Your SlideShare is downloading. ×
Webservices
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Webservices

230
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
230
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. David Brabant, Siemens MEDDavid Brabant, Siemens MED
  • 2. AgendaAgenda Part1: SOA for “dummies”Part1: SOA for “dummies”(a soft introduction to service oriented architectures)(a soft introduction to service oriented architectures) Things aren’t getting simpler...Things aren’t getting simpler... The thirst for true system integrationThe thirst for true system integration The Quest for theThe Quest for the Holy GrailHoly Grail Service Oriented Architectures to the rescueService Oriented Architectures to the rescue Conclusions & questionsConclusions & questions Part 2: SOA for “smarties”Part 2: SOA for “smarties”(not for the faint of heart)(not for the faint of heart) Depends on your feedback todayDepends on your feedback today
  • 3. Things aren’t getting simpler... (1/7)Things aren’t getting simpler... (1/7)Yesterday’s development toolsYesterday’s development tools (circa 1983)(circa 1983)““Visual Studio”Visual Studio”Sophisticated features:Sophisticated features:cut, copy and paste,cut, copy and paste,delete/undelete,delete/undelete,undo/redo stackundo/redo stackCan be learned in less than 1 hour!Can be learned in less than 1 hour!
  • 4. Things aren’t getting simpler... (2/7)Things aren’t getting simpler... (2/7)Today’s development tools...Today’s development tools...(circa2005)Every oval on thisEvery oval on thisfigure requires severalfigure requires severaldays to severaldays to severalmonths of trainingmonths of trainingbefore being fullybefore being fullymastered...mastered...
  • 5. Things aren’t getting simpler (3/7)Things aren’t getting simpler (3/7)Typical enterprise environmentTypical enterprise environment (circa 1983)(circa 1983)Enterprise’sEnterprise’scriticalcriticalapplicationsapplicationsTypical configuration for a VAX 11/750• 32 bits, 6 MHz processor• 12 MB of memory• 2 x 400 MB disksSony Ericsson K750i (2005)• 32 bits, 200 MHz processor• 32 MB ROM• 64 MB RAM• 4GB memory stick available• Java virtual machine
  • 6. Things aren’t getting simpler... (4/7)Things aren’t getting simpler... (4/7)Typical today’s enterprise environmentTypical today’s enterprise environmentMobile phones /PDAs Various form factorsBranchnetworksWirelessaccessERPsystemsERPsystemsPublicweb portalsPublicweb portalsIntranetportalsIntranetportals(Smart)clientapplications(Smart)clientapplicationsCRMsystemsCRMsystemsCustomSystemsCustomSystemsCustomSystemsCustomSystemsCustomsystemsCustomsystemsEnterprise’s critical applications
  • 7. Things aren’t getting simpler... (5/7)Things aren’t getting simpler... (5/7)Development complexityDevelopment complexityMobile phones /PDAs Various form factorsBranchnetworksWirelessaccessERPsystemsERPsystemsPublicweb portalsPublicweb portalsIntranetportalsIntranetportals(Smart)clientapplications(Smart)clientapplicationsCRMsystemsCRMsystemsCustomSystemsCustomSystemsCustomSystemsCustomSystemsCustomsystemsCustomsystemsEnterprise’s critical applicationsEnterprise’s critical applications1970s: mainframes and centralized computing1970s: mainframes and centralized computing(the “dumb terminals” era)(the “dumb terminals” era)1980s: decentralization and client/server1980s: decentralization and client/server(the “fat clients” era)(the “fat clients” era)1990s: client/server and the Web1990s: client/server and the Web(the beginning of “light clients” era(the beginning of “light clients” era2000s: heterogeneous,2000s: heterogeneous,distributed, deeply Integrateddistributed, deeply Integratedsystems (the “smart client” era)systems (the “smart client” era)
  • 8. Things aren’t getting simpler... (6/7)Things aren’t getting simpler... (6/7)Living in total chaosLiving in total chaos For all big enterprises, one constant:For all big enterprises, one constant: heterogeneityheterogeneity Hundreds, if not thousands, of applications, which are custom built, acquired fromHundreds, if not thousands, of applications, which are custom built, acquired fromthird party, part of a legacy system, or a combination thereof, operating inthird party, part of a legacy system, or a combination thereof, operating inmultiple tiers of different operating system platforms, running on geographicallymultiple tiers of different operating system platforms, running on geographicallydispersed sites...dispersed sites... How do businesses allow themselves to get into such aHow do businesses allow themselves to get into such amess?mess? Business constraints, technical constraints, geographical constraints, history,Business constraints, technical constraints, geographical constraints, history,politics, merger/acquisitions...politics, merger/acquisitions... Creating a single, huge application to run a complete business is next toCreating a single, huge application to run a complete business is next toimpossibleimpossible (hey,(hey, do you hear me, Soarian?do you hear me, Soarian?)) Spreading business across multiple applications provides the flexibility to selectSpreading business across multiple applications provides the flexibility to selectthe “best” accounting package, the “best” CRM, the “best” order processingthe “best” accounting package, the “best” CRM, the “best” order processingsystem... for its needssystem... for its needs Overlap in functionality between different applicationsOverlap in functionality between different applications And this willAnd this will never, evernever, ever change...change...
