Automate your Kamailio Test Calls - Kamailio World 2024
Web services, the ws stack, and research prospects a survey
1. Web Services,
the WS Stack,
and Research Prospects:
A Survey
UC San Diego
CSE 294
October 17, 2008
Barry Demchak
2. About Web Services
Standards sponsored through W3C
(interoperable technologies) and OASIS (e-
business standards)
A software system designed to support
interoperable machine-to-machine interaction
over a network. [WSGLOS]
Supports many interaction patterns, including
RPC
9. SOAP Benefits and Drawbacks
Benefits
Travel across HTTP through proxies/firewalls
Standards-based, extensible, platform & language
independent, and multiple vendor support
Multiple transport protocols: HTTP, JMS, Jabber,
SMTP/POP3, TCP, In-VM
Drawbacks
Verbose (and large)
Polling-oriented (depending on transport)
Travel across HTTP through proxies/firewalls
[STCP]
10. WSDL (Web Services Description Language)
XML-based description of characteristics of a
web service [INFIT]
Function signatures (in, out, in/out, return)
Service binding (URL and protocol)
Stored in repositories such as UDDI
Used to create client-side proxies
Enables dynamic binding for clients capable
of binding dynamically
12. UDDI (Universal Description, Discovery, and Integration)
Distributed repository searchable to find
services (during design time or runtime)
White Pages
Service provider’s name, business description,
contact information
Yellow Pages
Taxonomy-based description of services and
service providers
Green Pages
Web Service addresses, parameters, etc
[INFIT]
13. UDDI Data Model
Business Entity – business
information, including unique business
key
Business Service – collection of web
services, each having service keys
Binding Template – location and
binding of single service, including
binding key
tModel – reference to WSDL
14. Types of UDDIs
Public (e.g., IBM and Microsoft)
Private
EAI registry (large organization, indexed by
department or division)
Portal UDDI (portal owners publish, clients
search and use)
Marketplace UDDI (members-only,
certification, billing, non-repudiation)
15. Related Concepts and Names
JAX-WS – Java API for XML Web Service provides
mappings between Java data structures and XML
and WSDL
Xfire – framework provides support for web service
standards, used in Mule v1.4.1
CXF – continuation of Xfire as Apache project, includes
java2ws for “java first” development
Aegis – default Xfire binding which maps POJOs to
XML
Axis – Apache SOAP engine supports web services,
WSDL, and Tomcat
18. WS-Addressing
Normalized formats for
Web service endpoint references
<wsa:EndpointReference xmlns:wsa="..." xmlns:fabrikam="...">
<wsa:Address>http://www.fabrikam123.example/acct</wsa:Address>
<wsa:PortType>fabrikam:InventoryPortType</wsa:PortType>
</wsa:EndpointReference>
Message information headers
Independent of transport or application
[WSADDR]
19. WS-Policy
Flexible and extensible grammer for expressing
Capabilities
Requirements
Entity characteristics
Schema allows reasoning about assertions
Policy = {Policy Alternative}*
Policy Alternative = {Policy Assertion}*
Policy Assertion = on-wire requirements and
capabilities
Authentication schemes
Transport protocol selections
Privacy policies
QoS characteristics
[WSPOL]
20. WS-ReliableMessaging
Protocol for reliable message delivery
Between distributed applications
Regardless of component, system, or network failures
Transport independent
Available guarantees
AtMostOnce
AtLeastOnce
ExactlyOnce
InOrder
[WS-REL]
23. Policy-Based Authorization
A Policy-Based Authorization Framework for Web
Services: Integrating XGTRBAC and WS-Policy.
Bhatti, Sanz, Bertino, Ghafoor.
Current authentication does not provide fine grained
access control for users
Integrates WS-Policy (through profile extension) with
X-GTRBAC policy specification language
Allows separate policies to apply to different
components of a web service description
Computes effective policy for a web service, given
multiple policies
Delivered as a component in health care context
24. Web Service Compositions
Policy-Driven Middleware for Manageable and
Adaptive Web Services Compositions. Erradi,
Mahashwari, Tosic.
