• Save
Web Services
Upcoming SlideShare
Loading in...5
×
 

Web Services

on

  • 8,396 views

 

Statistics

Views

Total Views
8,396
Views on SlideShare
8,357
Embed Views
39

Actions

Likes
24
Downloads
0
Comments
4

5 Embeds 39

http://99developer.com 25
http://www.linkedin.com 6
https://www.linkedin.com 5
http://www.99developer.com 2
http://static.ak.facebook.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • hi nice one ....can you pls share this to rannjithmaguluri@gmail.com
    Are you sure you want to
    Your message goes here
    Processing…
  • thanks
    Are you sure you want to
    Your message goes here
    Processing…
  • good one
    Are you sure you want to
    Your message goes here
    Processing…
  • nice one ...need dis ,anilkumar.baangale@gmail.com
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Types – a container for data type definitions using some type system (such as XSD). Message – an abstract, typed definition of the data being communicated. Operation – an abstract description of an action supported by the service. Port Type –an abstract set of operations supported by one or more endpoints. Binding – a concrete protocol and data format specification for a particular port type. Port – a single endpoint defined as a combination of a binding and a network address. Service – a collection of related endpoints.

Web Services Web Services Presentation Transcript

  • WebServices by Gaurav Tyagi
  • Day 1 Agenda
    • JAXB
    • SOAP
    • WSDL
  • JAXB
    • Fast and Convenient way to bind XML Schemas to Java Representations
    • Provides methods for unmarshalling XML instance documents into Java Content Trees
  • JAXB Architectural Overview
  • WebServices – Business Definition
    • So…What does that REALLY mean to technologists ?
      • Web services are a powerful integration architecture that enables applications to dynamically interact across networks, through the use of open Internet technologies
  • Web Services – A Technical Definition
    • Web services are software components described via WSDL which are capable of being accessed via standard network protocols such as SOAP over HTTP
  • Conceptual Foundation Service Service Description Service Description Bind
  • Conceptual Web Services Stack Service Flow Service Discovery Service Publication Service Description XML-based Messaging Network Security/Trust/Privacy Management Quality of Service
  • Definition of Stack Layers
    • Network
      • Internet-standards-based transport
        • HTTP,HTTPS
        • FTP
        • SMTP
      • Network choice should be based on
        • Where service will be accessed from
        • Existing network and messaging infrastructure
        • Degree of reliability and security required
        • Degree of interoperability required
  • Definition of Stack Layers
    • XML-Based Messaging
      • Messages are sent as XML documents conformant to well known or published XML Schemas
      • The messaging infrastructure will use SOAP
        • SOAP is the simple, standardized enveloping mechanism for communicating document centric messages and remote procedure calls using XML
      • SOAP defines a standard mechanism to incorporate orthogonal extensions to the message using SOAP headers
  • Definition of Stack Layers
    • Service Description
      • Service Interface Definition
        • Specification of logical interface and bindings
        • WSDL provides all IDL capabilities
    Service Interface Definition Type Message PortType Binding Service Implementation Definition Service Port
  • Definition of Stack Layers
    • Service Description
      • Service Implementation Definition
        • Defines network location, protocols, security requirements and other attributes specific to a particular instance of a service endpoint for a binding
    Service Interface Definition Type Message PortType Binding Service Implementation Definition Service Port
  • Definition of Stack Layers
    • Service Publication
      • Make the Service Description available
      • Create the nonfunctional service description
        • Taxonomy, ownership, business name, business type, various keywords for discovery easier
      • Endpoint details and requirements
    • Where the description is published can vary:
      • Directed-email, diskette, ...
      • Web Service Inspection Language (WSIL)
      • UDDI—Private or Universal Business Registry
  • Definition of Stack Layers
    • Service Discovery
      • Static
        • Services found and bound to at development time
        • Found in file system, URL, or services directory
        • Tools browse/search/generate skeletons proxies
      • Dynamic
        • Bind interface during development and Find service implementation endpoint at runtime
        • Interface and Endpoint found and bound at runtime
        • Found at URL or services directory
      • UDDI defines a searchable services directory
  • Definition of Stack Layers
    • Service Flows
      • Services as activities in work flows
      • Flows of services, potentially between partners
      • Services as wrappers for exposed business processes
      • Service composition
  • Definition of Stack Layers
    • Quality of Service
      • Network Level: reliable messaging
      • Service Description Level:
        • Implementation level
          • Ex. Transactional, secure
        • Interface level
          • Ex. Tolerable response times
        • Provided by WSDL and potentially other definitions (potentially based on ebXML Partner Agreements type of information)
      • Publication/Discovery: highly available UDDI node
  • Definition of Stack Layers
    • Security
      • Requirements:
        • Confidentiality
        • Authorization
        • Data Integrity
        • Proof of Origin
        • Non-Repudiation
  • Definition of Stack Layers
    • Security
      • Network
        • HTTPS, SSL, current network technologies
      • XML Messaging
        • Basic Auth in SOAP header
        • XML Digital Signature
        • Support trusted third-party authentication
      • Service Description
        • Security capabilities and requirements
      • Publication/Discovery
        • Trusted registry, trusted access (same issues)
  • Definition of Stack Layers
    • Management
      • Means:
        • Information: Identification, Configuration
        • Metrics: Performance
        • Control: Operations, Configuration
      • By Management System for:
        • Web Services Infrastructure
        • Each enterprise responsible for managing own infrastructure
      • Enterprises will need to expose management interfaces for use by business partners: status, query, cancel
  • WebServices - Distinguished Features
    • Open Infrastructure
      • Deployed using Industry standard Protocols
        • HTTP, XML
    • Language Transparency
      • Web services and their clients can interoperate even if written in different programming languages
    • Modular Design
      • Ability to generate new services through integration
  • Example TimeServer
  • Example – Rich Data Types
  • XML-RPC
    • RPC protocol which uses XML to encode its calls and HTTP as transport mechanism
    • Array
      • <array>
      • <data>
      • <value><i4> 1404 </i4></value>
      • <value><string> Something here </string></value>
      • <value><i4> 1 </i4></value>
      • </data>
      • </array>
  • XML-RPC
    • Base64
      • <base64> eW91IGNhbid0IHJlYWQgpcyE= </base64>
    • Boolean
      • <boolean> 1 </boolean>
    • Double
      • <double> -12.53 </double>
    • Int
      • < int >234</ int >
      • <i4> -11 </i4>
  • XML-RPC Request/Response
    • XML-RPC Method Request
    • <methodCall>
      • <methodName> examples.getStateName </methodName>
    • <params>
    • <param> <value><i4> 40 </i4></value></param>
    • </params>
    • </methodCall>
    • XML-RPC Method Response
    • <methodResponse>
    • <params>
    • <param>
    • <value><string> South Dakota </string></value>
      • </param>
    • </params>
    • </methodResponse>
  • JAX-RPC
    • JAX-RPC defines standard Java APIs for XML-based RPC
    • XML based protocol: SOAP 1.1 and 1.2
      • Representation of RPC requests, responses and related context information
    • Services described using WSDL
  • What is SOAP ?