  • 9. Things aren’t getting simpler... (7/7)Things aren’t getting simpler... (7/7)Critical applicationsCritical applicationsWhat’s a critical application?What’s a critical application? Any application that is critical to the proper running of a businessAny application that is critical to the proper running of a business Meaning that, if this application fails for any length of time, you mayMeaning that, if this application fails for any length of time, you mayvery well go out of businessvery well go out of businessHow many business critical applications inHow many business critical applications ina typical enterprise?a typical enterprise? General Electrics (300,000 employees): more thanGeneral Electrics (300,000 employees): more than 6,0006,000 Télé Secrétariat (18 employees):Télé Secrétariat (18 employees): 33 in 1995;in 1995; 1515 in 2005in 2005 SAP (32,000 employees):SAP (32,000 employees): 11 
  • 10. The thirst for true system integration (1/3)The thirst for true system integration (1/3)Information silosInformation silos Most businesses rely on an ever increasing number of criticalMost businesses rely on an ever increasing number of criticalapplications, complex and costly to developapplications, complex and costly to develop Today, many of these applications are information silos (Today, many of these applications are information silos (“this data“this datais mine!”is mine!”)) Silos make sense for software vendors, not for users...Silos make sense for software vendors, not for users... Information is hard to find and correlateInformation is hard to find and correlate• No single application can cover all enterprise requirementsNo single application can cover all enterprise requirements• No single application can manage all enterprise dataNo single application can manage all enterprise data• Anyway, requirements and data change faster than you can developAnyway, requirements and data change faster than you can developapplicationsapplications• No user can possibly know (and care!) where which data isNo user can possibly know (and care!) where which data is Result: information gathering is costlyResult: information gathering is costly Answering a question likeAnswering a question like““What is the status of my business today?What is the status of my business today?””on aon a global scaleglobal scale is next to impossibleis next to impossible
  • 11. The thirst for true system integration (2/3)The thirst for true system integration (2/3)Today’s challengesToday’s challenges Design applications so that they easily integrate withDesign applications so that they easily integrate withothersothers... but also be prepared to integrate applications that were never... but also be prepared to integrate applications that were nevermeant to be integrated!meant to be integrated! Design applications so that they perform to specificationsDesign applications so that they perform to specifications... but also scale to the unexpected!... but also scale to the unexpected! Monitor and manage many applicationsMonitor and manage many applications Provide consistent usability across applicationsProvide consistent usability across applications Be ready to make changes as soon as possibleBe ready to make changes as soon as possible Build and roll out new functionality quicklyBuild and roll out new functionality quickly
  • 12. The thirst for true system integration (3/3)The thirst for true system integration (3/3)In other words: adapt or perishIn other words: adapt or perish Be anBe an intimate service providerintimate service provider to your businessto your business …… or get fired and outsourcedor get fired and outsourced Automate and integrate to save timeAutomate and integrate to save time …… which you can spend on better servicewhich you can spend on better service …… which you can spend on more functionalitywhich you can spend on more functionality Become a driver of optimizing work organizationBecome a driver of optimizing work organization …… instead of maintaining disks and patchesinstead of maintaining disks and patches ... instead of being driven... instead of being driven Act, dont react!Act, dont react!
  • 13. Integrating applications or ...Integrating applications or ...... the Quest for the... the Quest for the Holy GrailHoly Grail (nih?)(nih?)
  • 14. The quest for the holy grail (1/8)The quest for the holy grail (1/8)In the beginning there was...In the beginning there was...... Eden!... Eden! Simple enough, uh?Simple enough, uh?Remember “good old times”?Remember “good old times”? DDEDDE OLE 2OLE 2 DLL hellDLL hell conflicting typelibsconflicting typelibs COM registrationCOM registration deployment nightmaresdeployment nightmares ......And these are justAnd these are justtechnicalitiestechnicalities......What aboutWhat about““semanticalities”semanticalities”??
