development methodology
(M0WS)
1.6.7
Summary
Review
questions
Exercises
Part
X
Emerging
trends
Chapter
17:
Recent
the hype
paradigm
services have emerged
old
application
pot-
application solutions that use
processes
education, and
strategic
business
pro-
one another,
For exarnple.
a service
groundwork
to
standable to readers who
and
technical
underpinnings
concretely in XML and
a
means
to
gies
book
progresses,
very
scattered
and standards that make up
the Web
services concept
involving a
of
services
suggested paths
For the practitioner
of the
on
endpoint and is accessible via various
transport
protocols
over
simple
behavior: a
having to take care about its construction or destnrction like
in
case
a service is comparable
on
service.
New kind of middleware evolved
that supports
dealing with
based on
by a client, this middleware automatically determines a service that
will perform
an appropriate
Thus, the concept
paradigm
called
"service-
relations,
order to result
in complete systems.
and run in heterogeneous
rest easy, and read this unique
book
oriented architecture. It describes the concrete usage
and
rendering
actual standard specifications from
ways
a
long
time.
lt
was
a
daunting
part
years
to
complete.
In
the
process
I did extensive research, used a huge number of sources, and
had discussions
with numerous
who
many ideas found in this
book, and led to
This
book
would
deal
of
people,
Reviewers have
the
quality
Monica Martin
at Sun
Microsystems, Anne
the Sydney Universiry
I am also indebted
suggestions
and
Chappell at Sonic
of OASIS ebXML,
Sydney
University
of
reviewed
Chapter 15; Rania Khalaf at IBM TJ Watson Research Labs, who reviewed
Chapter
Labs,
who
reviewed
Chapter
16;
Chapter 12; Wiliem
Marco Aiello
TJ Watson
Research Labs,
Vincenzo d'Andrea
at the Universitv
at the IRST Research
This
technology
is
expected
at
orchestrated service
and
communicate
ove:r
the
Intemet,
they
provide
familiarized themseives
To better understand
as
services scenarios
of existing back-end
large
compzuries
procure,
manufacture,
sell,
around
acceptance
web services.
interactions
have
stage for the
aspects of
to subscribers.
a
provided
se'rvice
clients.
A
se
rvice
stateful
that instance-specific state. Typi:ally,
of messages
between partners,
process
includes
in
interaction
by
accepting
a
pur,rhase
order through an input message, and then retums an acknowledgement to the cuslomer
if
the
to the
process
must
"remember"
a
logies, making it
extensive development
two systems have
partner
applications
behave. They also need to know intimate details of how their
partner
and
the
details
parameters
that
each
method accepts, and the type of results it retums. In addition, tightly coupled
applica-
tions
need to know the location of the applications with which they work
(and
often
running
in
requires that the interfaces
an application
time needs to be spr:nt in
defining
systems to connect
ability
to
in
time
deployment
platform,
and
application programming
end users
containing
response message
operations will fail.
between the client and service, RPC-style services require a tightly
coupled model of communication between the client and service
provider.
RPC-
characteristics;
+
Examples of typical simple synchronous services with an RPC-style include
retuming
potential
trading
a business transaction.
driven services.
When a
client typically
of
parameters.
The
processes
service
does
not
remainder
of
its
application.
any, can appear hours or even days
later.
in which
an application
and
interface
(or
ment, e.9., a purchase
order from
assumes that
the Web
messages
invoke
operations;
details
of
of
the
implementation
on. As long
may be
Here we may pursue
services
service description
to locate
technical information included in
second
possibility
agency
when
invoking
complex
valued-added
chain
multiple business partners
stock updates,
and shipping
the
purchase
order
process
employs
ser-
vice.
The next stage in the SOA
entry point
services
basr:d
on
observation
accomplish
a
higher-level
can be
finance, manufacturing, and
view
and functionality.
these subprocesses
has the chance
new
of business
resource,
and
progress
activities. Such business
but rather
gather information about managed
human
intervention.
Web
services
support
in
technologies
specification,
J2EE
Working
Group,
which
will
'leliver
guidance
conceming
reliable
messaging
with
security.
Among
as components)
that hides
for achieving this
for a brief
comparison between Web
in an integrated
describe services that are useful at the business level. For
instance, with a
object and
a
business
application.
capability
describes
of
understands
target service.
collaborating service
as this
precise collaborating service.
QoS
(by
choosing
demands
systems
with
well-defined
architectural
model among
all distributed
and where the deployment
in
mapping
they do not inherently
create
object system that spans
exchanges
-
also vendor
companies
such
fulfill
web
services?
what
is
role
n:ronitors
transactions
of
the
inventory.
Decompose
other.
business process
of
(probably
heterogeneour;)
net-
infrastructure,
are
storage
replication,
in a
motivation
transmitted across
the Internet
of messages exchanged between two or more communication
entities,
event
[Kurose
2003].
Intemet Protocol
packets
they
Protocol
(TCP)
from
one
networks,
and
within
protocol addresses,
parts:
part
the
network
a central authority and is
unique throughout
of the IP address resides with
the
identified
by
identifier is not constant.
addresses
are split into three classes which allow for a small number
of
large number of small
(OSI)
of
reference model
manner, it is known as latered. architecture.
The OSI rnodel employs a hierarchical structure
of
seven
The
0SI
layers
in
the
procedural, and
deactivating a
data
to
the
formaning. Tasks like
Application layer
layer
in
layer
associated
application
processes.
Layers
I through 4 deal with the communication, flow control, routing, and error
handling
needed
to
transport data end to end across the network. Below the transport layer, there
can be many different types
of
physical
networks
(LAN).
Layers
presented
programs providing various
types of end-
[Moss
1997].
below it,
term protocol
stack that
of
all
predefined
protocols
computing systems.
The TCP/IP
of
level
of
the
TCP/IP
model
services
provided
at the lowest level
protocol
At
for
tasks like transferring files or delivering e-mail. In between are
protocol
Note
include an additional
2.2,
a four-layer
The
TCP/IP
sinrply link layer, is
the lowermost la1's1 616
packet or sheam oriented.
any network interface
the IP layer.
the net-
up
from
for
"blocks
of
data"
layer provides the "virtual network" image of an
lntemet
(this
protocol
packet.
