation. Here you should note that the service
implementation implements the service interface which you saw in the
previous slide.
Deployment Descriptor
<servlet>
<servlet-name>HelloService</servlet-name>
<display-name>HelloService</display-name>
<description>Hello Servlet</description>
<servlet-
class>com.sun.xml.rpc.server.http.JAXRPCServlet</servlet-
class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>HelloService</servlet-name>
<url-pattern>/HelloService</url-pattern>
</servlet-mapping>
This is an service implementation. Here you should note that the service
implementation implements the service interface which you saw in the
previous slide.
& !
<session>
<ejb-name>GreetingBeen</ejb-name>
<service-endpoint>example.GreetingBeen</service-endpoint>
<ejb-class>example.GreetingBeen</ejb-class>
<session-type>Stateless</session-type> Deployment
. . . Descriptor
</session>
24
Packaging and Deployment
Now let's talk about packaging and deployment of Web services over J2EE
platform. Basically Web services components are packaged either as
Web-tier WAR file or EJB-tier EJB module.
Under J2EE 1.4, JSR 109 defines standard deployment descriptor. And the
actual Web services runtime environment is container specific. And it is
expected that tools will simply packaging and deployment through ant
scripts and GUI wizards and IDE plug-ins. And you will see what I mean
when we give you a Web services development and deployment demo
later on using Sun ONE Studio 5.
Packaging of
Service
interface
WSDL (optional)
JAX-RPC / JSR-109
Deployment Descriptor
service
Service Handlers/
implementation
Implementation serializers
JAX-RPC based Web service is packaged as a WAR file with all the necessary
compnents, for example, service implementation which are either Java™
classes for sevlet endpoint model, handler classes and WSDL document, and
Web service definition interface, which isJava™ abstract representation of the
WSDL document. This packaging is standardized in J2EE 1.4.
And in the hands-on lab, you will see how a web services is packaged and
deployed.
Java Web
Service
Developer Pack
'
) *
%
+
Client Programming Models
Stub-based programming model is the least dynamic in the sense that the Stub
object has to be created at the time of compile time and both WSDL and
interface has to be known at the compile time.
Dynamic proxy programming model still requires WSDL at the time of compile
time but the interface can be fed at runtime
<<interface>> <<interface>>
javax.xml.rpc.Stub com.example.stockQuoteProvider
com.example.StockServiceSoapBinding_Stub
This picture shows the Stub class hierarchy. As was mentionedin the previous
slide, the Stub class that gets generated by the tool will implement two
interfaces, javax.xml.rpc.Stub interface and then actual Web service
definition interface.
In this example, the Web service definition interface is called
com.example.StockQuiteProvider.
Standalone Stub-based Client
package hello;
System.out.println(stub.sayHelloBack("JAXRPC Sample"));
} catch (Exception ex) {
ex.printStackTrace();
}
}
package hello;
import javax.xml.rpc.Stub;
public class HelloClient {
Invocation Model
At Runtime Application provides the WSDL
Dynamic proxy is generated on the fly
by JAX-RPC client runtime
More portable than stub-based:
Does not depend on vendor generated service class
before runtime
Easiest to program but slower
than stub-based
Implementation object created and casted
Now dynamic proxy is generated on the fly by JAX-RPC client runtime system.
And application provides the Web service definition interface during runtime.
1
01 package proxy;
02 import java.net.URL;
03 import javax.xml.rpc.Service;
04 import javax.xml.rpc.JAXRPCException;
05 import javax.xml.namespace.QName;
06 import javax.xml.rpc.ServiceFactory;
07 public class HelloClient {
08 public static void main(String[] args) {
09 try {
10 String UrlString=
"http://localhost:8080/ProxyHelloWorld.wsdl";
11 String nameSpaceUri = "http://proxy.org/wsdl";
12 String serviceName = "HelloWorld";
13 String portName = "HelloIFPort";
14 URL helloWsdlUrl = new URL(UrlString);
!
