Sang Shin
sang.shin@sun.com www.javapassion.com Java Technology Evangelist Sun Microsystems, Inc.
1 2
Courses I teach
? ?
XML (2001) Distributed programming using Jini and JavaSpaces technology (2002) Web services programming using XML and Java technology (on-going) ? www.javapassion.com/webservices Free "online" J2EE programming (on-going) ? www.javapassion.com/j2ee Free Advanced J2EE programming ? www.javapassion.com/j2eeadvanced
TM TM TM TM
www.javapassion.com
10/23/2004
Agenda
?
Part I
? ?
Web Services Overview Core Web Services Standards: SOAP, WSDL, UDDI Web Services Development using Java Technology Web Services Security Web Services Interoperability and WS-I ebXML & UBL Ongoing Web Services Activities
Par II
?
Part III
? ?
Part IV
? ?
A Web service is a software application identified by a URI, whose interfaces and binding are capable of being defined, described and discovered by XML artifacts and supports direct interactions with other software applications using XML based messages via internet-based protocols
8
10/23/2004
Web Service
Within enterprise Tied to a set of programming languages Procedural Usually bound to a particular transport Tightly-coupled Efficient processing (space/time)
Between enterprises Program language independent Message-driven Easily bound to different transports Loosely-coupled Relatively not efficient processing
10
Web Service
Program-to-program interaction Possibility of dynamic integration of components (in the future) Possibility of service aggregation (in the future)
The Network 11 12
10/23/2004
Custom Integration
Web Services
Metcalfes Law: The value of the network is proportional to the square of the number of
Business web services is the next big thing, but more works are needed in
Consumer-focused, stateless, SOAP over HTTP/S Deployed within organization boundaries to enable internal integration Deployed on extranets to enable business transactions with trading partners, suppliers, and customers, ebXML & UBL
16
nd
Quality of Service, Management, Metering Security, transaction, reliability Work flow, Identity management, Provisioning, Accounting and billing Performance, scalability, availability
15
10/23/2004
What is SOAP?
IIOP for CORBA JRMP for RMI text based protocol vs. binary protocol
18
So it will not replace objects and components, i.e. EJB, JavaBeans So it will not replace Java So it will not replace other distributed computing technologies such as RMI
19
Message Envelope Encoding Rules RPC Convention Binding with underlying protocols
20
10/23/2004
Security Transaction
Body
Attachment
21
SOAP Encoding
Rules of expressing application-defined data types in XML Based on W3C XML Schema Simple values
Built-in types from XML Schema, Part 2 (simple types, enumerations, arrays of bytes)
Compound values
Structs, arrays, complex types
23
24
10/23/2004
SOAP RPC
25
26
SOAP RPC
SOAP RPC
27
28
10/23/2004
What is WSDL?
XML language for describing web services Web service is described as
A set of communication endpoints (ports)
Abstract definitions of operations and messages Concrete binding to networking protocol (and corresponding endpoint address) and message format
Why WSDL?
Enables automation of communication details between communicating partners
Machines can read WSDL Machines can invoke a service defined in WSDL
Simple service providing stock quotes A single operation called GetLastTradePrice Deployed using SOAP 1.1 over HTTP Request takes a ticker symbol of type string Response returns price as a float
32
? ?
10/23/2004
WSDL Elements
WSDL Elements
Types
Data type definitions Used to describe exchanged messages Uses W3C XML Schema as canonical type system
34
WSDL Elements
Messages
Abstract, typed definitions of data being exchanged Abstract description of an action Refers to an input and/or output messages Collection of operations Abstract definition of a service
36
Operations
Port type
35
10/23/2004
WSDL Elements
Binding
Concrete protocol and data format for a particular Port type Protocol example: SOAP 1.1 over HTTP or SOAP 1.1 over SMTP Defines a single communication endpoint Endpoint address for binding URL for HTTP, email address for SMTP Aggregate set of related ports
38
Port
Service
UDDI
39
40
10/23/2004
Service Architecture
UDDI Registry
1. Service Registers PUBLISH 2. Client Request Service Location FIND
White Pages
Web Service
Service Client
Yellow Pages
Information about the business (address, contacts,...) Categorization of the business and its services Technical information about how to invoke a service
42
UDDI defines a way to publish and find information about Web services.