IP
provides
protocol
to
protocol
means
not make
the delivery route
information in a
functions
protocol
used
by
pro-
tocol.The
oriented. when
each connection
and when
any connection
of
layers
Before concentrating on the middleware layers depicted in Figure 2.3, we
shall describe
2.2 The
ctient-server model
of how to handle the
need
for
members, clients
of other servers. For instance,
a Web server is
(or
database
For example,
-
sessions are
run there.
In a
The client makes requests
on
iinks.
typically runs
in Web-based
code of
only
software
that
the
messaging
system
and
the
application
developer
protocols,
messages
process
During interprocess communication messages are sent to
(Intemet
a
There a
run
address to remain valid.
refer to services
by name and use a name server to translate names into server locations at run-time,
or by
ing
from,
the
message arrives at
its destination, it
be bound to a local
port
Intemet
address
of
the
can
support
one,
or
sometimes
two,
or
The defining characteristic
munication
systems, which must
the call. Both the sending and the
receiving application must be ready to communicate
each other at times. A sending
initiates a request
then blocks its
receiving application
procedure calls
When using asynchronous messaging, the caller employs a send and
forger
approach
that
the message.
con-
processing
activities. The sending application does not have to wait for the
receiving application to complete and
for
its
reply
the synchronous mode, both application systems
and receiver) do not have to be active at the same time for
processing
forward
and
puhlishl
subscribe
and
are
described
interfaces,
examine
these
processes. Such
and
the
the
code
programming, an
the interface of
the remote object
and its methods.
of
executing
client stub, again by
using the [l.PC run-
RPCs
mission-
critical
applications,
to the
programmer, including
multiple
connections,
or subscriber
of different
of its
the time
scribers
message
server
for
the
period
of
the
expiration
time,
server and accept delivery of
the message.
evaluate a message's
The
publish/
the ability to transform messages. acting
as
in which
an application does not need to know the intimate details of how to reach and
interface
with
want to transfer data between internal
enterprise
partners.
if
Asynchronous
representing changes
dependencies
event-driven
task
managers.
Traditional
messages.
flow of information
use of explicit
event
interaction
highly structured content, and other clients make available a filter
(a
kind
of
pattem)
network,
which
router is responsible
notifications that they
the access
patterns
of
form, a notification
Some clients
to
is resJronsible
of interest to clients and detivering
those notifications the clients via
access
points.
Because
subscribers, the event notification service is thus a multicast service. However, thr: use
of
content-based
The event notification service
notifications
only
event notification service
process
the event notification service
may be dirgcted to
pattem
of
values
service might be
interested in receiv-
drops for
notification based on
both their attribute <lata
its most
product
product.
In
order to achieve scaiability in a wide area network, the event notification selvice by
necessity
must
be
implemented
the responsibility
of the
notification service to route each notification through the network of
se.rvers to
all
subscribers
that registered matching subscriptions, and to keep track of the ide:ntity
of
a message
including new
the
"fire-ancl-Jbrget"
the
message
will
arrive
some point
in time.
This mode
that request/reply
of request/reply
to return to it
delivery channels
a
request/reply
to correlate
message.
environment,
received
asynchronously.
other. Instead they send
system
intended destination.
server part
of client-server
to run at different times. Messages
in
the
queue
can
consist
and various routing mech-
hands off to
needs to
be taken.
be fired. Normally
of m.essages
and requests,
transport
layer
for developing
reply, and
tively
in an altem-
can be designed
into an MOM
automatically connects
a
of asynchronous messaging
of message
an overworked
network. It
is very
to a
feature of many MOM implementarions,
however,
and asynchronous
peer-lo-peerprotocol,
different
MoM
vendors.
a single warehouse
topic.
There
sender and
of
route
broker
to the application
ful
disparate
prc,cesses
able
side concentrates
on how,
net-
work
gather
useful
business
information
e-Business:1rganizational
and
Technical
Foundations,
comprise collections
actions by
be
transmitted
across
Other key enabling
ent types
Web services applications.
application-
to-application
and
many-to-many
brokers cail
communication. What
system
such
of this topic.
servers, which
of the XML standard
present
perslstence
their
own
it is
designers choose the same tag names for
their
that use
fact different, thus avoiding name clashes. For instance, a
namespace
is a postal address, an e-mail
address,
or
an
IP
address.
To understand the
need for namespaces
illustrdtes
document containing
address information
without an
that the Address
elements
markup.
namespaces.
attributes in
namespace declaration
is in
and
of
a
colon.
ormal ion>
illustrates the use of
instance, the
greatly
is with scbemas. Schemas
cardinality, valid values, and data types. Each type
of schema
straints to a referencing XML document
lBean
a
document
3.3.1 The XML
the
content of an XML document and provides extensive capabilities in the areas of data
types,
specific
infonnation
about
the
products
element
are
must
the term instance
XSD
also
introduces
types
(both
simple
an
attribute with
<xsd:element>
element
name, content
XML
schemas
appear
3
3.4.1.
complex
type.
Complex
either by extensi.on or by
restiction
[Walmsley
attributes
values of the
one cannot
<xsd:schema
eliminating or restricting
as well.
For instance,
state and
morphically
with
elements
Austral
j-anAddress
PostalAddress type as its
complexity of developing
desirable
included
schemas,
parser that it should
another namespace, not
schema. It is
<xsd;schema
transforrns
an
XML
structure
rnto
presentation
technology
such
as
HTML
are
children
or
descendants.
The
element
as children of an element.
The
document
on the tree hierarchy
of the XML instance.
:
*
order[2], which
important to
node.
For
XML document. The
<xsd : schema mlns :
seorder
:
:
,.
can
such as
that inform
the transformation
providers
transfer
application is shown to
four-digit
postal
codes.
More
information
examples can
  . i
e.g.,
notion of a documenr
XML can be
enables diverse
machine
complex business
information it
complex XML types?
polymorphism
an XML
Exercises
online
grocery.
Each
purchase
\
purchase.
This
document
ordered, and
methods
of
payment,
a
valid
merchant
authorized. If
availability response,
alonll with
any discount
rates
rental
period,
inf,trma-
rate,
or may
data is used on the remote
end
to execute a client's method call on that system, rather than on a
local system. If
transport
protocol,
with the Intemet,
operable
design criteria, including
package becomes while conveying
is usually best.
payload.
