Routing messages to appropriate call handlers for execution
Configuring execution steps based on app config data
Control of execution context
SOAP Processing Engine SOAP Engine Legacy Adaptors Web Services Container Custom Legacy Adaptors CORBA EJB Custom Custom Transports Custom Security / Session Control Custom Message Interceptors Java class
Web Service Container
Driving question for WSC features:
“ What type of configuration details should a user be able to change?”
Web Services Container – Plugin points Web Services Container Deployment API Execution API (Java) Call Handler Usage Controller Metadata Catalog Session Management Activation Policy Session Data Storage Java class Security Providers
Receives a SOAP message, and handles the dispatch of the call to a suitable handler.
Based around the current Message Dispatcher / Call Dispatcher interfaces in CapeConnect 3.0
The details of how to handler a particular call are delegated to an appropriate call handler.
Call handlers can be written by partners and plugged in to the WSC.
Invocation pipeline is completely stateless, for maximum throughput.
Deployment Control Interface
Web Service application deployment API
Publish app [to UDDI/WSDL]
Deployment API is exposed as a SOAP web service
Remote deployment by sending a jar as a MIME attachment.
Web Service Container Internals Web Service Container Execution Controller Authentication Authorization Activation Control Session Management Interceptor Control Call Handler Provider Provider Storage Provider Provider Interceptor(s) Application MetaData
Instantiation Policy Control
Instance per user
Instance per session
Instance per call [completely stateless]
Resource Usage Controls
Limit number of service instances.
Possibly billing data collection.
Session state storage
possibly accessible across server farm for failover
Session timeout policy
Web Service accessible session data
E.g. “cookie”-like context data
All configuration is set on a per-application basis
App configuration defined in an XML descriptor file (like EJB DD)
Typical configuration items:
Serializers and type mappings
WSDL generation properties
UDDI publishing properties
Some potential to intercept JSR-109
Web Service Metadata catalog
Service Definition – at several levels
E.g. data type definitions, abstract operation types
Protocol specific interface
E.g. SOAPAction values for each operation
AKA “Concrete” interface definition
E.g. port definitions with endpoint URL(s)
E.g. UDDI service key / UUID, Published name
Standard default implementations
Provide a standard implementation able to wrap a standard Java class for ease of use.
More sophisticated users can access full details of the call environment.
Partners can provide a custom call handler plugin for specific legacy integration
Advanced partners can provide operation plugins (e.g. session management) to customize behaviour.
Security credential propagation CapeConnect Server Import / map credentials from transport (e.g. IIS) Export / map credentials for call (e.g. WLS) Custom authenticator plugin Custom authorization plugin
Inbound Security Propagation Web Server Servlet Engine CapeConnect SOAP Engine CCSOAP Servlet Trust relationship Transport HTTP Basic or Digest Authentication, SSL Client-side Certificate, etc. Messaging Protocol / Re-authentication Credential import through: SOAP Basic or Digest Authentication, SAML SOAP Headers, etc.
Backend Security Propagation CapeConnect SOAP Engine SOAP Call Handler CORBA Call Handler EJB Call Handler CORBA Server EJB Server SOAP Server EJB Call Handler EJB Server Proxy Bean SOAP Credentials CSIv2 Credentials EJB Native Credentials User Bean Re-establish Credentials