    • A lightweight xml-based protocol for message exchange
    • Supports message typing, strong typing, and structured data
    • Styles
      • RPC: formatted payload for method invocation
      • Document: xml document payload
    • Encodings
      • Encoded
      • Literal
    • Headers: security, context
    • Works over more than just HTTP!
  • SOAP Flow Application Application Web Service Service Requestor Service Provider SOAP Network Protocol SOAP Network Protocol 1 2 4 3 Service Invocation Response
  • What is SOAP ? (Contd..)
    • Consists of three parts
      • An Envelope
      • A set of encoding rules
      • Conventions for RPC request & response
  • SOAP Message
    • <?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?>
    • <SOAP-ENV:Envelope
    • SOAP-ENV:encodingStyle=
    • &quot;http://schemas.xmlsoap.org/soap/encoding/&quot;
    • xmlns:SOAP-ENV=
    • &quot;http://schemas.xmlsoap.org/soap/envelope/&quot; xmlns:xsd=&quot;http://www.w3.org/2001/XMLSchema&quot;
    • xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot;>
    • <SOAP-ENV:Header>
    • <hd:Security xmlns:hd=&quot;http://www.e1.com&quot;>
    • <username>Wilner</username>
    • <password>BigDeal</password>
    • </hd:Security>
    • </SOAP-ENV:Header>
    • <SOAP-ENV:Body>
    • <ns1:GetCustomer xmlns:ns1=&quot;http://www.e1.com&quot;>
    • <CustomerId xsi:type=&quot;xsd:int&quot;>6734</CustomerId>
    • </ns1:GetCustomer>
    • </SOAP-ENV:Body>
    • </SOAP-ENV:Envelope>
  • SOAP Message SOAP Envelope <Envelope> encloses message SOAP Body <Body> encloses body entries SOAP Header <Header> encloses headers (optional) Header Entry Header Entry … Headers entries contain extensions Body Entry Message name and data
  • SOAP Envelope
    • Top Level XML Element of SOAP Message
    • It MUST be present in a SOAP message
    • It MAY contain namespace declarations as well as additional attributes
  • SOAP Envelope
    • < SOAP-ENV:Envelope
      • SOAP-ENV:encodingStyle=
    • &quot;http://schemas.xmlsoap.org/soap/encoding/&quot;
    • xmlns:SOAP-ENV=
    • &quot;http://schemas.xmlsoap.org/soap/envelope/&quot; xmlns:xsd=&quot;http://www.w3.org/2001/XMLSchema&quot;
    • xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot; >
    • <SOAP-ENV:Body>
    • </SOAP-ENV:Body>
    • </ SOAP-ENV:Envelope >
  • SOAP Body
    • Body entry contains application-specific data
    • Serialized based on encodingStyle
    • May represent an RPC request or response message, a specific document, or whatever you want
    • Only fault structure has been defined for SOAP Body.
  • SOAP Body
    • <SOAP-ENV:Envelope … >
    • <SOAP-ENV:Body>
      • <ns1:GetCustomer xmlns:ns1=&quot;http://www.e1.com&quot;>
      • <CustomerId xsii:type=&quot;xsd:int&quot;> 6734</CustomerId>
      • </ns1:GetCustomer>
      • </SOAP-ENV:Body>
    • </SOAP-ENV:Envelope>
  • SOAP Header
    • Allows (optional) context information to be added to message independently of the payload
      • Authentication and authorization information
      • Transaction id
      • Object id
    • Intermediary specific information – chaining
      • Routing information – to, from, via, etc…
      • Security information
      • Auditing
  • SOAP Header Attributes
    • Should be used on immediate child elements ONLY
    • SOAP actor attribute – Global attribute to indicate the recipient of the header element.
    • SOAP mustUnderstand - Global attribute to indicate that that the recipient of the message must process the message.
  • SOAP Header
    • <SOAP-ENV:Envelope … >
    • <SOAP-ENV:Header>
    • <hd:TID xmlns:hd=&quot;http://www.e1.com&quot;>
    • 673456:4439234:439439439349
    • </hd:TID>
    • <hd:Security xmlns:hd=&quot;http://www.e1.com&quot;>
    • <username>Wilner</username>
    • <password>BigDeal</password>
    • </hd:Security>
    • </SOAP-ENV:Header>
    • <SOAP-ENV:Body>
    • </SOAP-ENV:Body>
    • </SOAP-ENV:Envelope>
  • SOAP Faults
    • Only Body entry defined by SOAP
    • Carries error information back to originator of a SOAP message
    • Elements
      • Fault Code – VersionMismatch, mustUnderstand, Client, Server
      • Extended Fault Codes
      • Fault String
      • Fault Actor
      • Detail – error information related to BODY element only.
  • SOAP Fault
    • HTTP/1.0 500 Internal Server Error
    • Content-Type: text/xml; charset=&quot;utf-8&quot;
    • Content-Length: 595
    • <SOAP-ENV:Envelope
    • xmlns:SOAP-ENV=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot;
    • <SOAP-ENV:Body>
    • <SOAP-ENV:Fault>
    • <faultcode>SOAP-ENV:Client</faultcode>
    • <faultstring>Client Error</faultstring>
    • <faultactor>http://www.mindstrm.com/LocalWeather</faultactor>
    • <detail>
    • <m:weatherfaultdetails xmlns:m=&quot;WeatherStation&quot;>
    • <message>No such temperature scale: Calcium</message>
    • <errorcode>1234</errorcode>
    • </m:weatherfaultdetails>
    • </detail>
    • </SOAP-ENV:Fault>
    • </SOAP-ENV:Body>
    • </SOAP-ENV:Envelope>
  • SOAP Encodings
    • SOAP encoding offers the following rules to convert any data value defined in SOAP data model into XML format.