The
needs to adapt
work with a
than
achieves this by foliowing the same recipe as other successful
Web
platform neutrality,
and XML
usage
of
existing
communications
message
(or
manner.
play
messages.
Any
its
natural
transport
protocol
HTTP
it
easy
serial-
ization
mechanism
converts
network,
serialized
system's,
rather
than
on
the
can reside
operates in
client makes an HTTP request,
the server
particular
SOAP
plays
the
role
A
SOAP
SOAP to
HTTP or
an e-mail
using SMTP. It is important to realize that the type of
the
binding
used does not affect the design of the SOAP message format.
For
simple
stmcture for a single message exchange.
However, in many cases
Usually, this may be
by
body SOAP mes-
sages exchanged. This is due to the fact that the SOAP body canies
the XML documents
a
predeter-
mined
pattem
pattem
for
procedure-like
in section 4.4 after
it a
of the
in
steps
illustrated
code
Web service
as
network infrastructure
latter, a
receiver,
response.
The
receiver
XML
A SOAP
I
Sender
|__l;O-l
Receiver
I
S0AP
message
0ne-way
messaging
Request
message
I
Sender
I
'i
i=.
UML
elements
are
application
must
be
to how the message is to
be
processed.
This
provides
to
the
processing
be
extended
child
logical
grouping
nodes that might be encoun-
tered
in
the
path
sender to an ultimate receiver. The
SOAP
<Body>
element
is
implies that
SOAP
message
to roure
SOAP
message
that in SOAP
optional <Header>
element,
and
precede
the
version
All elements of the SOAP envelope
are
defined
using
W3C
Recall
from
Chapter
it
must
pace,
The first block
the
<Envelope>
without impairing backward
namespace
processing
over
time,
the
not.
The
modularity
of
processes
that
processes
application-specific
code
process
The SOAP
a particular
be authenticated before a method is invoked or that a
method must have transactional
of
the
message,
already explained in
element can
of other SOAP
instance,
processed
by
in the message path. The fact that the header bl,:ck's
purchase
en
route
is
processed.
during
processing.
When
defines
the
(optional)
env:
the
node
ass
Lrmes
a
particular
roie
the
actions
that
ignore header blocks,
4
number of child elements, called body entries, but it may also be empty. All body entries
that are immediate children of the
<Body>
By
default, the body content may be an arbitrary XML and is not subject to any special encod-
ing rules.
be arbitrary
A
The receiving node
path.
application-specific
Examples involving the
particular
or the
encoded. We
shall first
and then the
two SOAP com-
SOAP
plat-
forms share and
exchange data, even though they may not have common data types or rep-
resentations. The encoding rules help
in two areas. First,
a schema in any notation
consistent with the type system described, a schema for an XML
grammar
structed. Second, given a type-system schema and a particular graph
of
vaiues
conforming
to that schema, an XML instance may be constructed, using this schema and elements
in
in accordance with these
rules, and given also the original schema, a copy of the original value
graph
"
SOAP
encodingsryle
encodings[y]e
subordinate
The
the
The RPC/Encoded
messages to
a
stateless
[Monson-Haefel
2004].
parameters
contains the
formatted
physical
structure
of the message
message
style
web
service,
are
<env:
subcode>
<env
characters
</err:
message>
<err:errorcode>
generally understood
encoding scheme
the
Intemet
without
melhod
is
response that complies
is the
a
t
Exercises
4.1
Write
reservation
for
the inventory
,
by W3C and'has found
interface definition and a Web
services ,
imptementation.'
s
Defining
Web
seMces
,,..
 
interface of
specific transport
for locating the Web
exclusively
from
to constrain
between client code
form
and
not information
that is relevant only to one party or the other, such
as
invoke it, i.e., details of the
data formats and
WSDL provides a mechanism
by which service providers
of
(e.g.,
Multipurpose
Intemet
Messaging
Extensions or MIME). It also allows most of the WSDL elements
to
SOAP
(Simple
as leverage
the flexibility
specification
address, to a
the service implementation
site. using
Language 151
the interfaces of a Web service and the operations it contains,
but aiso
with
the
specific
mechanics
headers,
of what
lining how to map abstract messages
onto
communication
protocol.
A binding also influences the way abstract messages are encoded on wire
by specifying the style of service
(WSDL
seryes
both
process
support
by a URI,
WSDL specifies a
of
communicating
endpoints
(see
top of the XML schema and provides
the
means
to
group
is
of
permissible
operations
bindings
for
illustrated in Figure 5.2. A complete
WSDL definition contains all of
the information necessary to invoke
a Web
service interface definition
"
/
>
described by
the built-in
and allows developers
':,.',-
statement
be aware
abstract collections of typed information cast upon one or more
r,,
invoker and
a Web
:t::
,:,
..
A message can consist of one or more
,
(typed
.j.
of
i,r.
Schema built-in types, complex types or elements that are defined in the WSD document's
<types>
element
or
defined
in
external
WSDL
elements
linked
SOAP header blocks
'
describes
I
of the service while the message rnvMessage represents the retum
(output)
parameters:
< -- message
<wsd1
</wsd1:message>
: Invoice1ype,'
WSDL
mode of messaging
section. The
<message> element
< --
parmeEers
or
a
<type>
attribute,
but
reply message. Document-style messaging
(global)
elements.
In
document-style
service, and the <outpuL>
is the XML document fragment sent back to the client.
The central
the
<portTVpe>
tions
the
elemerrts
in a
WSDL description are essentially details that the <portT\zpe> element depends upon.
A
define
its
-
<portType> ele-
of
portions
<binding>
protocols, enr:oding
A
WSDL
out
dif-
ferent
Web
on
[Cauldwell
2001].
Each
<operat
WSDL: Web Services Description
signatures
in
programming
being exposed
Web
service,
is
deployed
An operation holds all messages
potentially exchanged between a
these would
as its <inpuE>
the <operation>
messages that
will provide
four fundamental
patterns: requestftesponse,
message. The
will reach the implementation of
these services. The concrete or
implementation
a service is implemented.
