Web Services Container
-
Upload
jorgen-thelin -
Category
Technology
-
view
2.044 -
download
0
Transcript of Web Services Container
The Web Services Container
Main Responsibilities of WSC
Routing messages to appropriate call handlers for execution
Configuring execution steps based on app config data
Control of execution context
SOAP Processing Engine
SOAPEngine
LegacyAdaptors
Web ServicesContainer
CustomLegacyAdaptors
CORBA
EJB
CustomCustomTransports
Cus
tom
Secu
rity
/Se
ssio
nC
ontr
ol
Cus
tom
Mes
sage
Inte
rcep
tors
Javaclass
Web Service Container
Driving question for WSC features:
“What type of configuration details should a user be able to change?”
Web Services Container – Plugin points
Web ServicesContainer
DeploymentAPI
ExecutionAPI (Java)
CallHandler
Usa
geC
ontr
olle
r
Met
adat
aC
atal
ogSe
ssio
nM
anag
emen
t
Act
ivat
ion
Poli
cy
SessionDataStorage
Javaclass
SecurityProviders
Invocation API
Receives a SOAP message, and handles the dispatch of the call to a suitable handler.Based around the current Message Dispatcher / Call Dispatcher interfaces in CapeConnect 3.0The details of how to handler a particular call are delegated to an appropriate call handler.Call handlers can be written by partners and plugged in to the WSC.Invocation pipeline is completely stateless, for maximum throughput.
Deployment Control Interface
Web Service application deployment API
Deploy appUndeploy appReload appPublish app [to UDDI/WSDL]
Deployment API is exposed as a SOAP web serviceRemote deployment by sending a jar as a MIME attachment.
Web Service Container Internals
Web Service Container
ExecutionController
Authentication
Authorization
Activation Control
Session Management
Interceptor Control
Call Handler
Provider
Provider
Storage Provider
Provider
Interceptor(s)
ApplicationMetaData
Instantiation Policy Control
Singleton instance
Instance per user
Instance per session
Instance per call [completely stateless]
Resource Usage Controls
Limit number of service instances.
Concurrency limits.
Possibly billing data collection.
Session management
Session state storagepossibly accessible across server farm for failover
Session timeout policy
Web Service accessible session dataE.g. “cookie”-like context data
Application config
All configuration is set on a per-application basisApp configuration defined in an XML descriptor file (like EJB DD)Typical configuration items:
Serializers and type mappingsActivation policySecurity policyWSDL generation propertiesUDDI publishing properties
Some potential to intercept JSR-109
Web Service Metadata catalog
Service Definition – at several levels
Abstract interfaceE.g. data type definitions, abstract operation types
Protocol specific interface E.g. SOAPAction values for each operationAKA “Concrete” interface definition
Bound interfaceE.g. port definitions with endpoint URL(s)
Published interfaceE.g. UDDI service key / UUID, Published name
Standard default implementations
Provide a standard implementation able to wrap a standard Java class for ease of use.
More sophisticated users can access full details of the call environment.
Partners can provide a custom call handler plugin for specific legacy integration
Advanced partners can provide operation plugins (e.g. session management) to customize behaviour.
Security credential propagation
CapeConnectServer
Import / map credentials from transport (e.g. IIS)
Export / map credentials for call (e.g. WLS)
Cus
tom
auth
enti
cato
rpl
ugin
Cus
tom
auth
oriz
atio
npl
ugin
Inbound Security Propagation
Web Server
Servlet Engine
CapeConnect SOAP Engine
CCSOAP Servlet
Trustrelationship
Transport
HTTP Basic or Digest Authentication,SSL Client-side Certificate, etc.
MessagingProtocol /
Re-authentication
Credentialimport
through:
SOAP Basic or Digest Authentication,SAML SOAP Headers, etc.
Backend Security Propagation
CapeConnect SOAP Engine
SOAPCall Handler
CORBACall Handler
EJBCall Handler
CORBAServer
EJBServer
SOAPServer
EJBCall Handler
EJB Server
ProxyBean
SOAPCredentials
CSIv2Credentials
EJB Native Credentials
UserBean
Re-establish Credentials