0 %
/%
1
15 ServiceFactory serviceFactory =
16
17
ServiceFactory.newInstance();
Service helloService =
1
18 serviceFactory.createService(helloWsdlUrl,
19 new QName(nameSpaceUri, serviceName));
20 HelloIF myProxy = 2
(HelloIF) helloService.getPort(
21 new QName(nameSpaceUri, portName),
22 proxy.HelloIF.class);
23 System.out.println(myProxy.sayHello("Duke"));
24 } catch (Exception ex) {
25 ex.printStackTrace();
26 }
27
28 }
} 3
Dynamic proxy
From a JAX-RPC Service, you can use a proxy to invoke the Web
service's operations. The proxy is a Java class implementing the SEI.
A proxy is obtained with the JAX-RPC Service's getPort() method, which
takes the name of the port for the Web service you want to invoke
(found in the WSDL document), as well as the SEI implemented by the
proxy. It is called dynamic because the proxy is created at runtime.
The steps for dynamic proxy clients are:
DII invocation model gives the most flexible way of performing service
invocation by giving complete control to client programmer. And as was
mentioned, DII supports broker model.
In order to use DII invocation model, you have to create Call object first.
With this method, you do not need to know the
WSDL URL at development-time.
Making DII calls through a Call object is programmatically more
complex than using a stub or dynamic proxy. However, the advantage of
using a DII Call interface is that a client can call a remote
procedure without development-time knowledge of the WSDL URI or the
Web service operations' signatures. This makes the code easy to modify
if the Web service details change. With DII clients, runtime classes
generated by WSDL to Java mapping tools (emitters) are not required
like the dynamic proxy or static stub cases. However, if you know the
Web service you want to invoke is unlikely to change, you should use
dynamic proxy because configuring the Call instance can be complex.
Example: DII Client
package dynamic;
import javax.xml.rpc.Call;
import javax.xml.rpc.Service;
import javax.xml.rpc.JAXRPCException;
import javax.xml.namespace.QName;
import javax.xml.rpc.ServiceFactory;
import javax.xml.rpc.ParameterMode;
And this slide and next slide shows example code of DII based Web services
client.
Standardalone: DII Client
As you can see in this code, we create Call object from Service object and then
fill up the method and parameters during runtime.
Comparison of Three Client
Models
" %
/% %
!
%
#
$
'
"
"
"
'
"
"
'
"
"
"
!
"
SOAP Message Handlers
SOAP mesasge handlers let you intercept incoming SOAP request and
response mesasges and peform custom functions such as encryption,
decryption, authentication, authorization, logging, caching and so on.
In our hands-on lab, you will build and deploy both server and client side
SOAP message handlers.
SOAP Message Handlers
SOAP message handlers are pluggable and chainable. On the client side,
the registration and configuration of SOAP message handlers are done
through standardized programming APIs, which allows portable
handler configuration and registration.
Handlers have their own lifecycles, which are managed by the containers.
In fact, handler instances can be pooled for scalable operations.
Handlers also have access to MessageContext object in which share'able
data mong handlers can be maintained.
SOAP Message Handlers
SOAP Message
<Response>
This picture shows how multiple handlers can form handler chain. Here SOAP request
message is intercepted by handler # 1. Handler #1 peforms some handler logic and then
pass the request to the handerl #2, which performs its own handler logic and then it passes
the request to the service endpoint.
And response message then goes through the handler chain in reserve order. Again, this chain of handlers is
configured at the time of deployment and at the client side, it can be configured during runtime.
Example SOAP Message Handler
package com.example;
This slide shows an example handler code. Your custom handler class
implementsHandler interface, which has HandleRequest and
HandleResponse() methods. In this code, we get SOAP message
header object first and then performs whatever handler logic that is
appropriate. The key point is that the handler has a full access to the
SOAP message.
Session Management
JAX-RPC 1.0 specification requires that a service client be able to participate in a session
with a service provider. The underlying JAX-RPC runtime system manages session
without involving service client or service developer in the details of session
management.
A JAX-RPC 1.0 runtime system is required to use at least one of the following
mechanisms to manage session for a service client. These session management
mechanisms assume HTTP as the transport in the protocol binding. A JAX-RPC 1.0
runtime system may use HTTPSession to implement support for session
management.
Cookie based mechanism: On the initial method invocation on a service, the server side
JAX-RPC runtime system sends a cookie to the service client to initiate a new session.
The client side JAX-RPC runtime system then implicitly sends the cookie for each
subsequent method invocation on this service. The cookie associates subsequent
method invocations from the service client with the same session.