<binding>
(although
sometimes
this
element
definition),
precisely,
to
which
network
service inter-
The
WSDL
example
in
specifies
exchange
messages.
hand, the
Listing
(via
the
soapbind:operation
construct
going
to
be
client
output messages
<binding>
element
(<operation>,
<i-nput>,
e.g.,
SendPurchase,
together
with
in
more than one
or a simple
over
HTTP.
lt
completely external
to WSDL.
in Listing
contain
a
single
operation
SendPurchase,
which maps each of the input, output, and fault elements of operation
SendPurchase from the PurchaseorderPortType
way,
the
PurchaseorderService
SendPurchase
anribute. This
means that
the XML
defining the
parts
of
It
message body
Consequently,
schema. This means
that the schema
message
part.
If
way that the message
the message
run-time system on the service
provider's
from XML
in the SOAP specification.
Web service to a
<port> elements, each of
explained.
Finally,
Figure
and abstract
below. For
receives
one-way oper.rtion
only
an
input
message.
an operation
response
message
pattern
that the
and retums
which events are reported
likely
the
operation
(soiiciting
that the client is expected to respond to
the
Web
must
subscribe
receive messages. With this type of messaging the
<portType>
tion might be a service
that
client and receives back
such as
that is
developed as
shall concentrate
on how
which
to include the
the
proxy
to
4.
The
Web
service
6. The
proxy parses
complex data
7, The application
receives the expected
proxy
operation,
Summarv l7l
that
WSDL
service
are an integral
platform
of
different
QoS
characteristics
able
to
services
characteristics of Web services. Currently, the most
widely
specifications,
Chapter 12.
described
including
security
characteristics
(including
QoS
and
quality
of
protec-
tion offered
by the provider, privacy policies observed by the provider, and application-
specific service options,
need
to
in
a
of associating
artifacts. For instance, WS-
or <message>
both
the
W3C
to understand
a
solicit/response operation?
Exercises
trading Web service
stock
price
associated
in WSDL that uses
the car rental reservation
customer request.
processing
schema
that
you
operations should be
"CreditCardSale" for credit
card debit authorization,
so on.
has
''
and
their
other, make
their needs
and capabilities
busi-
kinds of capabilities
trading partners,
conduct e-business
with them.
accelerate the
requires
proper
description
of
business, service,
and technical
information. Registration
in the Web
services an
organization has
and characteristics
one another
in the
must also provide
objects. It also
ofprovirlers,
business
requirements.
6.2
Service
discovery
the
proces,s
of
locating
Web
service
providers,
previously published.
definitions, which is a preliminary
step for accessing a Web service. It is through this dis-
covery
process
wh:Lt
its
the
query
consists
of search criteria such as the type of the desired service,
preferred price,
and nrax-
and
is
client
Senice selection
involves decirling
[Graham
20Q4al.
location
and
network
protocol
to
use
al'e
bound
at
design
usually
examines
and the
retrieval
application logic.
dynamic discovery, the service implementation details such as the network
l')ca-
be
retrieval operation at run-time against the service registry
to
interiace
definition
on appiication logic.
an enterprise's
descriptions
of
may inter-
act over
the Intemet.
its
a UDDI
and
"green
pages'r,
the
the
business
including
the services
they
ofresource, independ-
and at
on the basis
and deployed
as
an organization.
In addition,
and business
clients and
role analogous
(Domain
business information,
their
follow
type definitions.
Prospective clients
can then
of
public
domain
or
and manage Web services,
discovered and consumed. Whether for the
purpose
of
e-business
way such that
a
service.
+ Cache the technical information about a Web service and then update that informa-
tion at run-time.
UDDI defines a data structure standard for representing company and service
description
UDDI
XML
schema.
view of data and because it ailows
2. Build and
of
WSDL
information about the
provider.
providers
within
services
Chapter
6
CategoryBag
+serviceKey
+bindingTemplates
descriptions
product,
purchase
<businessService>
A <businessService> contains one or more <bindingTemplate>
entities. The
relationship between
a
fingerprint" of a
<tModel>
<businessService>
the <businessService>
instance
not
specific
geographic
region.
A
given
<businessServj-ce>
Every <businessService>
I
1.t'ff,
access
point
values
hosted
remotely.
contact a
a clear requirement
what
format
the
purchase
and
result after sending the
contain the
details
specification
of
the service, which we described in section 5.2. A common use
of
the
technical fingerprint is referring to a Web service WSDL in the
<bj-ndingTemplate>.
a technology model
a
<businessService>
protocols
or
specifications
(XML
vocabularies,
EDI
Processes, and so on) each having a separate <bindingTemplate>. The
<bindingTempl-ate> can reference each such protocol
or specification with a specific
<tModel>.
is
in
the
case
of
a
purchase
proper
of an entry for the business
part-
the
purchasing
service
<businessServj-ce>,
describes
the
purchase
order
service by listing its URL and a reference to a <tModel>
that is used to
specification.
and exchange data. The designers of the
purchase
order
technical identity within
a UDDI registry
In this way
a
given
specification.
This
refers
bindings, and wire
specification by
<tModel>
identifier
(called
Web services that are compatible with
the same
publishing
UDDI
registra-
A
namespace
the Universal Standard
globally,
classify busi-
data
alike
are attributed with metadata.
The <tModel> data structure expressed in UML is illustrated in Figure 6.6.
A
given
attribute. These
too are
in
a
manner
and binding
the
name
multiple times
to remote instruc-
tions or descriptions
<overviewuRl>
that
be obtained
<identifierBag>
pairs
element
is
an
specific taxonomy information,
e.g., industry, product
Partner Interface Process
and a semiconduc-
"Request
Quote"
which
in the UDDI registry; instead the <tModel> has URL <overviewDoc>
element
that
points
information about WSDL
lbr
a
of the service
there
might
complementary
to
binding
templates.
When
publishing
a
WSDL
the service interface definition,
describes
same name,
<portType>
and
the
<binding>
[Colgrave
2004],
[Colgrave
2003a].
