Beruflich Dokumente
Kultur Dokumente
Olaf Zimmermann
IBM Corporation
October 2003
1
Agenda
October 2003
8
Module 1: Agenda
Defining principles
Summary
Messaging Backbone
Business Process
Today Tomorrow
(Infrastructure Services)
Services
Integration Architecture
Applications Services
Components
Example:
Cross-line of business customer relationship process can leverage logic
and data available as platform-independent services, provided by
components residing in three existing line-of-business applications.
Cross-cutting integration and infrastructure concerns are factored out and
form two separate vertical layers.
Source: [IBM SOA]
Defining principles
Summary
Architect
an architectural style which requires a service provider, requestor
and a service description
a set of architectural principles, patterns and criteria which address
characteristics such as modularity, encapsulation, loose coupling,
separation of concerns, reuse, composability and single
implementation
Programmer
Business
Executive,
Business-Aligned Service Descriptions Consultant
(Interface Contracts)
Architect
Separation of Concerns Loose Coupling
and Modularity and Messaging
Business Process
Service
Directory
Service
Service Registry
Management
1. Publish
Transaction
2. Find
Security
Policy
Service Description
UDDI WSDL
Service Communication Protocol
3. Use
Transport
Service Service
Consumer Provider
SOAP
Simplified definition: SOA is an architectural style whose goal is to achieve loose coupling
among interacting software agents
SOA proposes an advancement in the programming model
It is the next evolution in software engineering from Object-Oriented Programming &
Component-Based Development – but can be layered on top of these approaches
Web services and SOA are not the same thing:
Many existing production SOAs do not primarily use Web services – they are built on
Message-Oriented Middleware (MOM)
Not all deployed Web services-based systems necessarily embrace all the guiding
principles of SOA (e.g. loose coupling) Source: [IBM SOA]
Building SOAs with Web Services
19 Copyright is held by the author/owner(s). OOPSLA'06, October 22–26, 2006, Portland, Oregon, USA. 2006 ACM 06/0010
Web services essence: service descriptions, service
invocations, etc. expressed as XML documents
UDDI
Registry
Service
Broker
find
publish
WSDL
WSDL Service Provider Service Requester
bind, invoke
Message
Ha
Service
AP
Service
nd
Provider Requester SO
le
r
SOAP
Service
Web SOAP Client Backend or Requester
Internet Handler
Service Application Legacy (Proxy) Application
Application
WSDL
Source: [Ferguson]
WS-Security suite
WS-ReliableMessaging
WS-Coordination, WS-AtomicTransaction, WS-BusinessActivity
(currently under standardization at OASIS and WS-I)
Defining principles
Summary
1
Custom Package
Custom
Application Package
Application
Existing Application Resources
Composite
service
Key issues:
Where to draw the line between the two sublayers?
How to interface with the presentation layer?
What is a good atomic service?
Integration of package and legacy workflows?
IBM generate
WebSphere® SOAP SOAP SOAP
(pSeries) Web
Application
generate
Web Services Adapter Layer
JavaTM API (Dynamic Interface)
Dynamic Interface
Access Layer
Database generate
(IBM DB2®)
Business Function
IBM
CICS
(zSeries)
Functional domain:
Order entry management
Two business processes:
new customer, relocation
Service composition:
Top-down from retailer
interface and process
Bottom-up from existing
wholesaler systems
Defining principles
Summary
Defining principles
Summary
Challenge Response
October 2003
40
Module 2: Agenda
Interpretation of the core specifications and links through the WS-I Basic Profile 1.1
Built-in types
XML document grammar and valid XML instances
Simple and complex custom data types
Reference: [WSDL]
intermediaries
Client Certificate
WS-Security
SOAP
Application Layer
Policy
WS-Trust
WS-Policy
XML
XML XML Signature XML Encryption
Key Mgmt.