Addresses Web Service composition and dynamic
adaptation to runtime changes
Describes WS-Policy4MASC profile of WS-Policy,
which defines new policy assertions
Supports synchronous and asynchronous monitoring
and coordination at SOAP and process orchestration
layer
Separation of policy from code
Use of technical and business metrics in policy
formation
25. Best Practices (toward patterns)
Best Practices in Web Service, Data Binding
and Validation for use in Data-Centric
Scientific Applications. Akram, Meredith,
Allan.
Examines JAX-RPC and Document-style
messaging
“Loose” vs “Tight” data binding
WSDL Development
26. DOA in Web Services
Dynamic Delegation of Authority in Web
Services. Chawick.
Allow users and services to delegate resource
access to other users and services
Accounts for organization’s delegation policy,
and defines essential characteristics of policy
Describes practical DOA Web Service
27. B2B and Non-repudiation
High-value B2B interactions, non-repudiation
and Web services. Cook, Robinson,
Shrivastava.
Assumes B2B implemented as XML message
exchanges between loosely coupled services
(e.g., RosettaNet)
Protect against false denial of communication
Identifies non-repudiation protocols
Presents web service based on WS-
NRExchange
Critiques WS-Signature in NR context
28. Take Away Messages
Web Services creates a backbone for execution of
loosely coupled systems
A community of developers and researchers have
embraced it as a delivery vehicle for both applications
and research results
Other vehicles are possible (e.g., ESBs), and can
leverage Web Services-based work
Propositions
We can discuss our work in terms of Web Service
standards
We can investigate the real differences between loose
coupling in WS and in ESBs and other environments
We can apply Web Service components to other
loosely coupled environments
29. References
[WSGLOS] Web Services Glossary. W3C. Feb 2004. http://www.w3.org/TR/ws-gloss/
[WSPS] The Web Services Protocol Stack. CBDI Consulting. Feb 2005.
http://roadmap.cbdiforum.com/reports/protocols/
[WSBP] Basic Profile Version 1.1. Web Services Interoperability Organization (WS-I). Apr 2006.
http://www.ws-i.org/Profiles/BasicProfile-1.1.html
[SOAPUS] SOAP Version 1.2 Usage Scenarios. W3C. Jul 2003.
http://www.w3.org/TR/2003/NOTE-xmlp-scenarios-20030730/
[STCP] WS Wiki StackComparison. Apache Web Services Wiki. March 2008.
http://wiki.apache.org/ws/StackComparison
[WSOAP] SOAP. Wikipedia. Oct 2008. http://en.wikipedia.org/wiki/SOAP
[INFIT] IT Web Services: A Roadmap for the Enterprise. A. Nghiem. Prentice Hall. Oct 2002.
http://www.informit.com/articles/article.aspx?p=31076
[WSADDR] Web Services Addressing (WS-Addressing). W3C. Aug 2004.
http://www.w3.org/Submission/ws-addressing/
[WSPOL] Web Services Policy 1.2 – Framework (WS-Policy). W3C. Apr 2006.
http://www.w3.org/Submission/WS-Policy/
[WSREL] Web Services Reliable Messaging (WS-Reliable Messaging). OASIS. Sep 2005.
http://www.oasis-open.org/committees/download.php/15177/wsrm-1.1-spec-cd-01.pdf
[WSSEC] Web Services Security: SOAP Message Security 1.1 (WS-Security 2004). OASIS. Feb 2006.
http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf
[BPEL] Web Services Business Process Execution Language. OASIS. Apr 2007. http://docs.oasis-
open.org/wsbpel/2.0/OS/wsbpel-v2.0-OS.html
[WSTRU] WS-Trust 1.3. OASIS. Mar 2007. http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-
os.html
[WSPRO] WS-Provisioning.
30. Additional Reading
[UDDIF3] UDDI Version 3 Features List. OASIS.
2002. http://uddi.org/pubs/uddi_v3_features.htm
[OAUDDI] UDDI Version 2.0.4 API Specification.
OASIS. July 2002.
http://uddi.org/pubs/ProgrammersAPI-V2.04-
Published-20020719.pdf
[XFire] Codehaus XFire. http://xfire.codehaus.org/
[AXIS] Web Services – Axis. Apache. Apr 2006.
http://ws.apache.org/axis/index.html
[RETWS] A Retrospective on the Development of
Web Service Specifications. S. Pallickara, G. Fox, M.
Aktas, H. Gadgil, B. Yildiz.