Spring, web service, web server, eclipse by a introduction sandesh sharma
Web service introduction 2
-
Upload
sagara-gunathunga -
Category
Documents
-
view
2.098 -
download
0
Transcript of Web service introduction 2
![Page 1: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/1.jpg)
Introduction to Web Service - 2
Sagara Gunathunga ( Apache web Service and axis committer)
![Page 2: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/2.jpg)
WS specification overview
WS-Addressing
WS –security
WS -Reliable messaging
WS - interoperability
WS Composition and Orchestration
CONTENTS
![Page 3: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/3.jpg)
WS specification overviewThere are some standard bodies to define specification related to Web Services generally known as WS-* specifications .
• SOAP• WSDL • WS- Addressing• WS-security • WS- Policy• WS- Reliable Messaging• WS -evening
WS- NotificationWS-MetadataExchangeWS-Resource FrameworkWS-TransactionWS-AtomicTransactionWS-BPEL
![Page 4: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/4.jpg)
WS- Addressing
SOAP does not provide a standard way to specify
1. where a message is going ? 2. how to return a response ?3. where to report an error ?
transport protocol such as HTTP , JMS can be used to define those properties .
![Page 5: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/5.jpg)
e.g. HTTP Headers
The type of the message being
conveyed is SOAP
Host URI
SOAP Action
When a SOAP request is sent over HTTP, the URI of the HTTP request serves as the message's destination. The message response is packaged in the HTTP response and received by the client over the HTTP connection.
When a SOAP request message is sent asynchronously through JMS, a destination for responses might be specified in the JMS message headers, incorporated into the message body, or left up to the service implementation.
![Page 6: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/6.jpg)
Conclusion
Above solutions are depend on the transport protocol but WS- Addressing provide a transport natural solution.
WS – Addressing define <To> and <Action> to define destination and action.
![Page 7: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/7.jpg)
WS – Addressing and WSDL
![Page 8: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/8.jpg)
WS – Addressing
Supports to wide range of transport protocols.
Supports for Asynchronous communication
Supports Dynamic endpoint addressing.
WS-Addressing was originally authored by Microsoft, IBM, BEA, Sun, and SAP and submitted to W3C for standardization. The W3C WS-Addressing Working Group has refined and augmented the specification in the process of standardization.
http://xml.coverpages.org/ws-Addressing.html
http://www.w3.org/TR/ws-addr-core/
![Page 9: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/9.jpg)
Asynchronous communication
current message has id “uuid:someid” and it is related with another message that has id “uuid:someotherid” and the
type of the relationship is “Reply”
The address of the sender of the message, the addresses for return reply or fault messages are given
![Page 10: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/10.jpg)
Dynamic endpoint addressing
Endpoint is any addressable resource to which SOAP message can be sent (Web Service client or application, a SOAP router or any SOAP aware entity
The most logical way to include endpoints is to use WSDL “Service” element, however WSDL does not allow extensibility of this element, therefore EndpointReference is defined.<From>, <ReplyTo>, <FaultTo> tags convey an “EndpointReference”
![Page 11: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/11.jpg)
WS – Security
![Page 12: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/12.jpg)
WS – Security
Security is a very important aspect of a any enterprise application , WS- Security and related specification define how you can implements security features such as identification ,authentication , authorization , message integrity and confidentiality for your web services.
Identification
Authentication
![Page 13: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/13.jpg)
Authorization
Confidentiality
Message integrity
![Page 14: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/14.jpg)
06.03.2005
14
Soap Foundation XMLEncryption
XMLDigital
Signature
Security Extensions
WS-Security XKMS SAML XACML SPML
WS-Policy WS-Trust WS-Privacy
WS-Secure
Conversation
WS-Federation
WS-Authorization
WS – Security stack
![Page 15: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/15.jpg)
WS – Security stack
![Page 16: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/16.jpg)
WS – Security stack
•flexible and feature-rich extension to SOAP to apply security to Web servicesWS – Security
•allows web services to use XML to advertise their policies (on security, Quality of Service, etc.) and for web service consumers to specify their policy requirements.WS – Policy
•provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchangeWS – Trust
•establish security contexts for multiple SOAP message exchanges, reducing the overhead of key establishment.
WS – SecureConversion
•defines mechanisms for allowing disparate security realms to broker information on identities, identity attributes and authentication.WS- Federation
WS- Authorization
![Page 17: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/17.jpg)
Message Security vs. Transport Security
Message level Security - Advantages
Message level Security - Disadvantages
Different parts of a message can be secured in different ways.
Asymmetric: different security mechanisms can be applied to request and response
Self-protecting messages (Transport independent)
Immature standards only partially supported by existing tools
Securing XML is complicated
![Page 18: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/18.jpg)
Message Security vs. Transport Security
Transport level Security - Advantages
Transport level Security - Disadvantages
Widely available, mature technologies (SSL, TLS, HTTPS) Understood by most system
administrators
Point 2 Point: The complete message is in clear after each hop
Symmetric: Request and response messages must use same security Properties
Transport specific
![Page 19: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/19.jpg)
WS - Reliable messaging
defines a messaging protocol to identify, track, and manage the reliable delivery of messages between exactly two parties, a source and a destination.