    • Encompasses the organization of data structure
    • Schemas are used as references to definition of data element
    • Polymorphic Accessor
      • MUST contain an xsi:type attribute
    • Compound Types
      • Arrays & Structs
      • Directed-Labeled-Graph
  • SOAP Encoding Rules - Compound Types
    • Array – ordinal position is the distinction
      • Homogeneous Arrays
        • xsi:type=“SOAP-ENC:Array”
        • Attribute SOAP-ENC:arrayType used to declare type of objects
      • Heterogeneous Arrays
        • To encode – use xsd:ur-type
      • Partial Arrays
        • xsi:null is used to encode null elements
        • SOAP-ENC:offset attribute represents ordinal position of first element.
      • Sparse Arrays
        • SOAP-ENC:position for each element of the array
    • Struct – accessor name is distinction among members
      • xsd:complexType
  • SOAP Over HTTP Request
          • POST / HTTP/1.1
          • SOAPAction: &quot;http://www.e1.com/GetCustomer&quot;
          • Content-Type: text/xml; charset=utf-8
          • Host: localhost:8081
          • Content-length: 706
          • <SOAP-ENV:Envelope … >
          • <SOAP-ENV:Body>
          • <ns1:GetCustomer
          • xmlns:ns1=&quot;http://www.e1.com&quot;>
          • <CustomerId xsi:type=&quot;xsd:int&quot;>
          • 6734
          • </CustomerId>
          • </ns1:GetCustomer>
          • </SOAP-ENV:Body>
        • </SOAP-ENV:Envelope>
    HTTPHeader SOAP Request
  • SOAP over HTTP Response
          • HTTP/1.1 200 OK
          • Content-Type: text/xml; charset=utf-8
          • Content-Length: 226
          • <SOAP-ENV:Envelope … >
          • <SOAP-ENV:Body>
          • <ns1:GetCustomerResponse xmlns:ns1=&quot;http://www.e1.com&quot;>
          • <Name xsi:type=&quot;xsd:string&quot;>
          • Fred Flintstone
          • </Name>
          • <Balance xsi:type=&quot;xsd:decimal&quot;>
          • 2349.27
          • </Balance>
          • </ns1:GetCustomerResponse>
          • </SOAP-ENV:Body>
        • </SOAP-ENV:Envelope>
    HTTP Response Header SOAP Response
  • Service Activation Models
    • Request-level Service Activation
      • A new instance of the object is created for each request
    • Application-level Service Activation
      • The class is treated as a singleton
    • Session-level Service Activation
      • An object for each session
  • SOAP – Alternative Techniques
    • SOAP Messaging
      • Different Format than RPC Services
      • No Concept of a method signature, method parameters, or return values in the messaging model
      • Messaging Requirements
        • Name of the first child must correspond to the name of the service
        • xmlns namespace attribute on that element specifies the name of the service.
    • SOAP Document/Wrapped
    • SOAP With Attachments
  • SOAP Messaging - Example
    • <SOAP_ENV:Envelope
    • xmlns:SOAP-ENV=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot;>
      • <SOAP-ENV:Body>
      • < recordTemperature xmlns=&quot; urn:WeatherDiary &quot;/>
      • <temperature>75.5</temperature>
      • <zipcode>50328</zipcode>
      • </SOAP-ENV:Body>
    • </SOAP-ENV:Envelope>
  • SOAP Document/Wrapped
    • Neither use SOAP encoding for Data ; Just Plain old Schema
    • Binding is still done to XML
  • Document/Wrapped Example
    • <soap:Envelope
      • xmlns=&quot;http://xml.apache.org/axis/wsdd/&quot; xmlns:java=&quot;http://xml.apache.org/axis/wsdd/providers/java&quot;>
      • <soap:Body>
        • <myNS:PurchaseOrder xmlns:myNS=&quot;http://commerce.com/PO&quot;> <item>SK001</item>
        • <quantity>1</quantity>
        • <description>Sushi Knife</description>
        • </myNS:PurchaseOrder>
      • </soap:Body>
      • </soap:Envelope>
    • Document
      • public void method(PurchaseOrder po)
    • Wrapped
      • public void purchaseOrder(String item, int quantity, String description)
  • SOAP Features
    • Message Transport
    • Service Contract
    • Type System
  • SOAP based Service
    • Request/Response Message Exchange Pattern
    • Example HTTP request/response
  • Patterns in Web Service
    • Message Exchange Pattern
    • Publish/Subscribe
    • Solicit/Response
  • WSDL - Overview
    • WSDL is a simple XML grammar for describing how to communicate with a Web service
      • It defines the messages (both abstract and concrete) that are sent to and from a service
      • It defines logical collections of messages (“port type”, “interface”)
      • It defines how a given “port type” is bound to particular wire protocols
      • It defines where the service is located
  • WSDL Overview (Contd..)
    • Service interface
      • What can it do?
    • Service implementation
      • How do I invoke it?
    • Service location
      • Where does it reside?
