• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Web services and SOA [Modified]
 

Web services and SOA [Modified]

on

  • 2,146 views

Web services and SOA [Modified]

Web services and SOA [Modified]

Statistics

Views

Total Views
2,146
Views on SlideShare
2,146
Embed Views
0

Actions

Likes
0
Downloads
66
Comments
1

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • <br /><iframe width="350" height="288" src="http://www.youtube.com/embed/Kp1CB_1E4pc" frameborder="0"></iframe>
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Advantages of SOA Service-oriented architecture (SOA) helps organizations more easily transform their business processes for high performance by simplifying the underlying information systems Service-oriented architectures enable organizations to become more agile Drives cost reductions Simpler systems Lowering maintenance costs Enhancing architectural flexibility Lowering integration costs.
  • Gartner is an information technology research and advisory company providing technology related insight. More info http://www.databaseanswers.org/web_services_history.htm
  • Microsoft, IBM and SAP have shut down their public UDDI registries. Use jUDDI for learning and experimentation. [http://ws.apache.org/juddi/]
  • [http://www.xml.com/pub/at/29] [http://www.javaworld.com/javaworld/jw-03-2003/jw-0321-wssecurity.html] [http://www.ibm.com/developerworks/java/library/j-jws4/] Security! • &quot;SOAP is firewall friendly&quot; – Normally transported over HTTP – Firewalls expect HTTP to be Web requests, not procedure calls • Fetch the brochure… • Not update my bank account… – This is probably a good thing! • Have to rely on strong security rather than weaker physical security WS-Security • Proposal from IBM & MS • SOAP header extensions – Protect integrity and confidentiality of messages – Attach encoded security tokens • X509, Kerberos • Leverage XML standards – XML Signature – XML Encryption More WS-Security • WS-Policy – Specifying requirements & capabilities – Policies including privacy, encoding security tokens, QoS, … – First published Dec 2002 • WS-Trust – Establishing trust relationships – Trusted security tokens – First published Dec 2002 More WS-Security • WS-Privacy • WS-SecureConversation • Ws-Federation • Ws-Authorization And probably a few more… More Security Standards • SAML – Representing authentication and authorisation information • XACML – Access Control • XrML – Digital Rights
  • REST stands for Re presentational S tate T ransfer. (It is sometimes spelled &quot;ReST&quot;.) It relies on a stateless, client-server, cacheable communications protocol -- and in virtually all cases, the HTTP protocol is used. REST is an architecture style for designing networked applications. The idea is that, rather than using complex mechanisms such as CORBA, RPC or SOAP to connect between machines, simple HTTP is used to make calls between machines. In many ways, the World Wide Web itself, based on HTTP, can be viewed as a REST-based architecture. RESTful applications use HTTP requests to post data (create and/or update), read data (e.g., make queries), and delete data. Thus, REST uses HTTP for all four CRUD (Create/Read/Update/Delete) operations.
  • Along with this you must also know the tools like Java2WSDL, and WSDL2Java Java2WADL, and WADL2Java in case you break your deployment with the Web service.
  • [http://www.xml.com/pub/at/29] [http://www.javaworld.com/javaworld/jw-03-2003/jw-0321-wssecurity.html] [http://www.ibm.com/developerworks/java/library/j-jws4/] Security! • &quot;SOAP is firewall friendly&quot; – Normally transported over HTTP – Firewalls expect HTTP to be Web requests, not procedure calls • Fetch the brochure… • Not update my bank account… – This is probably a good thing! • Have to rely on strong security rather than weaker physical security WS-Security • Proposal from IBM & MS • SOAP header extensions – Protect integrity and confidentiality of messages – Attach encoded security tokens • X509, Kerberos • Leverage XML standards – XML Signature – XML Encryption More WS-Security • WS-Policy – Specifying requirements & capabilities – Policies including privacy, encoding security tokens, QoS, … – First published Dec 2002 • WS-Trust – Establishing trust relationships – Trusted security tokens – First published Dec 2002 More WS-Security • WS-Privacy • WS-SecureConversation • Ws-Federation • Ws-Authorization And probably a few more… More Security Standards • SAML – Representing authentication and authorisation information • XACML – Access Control • XrML – Digital Rights
  • Data formates REST permits many different data formats where as SOAP only permits XML. Caching REST reads can be cached, SOAP based reads cannot be cached. Bandwidth Usage REST is Lighter Security SOAP provides better security for enterprise applications Tools SOAP has lot of tools support

Web services and SOA [Modified] Web services and SOA [Modified] Presentation Transcript