  • 15. The quest for the holy grail (2/8)The quest for the holy grail (2/8)TechnicalitiesTechnicalities Even within theEven within the same applicationsame application, there are problems when “parts” or, there are problems when “parts” ormodules developed in different contexts are mixed...modules developed in different contexts are mixed... Calling conventions and stack clean up: Pascal, CCalling conventions and stack clean up: Pascal, C Name manglingName mangling Type representations: strings (VB, C, Pascal, MFC, OLESTR, bstr,Type representations: strings (VB, C, Pascal, MFC, OLESTR, bstr,ATL, STL, WTL...), floats (IEEE 754 or not...), dates (ex.: VB and MFC),ATL, STL, WTL...), floats (IEEE 754 or not...), dates (ex.: VB and MFC),structure padding...structure padding... Mixing Unicode and ANSIMixing Unicode and ANSI Binary compatibilitiesBinary compatibilities Memory handlingMemory handling Threading modelsThreading models Deployment, versioning and registrationDeployment, versioning and registration Across applications running on theAcross applications running on the same machinesame machine, many techniques, many techniquesavailable with pros and consavailable with pros and cons DDE (still supported by Office 2003!)DDE (still supported by Office 2003!) shared data segments, DLL injection, memory mapped files...shared data segments, DLL injection, memory mapped files... COM(+)COM(+) .NET Interop, P/Invoke.NET Interop, P/Invoke mail slots, named pipes, sockets, .NET remoting (CLR to CLR)mail slots, named pipes, sockets, .NET remoting (CLR to CLR)
  • 16. The quest for the holy grail (3/8)The quest for the holy grail (3/8)”Semanticalities””Semanticalities”More “philosophical” questions:More “philosophical” questions: How to expose application’s functionality in a consistent way?How to expose application’s functionality in a consistent way? How to conciliate discrepancies in object models?How to conciliate discrepancies in object models? How to deal with changes in application’s “boundaries”?How to deal with changes in application’s “boundaries”? How to negotiate a “fallback” position when the availableHow to negotiate a “fallback” position when the availableapplication isn’t the version we expect?application isn’t the version we expect? How to support transaction handling across applications?How to support transaction handling across applications? How to federate security across applications?How to federate security across applications? What should happen if one of the applications crashes or isWhat should happen if one of the applications crashes or istemporarily unavailable?temporarily unavailable? ......
  • 17. The quest for the holy grail (4/8)The quest for the holy grail (4/8)Things become a little bit more challengingThings become a little bit more challengingne order of magnitude increase in complexity!ne order of magnitude increase in complexity!Network unreliabilityNetwork unreliabilityCall latencyCall latencyLimited bandwidthLimited bandwidthNetwork is insecureNetwork is insecureTopology changesTopology changesWhere is the administrator?Where is the administrator?Transport costTransport costStill more challenges...Still more challenges... Little endian/big endian, wordLittle endian/big endian, wordsize...size... Marshalling strategiesMarshalling strategies Shared states managementShared states management Concurrent access, resourcesConcurrent access, resourcespooling, load balancing...pooling, load balancing... Routing and NAT traversalRouting and NAT traversal Protocol must be “firewall friendly”Protocol must be “firewall friendly”
  • 18. The quest for the holy grail (5/8)The quest for the holy grail (5/8)First attempt to make the networkFirst attempt to make the network “transparent”“transparent”: DCE/RPC: DCE/RPC (circa 1991)(circa 1991)int foo(int bar)Application B.IDLApplication B.IDLIDL compilerIDL compilerProxyProxyint foo(int bar)int foo(int bar)DCE runtimeDCE runtimeStubStubint foo(int bar)int foo(int bar)DCE runtimeDCE runtime
  • 19. The quest for the holy grail (6/8)The quest for the holy grail (6/8)Distributed ComputingDistributed Computing DCE was the first attempt to provide a complete distributed computingDCE was the first attempt to provide a complete distributed computingenvironmentenvironment Remote Procedure CallRemote Procedure Call Distributed securityDistributed security Distributed filesDistributed files Directory serviceDirectory service ...... But, when introduced by OSF...But, when introduced by OSF... rejected by Sun (ONC)rejected by Sun (ONC) rejected by Novell (Netware RPC)rejected by Novell (Netware RPC) only partially supported by IBM (DSOM)only partially supported by IBM (DSOM) only partially implemented by Microsoft (MS/RPC)only partially implemented by Microsoft (MS/RPC) Biggest problem with DCE:Biggest problem with DCE: “impedance mismatch”“impedance mismatch” Nevertheless, RPC variants have been used as a baseNevertheless, RPC variants have been used as a basefor implementing “distributed objects” technologies andfor implementing “distributed objects” technologies andso-called ORBs (object request brokers):so-called ORBs (object request brokers):DCOMDCOM,, CORBACORBA,, DSOMDSOM,, Java RMIJava RMI
  • 20. The quest for the holy grail (7/8)The quest for the holy grail (7/8)The promises of DCOM and CORBAThe promises of DCOM and CORBA Applications can be seen as a set of distributed objectsApplications can be seen as a set of distributed objectsor “components”or “components” Pluggable architectures provides malleability:Pluggable architectures provides malleability:assemble and extend applications at your will by picking/replacingassemble and extend applications at your will by picking/replacingappropriate componentsappropriate components Components can be used in unpredictable combinationsComponents can be used in unpredictable combinations Location transparencyLocation transparency COM+ and CORBA Services:COM+ and CORBA Services:provide a global infrastructure for concurrency,provide a global infrastructure for concurrency,security and transaction handlingsecurity and transaction handling Language neutralityLanguage neutrality