  • WSDL Elements
    • <definitions…>
    • <types>…</types>
    • <messages…>…</messages>
    • <messages…>…</messages>
    • <portType…>…</portType>
    • <portType…>…</portType>
    • <binding…>…</binding>
    • <service…>…</service>
    • </definitions>
  • WSDL Document Structure <definitions> <types> <!-- XML Schema --> </types> <message name=“getQuote_In” /> <message name=“getQuote_Out” /> <portType name=“StockQuoteServiceInterface”> <operation name=“getQuote”> <input message=“getQuote_In” /> <output message=“getQuote_Out” /> </operation> </portType> <binding name=“StockQuoteServiceBinding” type=“StockQuoteServiceInterface”> <soap:binding transport=“http://schemas.xmlsoap.org/soap/http” /> </binding> <service name=“StockQuoteService”> <port name=“StockQuoteServicePort” binding=“StockQuoteServiceBinding”> <soap:address location=“http://www.acme.com/services/stockquote” /> </port> </service> </definitions> Definition of data types Definition of messages Definition of port type Definition of the bindings Definition of the service
  • WSDL Elements -Definitions
    • < definitions name=&quot;CustomerAdmin&quot;
    • targetNamespace=
    • &quot;http://www.example.com/customer&quot;
    • xmlns:tns=&quot;http://www.example.com/customer&quot;
    • xmlns: soap =
    • &quot;http://schemas.xmlsoap.org/wsdl/soap/&quot;
    • xmlns: xs =&quot;http://www.w3.org/2001/XMLSchema&quot;
    • xmlns: xsi =
    • &quot;http://www.w3.org/2001/XMLSchema-instance&quot;>
    • xmlns =&quot;http://schemas.xmlsoap.org/wsdl/&quot;
    • </ definitions >
  • WSDL Elements - Types
    • <definitions .... >
      • <types>
      • <xsd:schema .... />* </types>
      • </definitions>
    • Optional Element
    • Holds, points to, or imports an XSD
    • Encloses data type definitions relevant for the exchanged messages
    • WSDL 2.0 allows for alternatives to XML-Schema
      • Relax NG
      • DTD
  • WSDL Elements - Messages
    • Defines the messages that implement the service
    • Constructed from data types defined in the types section or
    • available as defaults
    • The part name attribute provides a unique name among all the parts of the enclosing message.
    • The message name attribute provides a unique name among all messages defined within the enclosing WSDL document
    • <definitions…>
    • <message name=“nmtoken”> *
    • <part name=“nmtoken”
    • element=“qname”?
    • type=“qname”?/>*
    • </message>
    • </definitions>
  • WSDL Elements – Port Types
    • Presents the service as named operations
    • Similar to Java Interface
    • Four Transmission primitives
      • One-Way
      • Request-Response
      • Solicit-Response
      • Notification
    • Specify directional properties in and out from service’s perspective
      • in message is to a service
      • out message is from the service
    • in/out indicate request/response pattern
    • out/in indicate solicit/response pattern
    • <wsdl:definitions…>
    • <wsdl:portType
    • name=“nmtoken”>
    • <wsdl:operation
    • name=“nmtoken”…/>*
    • </wsdl:portType>
    • </wsdl:definitions>
  • One-way Operation
    • <wsdl:definitions .... >
    • <wsdl:portType .... > *
    • <wsdl:operation name=&quot;nmtoken&quot;>
    • <wsdl:input name=&quot;nmtoken&quot;? message=&quot;qname&quot;/> </wsdl:operation>
    • </wsdl:portType >
    • </wsdl:definitions>
  • Request-Response Operation
    • <wsdl:definitions .... >
    • <wsdl:portType .... > *
    • <wsdl:operation
    • name=&quot;nmtoken&quot;
    • parameterOrder=&quot;nmtokens&quot;>
    • <wsdl:input name=&quot;nmtoken&quot;? message=&quot;qname&quot;/>
    • <wsdl:output name=&quot;nmtoken&quot;? message=&quot;qname&quot;/>
    • <wsdl:fault name=&quot;nmtoken&quot;? message=&quot;qname&quot;/>
    • </wsdl:operation>
    • </wsdl:portType >
    • </wsdl:definitions>
  • Solicit-response Operation
    • <wsdl:definitions .... >
    • <wsdl:portType .... > *
    • <wsdl:operation name=&quot;nmtoken&quot; parameterOrder=&quot;nmtokens&quot;>
    • <wsdl:output name=&quot;nmtoken&quot;? message=&quot;qname&quot;/>
    • <wsdl:input name=&quot;nmtoken&quot;? message=&quot;qname&quot;/>
    • <wsdl:fault name=&quot;nmtoken&quot;? message=&quot;qname&quot;/>
    • </wsdl:operation>
    • </wsdl:portType >
    • </wsdl:definitions>
  • Notification
    • <wsdl:definitions .... >
    • <wsdl:portType .... > *
    • <wsdl:operation name=&quot;nmtoken&quot;>
    • <wsdl:output name=&quot;nmtoken&quot;? message=&quot;qname&quot;/> </wsdl:operation>
    • </wsdl:portType >
    • </wsdl:definitions>
  • WSDL Elements - Bindings
    • A <binding> element is a concrete protocol and data format specification for a <portType> element.
    • Similar to Java implementation of an interface (wsdl porttype )
    • Provides implementation details of service defined abstractly
      • Transport Protocol to be used in sending and receiving SOAP messages
        • HTTP or SMTP or anything else
        • <soap:binding style=&quot;rpc&quot; transport=&quot;http://schemas.xmlsoap.org/soap/http &quot;>
      • Style of the service
        • Style attribute takes either “rpc” or “document” as the value
        • @SOAPBinding(style = Style.RPC)
      • Data Format to be used in the SOAP messages
        • Use attribute has two choices - Literal and encoded
  • Bindings
    • <wsdl:definitions…>
      • <wsdl:binding name=&quot;nmtoken&quot; type=&quot;qname&quot;> *
        • <-- extensibility element (1) --> *
      • <wsdl:operation name=&quot;nmtoken&quot;> *
      • <-- extensibility element (2) --> *
      • <wsdl:input name=&quot;nmtoken&quot;?> ?
      • <-- extensibility element (3) -->
      • </wsdl:input>
      • <wsdl:output name=&quot;nmtoken&quot;?> ?