41
Green Pages
BusinessEntity
BusinessService BindingTemplate BindingTemplate Tmodel Tmodel 43
Business Entity
White Pages information Yellow Pages information Green Pages information Contains references to tModels
BusinessEntity
Business Services
Binding Templates
tModels
Top-level data structure that holds descriptive information about a business entity Service descriptions and technical information are expressed within a businessEntity
businessEntity
businessKey name URL description contacts businessServices identifierBag categoryBag
44
10/23/2004
BusinessService
BindingTemplate
<businessService businessKey="..." Represents the serviceKey="..."> business services <name>StockQuoteService</name> provided by the <description> (...) </description> businessEntity <bindingTemplates> (...) Unique key used <bindingTemplate> to represent a (...) service <accessPoint urlType="http"> http://example.com/stockquote Name of the </accessPoint> service <tModelnstanceDetails> Contains <tModelnstanceInfo BindingTemplate tModelKey="..."> </tModelnstanceInfo> structures <tModelnstanceDetails> </bindingTemplate> </bindingTemplates> </businessService>
45
<businessService businessKey="..." serviceKey="..."> <name>StockQuoteService</name> <description> (...) </description> <bindingTemplates> (...) <bindingTemplate> (...) <accessPoint urlType="http"> http://example.com/stockquote </accessPoint> <tModelnstanceDetails> <tModelnstanceInfo tModelKey="..."> </tModelnstanceInfo> <tModelnstanceDetails> </bindingTemplate> 46 </bindingTemplates> </businessService>
tModel
tModel Example
<tModel authorizedName="..." operator="..." tModelKey="..."> <name>StockQuote Service</name> <description xml:lang="en"> WSDL description of a standard stock quote service interface </description> <overviewDoc> <description xml:lang="en"> WSDL source document. </description> <overviewURL> http://stockquote-definitions/stq.wsdl </overviewURL> </overviewDoc> <categoryBag> <keyedReference tModelKey="UUID:..." keyName="uddi-org:types" keyValue="wsdlSpec"/> </categoryBag> </tModel>
Shared by business entities Has a reference to WSDL document Enables quick search of all business entities which supports a particular service Contains CategoryBag
47
48
10/23/2004
Publishing Services
Publishers interface Save things save_business save_service save_binding save_tModel Delete things delete_business delete_service delete_binding delete_tModel security get_authToken discard_authToken
Each save message accepts as input the authToken and one or more corresponding structures.
Inquiry interface
Find things
Browse
4 messages to find each of the 4 structures The get call can be used to get information regarding a specific instance of any of the 4 data types, given the key
They all accept the corresponding uuid key as the parameter. request an authentication token inform registry that the authToken is no longer valid.
Get details
Drill-down
Security:
Taxonomy interface
49
50
B2B Directory
Platform-neutral
51
52
10/23/2004
Demo
UDDI Browser in soapclient.com
54
53
55
56
10/23/2004
Business Entity
57
58
List of Services
A particular Service
59
60
10/23/2004
Binding Template
tModel
61
62
63
64
10/23/2004
65
66
67
68
10/23/2004
Demo
Accessing Amazon.com through a Web service
69
Demo Scenario
Accessing Amazon.com Web service in real-time through a browser Accessing Amazon.com Web service in real-time using Swing application, which uses Sun Java Studio generated stub library
70
Demo Scenario
Browser
Web services client
HTML/HTTP
Amazon.com
XML/SOAP
10/23/2004
SOAP Messaging
WSDL
UDDI
J2EE 1.4 (JSR 151) Web services for J2EE (JSR 109) JAX-RPC (JSR 101) JAXR SAAJ EJB 2.1
75
Assembly language for XML document processing Higher level language for XML document processing Pull-parsing API based on Iterator Gives parsing control to programmers
76
10/23/2004
XML Digital Signature (JSR 105) XML Encryption (JSR 106) XML Trust Service (JSR 104) Secure Assertion Markup Language (SAML, JSR 155) WS-Security (JSR 183)
77
Java API for OASIS BTP SOAP messaging for J2ME devices Metadata based Web services Foundation for Service-Oriented-Architecture (SOA)
78
A set of endpoints (ports) operating on messages Ports are operating within a container
Container provides runtime environment Contract for runtime environment are specified in JAX-RPC, EJB 2.1, JSR 109
10/23/2004
Web services components get executed within a container Container provides host execution environment Components are portable
Web service component is 1st-class J2EE component along with JSP, Servlet, EJB components in J2EE 1.4
81
82
Provides
?