  • 21. The quest for the holy grail (8/8)The quest for the holy grail (8/8)Were those promises kept?Were those promises kept? Network transparency is a lureNetwork transparency is a lure Synchronous modelsSynchronous models Heavy runtime dependenciesHeavy runtime dependencies Deployment nightmaresDeployment nightmares No cross platform interoperabilityNo cross platform interoperability Tight couplingTight coupling Deep bindingDeep binding No real contract exchange (typelibs arent contracts)No real contract exchange (typelibs arent contracts) Other “oddities” (routability, firewalls...)Other “oddities” (routability, firewalls...)More importantlyMore importantly::The focus has always been on solvingThe focus has always been on solving technical integrationtechnical integrationproblems, but not on solvingproblems, but not on solving business integrationbusiness integration problemsproblemsFundamentally flawed because ofInstall two runtimes on each side?If they are available for both platforms...Also a "collateral damage" of huge runtimesand the infrastructure they provide
  • 22. Service Oriented ArchitecturesService Oriented Architecturesto the rescueto the rescue"Rien ne se perd, rien ne se crée, tout se transforme"Antoine Laurent de Lavoisier"There is nothing special about web services. [...]Web services will change the world."Steve Benfield, SilverStream Software
  • 23. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)"Applications" vs "Systems""Applications" vs "Systems"ApplicationApplication Functionality for a scoped set of requirementsFunctionality for a scoped set of requirements Customizable within scopeCustomizable within scope Runs on a defined platform, best suited for itRuns on a defined platform, best suited for itSystemSystem Assembly of functions from multiple applicationsAssembly of functions from multiple applications Covers requirements beyond single apps scopeCovers requirements beyond single apps scope Runs on and across multiple platformsRuns on and across multiple platforms
  • 24. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)The applications worldThe applications worldApp CPlanExaminationsApp CPlanExaminationsApp BReserve a bedApp BReserve a bedApp ARegister PatientApp ARegister PatientNursesNursesLogon to PCLogon to terminalA patient is admittedFirst application to registerthe patientSecond application toreserve a bedThird application toplan examinationsTwo logons,three applications,with the obligation to encodethe same information multiple times...whenever a patient is admitted
  • 25. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)The system worldThe system worldApp CPlanExaminationsApp CPlanExaminationsApp BReserve a bedApp BReserve a bedApp ARegister PatientApp ARegister PatientNursesNursesA patient is admittedPatientregistrationserviceBedreservationserviceExaminationsplanningservicePatientadmissionserviceFacadestolegacy applicationsAggregator/OrchestratorLogonSmartClientWeb FormProcess (services domain)built on top offunctionality (applicationsdomain)
  • 26. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)What is a service?What is a service? If you ask it to five people in the field, youll probably getIf you ask it to five people in the field, youll probably getat least six different answersat least six different answers Definition from the W3C (*):A service is a software application or componentidentified by a URI, whose interfaces and binding arecapable of being described by standard formats andsupports direct interactions with other softwareapplications or components via Internet-basedprotocols(*) after two weeks of intense negotiations and 400 e-mails exchanged between the 75members of the working group
  • 27. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)What is a service?What is a service? Other definitions:Other definitions: “Services are loosely coupled software components deliveredover standard Internet technologies.” (Daryl Plummer, Gartner) "Services are loosely coupled, reusable software componentsthat semantically encapsulate discrete functionality and aredistributed and programmatically accessible over standardInternet protocols.” (Brent Sleeper and Bill Robins, StencilGroup) “A service is any piece of software that makes itself availableover the Internet and uses a standardized XML messagingsystem.” (Ethan Cerami, author of Web Services Essentials)
  • 28. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)What is a service?What is a service? The "pornography" definitionThe "pornography" definition"I cant define it, but I know it when I see it""I cant define it, but I know it when I see it" Business "invariants"Business "invariants" Exposes capabilities of one or more applicationsExposes capabilities of one or more applications Used to build systems that span applicationsUsed to build systems that span applications Technical "invariants"Technical "invariants" The four tenets of service orientationThe four tenets of service orientation (next slide)(next slide) Support for asynchronous communicationSupport for asynchronous communication
  • 29. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)The four tenets of service orientationThe four tenets of service orientation PP olicy negotiated behaviorsolicy negotiated behaviors EE xplicitness of boundariesxplicitness of boundaries AA utonomyutonomy CC ontractsontracts EE xchange of schemasxchange of schemasWhat the heck does that mean?What the heck does that mean?