      • <-- extensibility element (4) --> *
      • </wsdl:output>
      • <wsdl:fault name=&quot;nmtoken&quot;> *
      • <-- extensibility element (5) --> *
      • </wsdl:fault>
      • </wsdl:operation>
      • </wsdl:binding>
      • </wsdl:definitions>
  • SOAP binding of one-way operation over SMTP using a SOAP Header
    • <binding name=&quot;StockQuoteSoap“ type=&quot;tns:StockQuotePortType&quot;>
    • <soap:binding style=&quot;document&quot; transport=&quot;http://example.com/smtp&quot;/>
    • <operation name=&quot;SubscribeToQuotes&quot;>
    • <input message=&quot;tns:SubscribeToQuotes&quot;>
    • <soap:header element=&quot;xsd1:SubscriptionHeader&quot;/>
    • </input>
    • </operation>
    • </binding>
  • SOAP binding of request-response RPC operation over HTTP
    • <binding name=&quot;StockQuoteSoapBinding&quot; type=&quot;tns:StockQuotePortType&quot;> <soap:binding style=&quot;rpc&quot; transport=&quot;http://schemas.xmlsoap.org/soap/http&quot;/>
    • <operation name=&quot;GetLastTradePrice&quot;>
    • <soap:operation soapAction=&quot;http://example.com/GetLastTradePrice&quot;/>
    • <input>
    • <soap:body use=&quot;encoded&quot; namespace=&quot;http://example.com/stockquote&quot; encodingStyle=&quot;http://schemas.xmlsoap.org/soap/encoding/&quot;/>
    • </input>
    • <output>
    • <soap:body use=&quot;encoded&quot; namespace=&quot;http://example.com/stockquote&quot; encodingStyle=&quot;http://schemas.xmlsoap.org/soap/encoding/&quot;/>
    • </output>
    • </operation>>
    • </binding>
  • WSDL Elements - Service
    • <service name=&quot;Oxford University Libraries&quot;>
      • <documentation>
      • Z39.50 Server for Oxford University Libraries
      • </documentation>
    • <port name=&quot;OLIS&quot; binding=&quot;ez:ez3950SOAPBinding&quot;>
    • <soap:address location=&quot;http://jafer.las.ox.ac.uk/ez3950&quot;/>
    • </port>
    • </service>
    • A web service is a grouping of one or more <port> elements.
    • A <port> element consists of porttype (interface) together with a corresponding binding (implementation)
  • SOAP Binding in WSDL
    • soap:binding
    • soap:operation
    • soap:body
    • soap:fault
    • soap:header
    • soap:address
  • HTTP Bindings
    • <binding name=&quot;b1&quot; type=&quot;pt1&quot;>
    • <http:binding verb=&quot;GET&quot;/>
    • <operation name=&quot;o1&quot;>
    • <http:operation location=&quot;o1/A(part1)B(part2)/(part3)&quot;/> <input>
    • <http:urlReplacement/>
    • </input>
    • <output>
    • <mime:content type=&quot;image/gif&quot;/> <mime:content type=&quot;image/jpeg&quot;/>
    • </output>
    • </operation>
    • </binding>
  • HTTP Bindings in WSDL
    • http:address
    • http:binding
    • http:operation
    • http:urlEncoded
    • http:urlReplacement
  • WSDL Elements Service Implementation Service Interface Service Location operation porttype message types operation binding message port service wsdl part part part XML Schema XML Schema XML Schema XML Schema operation binding message
  • Bindings – Style/use
    • Default is document/literal
    Style Use document literal Document encoded rpc literal rpc encoded
  • RPC – style WSDL
      • <types></types>
      • <message name=&quot;getTimeAsString&quot;></message>
      • <message name=&quot;getTimeAsStringResponse&quot;>
      • <part name=&quot;time_response&quot; type=&quot;xsd:string&quot;></part>
      • </message>
      • <message name=&quot;getTimeAsElapsed&quot;></message>
      • <message name=&quot;getTimeAsElapsedResponse&quot;>
      • <part name=&quot;time_response&quot; type=&quot;xsd:long&quot;></part>
      • </message>
  • Document style WSDL
    • <types>
      • <xsd:schema>
      • <xsd:import schemaLocation=&quot;http://localhost:9876/ts?xsd=1&quot; namespace=&quot;http://ts.ch02/&quot;>
      • </xsd:import>
      • </xsd:schema>
      • </types>
      • <message name=&quot;getTimeAsString&quot;>
      • <part element=&quot;tns:getTimeAsString&quot; name=&quot;parameters&quot;></part>
      • </message>
      • <message name=&quot;getTimeAsStringResponse&quot;>
      • <part element=&quot;tns:getTimeAsStringResponse&quot; name=&quot;parameters“></part>
      • </message>
      • <message name=&quot;getTimeAsElapsed&quot;>
      • <part element=&quot;tns:getTimeAsElapsed&quot; name=&quot;parameters&quot;></part>
      • </message>
      • <message name=&quot;getTimeAsElapsedResponse&quot;>
      • <part element=&quot;tns:getTimeAsElapsedResponse&quot; name=&quot;parameters&quot;></part> </message>
  • ‘ use’ attribute
    • literal
    • encoded
  • rpc/encoded
    • public void myMethod(int x,float y);
    • <soap:envelope>
    • <soap:body>
    • <myMethod>
    • <x xsi:type=&quot;xsd:int&quot;>5</x>
    • <y xsi:type=&quot;xsd:float&quot;>5.0</y>
    • </myMethod>
    • </soap:body>
    • </soap:envelope>
  • rpc/literal
    • public void myMethod(int x,float y);
    • <soap:envelope>
    • <soap:body>
    • <myMethod>
    • <x>5</x>
    • <y>5.0</y>
    • </myMethod>
    • </soap:body>
    • </soap:envelope>
  • document/literal
    • public void myMethod(int x,float y);
    • <types>
    • <schema>
    • <element name=&quot;xElement&quot; type=&quot;xsd:int&quot;/>
    • <element name=&quot;yElement&quot; type=&quot;xsd:float&quot;/>
    • </schema>
    • </types>
    • <message name=&quot;myMethodRequest&quot;>
    • <part name=&quot;x&quot; element=&quot;xElement&quot; />
    • <part name=&quot;y&quot; element=&quot;yElement&quot; />
    • </message>
    • <message name=&quot;empty&quot;/>
  • document/literal
    • public void myMethod(int x,float y);
    • <soap:envelope>
    • <soap:body>
    • <xElement>5</xElement>
    • <yElement>5.0</yElement>
    • </soap:body>
    • </soap:envelope>
  • document/encoded
    • Hardly supported/used.