? ?
Life cycle management of web service components Provides a listener for WSDP port address Listerner then dispatches client requests to web services components Runtime services: Security services Web container for Servlet-based endpoint EJB container for EJB-based endpoint
83 84
10/23/2004
Client View
Server View
Web services for J2EE (JSR 109) JAX-RPC SAAJ JAXR EJB 2.1 Connector architecture 1.5
86
JAX-RPC Runtime is provided by Web container EJB 2.1 Runtime is provided by EJB container 85
JAX-RPC
Servlet-based Web service endpoint model XML data types to/from Java types mapping WSDL to/from Java mapping JAX-RPC Client Programming Models SOAP Message Handler framework Extensible type mapping
Client model
10/23/2004
SAAJ
WSDL Document
JavaWSDL WSDL Java
Container
Contains the API for creating and populating a SOAP messages conforming to SOAP 1.1 and SOAP with Attachment specifications Used by high-level APIs (such as JAX-RPC runtime)
Contains API necessary for sending requestresponse (non-provider-model) messages Separated out from JAXM 1.0 into JAXM 1.1 and SAAJ 1.1
90
SOAP HTTP
89
JAXR
Stateless session bean can be web services implementation Web services endpoint interface (service definition interface) for Stateless session bean Can implement SOAP Message Handlers for Stateless session bean based endpoint
Standard Java API for performing registry operations over diverse set of registries
A unified information model for describing business registry content Provides multi-layered API abstractions
91
10/23/2004
Message-driven bean (MDB) contracts are extended to support additional messaging types (e.g., JAXM) in addition to JMS
JMS MDB implements javax.jms.MessageListener JAXM MDB implements either javax.xml.messaging.One-wayListener or javax.xml.messaging.ReqRespListener
93
WSDL or Web service endpoint interface (Java interface) WSDL is created (or found) first before its implementation
Top-down
Bottom-up
10/23/2004
Extends java.rmi.Remote
Needed for both servlet-based and stateless session bean based endpoint Could be generated from WSDL Declared in Web service deployment descriptor
97
98
Java class (for servlet-based endpoint) Stateless session bean Deployment tools generate needed artifacts for runtime Container delegates invocations on service endpoint to either Java class or session bean instance
99
10/23/2004
Ready-to-deploy'able package
WAR file (servlet-based) EJB-JAR file (stateless session bean based) Package structure Web Services Deployment descriptor
101
102
Package Contains
? ? ? ?
Leveraging existing J2EE programming models for service implementation Easy to program and deploy
WSDL document Service endpoint interface Service implementation Web Services Deployment descriptor
10/23/2004
webservices.xml
<webservices> <webservice-description> <webservice-description-name>JoesServices </webservice-description-name> <wsdl-file>META-INF/joe.wsdl</wsdl-file> <jaxrpc-mapping-file>META-INF/joes_mappings.xml </jaxrpc-mapping-file> <port-component> <port-component-name>JoePort</port-component-name> <service-impl-bean> <ejb-link>JoeEJB</ejb-link> </service-impl-bean> </port-component> </webservice-description> </webservices>
Validation of the package Creation of runtime artifacts Configuration of the servers SOAP request listeners for each port (binding to a port) Generation of concrete WSDL document Publication of Web services
106
105
108
10/23/2004
Demo
Building a Web Service using Sun Java Studio IDE
109 110
Demo Scenario
Exposing methods of a Java class as a Web service using Sun ONE Studio 5 (Bottom-up approach) Packaging and deploying a Web service at Web-tier over Sun ONE App server using Sun ONE Studio 5 Testing the Web service through a browser using automatically generated JSP pages and custom tags
111
112
10/23/2004
Typically used to process service contexts in SOAP header blocks Can be used to extend functionality of Web services runtime system
?