  • 30. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)AutonomyAutonomy Services areServices are software agentssoftware agents. They are. They are "alive""alive" and in control of theirand in control of theirown activation/deactivation. They are free to spin their own threads,own activation/deactivation. They are free to spin their own threads,they may wake up periodically to do work on their own...they may wake up periodically to do work on their own... ServicesServices control and hide their own statescontrol and hide their own states ServicesServices OWN their dataOWN their data ServicesServices never share their states with othersnever share their states with others Dont depend on, or assume their is a common data storeDont depend on, or assume their is a common data store Dont depend on shared "in-memory" statesDont depend on shared "in-memory" states Dont share states among instancesDont share states among instances No sideline communications between services and opaque side-No sideline communications between services and opaque side-effects:effects: all communications are always explicitall communications are always explicit
  • 31. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Breaking the autonomy principleBreaking the autonomy principleTTTTDataDataDataDataTTTTTTTTDataDataDataDataStore data,retrieve data token("primary key")Store data,retrieve data token("primary key")Pass tokenPass tokenPass token,retrieve dataPass token,retrieve dataCant switch datastore withoutSiamese twinsurgeryCant switch datastore withoutSiamese twinsurgeryS1 S2
  • 32. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Autonomous servicesAutonomous servicesDataDataDataDataPass data, notreferencesPass data, notreferencesS1 S2No assumption about shared data storeNo assumption about shared data store
  • 33. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)ContractsContracts Earlier ORPC systems (DCOM, CORBA) attemptedEarlier ORPC systems (DCOM, CORBA) attemptedto hide all the wire-level details from the developerto hide all the wire-level details from the developer OK when systems use the same ORPC infrastructure,OK when systems use the same ORPC infrastructure,but fails in a heterogeneous worldbut fails in a heterogeneous world Solution: explicitly define what goes on the wire using openSolution: explicitly define what goes on the wire using openstandards based on XMLstandards based on XML In order for two entities to communicate they have to agreeIn order for two entities to communicate they have to agreeon what, and how they do iton what, and how they do it [Webster] Definitions of the word[Webster] Definitions of the word contractcontract AA binding agreementbinding agreement between two or more persons or partiesbetween two or more persons or parties A document describing the terms of a contractA document describing the terms of a contract
  • 34. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Contracts and interfacesContracts and interfaces A contract defines the complete interaction between two servicesA contract defines the complete interaction between two services A contract is theA contract is the business protocolbusiness protocol You send me a requestYou send me a request I send you back an estimation for priceI send you back an estimation for price You confirm you accept that priceYou confirm you accept that price I send you the results as soon as they are availableI send you the results as soon as they are available Defines allDefines all messagesmessages and their formatand their format Defines all possibleDefines all possible message sequencesmessage sequences Defines protocols, authentication mechanisms…Defines protocols, authentication mechanisms…THESE ARE THE ONLY THINGS EVER SHARED BETWEEN PARTIESTHESE ARE THE ONLY THINGS EVER SHARED BETWEEN PARTIES A service interface specifies a role in a contractA service interface specifies a role in a contract A contract establishes links between matching service interfacesA contract establishes links between matching service interfaces Think of a plug and a socketThink of a plug and a socketDesign timeaspects
  • 35. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Contracts illustratedContracts illustratedContractContractServiceServiceServiceServiceProcessProcessDocumentDocumentAADocumentDocumentCC11DocumentDocumentCC22DocumentDocumentBBEitherEitherCC11 or Cor C22ProcessProcessContractContractService InterfaceService InterfaceService InterfaceService InterfaceService InterfaceService InterfaceService InterfaceService Interface
  • 36. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Contracts enable loose couplingContracts enable loose coupling Tightly Coupled (the "ORPCs" world)Tightly Coupled (the "ORPCs" world)Common trust domain, synchronous execution,Common trust domain, synchronous execution,shared transaction, shared life cycleshared transaction, shared life cycle Loosely Coupled (the "services" world)Loosely Coupled (the "services" world)Different trust domains, asynchronous execution, separateDifferent trust domains, asynchronous execution, separatetransactions, administered by different organizationstransactions, administered by different organizationsComponent ComponentExecution contextServiceExecution contextTrustBoundaryCommunicationChannelService(not running)