    • JAX-WS does not support this
  • Wrapped and Unwrapped Document Styles
    • Unwrapped Document Style
    • <?xml version=&quot;1.0&quot; ?> <!-- Unwrapped document style --> <soapenv:Envelope xmlns:soapenv=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot; xmlns:xsd=&quot;http://www.w3.org/2001/XMLSchema&quot;> <soapenv:Body>
    • <num1 xmlns:ans=&quot;http://example.ws.org/&quot;>27</num1>
    • <num2 xmlns:ans=&quot;http://example.ws.org/&quot;>94</num2> </soapenv:Body>
    • </soapenv:Envelope>
    • Wrapped Document Style
    • <?xml version=&quot;1.0&quot; ?> <!-- Wrapped document style --> <soapenv:Envelope xmlns:soapenv=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot; xmlns:xsd=&quot;http://www.w3.org/2001/XMLSchema&quot;>
    • <soapenv:Body>
    • <addNums xmlns:ans=&quot;http://example.ws.org/&quot;> <num1>27</num1> <num2>94</num1>
    • </addNums>
    • </soapenv:Body>
    • </soapenv:Envelope>
  • Guidelines for Wrapped Document
    • The SOAP envelope's body should have only one part
    • The relationship between the WSDL's XSD and the single XML element in the SOAP body is well defined
    • The XML elements in the XSD serve as the wrappers for the SOAP message body
    • The request wrapper has the same name as the service operation
    • The WSDL portType section now has named operations (e.g., getTimeAsString) whose messages are typed
  • Example – Document Wrapped
  • JAX-WS Customizations
    • Customizations for WSDL to Java Mapping
    • They can customize almost all WSDL components that can be mapped to Java
      • Service Endpoint Interface
      • Method Name
      • Parameter Name
      • Exception class
      • Asynchrony
      • Wrapper Style
      • Handler chains
  • Comparison of Styles/Use (Contd..)
    • Document/Literal
      • Advantages
        • No type encoding information in SOAP Message
        • Easier to validate since everything within the SOAP body is defined in a schema
        • Better suited for asynchronous processing
      • Disadvantages
        • WSDL is getting a bit more complicated
        • The operation name in the SOAP message is lost
    • Document/Literal Wrapped
      • Advantages
        • Contains all advantages of Document/Literal
        • Method name appears in the SOAP message
      • Disadvantages
        • WSDL is still more complicated
        • Cannot use this style with overloaded functions
  • Comparison of styles/use
    • RPC/Encoded
      • Advantages
        • Flexibility to receiver while dispatching requests to Service
        • Only possible style when you are using polymorphism
      • Disadvantages
        • Harder to validate with too much type information
        • Causes a tight coupling between service provider & client
    • RPC/Literal
      • Advantages
        • Everything is not indicated by the schema, you must still know the RPC rules
        • The type encoding is eliminated from the messages and hence increases throughput performance
      • Disadvantages
        • Same as RPC/Encoded
  • Pros & Cons of RPC
    • Advantages
      • There is no types section, so wsdl is simple
      • Messages in the WSDL carry the names of the underlying web service operations, which are @WebMethods in a Java-based service
      • Message throughput may improve because the messages do not carry any type-encoding information
    • Disadvantages
      • The WSDL, with its empty types section, does not provide an XSD against which the body of a SOAP message can be validated.
      • The service cannot use arbitrarily rich data types because there is no XSD to define such types. The service is thus restricted to relatively simple types such as integers, strings, dates, and arrays of such.
      • This style, with its obvious link to the request/response pattern, encourages tight coupling between the service and the client
      • Java services written in this style may not be consumable in other frameworks, thus undermining interoperability
  • Pros and Cons of Document
    • Advantages
      • The body of a SOAP message can be validated against the XSD in the types section of the WSDL.
      • A service in this style can use arbitrarily rich data types, as the XML Schema language supports not only simple types such as integers, strings, and dates, but also arbitrarily rich complex types.
      • There is great flexibility in how the body of a SOAP message is structured so long as the structure is clearly defined in an XSD.
      • The wrapped convention provides a way to enjoy a key upside of the rpc style—naming the body of a SOAP message after the corresponding service operation—without enduring the downsides of the rpc style.
    • Disadvantages
      • In the unwrapped variant, the SOAP message does not carry the name of the service operation, which can complicate the dispatching of messages to the appropriate program code.
      • The wrapped variant adds a level of complexity, in particular at the API level. Writing a client against a wrapped-document service can be challenging.
      • The wrapped variant does not support overloaded service operations because the XML wrapper element in the body of a SOAP message must have the name of the service operation. In effect, then, there can be only one operation for a given element name.
  • Example - Asynchronous
  • Code first versus Contract First
    • If the service changes, the WSDL automatically changes
    • The code-first approach usually results in a service contract that provides few, if any, provisions for handling tricky but common problems in distributed systems such as partial failure of the service.
    • If the service implementation is complicated or even messy, these features carry over into a WSDL that may be difficult to understand and to use in the generation of client artifacts. In short, the code-first approach is clearly not consumer-oriented
    • The code-first approach seems to go against the language-neutral theme of SOAP-based web services. If the contract is done first, then the implementation language remains open.