Through standardized programming API Portable across implementations JAX-RPC runtime system calls init(), destroy() of a handler
J2EE containers (which provide Web services runtime) are likely to use them internally to provide session/transaction propagation
Example handlers:
Handler instances can be pooled MessageContext is used to share properties among handlers in a handler chain
114
113
Handler Chain
Handler #2 Service Endpoint (Port)
Handler #1
115
116
10/23/2004
Demo Scenario
Demo
Build & Deploy a chain of Server side SOAP Message Handlers
117
Using Sun ONE Studio 5, configure and redeploy a Web service with a chain of SOAP message handlers Run any client to access the redeployed Web service and see the dumped SOAP messages
118
Session Management
Session Management
Service client or service developer do not have to deal with session management
119
10/23/2004
Demo Scenario
Demo
Session Management
121
Perform a series of Web services calls through which a session state is maintained
122
Independent of how an XML based RPC service (service endpoint) is implemented on the server side Generates a Java based client side representation for a service from WSDL document Must not be exposed or tied to a specific XML based protocol, transport or any implementation specific mechanism Can be standalone app, Web-tier components, EJB beans
124
10/23/2004
Binding "FooB"
SOAP/HTTP
Port Type "FooPT"
Operation "Op1"
Operation "Op2"
Port ...
Service object
125
Container
Service Endpoint Interface Service Interface
Client
Port
127
4.Send messages to endpoints that provide service implementation (through stub or dynamic proxy) 5.Receive back messages that contain results
128
10/23/2004
129
Both interface (WSDL) and implementaion (stub) created at compile time Interface (WSDL) created at compile time Implementation (dynamic proxy) created at runtime Both interface (WSDL) and implementaion created at runtime
131
Dynamic proxy
Stub class gets generated at compile time All needed value classes are also generated Instantiated using vendor-generated Service implementation class Stub class is bound to a specific XML protocol (i.e. SOAP) and transport (i.e. HTTP) Best performance Stub class implements
10/23/2004
com.example.StockServiceSoapBinding_Stub
<<package>> javax.xml.rpc
Dynamic proxy is generated on the fly by JAX-RPC client runtime Application provides the Web service definition interface the dynamic proxy conforms to during runtime Easiest to program but slower than stub-based
- implementation object created and casted
134
Gives complete control to client programmer Most dynamic but complex programming Enables broker model
Client finds (through some search criteria) and invokes a service during runtime through a broker Used when service definition interface is not known until runtime You set operation and parameters during runtime
136
135
10/23/2004
137
} }
138
Demo
Building and Running Three Client Programming Models
139
Demo Scenario
Build and run client programs using three client programming models
Compare the duration of call among the three client programming models
140
10/23/2004
Current
?
Leverages the existing transport-level security models of J2EE Follow XML and Web services security standards work Message-level security Information about the authentication policy will be included in or available through the service definition (WSDL)
144
Future
?
? ?
143
10/23/2004
145
146
Authorization
?
Leverages HTTPS
? ?
SSL supports encryption WSDL document's port address may specify https:
Servlet based endpoint ? who can access what web resources Stateless session bean based endpoint ? who can perform what EJB methods
147
XML digital signature for data integrity XML encryption for confidentiality
148
10/23/2004
Auditing
? ?
Non-repudiation
? ?
Standard format for record format and programming API still need to be defined
HTTPS falls short on non-repudiation J2EE 1.4 vendors are recommended to support non-repudiation logging Future
?
149
150
Demo
Accessing Web service via Basic Authentication (and SSL encryption)
151
Demo Scenario
Redeploying a Web service with Basic authentication enabled through Sun ONE Studio 5 Running client application without passing username and password - it should fail with authorization failure Running client application with username and password
152
10/23/2004
Point of interaction is more over the internet (as opposed to within an intranet) Interaction between partners with no previously established relationship Program to program interaction (as opposed to human to program interaction) More dynamic interaction (as opposed to static interaction) Larger number of services providers and users
154
SSL/TLS/HTTPS
Transport level security (as opposed to message level security) Point-to-point security only, does not handle end-to-end multi-hopped messaging security Security only when data is on the wire, does not secure data off the wire HTTPS does not support non-repudiation HTTP might not be the only transport used No element-wise signing and encryption
155
XML Digital Signature XML Encryption XKMS (XML Key Management Specification) XACML (eXtensible Access Control Markup Language) SAML (Secure Assertion Markup Language) ebXML Message Service Security WS-Security Identity Management & Liberty Project
156
10/23/2004
XML Signature
XML syntax for representing signature of web resources and portions thereof Procedures for computing and verifying such signatures Canonicalization of XML data Trust in key is out-of-scope
157
158
Very flexible, thus can support diverse set of internet transaction models
Can sign individual items of a XML document Can sign multiple items Can sign both local and remote objects
?