A WSDL <portType> is represented by a UDDI <tModel>. This <tModel> is
cat-
distinguish
on is
which
the
tools that
wish to
are
supported
the <bindj-ngTemplate>
for each
6.6
(as
in
uuid:e8cf1163...)
model
<portrype>
[Colgrave
overvieWURL
i'ul
I
'1,
U
DDI:
Universal
Description,
<bus
iness
Service
x 6
 
of wsdl
ports
<uddi
and its
can search for services
the
<portType>,
services, so that they can be discovered and consumed. Businesses
and
providers
standard
UDDI registry
can interact with
UDDI registries through
The
UDDI
in SOAP
generates
sites:
a UDDI
UDDI
registry.
interface.
Enquiries
Apl
calls)
to
get
a
iist
of
ce, f
about
<businessEntity>
registrations
that have visible
can be modified
lightweight
types
the primary
between two parties:
in
Listing
6.6.
<find_tModel
fora PurchaseorderPortType
regardless of the protocol
involving
a
messaging
pro-
as
well
[Brittenham
2001],
[Colgrave
2003b],
[Colgrave
2004].
6.3.5
and
other
directory-related
of
these
section
issuing
queries
invol-
API. The UDDI
limit the set
-
operator nodes registries replicate
descriptions in the form
service definitions,
the location
however', UDI)I,
service
type
services
in
Web
possibilities
[Graham
2004a1:
of
servjce
providers
and
requestors
gathering
participate
and
compete
private
industries.
This
gives
the
service requestors by adding advertising capabilities to this infrastructure and
by supporting
facilities for
The e-marketplace node can then provide value-added services such as
QoS
the legitimate
private
UDDI
node
partner's
metadata published
by trusted
a private
related to the enterprise's
an enterprise could
While
to
create
a
registry
The core concept
of the UDDI
formation provided
interrelated components:
"white pages,"
nomies; end
about services that
and
pointers
UDDI
access
>.
Ing$;
this
pattern
event::based
neutrat
context for the
execution of Web
How the elements
stateful
resource
against
the
be
queried
and
modified
and referenced
(WS-RF1,
which
and lifetime
and stateful
of
WS-RF.
There
[Foster
their alignment with
grid
and
extensions
grouping, and reference man-
computing. In WS-RF, these
7.2 Introduction
(resources
whose behavior is defined with respect to their underlying state) using
Web
ser-
vices.
[Bosworth
20041,
WS-Security
[Nadalin
2004],
WS-Resource
Framework
[Czajkowski
WS-RF
to
with
to a Web
replies or faults
to a specific
location. It also
every SOAP
properties, and reference
providing additional
routing or
WSDL
entities
which
Web
in the
endpoint
reference.
the
intended receiver for replies to this message. If a reply is expected, a message must con-
tain a <wsa
is
absent,
the
header
the source.
message
has
two
statements
in the SOAP header specify the address URI of the ultimate receiver of this
message and
uniquely
(and
opaquely)
identifies
purchase
order.
service's
URI
is specified in the <Address> element and is shown to the
purchase
order
address
of the Web service. In this case it is an HTTP URL.
The WS-Addressing
element that identifies
the resource to be associated with the execution of all message
exchanges
performed
at
which
the entity
the reference property
request
to
two different
versions of a service and have requests specify a target version in
their
reference para-
meters. One service may target basic service-level customers while the other could
target
premium
easier
processing
by
the
<Policy> element in
of the end-
other
in
conjunction
with
and incorporates
some concepts
endpoint.
This
rela-
connection
among
headers that appear
use of <Servrce>
very
Addressing. The <Service> and <Portirype> name in a WS-Addressing endpoint
reference are meant to
implemented
"http:
//supply.com/
PurchaseService/wsdl",
service. This is also
used with other
a
message's
authenticate the source to the destination.
7.2.2
Ws-Resource
and a
stateful resource
of an XML document
and addressed and
ro
resource accessed
the factory
new
WS-Resources.
as
figure identifies
three important
to a
resource
esResponse>
Detailed
ResourceProperties
[Graham
20Ma].
period
static or dynamic
to the
resources
a
Web
service
can
be
destroyed.
The
some foreseeable period
of time. In
to cause its
wS-Resource-qualified
endpoint
reference
changes
for
sumers and
a
sub-
a
notify
directly to the NotificationProducer is referred to as the
peer-to-peer,
are covered
section 7.3.3.
on which the other
interest in receiving notification messages
from
a
implemented
by
sewice
providers
that
operational
basic
message interaction
A notification
producer
is a Web service that is responsible for managing the actual
process
of
interested
messages
to
be
delivered to those
receivers. This may involve a matching step, which compares each notification message
against the interests by
a reference
of active subscriptions.
cation
consumer.
A notifcation consumer is a Web service that is the counterpart of a notification
pro-
from
a
producer,
or
some
other
"situation"
within
is an entity
that creates notification
capable of detecting
message instance
hroker and does not actually
create notification
process
more
publishers,
see
section
7.3.3.
event.
Situations
in
WS-
purchase
instance, the
object
that
tem is that information
the one-way message that con-
veys
it
messages
notification message.
A single
noL i
notification-specific
information
[Vinovski
2004],
thus
supporting
notification message
on
behalf
consumer
messages by
the notifica-
ln response
message
published
reference
of a stateful
certain
threshold.
convenient
way
topics.
3.
Notification
producer
basis of
in message
of interest
notification message
filter, rather than a filter specified in terms of
the
messages. The topic name does not
have to appear in the message itself
and more than one
tions
subscribed consumer.
To achieve
to
perform,
it
in
notification producer
for
messages. In this way,
it allows a requestor to understand what topics and information it
can
organize
 
of
This reduces
topics must
may
change
a con-
sumer's subscription,
using the
WS-Topics XML model for topics. This listing illustrates that an
optional name can be
purposes.
Each
be used
<?ml version='ll-.0"
" /
>
producer
and
notification
consumer
(as
defined
in
WS-Base
Notification),
and
capabilities
offered
broker. This brokered
message
exchanges
service
use Xpath
to uniquely identify
+
an
reference
properties
and
parameters
which need
that
the
processing
and
the
health
namespace like the one illustrated
in the
below. The
m a
/
ws-Notification
ionMessage>
<wsnt.
 
and systems from
diverse organizations as
ness logic components, security
a
ards. Central
of
the
structures
-
components.