  • Annotations to WSDL Section
    • @WebService(
      • name = &quot;AnnotatedTimeServer&quot;,
      • serviceName = “NewTimeServer&quot;,
      • targetNamespace = &quot;http://org.ws.example/&quot;)
    • @SOAPBinding(
      • style = SOAPBinding.Style.DOCUMENT,
      • use = SOAPBinding.Use.LITERAL,
      • parameterStyle = SOAPBinding.ParameterStyle.WRAPPED)
  • Annotations to WSDL Sections
    • @WebMethod(operationName = &quot;time_string&quot;) @WebResult(name = &quot;ts_out&quot;, targetNamespace = &quot;http://org.ws.example&quot;)
    • @Oneway
    • @WebParam(
      • name = &quot;client_message&quot;,
      • targetNamespace = &quot;http://org.ws.example&quot;,
      • mode = WebParam.Mode.IN)
  • Day 2 Agenda
    • SOAP Handlers
    • Webservices and Binary data
    • RestFul WebServices
  • SOAP Handlers
    • Handlers are programmer written classes that contain callbacks
    • A client-side handler has access to the outgoing request message as well as incoming response message
    • Handlers encourage Chain of Responsibility pattern
    • Can be Logical or SOAP Handler
  • SOAP Messaging Architecture
    • <S:Envelope xmlns:S=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot;>
    • <S:Header>
    • <uuid xmlns=&quot;http://org.ws&quot;
    • xmlns:SOAP-ENV=&quot;http://schemas.xmlsoap.org/soap/envelope/&quot; SOAP- ENV:actor=&quot;http://schemas.xmlsoap.org/soap/actor/next&quot;>
    • ca12fd33-16e1-4a95-b17e-3ef6744babdc
    • </uuid>
    • </S:Header>
    • <S:Body>
    • <ns2:countBooks xmlns:ns2=&quot;http://org.ws&quot;>
    • <arg0>45</arg0>
    • </ns2:countBooks>
    • </S:Body>
    • </S:Envelope>
    Sender Receiver Intermediary 1 Intermediary 2
  • Handler Configuration
    • Declarative
    • <?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot; standalone=&quot;yes&quot;?>
    • <javaee:handler-chains xmlns:javaee=&quot;http://java.sun.com/xml/ns/javaee&quot; xmlns:xsd=&quot;http://www.w3.org/2001/XMLSchema&quot;>
    • <javaee:handler-chain>
        • <javaee:handler>
        • <javaee:handler-class>
        • UUIDHandler
        • </javaee:handler-class>
        • </javaee:handler>
    • </javaee:handler-chain>
    • </javaee:handler-chains>
    • Programmatic
      • Using APIs – HandlerResolver class
        • setHandlerResolver
  • Example – SOAP with one Intermediary (Declarative)
  • Example – SOAP with one Intermediary (Programmatic)
  • Sequence of Handler Execution
    • Outbound Message
      • Logical handler execute before SOAPHandler
    • Inbound Message
      • SOAPHandler execute before Logical Handler
  • WebServices and Binary Data
    • Encode data using base64
      • Results in large payload
      • Overhead of Encode/Decode
    • Transmit as attachments to a SOAP message
      • Using DIME (Direct Internet Mail Extension)
      • Using MTOM (Message Transmission Optimization Mechanism)
        • Based on XOP (XML-Binary Optimized Packaging)
  • Example – Using Base64Encoding (Part1)
  • Example – Using Base64Encoding (Part2)
  • SOAP with Attachments and DIME
    • MIME-Version: 1.0
    • Content-Type: Multipart/Related; boundary=MIME_boundary; type=application/soap+xml;start=&quot;<claim@insurance.com>&quot;
    • --MIME_boundary Content-Type: application/soap+xml; charset=UTF-8 Content-Transfer-Encoding: 8bit Content-ID: <claim@insurance.com>
    • <soap:Envelope xmlns:soap=&quot;http://www.w3.org/2003/05/soap-envelope&quot;>
    • <soap:Body>
    • <submitClaim>
    • <accountNumber>5XJ45-3B2</accountNumber>
    • <eventType>accident</eventType>
    • <image href=&quot;cid:image@insurance.com&quot;/>
    • </submitClaim>
    • </soap:Body>
    • </soap:Envelope>
    • --MIME_boundary
    • Content-Type: image/jpeg
    • Content-Transfer-Encoding: binary
    • Content-ID: <image@insurance.com>
    • ...binary JPG image...
    • --MIME_boundary--
  • MTOM
    • A W3C Message Transmission Optimization Mechanism
    • A method of efficiently sending binary data to and from Web Service
      • Uses XOP to transmit binary data
    • Allows more efficient sending of binary data in SOAP Request or Response
  • Example - Using MTOM
  • REST
    • Stands for Representational State Transfer
    • Style of software architecture for distributed hypermedia systems
      • Systems in which text, graphics, audio, and other media are stored across a network and interconnected through hyperlinks
  • The REST Approach
    • Resource
      • Anything that has a URI
    • Resource itself remains on the service machine
    • Requestor receives a representation of the resource
  • Resource in REST Resource: GetStockPrice Restful Client HTTP Requests GET: Read POST: Create PUT: Update DELETE: Delete HTTP Responses MIME-TYPED Responses of Resource HTTP Verb Meaning in CRUD Terms POST Create a new resource from request data GET Read a resource PUT Update a resource DELETE Delete a resource
  • HTTP Verb and Opaque Names
    • A URI is meant to be opaque
    • A URI has no intrinsic hierarchical structure
    • A URI is a logical proper name that denotes exactly one resource
    • URIs act as identifying nouns and HTTP methods act as verbs that specify operations on resources
    HTTP verb/URI Intended CRUD Meaning POST emps Create a new employee from the request data GET emps Read a list of all employees Get emps?id=27 Read a singleton list of employee 27
  • REST Implementation
    • @WebService
      • Message exchanged between service & clients will be SOAP
    • @WebServiceProvider
      • Exchanged messages will be XML documents of some type
  • REST Example (GET)
  • Resource Oriented Architectures
    • Guidelines for implementation of a REST based architecture
    • Based upon the concept of a resource
    • Each resource is a directly accessible distributed component that is handled using a standard
  • Resource Oriented Architecture
    • Concepts
      • Resources
      • URIs
      • Representation
      • Links
    • Properties
      • Addressability
      • Statelessness
      • Connectedness
      • A uniform interface
  • ROA Concepts
    • Resource
      • Anything that’s important enough to be referenced as a thing itself
    • Resource name
      • Unique identification of the resource
    • Resource representation
      • Useful information about the current state of a resource
    • Resource link
      • Link to another representation of the same or another resource
    • Resource interface
      • Uniform interface for accessing the resource and manipulating its state
  • ROA vs SOA
    • Advantage of SOAP-based SOA
      • More mature tool support
      • Includes type safety of XML Requests
    • Advantages of ROA
      • Ease of Implementation
      • Agility in Design
      • Lightweight Requests
      • Easier Response parsing
  • Provider and Dispatcher
    • Provider implements the method
      • public Source invoke(Source request)
    • Dispatch
      • Dynamic Service Proxy
    • Process
      • The client invokes the Dispatch method invoke, with an XML document as the Source argument. If the request does not require an XML document, then the Source argument can be null.
      • The service-side runtime dispatches the client request to the Provider method invoke whose Source argument corresponds to the client-side Source.