  • Web Services And SOA [email_address]
  • What’s Inside
    • SOA
    • What are Web Services
    • History
    • Types
    • WSDL, UDDI and SOAP
    • RESTful Web Service
    • WADL
    • Debugging and Testing
    • Security
  • Intent
    • Most enterprises have made extensive investments in system resources over the course of many years. Such enterprises have an enormous amount of data stored in legacy enterprise information systems (EIS),so it's not practical to discard existing systems. It's more cost-effective to evolve and enhance EIS. But how can this be done ?
    • SOA and WebServices is the key
  • SOA
    • SOA is a Software Design Approach
    • Conceptually a collection of services on a network that communicate with one another.
    • Services are loosely coupled
    • SOA is a higher level of application development.
    • SOA typically leverages on standards based integration.
    • The key players include service provider and service consumer
  • Web Services Vision
  • What Are Web Services ?
    • Software Components that can be published, located and run over the internet
    • The Concept of SOA is realized using web services
    [W3C (working group) definition] &quot;A Web service is a software application identified by a URI, whose interfaces and bindings are capable of being defined, described and discovered as XML artifacts. A Web service supports direct interactions with other software agents using XML based messages exchanged via internet-based protocols.&quot;
  • History of Web services
    • Web Services have evolved through three distinct Phases.
    Phase Period Description 1 1999-01 Set timeline for the adoption of Web Services. Many Web Services development tools delivered from Microsoft, IBM, Sun, Software AG, Oracle and many others. 2 2002-04 Business Web Services start to appear in large numbers. Adoption of UDDI Registries in 2003. 40% of financial services transactions leveraged in Web Services models. 3 2005-> A number of issues of previous phases are addressed. These include: Quality of Service (QoS); network reliability; transaction recovery; real-time messaging; security; and billing mechanisms. Adapted dynamic Web Services. Organizations changed not only their business processes, but also their business models as they move to real-time collaboration and integration of processes both within and between enterprises..
  • Type of Web services SOAP REST and more… ..
  • SOAP - a type of Web Service [JAX-WS]
    • Let’s see an example
    The key players: WSDL, UDDI and SOAP
  • Describing a web service: WSDL
    • <types>
    • The types element defines the data types exchanged when the web service is invoked.The parameters passed to and returned from a method are considered data types.
    • <message>
    • The messages used by the web service. A message may contain more than a message part. Each message part is actually part of the SOAP message being sent, and is either a parameter or result being passed.
    • <portType>
    • A portType is the most important part of a WSDL. it defines operations that can be performed and the messages involved.
    • <binding>
    • The communication protocols used by the web service
    The Web Services Description Language (WSDL) describes all details about how the web service works, where it can be found, and what the client should expect in return etc..
    • UDDI is a platform-independent framework for describing services, discovering businesses, and integrating business services by using the Internet .
    Discovering a service: UDDI http://www.xmethods.com/ve2/index.po
  • Defining a message: SOAP <?xml version=&quot;1.0&quot;?> <soap:Envelope xmlns:soap=&quot;http://www.w3.org/2001/12/soap-envelope&quot; soap:encodingStyle=&quot;http://www.w3.org/2001/12/soap-encoding&quot;> <soap:Header> ... </soap:Header> <soap:Body> ... <soap:Fault> ... </soap:Fault> </soap:Body> </soap:Envelope> SOAP is an XML-based protocol to let applications exchange information over HTTP.
  • Debugging and Testing SOAP Web Services
    • JUnit
    • Eclipse Web Service Explorer
    • SoapUI
    • Web Service Call Composer
    • WebInject
    • JMeter
    • SOAPSonar Personal Edition
    • SOA Cleaner
    • Vordel SOAPbox
    • Storm
  • SOAP Security
    • SOAP header extensions
      • XML Signature
      • XML Encryption
    • More WS-Security
    • WS-Policy
    • WS-Trust
    • WS-Privacy
    • WS-SecureConversation
    • Ws-Federation
    • Ws-Authorization
    • And probably a few more…
  • REST - another Web Service [JAX-RS]
    • REST (representational state transfer) is an approach for getting information content from a Web site by reading a designated URI that contains an XML file that describes and includes the desired content.
    • Use HTTP methods for CRUD
      • create – POST
      • read – GET
      • update – PUT
      • delete – DELETE
    • Let’s see an example
  • WADL - REST equivalent of a WSDL WADL – Web Application Description Language
  • Debugging and Testing RESTful Web Services
    • JUnit
    • SoapUI
    • SOA Cleaner
    • Rest-client
    • FireFox Add-Ons
    • Firebug
    • Poster
    • RESTClient
    • RESTTest
    • HTTP Resource Test
  • REST Security
    • REST offers no built-in security features, encryption, session management, QoS guarantees, etc. But also as with Web Services, these can be added by building on top of HTTP
    • For security, username/password tokens are often used.
    • For encryption, REST can be used on top of HTTPS (secure sockets).
  • SOAP vs REST
    • Data formats
    • Caching
    • Bandwidth Usage
    • Security
    • Tools
  • Resources
    • http://www.w3schools.com/webservices/default.asp
    • http://www.databaseanswers.org/web_services_history.htm
    • http://www.w3schools.com/soap/default.asp
    • http://www.w3schools.com/wsdl/default.asp
    • www.genomeutwin.org/events/SENGER_060504_webservices.ppt
    • www.ict.csiro.au/mu/Trends/Presentations/CSIROWebServices.pdf
    • RESTful Web Services.pdf By Daniel Glauser
  • Thank You