ICTA Technology Meetup 01 - Enterprise Application Integration

ICTA Technology Meetup 01
Enterprise Application
Integration

By Crishantha Nanayakkara

Agenda
●

●

Enterprise Application Integraion – An Introduction
Enterprise Application Integraion Patterns and the
usage

●

Service Oriented Architecture (SOA)

●

SOA Security

●

Resource Oriented Architecture (ROA)

●

API Management

2

Enterprise Applications
●

Enterprise Applications usually,
–

Involve “persistent data”

–

Have a lot of data

–

Accessed by many people “concurrently”

–

Can be integrated

–

Can interoperate

4

Enterprise
Application
Integration

An Introduction

5

The Information Silos
Systems that are not connected

Drawbacks:
Isolated without insufficient
communication to the rest of the
world
●

6

The Enterprise Integration

Benefits:
Provides a way to connect each
other
●

Drawbacks:
Extremely “Spaghetti” like
architecture, create headaches
●

7

Point-to-Point Integration
Specifically, linking every component to every other
component will require N(N-1)/2 physical connections
N = Total Number of Components in the Network
e.g: If there are 10 components in the network,
Total number of physical connections = 10 (10-1)/2
= 45
10

●

The value of the network increases linearly over time
while its costs increase exponentially

11

●

Maintaining trust between clients and services can be
difficult with the number of keys to be maintained

12


13

So how we do we resolve this?

14

What is “Middleware”?
Types of middleware
–

Object Oriented Middleware (OOM)

–

Message Oriented Middleware (MOM)

16

Message Oriented Middleware
(MOM)

17

Message Oriented Middleware
(MOM)
●

●

●

This creates a loosely-coupled distributed system
Such a system can continue to function reliably,
without downtime, even when individual
components or connections fail
Examples:
●

IBM MQSeries, Sun JMS, Microsoft MSMQ

18

Messaging Systems - Benefits
●

Supports Remote Communications

●

Ability work as a message bus

●

Supports Asynchronous Communication

●

Supports Throttling (Controlling the rate at
which the receiver consumes the requests)

●

More reliable

●

Can be used for disconnected operations

●

Supports mediation
19

Messaging Systems - Issues
●
●

●

●

Complex Programming Model
Sequence Issues – There is no guarantee of
the message delivery sequence
All the transactions cannot be asynchronous.
(Airline booking system should be more
synchronous than asynchronous)
Not suited for syncing systems with big
chunks of data.
20

Most of the enterprise integrations are based on
message oriented design patterns
which are known as
Enterprise Integration Pattens

21

Enterprise
Integration
Patterns

(http://www.eaipatterns.com)
http://www.eaipatterns.com)
65 Patterns

22

Enterprise Integration Patterns

Message Router

Pipes and Filters
24


Content Based Router

Message Translator
25


Message Filter

Message Splitter
26


Message Aggregator

Message Resequencer
27


28
Source: http://www.idevnews.com/views/images/uploads/general/talend_intfactory.jpg

Service Orientated
Architecture
(SOA)

30

A Typical SOA Environment
Service Description
Service
Registry

Fi
nd

h
is
bl
Pu

Service
Consumer

Bind

Service
Provider

Web Service

31

The SOA Environment

Source: Open Source SOA

32

Lanka Gate: A Typical SOA
Environment
Portlet Applications

Application

Services

Citizens
Private Sector Companies

Credit Card
Payment Service
Mobile Portal

Country Portal

Private Sector
VPN

Lanka Gate
Lanka Gate
Mobile Service
Providers

Lanka Government
Network

Certificate
Authority

Services

Services

Services

Services

Application

Application

Application

Application

33

A typical SOA environment
●

Service Interfaces/ Contracts

●

Service Transparency

●

Service Composition

●

Service Registry or Publication

●

Service Governance

34

The Core Characteristics of SOA
1) The Service Interface / Contract

35

2) The Service Transparency

What if you change
the IP of this
address???

36

2) The Service Transparency

37

3) Service Composition
–

There are two general types of composite services
●

Simple

●

Complex

–

Simple: Simply wraps one or more lowerlevel
services together into a more coarsegrained operation

–

Complex: (Work Flow Type BPM)
●
●

WSBPEL
Entry Point of invoking WSBPEL is usally a web
service

38

3) Service Composition

39

Transport vs Message
Level
Security

42

Transport Vs Message Level
Security

43

WS-Security
The standard framework for including XMLformatted security data into SOAP messages is
called WS-Security

44

WS-Security
●

●

The same cryptography techniques (Confidentiality,
Integrity, Non-repudiation and Authentication) are
applied in the web services security stack as well
It basically provides a XML based Abstraction Layer
for the above established cryptography techniques

45

WS-Security
●

●

●

Transport level security is completely independent
of message level security.
For example, in order to have the message level
security, it is not required to have a HTTPS secured
message channel.
But if all you need to do is keep messages
confidential between point A and point B, using SSL
is perfectly sufficient
47

WS-Security
●

How does WS-Security handles Authenticity,
Integrity, Non-Repudiation and Confidentiality?
–

Security Tokens are used for Authenticity

–

XML Signature is used for Integrity and NonRepudiation

–

XML Encryption is used for Confidentiality

48

Point-Point vs End-End
Security

51

Point to Point Security
ESB as a Security Gateway

52

End to End Security
with Pass Through

53

End to End Security
with Security Translantion at ESB Level

54

End to End Security
with Security Translantion at ESB Level

55

Federated Identity
Management with SAML

56

The Federated Identity
●

SAML provides a loosely coupled identity management with the
help of WS-Trust and WS-Fedeartion specifications.

57

Resource Oriented
Architecture (ROA)

58

An Introduction
●

●

ROA consists of REST based web services
Resource Oriented services focus on distinct
data objects upon which a handful of basic,
standard operations can be performed
–

Retrieving the resources (GET)

–

Modifying the resources (POST)

–

Creating new resources (PUT)

–

Deleting resources (DELETE)

SOAP Web Services
Cons

Pros
●

●

●

●

Language, Platform and
Transport agnostic
Designed to handle in
distributed environments

●

●

More difficult and more
“heavy-weight” than REST
Harder to develop. Require
tools or frameworks

Better usage of WS*
standards
Built in error handling
features

●

Highly Extensible

●

Suitable for end-end security

60

REST Web Services
Cons

Pros
●

●

●

●

Language and Platform
agnostic
Much simpler to develop
than SOAP
Small learning curve. Less
reliance to tools/ frameworks
Unlike SOAP, no need of
having an additional
messaging layer

●

●

●

Not transport agnostic.
Supports only HTTP
transports
Only good at point-point
communication model
Lack of standards support
for security, policy, reliable
messaging, etc

61

Source: WSO2 API Management Quick Start Guide

63

API Management
●

●

●

API Gateway - To secure, manage, protect
and scale API calls
API Publisher – Enabling platform for API
Providers / developers
API Store – Enable service consumers to selfregister and discover existing APIs

64

ICTA Technology Meetup 01 - Enterprise Application Integration

More Related Content

What's hot

Viewers also liked

Similar to ICTA Technology Meetup 01 - Enterprise Application Integration

More from Crishantha Nanayakkara

Recently uploaded

ICTA Technology Meetup 01 - Enterprise Application Integration