  • 37. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)PoliciesPolicies Metadata defining the "runtime" part of contractsMetadata defining the "runtime" part of contracts Regulate every aspects of service interactions andRegulate every aspects of service interactions andbehaviorsbehaviors What are the credentials needed to access specific serviceWhat are the credentials needed to access specific serviceaccess points?access points? Should messages be encrypted internally and/or externally?Should messages be encrypted internally and/or externally? What messages should be signed?What messages should be signed? What about delivery guarantee and reliability?What about delivery guarantee and reliability? How to handle transactions?How to handle transactions? How to gracefully deal with situations where the service on theHow to gracefully deal with situations where the service on theother side is not the expected version?other side is not the expected version? How to dynamically route messages depending on someHow to dynamically route messages depending on someconditions?conditions?Policies are assertions about servicesCapabilities: "I can"Preferences: "I prefer"Requirements: "You must"
  • 38. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Contracts and policies illustratedContracts and policies illustratedMy organizationMy organization Your organizationYour organizationPolicyPolicy PolicyPolicyMy ServiceMy ServiceServiceService ServiceServiceYour ServiceYour ServiceRuntime contractRuntime contractRuntime ContractRuntime Contract1. We’ll use SOAP over HTTPS1. We’ll use SOAP over HTTPS2. Well sign confirmation messages2. Well sign confirmation messagesDesign time ContractDesign time Contract1. I’ll send a request1. I’ll send a request2. You’ll send price proposal2. You’ll send price proposal3. Ill send confirmation3. Ill send confirmation4. Youll send results4. Youll send results"My organization" policy"My organization" policy1. Internally we’ll use binary SOAP over MSMQ1. Internally we’ll use binary SOAP over MSMQ2. Externally we’ll only allow SOAP over HTTPS2. Externally we’ll only allow SOAP over HTTPS3. Confirmation messages must be signed3. Confirmation messages must be signed
  • 39. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Writing contractsWriting contracts Contracts (both for design time and run time) are writtenContracts (both for design time and run time) are writtenfollowing XML based standards defined by the W3Cfollowing XML based standards defined by the W3C WSDLWSDL/XML Schema used to define the messages/XML Schema used to define the messagesexchangedexchanged XML SchemaXML Schema used to defineused to define data typesdata types ("message("messageparameters")parameters") WS-*WS-* (or the so called "WS-Soup")(or the so called "WS-Soup")WS-Policy, WS-Trust, WS-Federation, WS-Security,WS-Policy, WS-Trust, WS-Federation, WS-Security,WS-Addressing and many, many others...WS-Addressing and many, many others...
  • 40. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)XML Schemas for defining data typesXML Schemas for defining data types<xsd:simpleType name=“Probability”><xsd:restriction base="xsd:double"><xsd:minInclusive value="0"/><xsd:maxInclusive value="100"/></xsd:restriction></xsd:simpleType><xsd:simpleType name=“Probability”><xsd:restriction base="xsd:double"><xsd:minInclusive value="0"/><xsd:maxInclusive value="100"/></xsd:restriction></xsd:simpleType><xsd:complexType name="PurchaseOrder"><xsd:sequence><xsd:element name="CompanyName" type="xsd:string"/><xsd:element name="Items"><xsd:complexType><xsd:sequence><xsd:element name="Item" maxOccurs="unbounded"><xsd:complexType><xsd:sequence><xsd:element name="Quantity" type="xsd:int"/><xsd:element name="UnitPrice" type="xsd:double"/><xsd:element name="ExtendedPrice" type="xsd:double"/></xsd:sequence><xsd:attribute name="sku" type="xsd:string"/></xsd:complexType></xsd:element></xsd:sequence></xsd:complexType></xsd:element></xsd:sequence><xsd:attribute name="id" type="xsd:string"/></xsd:complexType><xsd:complexType name="PurchaseOrder"><xsd:sequence><xsd:element name="CompanyName" type="xsd:string"/><xsd:element name="Items"><xsd:complexType><xsd:sequence><xsd:element name="Item" maxOccurs="unbounded"><xsd:complexType><xsd:sequence><xsd:element name="Quantity" type="xsd:int"/><xsd:element name="UnitPrice" type="xsd:double"/><xsd:element name="ExtendedPrice" type="xsd:double"/></xsd:sequence><xsd:attribute name="sku" type="xsd:string"/></xsd:complexType></xsd:element></xsd:sequence></xsd:complexType></xsd:element></xsd:sequence><xsd:attribute name="id" type="xsd:string"/></xsd:complexType>
  • 41. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Explicitness of boundariesExplicitness of boundaries Services are always built according to aServices are always built according to a layeredlayeredarchitecturearchitecture The outermost layer (i.e., theThe outermost layer (i.e., the edgeedge) provides one or) provides one ormore access points (or "interfaces" or "APIs") to themore access points (or "interfaces" or "APIs") to thefunctionality offered by the servicefunctionality offered by the service The code in that layer does only one thing:The code in that layer does only one thing: routeroute thethecalls to the entities/resources capable of fulfilling thecalls to the entities/resources capable of fulfilling thecorresponding requestcorresponding request The edge layer code never/ever contains any logicThe edge layer code never/ever contains any logicbeside routing callsbeside routing calls