Can sign both XML and non-XML content Allows multiple levels of signing (different signing semantics) to same content
?
XML Encryption
159 160
10/23/2004
XML syntax for encrypted data Encrypting/decrypting such data Can encrypt only certain parts of document
161
162
What is XKMS?
?
A protocol for a trust service for resolving (validating) public keys used in XML Signature and Encryption Uses SOAP over HTTP A protocol for a web service that accepts registration, revocation, recovery of public keys
164
10/23/2004
Why XKMS?
PKI is important to Web service PKI is too complex to deal with in many applications
XKMS eases the integration of PKI by moving the complexity of PKI operation to a XKMS server XKMS reduces the processing burden by moving it to a XKMS server
XACML
(eXtensible Access Control Markup Language)
165 166
So a XKMS server provides a Trust service (PKI Service) to XKMS clients in a form of Web service
What is XACML?
Why XACML?
Extensible language with flexible semantics No need to develop app-specific languages No need to write policy in several languages Admins only need to understand one language Policies written by different parties can be combined
168
Used against XML elements in XML document Extensible Policy Decision Points (PDPs) involved in SAML might consult policies encoded in XACML to determine whether access will be granted to a resource
Lower costs
Simpler
Policy composition
167
10/23/2004
A patient has patient record including psychiatric notes The patient grants access right to psychiatric notes only to primary care doctor The primary care doctor grants access to patient record to covering doctor, with access restriction following the transmitted documents so that covering doctor has no access to psychiatric notes
169
What is SAML?
?
Why SAML?
?
Standards are emerging for many facets of collaborative e-commerce, such as:
Various XML security assertions: credentials, authentication, attribute, authorization, etc... Request & response protocol
? ? ?
10/23/2004
Logged-in (authenticated) users of Smith.com are allowed to access to sister site Johns.com without relogin
Authenticate
SAML Assertion Request
Smith.com
SAML Assertion Response
Johns.com
174
173
#2 Distributed Transaction
?
#3 Authorization Service
?
A car buyer also purchases an auto insurance from insurance.com which is affiliated with cars.com
cars.com
An employ of Works.com orders office supplies directly from Office.com, which performs its own authorization
Works.com
SAML Assertion Response
Buy a car
SAML Assertion Request
Employee of Works.com
Buy insurance
insurance.com 175
Office.com 176
10/23/2004
SAML Assertions
Assertions are declarations of fact, according
Authentication statement
?
to someone SAML assertions are compounds of one or more of three kinds of statement about subject (human or program)
Authentication Attribute Authorization
177
178
Attribute statement
?
179
180
10/23/2004
Authorization statement
?
whether to grant the request by subject S for access type A to resource R given evidence E
B) b)
?
The subject could be a human or a program The resource could be a web page or a web service, for example
182
181
183
184
10/23/2004
WS-Security Specification
Set of SOAP extensions for end-to-end SOAP
messaging security
Security schemes at message level
WS-Security
185
body, attachments
186
Security Token
- Collection of (authority certified) claims
SOAP Body
Signature
- Establishes signer identity, content integrity - Dependent on key binding claim
Key Binding
SignatureValue
Data Reference
- Identifies input to digest algorithm 187 188
10/23/2004
Reference List
- Identifies encrypted content
SOAP Body
Encrypted Data
- Encapsulates encrypted content - May depend on key binding claim to identify encryption key
Security Token
Encrypted Key
- Conveys encrypted key and Reference List - Dependent on key binding claim
189
Key Binding
Message Content
190
Reference
Data List Reference Data Reference Cipher Data
Encrypted Data
Cipher Data
Key
Message Content
10/23/2004
195
10/23/2004
Telecommunications Community
Retail Community
Entertainment Community
Travel Community
198
Circles of Trust
Name: ID Preferences: .