URL rewriting involves adding session related identifier to a URL. This rewritten URL is
used by the service provider to associate a request with a session. The URL that is
rewritten depends on the protocol binding in use.
SSL session is used to associate multiple remote method invocations as part of a session.
Security
JAX-RPC 1.0 specification requires support for HTTP Basic Authentication for
bindings over the HTTP transport. HTTP Basic Authentication uses user name
and password for authenticating a service client. During invocation of a remote
method, HTTP server (considered part of a JAX-RPC server side runtime
system) uses user name and password to authenticate the service client. The
authentication is performed in a specified security realm.
JAX-RPC 1.0 specification does not require support for the certificate based
mutual authentication using HTTP/S (HTTP over SSL) mechanism but since
j2EE 1.4 mandates it, it will be there for most app server products.
JAX-RPC 1.0 specification nor J2EE 1.4 does not require support for SOAP
Security Extensions for digital signature. But since XML digital signature and
encryption are now standards, it is expected most vendor products will support
it. Just to let you know, Java WSDP 1.2 supports XML digital signature and
encryption right now.
Security Layers – Transport Layer
Authentication
J2ME and
Web Services
Now let's talk about how J2ME devices can perform Web service invocation.
JSR-172 (J2ME Web Services)
Parsing
J2ME Web services client
JSR – 172
Profile
xml/http
Configuration
The specification basically defines two things. First, parsing, that is, how to
manipulate structured XML data over J2ME platform, and this will be a subset of
JAXP. And the other is how J2ME can function as a Web services client, which
is subset of JAX-RPC.
JSR 172, however, specifies runtime Service Provider Interface to allow portable
stubs as opposed to non-portable stubs of regular JAX-RPC.
Again JSR 172 is only for client side functionality. That is, JSR 172 does not define
how J2ME devices can be service endpoint.
JSR 172 is well-aligned with WS-I basic profile. The version of SOAP it supports is
SOAP 1.1.
Wireless Webservice Clients (MIDP
clients)
#
RPC Document-driven
Web services can be implemented in two different models - RPC model and document-
driven model.
The RPC model simulates a procedural call between Web service endpoint and its client
while under document-driven model, the business documents are exchanged. Under
RPC model, a thing that has to be agreed upon between service provider and client is
method signature such as method name and a set of parameters and their types while
under document-driven model, the schema of the business documents need to be agreed
upon. And under RPC model, the parameters and return values have to be marshalled
and unmarshalled while under document-driven model, the XML documents need to be
parsed and validated.
Because agreeing upon method signature is considered more stringent, RPC model is
considered more tightly coupled than document-driven model. For example, if the
service adds another parameter, the client needs to be changed under RPC model.
The RPC model always works in synchronous mode in that the sender of the message
waits for the response while messaging model supports both synchronous and
asynchronous model.
It is expected that RPC model will be more or less used within a business organization
while document-driven model would be used over the internet between business
organizations because document-driven model is more loosely-coupled than RPC
model.
When to use
RPC vs. RPC and
Document-driven
RPC Document-driven
So when do you want to use RPC model and when do you want to use
document-driven model Web services?
The rough guidelines is to use RPC model within an enterprise and to use
document-driven model for enterprise to enterprise communication. It is
because document driven model allows a bit more loosely coupled model.
And since
Document-Driven Model using
JAX-RPC
So in your WSDL document, you can specify that you want doc/literal style.
Document-Style SOAP
Header Envelope
Specifies message-
level services Header
Security Header
Block
Payload Routing
Opaque
Schema-defined Body
Large Order
Complex Body
Payload
Catalog
SOAP Attachments and Literals
Attachments Literals
Architecture
&'
&
+ + &
*
%
%
Components
Client
Java Application
Server
Middleware (Web Services and Enterprise
JavaBeans)
Backend
Database (Oracle)
Loader (Java Application)
Monitor (Java Application)
Middleware Solutions
F
I J2EE Application Server
R
Web E
Application W
Service HTTPS
Java A
Client Stub
L
L SOAP
Service Provider
Processor Remote Stateless
Session EJB
HTTPS
Web
Application
Service
Java
Client Stub
HTTP
S
F
Application
Web I
SOAP Service Provider
Service R Remote Stateless
C++ HTTPS Processor
Client Stub E Session EJB
W
A
L
L
C
JDB
Data
F Local Stateful
I Session EJB
R
E
W
A
L Cache
L
• The Cache Registry keeps track of which Data EJBs are in memory.