      • The service transforms the Source into some appropriate Result (for instance, a DOM tree), processes this Result in an application-appropriate way, and returns an XML source to the client. If no response is needed, null can be returned.
      • The Dispatch method invoke returns a Source, sent from the service, that the client then transforms into an appropriate Result and processes as needed
  • Example – Provider & Dispatcher
  • REST with Servlets
  • Day 3
    • Web Services Security
      • HTTPS
      • Authentication
      • Authorization
    • UDDI
  • What is Security ?
    • Access control
      • Identity management—Who are your users?
      • Authentication—verifying user identity
      • Authorization—what a user can do
      • Auditing—keep track of what a user does
    • Secure communication
      • Keeping the conversation between two parties private
  • Web Service Security
    • Wire-Level Security
      • Transport-Level
      • Data Encryption
      • Message Integrity
    • Authentication and Authorization
    • WS-Security
      • Collection of Protocols that enforce different levels of security on SOAP messages
  • Wire-Level Security
    • HMAC (Hash Message Authentication Code)
      • Generate Input String
      • Compute Hash/Message Digest
      • Add Digest to Request in Authorization header
      • Future requests validate this digest
  • Security Terminology
    • Principal
      • An entity capable of being authenticated
    • Credentials
      • Piece of knowledge that provides access
      • Something you know/have
    • Subject
      • The entities that can perform action in the system
    • KeyStore
      • Collection of keys & Certificates
  • HTTPS
    • Peer Authentication (Mutual Challenge)
    • Confidentiality
    • Integrity
    eavesDropper Sender Receiver
  • Symmetric Encryption/Decryption Encryption Engine Decryption Engine Encryption Key Plain text (Unencrypted) Cipher bits (Encrypted) Decryption Key Original Plain bits Encryption Engine Decryption Engine Single Key Plain text (Unencrypted) Cipher bits (Encrypted) Original Plain bits
  • Asymmetric Encryption/Decryption Encryption Engine Decryption Engine Key Pair Plain text (Unencrypted) Cipher bits (Encrypted) Original Plain bits Public Key Private Key
  • HTTPS Support
    • Integrity
      • Uses Message Digest
    • Peer Authentication & Confidentiality
      • Digital Certificates
      • Key Exchange (Symmetric)
      • PKI (Assymetric)
  • Example – Basic HTTPS
  • Example – Enabling HTTPS
  • Example – Application Authentication
  • Example – WS Security
  • SOAP vs Distributed Objects
    • Distributed Objects
      • Programmer defined types loaded remotely
      • Client and Server communicate through binary streams rather than text
      • Structure of binary streams is specific to Java
    • SOAP
      • Client and Server exchange XML
      • Text can be inspected, validated, transformed, persisted, etc.
      • Client and Server need not be coded in the same language
  • What is UDDI
    • Universal Description, Discovery, and Integration
    • A project to encourage interoperability and adoption of web services
      • Standards-based specifications for service description and discovery
    • A set of internet-based implementations
      • UDDI business registry
      • Interoperating to share registrations
    • Partnership among industry and business leaders
      • Initiated by Ariba, IBM, and Microsoft
      • Now over 300 UDDI community members
  • Problems UDDI Solves
  • UDDI Implementation
  • What’s in the Registry ?
  • White Pages
    • Information about a business:
      • Business name
      • Text description(s)
    • List of multi-language text strings
      • Contact info
    • Names, addresses, phone numbers, fax numbers, web sites…
      • Identifiers
    • List of identifiers that a business may be known by
    • DUNS, Thomas Register, etc.
  • Yellow Pages
    • Business categories
    • 3 standard taxonomies in V1
      • Industry: NAICS (industry codes—US govt.)
      • Product/services: UN/SPSC (ECMA)
      • Location: Geographical taxonomy (ISO 3166)
    • Implemented as name-value pairs
      • Allows any valid taxonomy data to be attached to the business white page
  • Green pages
    • Specify how to bind to a service provider
    • Technical info about how to invoke a businesses services
      • References to specifications for web services
      • Support for pointers to various file and URL-based discovery mechanisms if required
    • Nested model
      • Business processes
      • Service descriptions
      • Binding information
    • Programming/platform/implementation agnostic
  • How UDDI v1 works SW companies, standards bodies, and programmers populate the registry with descriptions of different types of services 1 . UDDI Business Registry Segrvice Type Reistrations Business Registrations Businesses populate the registry with descriptions of the services they support 2 . 3 . UBR assigns a programmatically unique identifier to each service and business registration Marketplaces, search engines, and business apps query the registry to discover services at other companies 4 . Business uses this data to facilitate easier integration with each other over the Web 5 .
  • tModels
    • TModels
      • Categories & Identifiers
        • Categorization and Identification taxonomies are TModels
        • Categories and Identifiers are TModel Instances
        • Keyed Referenced
          • Name + Value + TModel
      • WSDL Port Types
        • WSDL Port Types are TModels
        • WSDL Services that are bound to a Port Type are TModel Instances
  • Registry APIs (SOAP Messages)
    • Inquiry API
      • Find things
        • find_business
        • find_service
        • find_binding
        • find_tModel
      • Get Details about things
        • get_businessDetail
        • get_serviceDetail
        • get_bindingDetail
        • get_tModelDetail
    • Publishers API
      • Save things
        • save_business
        • save_service
        • save_binding
        • save_tModel
      • Delete things
        • delete_business
        • delete_service
        • delete_binding
        • delete_tModel
      • security…
        • get_authToken
        • discard_authToken
  • Application Development Scenarios
    • Green Field —Create a new Web Service and new interface
    • Top Down —Create new Web Service implementing existing interface
    • Bottom Up —Create a new interface for an existing application
    • Meet in the Middle —Map an existing application to an existing interface
  • Summary
    • Web services is a standards-based way to make applications discoverable and usable on the Internet (intranet)
    • The industry is focusing on UDDI, SOAP, and WSDL as the foundations of the Web services approach
    • Web services are gateways into enterprise applications
  • Summary
    • Midas Touch—allows re-use and leveraging of existing Java and non Java platform-based assets… making more gold
    • Great Communicator—the canonical form for integration inside and outside the enterprise
    • First Step—on the road to dynamic e-business
  • Q & A