Supplier Supplier A C
Supplier B
External Services
External Services
Calendar
Work Profile
External Services
News Source
News Source
Home Profile
Name: ID Preferences: .
NI Enabled Services
199
200
10/23/2004
201
202
WS-I Is
An open industry effort chartered to promote Web Services interoperability across platforms, applications, and programming languages. The organization brings together a diverse community of Web services leaders to respond to customer needs by providing guidance, recommended practices, and supporting resources for developing interoperable Web services.
WS-I Is Not
?
?
?
? ?
203
10/23/2004
Profiling
SOAP 1.1, WSDL 1.1 and UDDI 2.0
Package WS-I BP 1.0-conforming WSDL documents in your J2EE 1.4 application Containers will take care of all the details:
? ? ? ?
HTTP 1.1 requirements SOAP 1.1 requirements WSDL 1.1 requirements UDDI 2.0 requirements (if supported)
205
206
Configurator
Warehouse A
Manufacture A
Retailer
Warehouse B
Manufacture B
Warehouse C
Manufacture C
207
10/23/2004
WSDL Descriptions
Web Service Client
Testing Tools
Web Service
Monitor
Log File
Analyzer
Results
209
210
Analyzer
Analyzer Confg File
WSDL Document
Demo
WS-I Sample Application, Monitor, Analyzer
211 212
XSLT
10/23/2004
Demo Scenario
Running WS-I Supply Chain Management sample application over service endpoints from various companies over the internet
?
213
214
E-commerce means B2B. And EDI accounts for about three-fourths of it 215 216
10/23/2004
J2EETM
?
Service implementation platform standard Business web services standards Identity system standard Programming language and data representation standards
Liberty Project
?
B2B collaboration Secure and reliable message delivery Non-repudiation Partner profile Repository for business data objects Standard and commonly agreed upon business documents
218
217
B2B Collaboration
l l l l
B2B Collaboration
l
l l
Simple interaction Consumer oriented Short-living process No business collaboration No partner profile Not secure, not reliable Does not support non-repudiation No repository support Synchronous
l l
Complex interaction Business oriented Long-running process Supports business collaboration Supports partner profile Secure and reliable Supports nonrepudiation Registry and repository Asynchronous
l l
Within a business organization Centralized control Implicit contract Small number of business processes and participants
l l
Between business organizations Distributed control Explicit contract Potentially large number of business processes and participants
220
219
10/23/2004
Web B2B
ebXML CPA
Defines a library of standard electronic business documents Plugs directly into existing traditional business and legal practices Eliminates re-keying of data in existing fax-based supply chains Fills the payload slot in B2B frameworks such as the UN/OASIS ebXML initiative (http://ebxml.org) and various WS schemes
221
Business Processes
CASE tool
ebXML BPSS
VAN
X12, EDIFACT
222
W3C
XML, XML Schema, XSL, XQuery SOAP WSDL Web Services Addressing Web Services Choreography Semantic Web Services SOAP Message Transmission Optimization Mechanism (MTOM) XML Key Management Specification (XKMS) XML Signature XML Encryption
224
10/23/2004
OASIS
OASIS (Continued)
Asynchronous Service Access Protocol (ASAP) Business Transaction Protocol (BTP) * Electronic Business XML (ebXML) * Framework for Web Services Implementation Translation Web Services Web Services Business Process Execution Language (WS-BPEL) Web Services Composition Application Framwork (WS-CAF) Web Services Distributed Management (WSDM) Web Services Interactive Application (WSIA)
225
Web Services Notification (WSN) Web Services Reliable Messaging (WSRM) Web Services Resource Framework (WSRF) Web Services for Remote Portlets (WSRP) Web Services Security (WSS) * Universal Description, Discovery and Integration (UDDI) * Universal Business Language (UBL) * Security Assertion Markup Language (SAML) * Extensible Access Control Markup Language (XACML) *
226
What is SOA?