  • 42. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Explicitness of boundariesExplicitness of boundariesService edgesMy Computer Your ComputerService accesspoints(URIs)Admit ("Brabant", http://PatientAdmitted)ServiceworkersAdmit access pointPatientAdmittedaccess point
  • 43. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Explicitness of boundariesExplicitness of boundariesCrossing boundaries must always be explicitly visible in the codeCrossing boundaries must always be explicitly visible in the codeRemoting and RPC trick the programmer into thinking thatthere isno substantial difference between calling a local or a remoteobject.This is a damn lie, which always leads to disaster.MyType obj = new MyType();obj.SomeOp();MyType obj = new MyType();obj.SomeOp();MyType obj = MyType.CreateProxy();obj.SomeOp();MyType obj = MyType.CreateProxy();obj.SomeOp();Console.Write(obj.SomeOp(1,2,3));Console.Write(obj.SomeOp(1,2,3));MyMessage msg = new MyMessage(1,2,3);MyReply reply = obj.SomeOp(msg);Console.Write(reply.Result);MyMessage msg = new MyMessage(1,2,3);MyReply reply = obj.SomeOp(msg);Console.Write(reply.Result);obj.CallMeBack(new MyByRefObj());obj.CallMeBack(new MyByRefObj());obj.CallMeBack(new EndpointReference("http:…"));obj.CallMeBack(new EndpointReference("http:…"));
  • 44. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)A (very) short introduction to WSDLA (very) short introduction to WSDL WWebeb SServiceervice DDescriptionescription LLanguageanguage XML grammar for specifying the design time contract of a service Allows to fully describe a service in term ofAllows to fully describe a service in term of OperationsOperations what functionality the service provideswhat functionality the service provides InterfacesInterfaces how the functionality is exposedhow the functionality is exposed MessagesMessages what travels on the wirewhat travels on the wire BindingsBindings what protocol to use (SOAP usually)what protocol to use (SOAP usually) EndpointsEndpoints what URIs must be used to access the servicewhat URIs must be used to access the service A single WSDL document can describe several versions ofA single WSDL document can describe several versions ofthe same interfacethe same interface A single WSDL document can describe several related servicesA single WSDL document can describe several related services
  • 45. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)WSDL skeletonWSDL skeleton<!-- WSDL definition structure --><!-- WSDL definition structure --><definitions name="MathService" targetNamespace="http://example.org/math/"<definitions name="MathService" targetNamespace="http://example.org/math/"xmlns="http://schemas.xmlsoap.org/wsdl/" >xmlns="http://schemas.xmlsoap.org/wsdl/" ><!-- Abstract definitions --><!-- Abstract definitions --><types> ... </types><types> ... </types><message> ... </message><message> ... </message><portType> ... </portType><portType> ... </portType><!-- Concrete definitions --><!-- Concrete definitions --><binding> ... </binding><binding> ... </binding><service> ... </service><service> ... </service></definitions></definitions> Extremely verbose and not very human readable ButBut precise and completeprecise and complete enough to allow unambiguousenough to allow unambiguouscode generation from the contract description ...code generation from the contract description ... ... or to... or to generate WSDL from code and meta datagenerate WSDL from code and meta data To "contract first" or not to "contract first", is a hotTo "contract first" or not to "contract first", is a hotdebate in the services worlddebate in the services world
  • 46. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)A (very) short introduction to SOAPA (very) short introduction to SOAP SSimpleimple OObjectbject AAccessccess PProtocolrotocol XML grammarXML grammar for specifyingfor specifying how to exchange structured, typed datahow to exchange structured, typed databetween servicesbetween services In other words: it provides a serialization format for exchanging XMLIn other words: it provides a serialization format for exchanging XMLdocuments over a networkdocuments over a network SOAP is often seen as a protocol for doing RPC over HTTP, but thisSOAP is often seen as a protocol for doing RPC over HTTP, but thisis much more than thatis much more than that It may be used for RPC like calls in client-server applications, but it isIt may be used for RPC like calls in client-server applications, but it isalso suitable foralso suitable for multicastmulticast (one-to-many), and(one-to-many), and publish-subscribepublish-subscribemodels (i.e., it support asynchronous calls)models (i.e., it support asynchronous calls) SOAP is not a transport protocolSOAP is not a transport protocol. You must attach your message to. You must attach your message toa transport mechanism like HTTP, SMTP, homing pigeons... (seea transport mechanism like HTTP, SMTP, homing pigeons... (seeRFC2459: IP over Avian Carriers with Quality of Service)RFC2459: IP over Avian Carriers with Quality of Service)