It also defines a SOAP binding that is required for interoperability. Additional bindings may be defined.
![Page 20: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/20.jpg)
WS - Reliable messaging
![Page 21: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/21.jpg)
WS – interoperability (WS- I)
An open industry effort chartered to promote Web Services interoperability across platforms, applications and programming languages.
A standards integrator to help Web services advance in a structured, coherent manner
Approximately 130 member organizations - 70% vendors, 30% end-user organizations , Strong non-U.S. membership, including very influential Japan SIG
![Page 22: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/22.jpg)
WS-I Goals
•Achieve Web services interoperabilityIntegrate specificationsPromote consistent implementationsProvide a visible representation of conformance
•Accelerate Web services deploymentOffer implementation guidance and best practicesDeliver tools and sample applicationsProvide a implementer’s forum where developers can collaborate
•Encourage Web services adoptionBuild industry consensus to reduce early adopter risksProvide a forum for end users to communicate requirementsRaise awareness of customer business requirements
![Page 23: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/23.jpg)
WS- I Deliverables
ProfilesDefined set of specifications or standards at specific version levelsGuidelines and conventions for using these specifications together in ways that ensure interoperability
Sample applicationsUse cases and usage scenarios based on customer requirementsSample code and applications built in multiple environmentsDemonstrate profile-based interoperability
Test tools and supporting materialsTools that test profile implementations for conformance with the profilesSupporting documentation and white papers
![Page 24: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/24.jpg)
Basic ProfileBasic Profile 1.0 and 1.1
— More than 200 interoperability issues resolved in the Basic Profile 1.0; conventions around messaging, description and discovery
Simple SOAP Binding Profile 1.0— Derived from Basic Profile requirements related to serialization of an envelope and its representation in the message
Sample Applications and Testing Tools for the Basic Profile
• Attachments Profile 1.0Complements the Basic Profile 1.1 to add support for conveying
interoperable, SOAP with Attachments (SwA) with SOAP messages
WS- I Deliverables
![Page 25: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/25.jpg)
WS- I Basic profile 1
What is a profile? A set of specifications at specific version levels Guidelines and conventions for using the specifications together
WS- I BP 1.0
SOAP 1.1WSDL 1.1UDDI 2.0XML 1.0 (Second Edition)XML Schema Part 1: StructuresXML Schema Part 2: DatatypesThe Secure Sockets Layer Protocol Version 3.0RFC2246: The Transport Layer Security Protocol Version 1.0
RFC2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile
RFC2616: HyperText Transfer Protocol 1.1
RFC2818: HTTP over TLS
RFC2965: HTTP State Management Mechanism
![Page 26: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/26.jpg)
WS Composition
• I n most of the real world scenarios it is required to interact with several services in a predefine or dynamic order.
• Businesses requires to quickly adapt to customer needs and market conditions EAI and B2B interactions (through web services)
• Needs to be flexible internally and externally• Without a common set of standard, each organization is left to
build their own set of proprietary business protocols
• Leaving little flexibility for true web services collaboration
![Page 27: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/27.jpg)
Web Service Composition
Provides an open, standards-based approach for connecting web services together to create higher-level business processes.
Standards are designed to reduce the complexity required to compose web services, hence reducing time and costs, and increase overall efficiency in businesses
Multiple approaches based on perspective:
Static – Dynamic WS composition
Industry solution – Semantic Web solution
![Page 28: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/28.jpg)
Static – Dynamic WS Compositions
Web Service Composition
Static Composition
By Hand/hardc
ode
BPEL4WS
Dynamic Composition
Model driven Service
compositionXSRL
![Page 29: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/29.jpg)
BPEL - Overview
Use Web Services Standard as a base
Every BPEL is exposed as a web service using WSDL. And the WSDL describes the public entry and exit points of the process
Interacts through WSDL interfaces with external web services
WSDL data types are used to describe information flow within the BPEL process
![Page 30: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/30.jpg)
BPEL – example process
![Page 31: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/31.jpg)
BPEL - code sample<sequence>
<receive partner=”buyer” … operation=”sendOrder” container=”request”/>
<invoke partner=”supplier” … operation=”request” container=”order”/>
<reply partner=”buyer” … operation=”response” container=”proposal”/>
</sequence>
sendOrder
request
response
request
proposal
order
![Page 32: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/32.jpg)
BPEL – sample
![Page 33: Web service introduction 2](https://reader036.fdocuments.us/reader036/viewer/2022062513/5563a8b1d8b42aae0d8b5131/html5/thumbnails/33.jpg)
Thank You
Aeturnum Lanka (Pvt) Ltd197, Stanley Thilakaratna Mw, Nugegoda 10250, Sri Lanka
Phone: +94 11 5518177 | Email: [email protected]: www.aeturnum.com | www.athiva.com