& '
&
#
Now let's talk about WS-I and Web services interoperability.
WS-I Is
First, let me clarify what WS-I is first. WS-I is an open industry effort
chartered to promote Web services interoperability across platforms,
applications and programming languages.
Let me tell you what WS-I is not as well since there seems to be some
confusion about this.
Profiling
SOAP 1.1, WSDL 1.1 and UDDI 2.0
Basic profile 1.0 profiles conformance requirements in SOAP 1.1, WSDL 1.1,
and UDDI 2.0. Basic profile 1.0 is made of 156 conformance
requirements.
Basic Profile 1.1
Basic profile 1.1 adds support for attachment to the basic profile
1.0. It is based on SOAP with attachment W3C note and
WSDL MIME binding.
WS-I Support in J2EE 1.4
J2EE 1.4 supports WS-I basic profile 1.0. If you package basic
profile 1.0 conforming WSDL document, the container will take
care of all the details in terms of creating conforming SOAP
messages with conforming encoding styles.
Supply Chain Management
Sample Application
UDDI
Warehouse C Manufacture C
As a way of making sure actual implementations from different vendors interoperate, WS-
I also defines a sample application which is made of 9 Web services. All the vendors
are expected to implement these sample Web services endpoints and then expose them
as Web services over the internet.
WS-I Sample App is a simple Supply Chain Management application. The application
being modeled is that of a Retailer offering Consumer electronic goods to Consumers;
a typical B2C model.
To fulfill orders, the Retailer has to manage stock levels in Warehouses. When an item in
stock falls below a certain threshold, the Retailer must restock the item from the
relevant Manufacturer's inventory; a typical B2B model. In order to fulfill a Retailer's
request, a Manufacturer may have to execute a production run to build the finished
goods.
Each use case includes a logging call to a monitoring system in order to monitor the
activities of the services from a single monitoring service.
Optionally, there is a Configurator web service that lists all of the implementations
registered in the UDDI registry for each of the web services in the sample application.
I already mentioned the sample application is made of 9 Web services. And these are 1
Retailer, 1 Logging Facility, 3 Warehouses, 3 Manufacturers and 1 Configurator, and
thus a total of 9 web services.
Sample Application Flow
www.WS-I.org www.WS-I.org
Welcome SampleApp
This is the WSDL description of each Web service endpoint. As you can see, each
service is configured with different set of possible values so that interoperability
can be tested. So they use different calling convention, uses either rpc/literal or
doc/literal as encoding style. Different data types are used for different endpoints.
And usage of SOAP field or not can be also tested.
Monitor & Analyzer
Web
Web
Service
Service
Client
Monitor
WS-I also provides two testing tools - monitor and analyzer. The monitor captures
the SOAP messages that are being exchanged between Web service provider and
its client and logs them into a log file.
The log file is then analyzed by the analyzer and you can see if the SOAP messages
are in fact conformant to the WS-I basic profile or not.
Monitor Can Live Anywhere
Machine A
Monitor
Service
Requestor
Machine B
Monitor
Service Requestor
Monitor Service
Machine A
Machine A Machine B
The monitor captures the SOAP messages as “a man in the middle”. And it can
reside pretty much anywhere. This slide shows different ways of placing the
monitor.
First in the picture on the upper left corner, both service and its client reside in a
single machine while the monitor resides in a different machine. In the picture
on the upper right corner, client and service provide reside in two different
machines and the monitor resides on the server side. And on the lower right
corner, the monitor resides on the client side. The lower left conner shows a case
where service, client, and monitor all reside in a single machine.
The demo that I will show you will use the configuration of red, in which the
service client and monitor resides on a Sun workstation here while we are
accessing remote Web services endpoints over the internet.
Analyzer
Test
Assertion
Document
WSDL
Analyzer Document
Confg File
Analyzer
UDDI
Message Document
Log
Conformance
Report
XSLT
The analyzer can take various pieces of information as inputs and then generates a
conformance report which then can be transformed into HTML document. The
inputs can be WSDL document, UDDI document and of course the log file that
contained captured SOAP messages.
