Core mechanisms for Web Services extensions
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Core mechanisms for Web Services extensions

on

  • 418 views

 

Statistics

Views

Total Views
418
Views on SlideShare
418
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Core mechanisms for Web Services extensions Presentation Transcript

  • 1. 2007 Next Generation Web Services Practices Core mechanisms for Web Services extensions Miguel Pardal miguel.pardal@dei.ist.utl.ptLisbon, Seoul, October 30th, 2007Portugal
  • 2. Outline• Service-oriented Enterprise Applications• Web Service Extensions – Core mechanisms• Conclusions2007-10-30 Core mechanisms for Web Services extensions 2
  • 3. Outline• Service-oriented Enterprise Applications• Web Service Extensions – Core mechanisms• Conclusions2007-10-30 Core mechanisms for Web Services extensions 3
  • 4. “The whole world is made ofchange” ~ Luís Vaz de Camões 16th Century Portuguese Poet Cobol Fortran C DCE Java CORBA Dot Net DCOM Web Services2007-10-30 Core mechanisms for Web Services extensions 4
  • 5. Service-oriented approach toEnterprise Applications• Customers’ needs change – Enterprises must adapt – And so do their applications• Services – Focus on flexibility, reuse and interoperability – Web Services (WS) technology – Service-Oriented Architecture (SOA)2007-10-30 Core mechanisms for Web Services extensions 5
  • 6. Web Services in action #1 Publish Client Service #2 Discover Data XML Schema WS #3 Generate stubs Functions WSDL #4 Configure Policy WS-Policy WS libraries #5 Invoke #6 Execute2007-10-30 Core mechanisms for Web Services extensions 6
  • 7. Web Services libraries #4 Configure Policy WS-Policy WS libraries• WS-Policy specifies additional requirements – Like security, distributed transactions, reliable messaging, etc. – But libraries are necessary to actually implement the requirements2007-10-30 Core mechanisms for Web Services extensions 7
  • 8. Requirements• Functional – What the service does • Input, output, faults• Non-functional – What properties hold when the service executes – Depend on circumstances and must be balanced • E.g. Security – Low value messages can use a weaker but faster cipher algorithm; high value messages use stronger security – Intranet requests use local security credentials; Internet requests use cross-domain credentials2007-10-30 Core mechanisms for Web Services extensions 8
  • 9. Outline• Service-oriented Enterprise Applications• Web Service Extensions – Core mechanisms• Conclusions2007-10-30 Core mechanisms for Web Services extensions 9
  • 10. WS standards for every requirement “Are we there yet?” Short answer: No, but we’re moving forward Long answer: Visit WS-Map ☺ (or another overview site…) http://web.ist.utl.pt/miguel.pardal/ws-map2007-10-30 Core mechanisms for Web Services extensions 10
  • 11. Why go beyond the standards?• “One size does not fit all”• Vendor WS implementations – From Microsoft, IBM, Sun, Oracle, … – Good library implementations of complex WS standards – Solve 90% of the problem but are difficult to customize to specific needs• WS Extensions – Simpler library development – Appeal to a much broader developer community – Handle the remaining 10%...2007-10-30 Core mechanisms for Web Services extensions 11
  • 12. Analogy: Mozilla Firefox extensions• Firefox implements 90% of requirements – Extensions add value to users, meeting specific needs and improving the browsing experience2007-10-30 Core mechanisms for Web Services extensions 12
  • 13. Example extension: Security report• Some applications prefer not to know about security, they just want it – But others need to know, for instance, to store audit information in a database• Security report extension – A report is produced during WS-Security processing • All actions and all parameters described • In a simple, easy-to-use object model – Leverage WS-Security standard implementation – Enables context sharing through meaningful abstractions, delegating security decisions in a simple and effective way2007-10-30 Core mechanisms for Web Services extensions 13
  • 14. Problem statement• What are the core mechanisms required for developing Web Services extensions ? – Like “security report”2007-10-30 Core mechanisms for Web Services extensions 14
  • 15. Proposed core mechanisms • Policy • Configuration • Contexts management • Message flow interception • Operation implementation interception Packages and dependencies2007-10-30 Core mechanisms for Web Services extensions 15
  • 16. Policy• Requirements declaration – e.g. Declare that a WS can be invoked with transport security or with message security• Policy negotiation between client and server2007-10-30 Core mechanisms for Web Services extensions 16
  • 17. Configuration• Parameters – Which extensions to engage? – What are the parameter values? • e.g. Which digital certificate to use?2007-10-30 Core mechanisms for Web Services extensions 17
  • 18. Contexts management• Scoped state variables – Application – Session – Operation – Thread• Enable data sharing between extensions and service implementation2007-10-30 Core mechanisms for Web Services extensions 18
  • 19. Message flow interception• Message handling at service endpoint – Incoming or outgoing – Read/write header and body of SOAP messages • e.g. Do digital signature of body and place it in header2007-10-30 Core mechanisms for Web Services extensions 19
  • 20. Operation implementation interception• Execute additional code before or after the service implementation – e.g. Implement authorization and access logging• Object factories can return different implementations according to the desired behavior2007-10-30 Core mechanisms for Web Services extensions 20
  • 21. Proof-of-concept• All mechanisms implemented on Java Web Services – Apache Commons Policy 1.0 • Policy – JAX-WS Handlers • Message interception – Custom coding • Configuration, Contexts and Operation Execution• Field-tested on a prototype and several course projects: – Security and distributed transactions extensions – Multiple development teams – Significant improvements in ease of development and learning2007-10-30 Core mechanisms for Web Services extensions 21
  • 22. Outline• Service-oriented Enterprise Applications• Web Service Extensions – Core mechanisms• Conclusions2007-10-30 Core mechanisms for Web Services extensions 22
  • 23. Conclusions• Web Services development – Functional requirements are satisfied with components – Non-functional requirements are satisfied with aspects that can differ according to invocation circumstances• Web Services extensions – Simplify custom library development – Broaden developer community• Future work: – Enterprise application framework • Local and remote services • Integrated extensions engine – Platform-independent extensions: Java and Dot Net2007-10-30 Core mechanisms for Web Services extensions 23
  • 24. Looking ahead… With extensions, more developers can try new ideas. This encourages competition and best-of-breed selections, that can further advance the state-of-the-art of Web Services technology Obrigado Thank you Questions & Answers miguel.pardal@dei.ist.utl.pt2007-10-30 Core mechanisms for Web Services extensions 24