  • 47. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Structure of SOAP messagesStructure of SOAP messages A SOAP message is an XML document containingA SOAP message is an XML document containingseveral parts:several parts: Envelope:Envelope: defines the start and the end of the messagedefines the start and the end of the message Header:Header: contains optional attributes (meta data) for thecontains optional attributes (meta data) for themessage, used in processing the message, either at anmessage, used in processing the message, either at anintermediary point or at the ultimate end pointintermediary point or at the ultimate end point Body:Body: contains the actual data being sent, serialized as an XMLcontains the actual data being sent, serialized as an XMLdocumentdocument Attachments:Attachments: one or more XML documents attached to the mainone or more XML documents attached to the mainmessagemessage RPC interaction:RPC interaction: defines how to model RPC-style interactionsdefines how to model RPC-style interactionswith SOAPwith SOAP Encoding:Encoding: defines how to represent simple and complex datadefines how to represent simple and complex databeing transmitted in the messagebeing transmitted in the message
  • 48. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)Contracts and policies in a SOAP messageContracts and policies in a SOAP message<soap:Envelope><soap:Header>…</soap:Header><soap:Body>…</soap:Body></soap:Envelope><soap:Envelope><soap:Header>…</soap:Header><soap:Body>…</soap:Body></soap:Envelope>SchemaWSDLPolicyService ContractService ContractMessage ContractMessage ContractWS-PolicyWS-PolicyAssertionsWS-PolicyAttachmentW3C XML SchemaWSDL 1.1 / 1.2SOAP message
  • 49. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)A (very) short introduction to UDDIA (very) short introduction to UDDI UUniversalniversal DDistribution,istribution, DDiscovery, andiscovery, and IInteroperabilitynteroperability Defines XML data models and SOAP APIs for registeringDefines XML data models and SOAP APIs for registeringand discovering services to/from aand discovering services to/from a service brokerservice broker Service brokers are (public or private)Service brokers are (public or private) central repositoriescentral repositoriesreplicated in a way similar to DNSreplicated in a way similar to DNS(see, for example, http://www.uddi.org)(see, for example, http://www.uddi.org) UDDI uses SOAP for registering and discoveringUDDI uses SOAP for registering and discoveringinformationinformation Doesnt seem to be very much in use until now, exceptDoesnt seem to be very much in use until now, exceptfor "toy" servicesfor "toy" services
  • 50. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)UDDI principleUDDI principleService ProviderService ConsumerService broker(central repositoryof contracts)Client ServiceBindSOAP, XMLRegisterUDDI publish XXXFindUDDI find XXXServiceContractWSDLProvides locationtransparency
  • 51. Service Oriented Architectures to the rescue (1/?)Service Oriented Architectures to the rescue (1/?)ConclusionsConclusions If you think about it, there isnt really much new in all whatIf you think about it, there isnt really much new in all whatwe just saw. All aspects, principles, and techniques werewe just saw. All aspects, principles, and techniques werealready present, in one form or another, in DCOM andalready present, in one form or another, in DCOM andCORBACORBA We have reinvented the wheel once moreWe have reinvented the wheel once more So, what do we gain fundamentally by using services?So, what do we gain fundamentally by using services? What makes them more flexible and powerful thanWhat makes them more flexible and powerful thantraditional ORPCs?traditional ORPCs?What was deeply buried and hidden in theWhat was deeply buried and hidden in theORPCs runtimes is now explicitly expressedORPCs runtimes is now explicitly expressedininXMLXMLand can easily be manipulated, transformed,and can easily be manipulated, transformed,mapped, translated, whatever ... at every placemapped, translated, whatever ... at every placethe information traverses using standard XMLthe information traverses using standard XMLtechnologiestechnologiesWell, thats a fiveseconds summary,of course
  • 52. ResourcesResources Lots of articles / presentations available from meLots of articles / presentations available from me Microsoft’s “Connected Systems” DVDMicrosoft’s “Connected Systems” DVD http://msdn.microsoft.com/webservices/http://msdn.microsoft.com/webservices/ If you want to read only one book:If you want to read only one book:"Web Services: a Technical Introduction""Web Services: a Technical Introduction"Deitel Developer SeriesDeitel Developer Seriesplatform neutral;platform neutral;contains both .NET and Java examples;contains both .NET and Java examples;covers pretty much all the shebangcovers pretty much all the shebang
  • 53. Questions?Questions???