(
OK, next topic is fast web services. Fast Web Services is an initiative at Sun
Microsystems.
Current Performance Data
15
12.5
10
7.5
5
2.5
0
JAX-RPC JAX-RPC RMI/IIOP RMI
encoded literal
Protocol
As part of fast web services effort, we measure the performance various remote
communication technologies of today. And this what we have found today.
Message Size
4000
3500
3000
2500
2000
1500
1000
500
0
JAX-RPC JAX-RPC RMI/IIOP RMI
encoded literal
Protocol
In terms of message, a message that used encoded scheme is twice as big as the one
that uses literal mode, which in turn is twice the size of RMI over IIOP, which is
in turn more than twice the size of pure RMI.
Goals of Fast Web Services
So the goals of Fast web services is to provide much better Web services
performance. And of course we do not want to develop fast Web service as a
proprietary solution. Instead we would like to establish Fast web services
technology as a standard. We will release this fast Web services implementation
through Java Web services developer pack. And we want to achieve this while
minimizing impact to Web services developers meaning runtime stack will hide
the details so that as a developer you don't even know if you are using fast web
service underneath or not.
The Big Picture
WSDL
Fast has a goal to minimize the impact to existing specifications and thus minimize
the effect on Web Services developers and tools vendors. Fast is targeted at
developers of Web Service stacks rather than the end users of those stacks who
outnumber stack developers by a large factor.
With this goal in mind it is of paramount importance that WSDL [6], the basic
contract between a client and service, is not changed in any radical fashion.
This picture illustrates how this can be accomplished. It is possible to change the
underlying Web Services framework (consisting of a protocol, data binding and
transport layer) without affecting the application. Note that WSDL defines a
contract to all three layers depicted. To ensure no radical changes, existing
WSDL concepts such as the SOAP binding and W3C XML Schema [7], are
maintained. This ensures that the existing syntax can be interpreted differently
but consistently (see below for more details).
Technical Goals
So technical goals of Fast web services include cutting the overhead of XML
processing by reducing the SOAP message size and reducing the cost of
marshalling and unmarshalling.
We want to support fast web services over all Java platforms, J2ME, J2SE,
and J2EE.
And of course, we want to make sure fast web services can be implemented as
platform and programming language independent way.
Use Cases
Now higher Web services performance is desirable in most cases including for most enterprise Web
services environment. But there are cases where higher Web services performance is critical. For
example, mobile phones and satellite communications where bandwidth is a very premium resource.
The scientific grid project is an area of high-performance computing that is adopting Web Services tools
and technologies. XML-based messages in these cases can be large and do not represent the data in
the most efficient form (such as, real numbers are represented as strings).
Auto-ID [2] is an initiative to standardize the processing and management of Radio Frequency ID and
RF-ID systems. RF-ID tags, which have the size of a small coin, can be attached to every product on
supermarket shelves such that when an item is taken off the shelf, the store can order more. Just as
barcodes improved the efficiency of inventory management in the 1980s, RF-ID systems will make
further improvements in this decade, as items are individually identified and it is not necessary to
remove items from their packaging to identify them.
An Auto-ID architecture, such as Sun Microsystem's [3], can be based, in part, on Web Services. RF-ID
readers will read IDs and and send Web Service messages to servers. The readers may be small
wireless devices, so there is potential for multiple devices to send messages to a server at the same
time. The scale of Auto-ID systems and the throughput they require will be vast.
Fast can ensure that small devices may efficiently participate as Web Service clients, that bandwidth
usage from many clients sending messages is reduced, and that servers may be able to process
messages efficiently.
Technological Requirements
One (ASN.1)
It has been used as a schema language for abstract type system for quite a
while.
It supports multiple encoding rules and types are independent of encoding rules.
It is royalty free international standard. And it has been proven in the market
place especially in telecom industry. There are many implementations of
ASN.1 including Java and C++ versions.
Fast Encoding and ASN.1
Resources
So these are the security schemes that are being worked on by the industry with a goal of
providing comprehensive and unified security schemes for the Web services.
Resources
So these are the security schemes that are being worked on by the industry with a goal of
providing comprehensive and unified security schemes for the Web services.
Web Services Hands on Lab
Q&A
Maneesh Sharma
Market Development Engineer
Maneesh@sun.com