Components
that client
components interact
with through
component interactions needed
that can be transferred from one
system to the next. lmponant properties
of software
architecture include
a
whole
and
yet
it must provide enough information to form a basis for analysis, decision
making, and hence risk reduction.
c
The
system. Thus, the
dynamic behavior of the system must be taken into account when designing the
architecture.
at a
qualities
priorities
of services,
to improve reader understandab-
8.1.1
System
quality
attributes
While
the functional require-
of the software architecture for systems concentrates on the
non-functional or
quality requirements
of systems.
properties
quaiities
judged
judged
of some characteristic that
opposed to direct value to the end user) and have
to do
operational
scalability
including
process
play
an
important
role
technologies;
composability
combination of and
to
the
potential
of
the
goal of
SOA is to eliminate these bariers so that applications integrate and
run
seamlessly.
leveraging
new and existing applications and abstracting them as modular, coarse-grained
services that map
enterprise techno-
logy solution
that can deliver the flexibility and agility that business users require.
A
with a flexible
it deploys as services), and providing a robust architectural backbone
for
leveraging
these
services.
platform-independent
(i.e.,
platform
independent)
service
that
it
standaione or as
numerous services and
of information. A simple service is reused in different ways
and
combined
[Channabasavaiah
2003]:
1.
purely
business
applications in an SOA may
be
brand-new
service
implementations,
old applications
or they may be combinations of
the above.
of each other. Service operation is
perceived as
result. The
application
irrelevant whether
the
con-
SOA's
loose-coupling
principles
services,
specif.ying
the
protocols
(client)
may be
the use
of SOAP.
Prior to
of
ser.vice
employing HTTP
or HTTPS
business
process
within
ser/ice
Messages
"add
value"
the reliability, trustworthiness, quality
routes, to name but a few.
Figure 8.4 shows an SOA where
a service broker
is inter-
service registry
event-driven
SOA
implementations.
shall
examine
exchange
e.g., HfiP,
messaging
of
which
destination
a
need
from one
specifications
to
guarantee
ntessaging.
Reliable
messaging
those
messages
in
the
event
This
all
delivery
or combination
anticipate.
WS-ReliableMessaging
that have
process
messages
routing.
WS-ReliableMessaging
ructure. In
particular, WS-ReliableMessaging is meant to be Iayered on top of existing
application
[Box
2003].
parties,
two parties
age schemas or
of the services, then these implementations can be extended
with
the
source to a destination
have knowledge
of the
messages
that
in
WS-Policy
(see
established
a
security
communications
can
be
To guarantee correct
2005]. First, a reliable messaging source must assign each reliable
message a sequence
aging destination must include within an acknowledgement range the sequence
number of
elements.
sequence
irrespective
of
whether
group are exchanged.
supporting hub-and-spoke
support interoperability among
them.
However,
this approach has its own drawbacks as a hub can be a central point of failurc
and can
of hubs
of
this
section,
two
the
integration
to
enable
by middleware technology that
befween applications running on hetero-
geneous platforms and using diverse data formats. The ESB supports service invocations,
message, and event-based interactions
provide
both
of these services over dis-
parate
rather than coding and hardwiring
applications together.
is a lightweight infrastructure that provides plug and play enter-
prise
for
the
proper
create
processes,
It establishes
reliability, and
isolated
coding
or
an
ESB
it
applications that use pieces
to commun-
provides
"docking
a J2EE
application using
anJ
by
ner
work
destinations
gives
is not avaiiable.
other, and
can be
services.
3. Seryi.ce orchestration:
placed
5. Service
management: Services
underlying application.
15,
beyond
The response
normal course
approach
about each
set of technologies
respond to
asynchronous events
fashion, which allows
function. An
have
subscribed
must support
as
the two
participants
in an event need not have any knowledge about each other before
engaging in a
business transaction. This means that there is no need for a service contract
in WSDL
that explicates
the behavior
publishers of
events. Despite the notion of decoupling in event-driven SOA, recipients
of
events
require
metadata about those events. In such situations recipients of events
still
including
its size, format, etc., which is a form of metadata. In contrast
to
generated
than
that
consumers
can
providers
exhibit
as
well
as
To effectively
process,
To exemplify
shows
system initiates
procurement
process
flow.
steps need to
possible suppliers, which
on some
criterion and
bill the customer.
in
of
the
procurement
business
process
reuses
tions. These
stock and the replenishment message is routed to a suppiier
order
order
servicE
as
part
which executes
fulfill the order, is assumed
to
-sienerate
fbrmat that is not understood by the
purchase
order
service.
igure 8.7 Simplified distributed
con-
figure,
Enabling
the
infrastructure,
at
with
routing
mechanisms
context or content of the ser-
vice.
its content
to deter-
mine which
Content-based
provides
the ESB is the ability to
route ser-
it
details
it
The ESB
is discussed in section 8.5.5.
Service
enablement
already
implementation. Tactically
integrated with
possible
for
end-
points
QoSs
and
service instance
using a
reflects real-world
software
exchanging
message
(conversation)
well as various service
is
extremely
important
that
the
ESB
are
handled
possible if implemented
based routing techniques. It
definition of an ESB
vendor community
Securiry
both to
user
lastly,
encryption/decryption
of XML content at the element level for both message
requests
ESB
must
rely
Integration capabilities: To support SOA in a heterogeneous environment, the
ESB needs to integrate with a variety
of systems that
assessing
primary
systems
go
down,
and
ts
systems and application management
is
consistent
qual-
ity
prob-
business
soon as
to
scale
meet integration demands.
require
can
support
the
ESB
uses
a
decentralized
promoteg
of the integration
8.5.7.
section.
that leverages among other things
open standards, loose coupling, and
the
dynamic
Web services to
salient charac-
are that it is technology agnostic
(it
development. There is a series of import-
ant technical requirements that need to
be
solution in the context
given
 
components such
easily with
applications
and
prevents
other
applications
[Linthicum
2003],
[Papazoglou
2006].