SSL
TCP/IP
WS-I Basic
Profile 1.1,
Attachments WS-I Basic
Profile 1.0 and Security Profile
Simple SOAP (currently draft)
Binding Profile 1.0 Kerberos, REL,
and SAML
Token Profiles
Reference: [WSI]
Building SOAs with Web Services
54 Copyright is held by the author/owner(s). OOPSLA'06, October 22–26, 2006, Portland, Oregon, USA. 2006 ACM 06/0010
Building Blocks: Java and Web services
1: Find
JAX-RPC/WS SOAP Engine Servlet Engine SOAP Engine JAXR
JAX-RPC/WS
HTTP Client (Tomcat, other) (Axis, other) UDDI4J
Stub
Stub (Axis, other)
Transport Infrastructure
Service Service
Service
Endpoint Endpoint
Interface
Interface Interface
Service
Service Endpoint
Service Client
Object Implemen-
Client Stub
(Factory) tation
Transport
Java XML API for Remote Procedure Calls (JAX-RPC) uses design
patterns such as proxy and factory to provide consumer (client) and
provider (server) side access to SOAP messaging
Defines WSDL and XML Schema to Java mapping
Reference: [JAXRPC]
Service
Service Endpoint
Service Client
Object Implemen -
Client Stub
(Factory) tation
Transport
Web Web
Services J2EE Extension of JAX-RPC: Services
Client DD Server DD
Deployment Descriptors (DDs)
EJBs as service endpoints
Reference: [EWS]
The base Web services stack is now solid and well established
Basic security has been robust for several years, but more
sophisticated security standards are still emerging
[XML] Extensible Markup Language (XML) 1.0 (Second Edition), W3C Recommendation, 6 October 2000,
http://www.w3.org/TR/2004/REC-xml-20040204/
[XMLNS] Namespaces in XML, W3C, 14 January 1999, http://www.w3.org/TR/REC-xml-names/
[XMLSch] XML Schema W3C Recommendation Parts 0-2, 2 May 2001, http://www.w3.org/XML/Schema
[SOAP] SOAP Version 1.2 W3C Recommendation Parts 0-2, June 2003, http://www.w3.org/2000/xp/Group/
[WSDL] WSDL Version 1.1 W3C Note, March 2001 (2.0 is Candidate Rec.), http://www.w3.org/2002/ws/desc/
[UDDI] UDDI Version 3.0.2 OASIS Draft, October 2004, http://uddi.org/pubs/uddi_v3.htm
[SSL] SSL Protocol Version 3.0, Netscape Communications, 1996, http://wp.netscape.com/eng/ssl3/
[TLS] Transport Layer Security 1.0, Internet Engineering Task Force, January 1999,
http://www.ietf.org/html.charters/tls-charter.html
[WSS] Web Services Security: SOAP Message Security 1.0 Specification, OASIS, March 2004,
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf
[WSI] Web Services Interoperability Profiles, WS-I.org, 2004-2005, http://www.ws-i.org/deliverables/index.aspx
[JAXRPC] Java API for XML Remote Procedure Calls 1.1 Specification, Java Community Process, October
2003, http://www.jcp.org/en/jsr/detail?id=101
[EWS] Enterprise Web Services 1.1, Java Community Process, November 2003,
http://www.jcp.org/en/jsr/detail?id=921
[JAXWS] The Java API for XML Web Services, (JAX-WS) 2.0, Proposed Final Draft, October 7, 2005
October 2003
63
Module 3: Agenda
Technology implementations
Web services tools
J2EE Web services implementations
Other programming languages – PHP, Ruby
End-to-end example using open source technologies
Introduction and getting started
WSDL definition
Service provider creation from WSDL
Test service implementation
Web service publishing and discovery
Create a Web service client from WSDL
Secure communication with SOAP/HTTPS
Links:
Ruby language: http://www.ruby-lang.org
Ruby on Rails: http://www.rubyonrails.org/docs
Install rails package: http://instantrails.rubyforge.org/wiki/wiki.pl
Service
Server Code
Description
Transport Infrastructure (POJO)
(WSDL)
Classpath updates
include Axis 1.2 libraries
Project deployed to server
Server started
Test
Client
<?php
/* Display Risk Report */
function displayRiskReport ($firstYear, $years) {
try {
$soapClient = new SoapClient(
"http://localhost:8080/PremierMidOfficeWeb/wsdl/RiskReportPortService.wsdl");
def doExternalRiskAssessment
# implementation code goes here
end
The Eclipse Web Tools project provides all of the features you need
when using the basic Web services building blocks (SOAP, WSDL,
and UDDI)
However, expect to have to pay for tools and runtimes if you want to
work with specifications like WS-Security or WS-BPEL
October 2003
98
Module 4: Agenda
Architectural decisions
Addressing non-functional requirements
Gaps and countermeasures
Best practices
SOAP, WSDL, UDDI
SOA in general
Business
Processes
EAI B2B
Business
Functions
(Use Cases)
Technical
Functions
& Common Services (CS)
Information
Services
Simple
Intranet Extranet Internet
Service
Reach
Note that there is a place for both Web services and more
“traditional” EAI approaches. They also complement J2EE.