Principles and practices for designing shared, reusable, distributed services
SOA Attributes:
Separation of service interface from underlying implementation (loose coupling) Promotes service reuse through discoverable and self-describing services Services are course-grained, composable, and rely on a standards based infrastructure
228
10/23/2004
You can practice SOA without Web services... but.. Web services is the best enabler of SOA
Service interface hides service implementation Reusable Discoverable Compose'able Standard-based Industry momentum
Begins with J2EE 1.4 platform-based Web services Continues with J2EE 5.0 platform enhanced Web services J2EE 5.0 platform extended with JSR 208 (Java Business Integration)
229
SOA Platform
231
232
10/23/2004
A Service
Document-style
l l l
Document-style
l
Procedure call Method signature Marshaling Tightly-coupled Point to point Synchronous Typically within Intranet
Business documents Schema Parsing & Validating Loosely coupled End to end Asynchronous Typically over internet 235
Within Enterprise Simple, point-topoint Short running business process Reliable and high bandwidth Trusted environment
l l l l
Between enterprise and enterprise Complex, end to end with intermediaries Long running business process Unpredictable bandwidth Blind trust
236
10/23/2004
SOAP body contains XML document, i.e. Purchase order Specified via style and use attribute in WSDL document Attachment contains XML document Specified via MIME binding in WSDL document
237
Use of Attachments
? ?
238
25 22.5 20 17.5 15 12.5 10 7.5 5 2.5 0 JAX-RPC encoded JAX-RPC literal RMI/IIOP Protocol RMI
5500 5000 4500 4000 3500 3000 2500 2000 1500 1000 500 0 JAX-RPC encoded JAX-RPC literal RMI/IIOP Protocol RMI
Time (ms)
239
Size (bytes)
240
10/23/2004
Main Goals
Can Change
Technical Goals
Use Cases
High-performance computing
- Grid computing - Scientific computing
Example: Auto-ID
244
243
10/23/2004
Technological Requirements
Transport layer
- Mechanism: compression - Unit: bytes
Transport
XML 1.0 Bytes
Infoset
SAX/DOM/Pul l
Binding
Types
248
10/23/2004
Transport
XML Infoset Binary Bytes
Transport
Infoset
SAX/DOM/Pul l
Binding
Types
Schema Knowledge
Binding
Types
249
250
Fast Schema
7B 4B 1b string 12345678 true
251
252
10/23/2004
JAX-RPC encoded
JAX-RPC literal
RMI/IIOP
RMI
5500 5000 4500 4000 3500 3000 2500 2000 1500 1000 500 0
Size (bytes)
Time (ms)
JAX-RPC encoded
JAX-RPC literal
RMI/IIOP
RMI
Protocol
Protocol
253
254
ASN.1
Royalty-free set of standards at ITU-T/ISO In development for nearly 20 years Extensively used in telecom industry Implementations in Java, C and C++ programming languages
255
10/23/2004
Demo Scenario
Demo
Fast Web Service
257
Comparing regular Web service and fast Web service performance in real time using different size of the messages
258
Goals
? ?
Simplify Web services development and deployment dramatically Leverage Java Language Metadata technology (JSR 175)
?
provide an easy to use syntax for describing web services at the source-code level Validate Web services metadata Produce class files containing metadata
260
10/23/2004
Goals
? ?
JSR 181
?
Enable auto-deployment
?
Protocols, WSDL, service endpoints, XML/Java mapping, message formats, deployment descriptors, packaging
Both source and compiled form Web Service metadata annotates 181 WS file 181 WS file is a standard Java source file A Java language extension with compiler support Define Metadata vocabulary for application area
?
Hide low-level programming APIs for Web services components and J2EE Like JSP hides complexity of Servlet
261
10/23/2004
Long running business process Multi enterprise and distributed (no single Transaction manager is present)
JSR-172
Subset of JAX-RPC 1.0 Additionally specifies runtime SPI-portable stubs No support for the service endpoint model. The subset only provides support for clients to access web service endpoints. Alignment with WS-I Basic Profile Protocol encoding: SOAP 1.1 using XML based protocol
268
10/23/2004
Demo Scenario
Demo
J2ME Web Service
269
Building and running J2ME Web service client application (through an emulator) using Sun ONE Studio 5
270
Thank You!
271