The
of
control
routing information,
interenterprise
units
integration
as explained
is that
hub-and-spoke solutions
mentations. In an
security domains
geographically
This topo-
logy allows
installed, configured, secured,
to form
a virtual
network of
wider range of options and
partnering models.
the concept
system dependencies.
deiined
API,
and
to the existiug
component
and
often
a request
services are
and legacy componentization
legacy
in con-
independently
system
in
change
and without
that it can tackle
The log-
need to
A service may
ln
service discovery
agencies and
would
environment
including
key
performance
indicators
ofbusiness
goals
and
be able to trust
technologies.
to address this
8.1
to dis-
of carriers, suppliers, and customers.
the
organization tends to do business with a variety of carriers, it requires that
a single
interface be
the
visib'
to
its
preferred as tbe organization has no direct control over the
technologies used by its
provide
form
business
processes
process
Broadly
several business
integration
patterns whose aim is to manage and support business automation and
integration across distributed
the federated enterprise integration
ness
process pattem for an organization depends on the business needs, structure,
and business priorities
where
sections
business
integration
pattem
policies
on toolset selection and on message standards. The integrated enterprise
business
pattem
is most suitable for small enterprises or larger enterprises where a common
standard integration toolset is
employing
between departmental
units and
the responsibility to carry
boundaries have
flow. In
the ESB
processes
such
as
ware-
should
processes
as any sequence of
an
related tasks
of a
routine
definition
may
izations, such as in a customer-supplier relationship. Typical examples of
processes that
cross organizational
boundaries are
value-added
business
processes
For
design
Every
process
has a customer and is initiated by a customer order. The
customer may
It
is
possible
that
a
process
is
triggered
by
month.
Every
business
process
implies
processing:
an
automated
way.
A
not
yet
been
paid,"
"checking
account of the creditor." If and
only
processes
whether
with regard to
ment, the trajectory in the
process
the spot. In
general the customer
proceduralized
(and
uncertain. Here human
manual
processing
a
process
new
instance
(e.g.,
the
its completion.
customers and
to changing
to cash may
to a set of
Workflow
technologies
(often
routes, with checkpoints
workflow normally comprises a number of logical steps, each of
which is known
is a
set of
workflow.
As
Figure
9.1
illustrates,
interaction with
a user
programs
and is
processing
business
goals.
Most
A
Process.
A
work item may take in
the event of alternative
a
enables the
for
processing
content, time-based deiivery of messages, and so
on. To achieve these objectives
workflows are
taken by the set of objects making up the workflow.
The routes of
parallel work
routes. Routing
sequenceunderasinglethreadof execution,iscalled sequential
routing. Asegmentof a
more
within the
workflow, giving
splits into two or more threads that are
executed
in
where a
for approval"),
the
people
or
a number
of otherwise
project
folder,
achieve this by
order, invoicing,
ability
to
execution
same enterprise
customers, partners,
services
integrations.
Web ser-
powerful. Composite
services
following
to be
combining eiementary
and coordinated to ensure
to BPI
multiple
mechanism. With
pr€vents
a central
workflow authority
tions that expose
the Web services
will be
dynamically chosen
to fulfill
for reliably choreographing
standard
lt is
language independent
and uses
readers to understand
the concepts and
constructs that are
introduced later in
so that the composition
tion meta-model
specified only
if the
from
the
source
path
of
(directed)
At most
the
example
or
This
service
providers,
of activities of business
to specify which kind of service is
required at run-time to
query,
defined method
provider,
provided
following
implementation
of
"extemal"
part
of
confirmDeliveryHandler
portTvpe
Once the flow modei
has
been
imple-
mented in terms of Web services it can be made available to applications so that they can
use it. Figure 9.8
process
flow
Web service
transactional,
multi-step
process
process
com-
prising
The suppiier
The manufacturer may
later send an
PO number, to
place
pubiic
Manufacturer
iii'
',1
supplier are
have agreed upon
the rules and
collaboration, the manufacturer
templates
shall first concentrate
More information
wsDL
defining
the
specific
opera-
tions
allowed
in the wsDL
definitions. The definition
process,
including
protocols
publicly visible message exchanges
For
instance,
exchanged may
the
acts
the
selection
of
the
decisi:on
a
partner
of the operation
combination
<portType>,
If such an activity
u callback.
Multiple <reply>
may
and has the same
and
execute.
Structured
(via
the
<sequence>
performs
into
exchanges between
of structured activities as the under-
lying programming
has the
sequence of
activity contains one or more activities that are executed absolutely
sequentially.
The
<sequence> elemenl.
<sequence>
branches will
be selected
based on
process,
variables,
which
specify the
be made or for
messages
tion is simply a function of the messages
that have been exchanged
and these can be
An <assign>
occur
where
message types, or
The
<assign>
statement
to different service
from one enterprise must be able to interact through Web
service interfaces
with the
ability
to
model
a
panner,
relationship of a business
service
level
[Andrews
pro-
vided
by
the
business
process
process.
the roles
to
establish
are the most abstract
by
the
process.
by defining the type of role that each partner plays
when
two
pro-
in
represent the
are defined
rather than at the
represent
invokes
with
each
A BPEL
provider,
client. The second
participate
lowing code snippet a credi.tCheck
process
defines
endpoint
together. Usually
it occurs
when one
service calis
The notation
relation
nested activities. Handlers
the scope ends
faults such as
the concurrent
fulfill
client. A high-level view
process
orchestra-
tion
section
of
BPEL. In this section several BPEL details are skipped in the interest
of
brevity.
new composite Web
as
well
Relationships
between
the
Each role
that the WSDL
the client. Tire
pro-
business
inter-
relationships
concrete
the
gap
between
abstract
reference element,
which is
tions. For
correct
<partnerlink> in a
the
endpoint
where
the
the address the
process
and
received
from
to
is
needed
for
holding
state
in Listing
provider. This message uses
to
handle the request. This is where basic and structured activities
come into
play. The
from
of credit check service
the
purchase
order
process
succeeded; and ultimately
pictorially
performed
in
(<receive>
tiple <invoke>
activities), and
(<reply>).
The
<partnerlink>s. All the
exhibit
potentially
expressed by <1ink> elements. The first step in
the
process
Once
set
the inventory, and a credit service is contacted in
order
customer. Finally, a billing service is contacted to
bill the customer. Each references a
specific WSDL
responses
supplier
would
con-
struct a message
back to the customer. This could involve use of the XPath language
to take the variables received from
the service
are
by
the
process
between
the
<receive>
customer
request,
from
the
time
the response
operation).