XML
Parser
Comm. Management
Naming Modelling
Style Validation Operations
Accounting
Encoding Population Character Billing
Encoding
Session
Compression Access
Deployment Management
Performance
Ensure that requirements are realistic
Build a small prototype at start of project to check if criteria can be met
Scalability
Design your services to be as stateless as possible
Normal J2EE scaling strategies can be applied
Availability
Normal J2EE availability strategies can be applied
Robustness
Create an effective error handling mechanism with SOAP fault handling
The product building-blocks are now mature enough for prime-time
Portability
Stick to agreed industry standards/specifications such as JAX-RPC,
where they exist, and be prepared for changes (JAX-WS)
Carefully
Use HTTP as the default transport, observe
but consider the messaging
alternative bindings
Carefully observe the messagingoverhead
overhead
By aware of the trade-off between security and performance
Design your Web services to be Also known as
as stateless asSOAP verbosity. The
possible
overhead can
Avoid custom mappings, write server-side be three
facades to 20 times,
instead
depending
Include, but do not rely on the HTTP SOAP on the naming
action header conventions
Be careful with message handlers and theother
and nesting levels of the document.
intermediaries
Try to leverage existing transportUse TCP
layer monitors
or XML and try different
compression features
Include,but
Bedo not of
aware rely
theon, runtime
the HTTPbetween
differences parsers/engines.
JAX-RPC and Apache SOAP
SOAP action header
October 2003
113
If you don‘t have questions for us... we have some for you
Could you identify any familiar design patterns in the generated JAX-RPC
artefacts?
Apart from function and parameter names, what does the interface contract
agreed between GovernmentOffice and PremierQuotes have to define?
October 2003
117
Handout Material
Tomcat 5.0
Extract Tomcat
Add admin/manager user to XML configuration
Tomcat homepage is http://localhost:8080
Java Activation Framework (JAF) 1.0.2 and Java mail library
Download JAF from Sun site might be required (Axis prerequisite)
Copy mail.jar and activation.jar to tomcat/common/lib directory, and
add these libraries to client project build path
Axis 1.2
Ships with Eclipse WTP 1.0, so no need for additional installation steps
Optional: run Axis validation to check if any dependencies are missing
package com.premierquotes.risk;
package com.premierquotes.risk;
public com.premierquotes.risk.RiskReportPortType
getRiskReportPortService(java.net.URL portAddress) throws javax.xml.rpc.ServiceException;
}
package com.premierquotes.risk;
import com.premierquotes.risk.xml.response.*;
import java.util.*;
<deployment
xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
package com.premierquotes.risk;
import com.premierquotes.risk.xml.response.*;
import java.util.*;
$rrArray = $rrReturn->RiskRecordTypeData;
def doExternalRiskAssessment
re1 = RiskRecordType.new
re1.year = 2006
rat = RiskAssessmentResultType.new
rat.policyCount = 2
rat.totalClaimValue = 42.12
rat.claimCount = 511
rat.totalInsuredValue = 99.99
re1.report = rat
result = RiskRecordCollectionType.new
result.shouldGetCredit = true
result.resultElements = [re1]
result
end
end