The
allow
in
(see
Chapter
transaction
XPDl-compliant workflow
semantics
factors
that
that
participate
initiated and
is shown to involve one interaction. The interaction happens from
role
manu-
facturer
"supplier-channel'
facturer to a supplier
purchaseOrderAck
is
The <variable> consumer-channel
request
supplier business
process, while
busi-
ness
process.
stack that comple-
phase
9.9 Other
initiatives and
been
proposed
over
the
past
few
years.
Each
of
these
provides
able
(BPML).
XPDL
(http:ilwww.wfmc.org/standards/XPDL.htm)
process
are control
the items are
con-
to the
a
payment
authorization
request
to support
users, and maintain data integrity
despite
failures
of
A transaction is a series of operations performed
as a single unit of
work
in a ffansaction
transaction successful.
A transaction
specify its boundary within
end
data changes
consisting
of
or system
by
if any error occurs
to
tions from
another transaction
management system
that
only
A
(serial)
in the
schedules and
means that
effect,
provides
means
piece
(write)
intention to write this data item and no other ftansaction
may take a lock on the same item.
Some database
item
but
later
may
transaction to read but not write a data item ind
indicates that the
upgraded later
to a write lock. An update lock ensures that another transaction
can take
only
a
shared
Iock on the same data item. To achieve transaction consistency the following
two
general
that data
database either
(or
write)
perform
this
mitted/aborted.
protocol
produces
only
[Ullman
1988].
data items that they
two
general
mechanisms
two modes are
sidered
pesslnistic
to
be
as
thus allowing
the data item in
is perfomed.
leads to better
time
over
which
scenario, the
message exchange
should take
"all-
or-nothing"
case
implies
transactions concurrentlv is equivalent
adapter
in a transaction
action manager is
the
distributed
transaction
functionality.
is
the
function
of
is responsible
manager
Figure 10.5.
In this
environment resource
managers provide
other
manager can keep track
When two or more transaction managers cooperate within a distributed fiansaction,
the transaction
request
subordinate to
it
but
can
have at most one superior, see Figure 10.5. These superior and
subordinate rela-
tionships form
action coordinator of the commit tree acts as the global
commit coordinator for the
entire
distributed transaction. There are no fixed limits as to how many subordinate coordinators
a single superior
subordinate.
The
actual
creation
of
The enlisted resource managers
have a subordinate relationship to their
local transaction manager. The superior
and sub-
particular transaction. That
on a
transaction at any
prepare
phase.
instructs it to commit or abort
the
coordinator makes the
decision to either commit or abort the entire transaction and is never in doubt.
System or communication failures can leave transactions in doubt for extended
periods
resources
These
ally rely on
a
application issuing
a request
to a ffansaction manager to initiate a transaction. In response, the transaction
manager
the calling transaction
branch. A trans-
distributed
transaction
as a single logical unit, there can be many transaction branches
(threads)
involved.
components and resources
manager to establish
of
conrcxt covers all
tlansactional operations with
these operations.
Conceptually, a
transaction context
a unique transaction
to the transaction minager that
controls
the
passed
managers involved
The
process
transaction.
request,
commit). Subsequently,
the resource
manager analyzes
billing, inventory
support
described in
model
flat
transaction.
A transaction manager that follows the flat transaction model does not allow transactions to
be nested
accessing data
that
span
on how these
policies
new transaction
servers.
distributed trans-
a
[Kifer
2005].
A nested
of
the scope
within
transaction is shned
new sub-transaction is said to
be
nested
wilhin
(or
below
the
embedded in an existing
ancestors.
Nesting
can
crashed since
transaction
of
which
same as
action
of each
sub-transaction at
committed. The
aborted; thus
com-
mitted.
that I, has aborted.
56
I
i , :,
a read
lock on
a shared
granted provided
that no
other nested
of
I
that no other nested
of a
ofr,
(and
spectrum
interactions
between
transaction
the database unchanged.
Paths to the
of
C7]. Com-
sub-transaction.
actions in reverse
order to the order of the commitment of the relevant
sub-transactions.
Since
the
ent
once
a
compon-
partial
properties.
Figure
of
the
order
pro-
workflow
indicates
that once the customer has been billed and shipment has been made,
the order is fulfilled
com-
prises
a set of interrelated activities. An activity is a unit of
(distributed)
work
that
may
or may not be transactional. During its lifetime an activity may have transactional
and
non-transactional
periods.
An activity is created, made to execute, and then completed.
The
subsequent
over
long
periods
The paths
of Figure 10.11 that lead to the abort node comprise
the
to the
how
was
shipped
it
(schedule
compensating
activity to undo the effects of the activity schedule shipment). In this
case
activity so that the
goods
can arrive at their destination safely. In fact this is the
assump-
tion
with
1.0.3.2.7 Transactiona
I workflows
Several variants
One
variant
where
open nested
if the
workflow has
expressing the composi-
tion ofan activity
way
with
points
that
determine which
branch of
the flow a work item may take at run-time in the
event of altemate
a bounded set
in different ways
that specify
invariants in an activity are
based
on
time
properties.
(business
a
application-specific informa-
tion required by the workflow at run-time. Variables are created and assigned
values
path
the invariant
(schedule
ao
(order
as inventory outages or negative responses to new
products.
processes
to abort an order after the order has been delivered to
the
customer. In addition, sagas assume that there is aiways a semantically
equivalent com-
may
guarantee
complete
(see
Figure
10.11),
which
(performing
supplier may decide to charge the customer a cancellation fee.
For such transac-
models,
provide adequate
support. A
transactional workflow
may require
means
that
may differ from others.
all activities in a transactional workflow need to occur for
the
transactional
workflow
be
compensated
for
same activity if used in different workflows may have
different
ofa transactional workflow may
declarative
mechanism
Web services activities.
see section 9.7.1.7.
the transaction aborts to
the
transaction may
workflow
logic to
that
not
all
activities
of
transactional
require atomic
need
to
can be
restored to a consistent state and its execution can resume and continue reiiably
past
the
point
sub-
account that
the transaction
failed. Compensating
of
completed activity or transaction. Compensation activities, which may
perform
is
as
follows
lArkin
2002]:
a
proceed
to cancel the
transaction will compensate
for any descendant
sub-transactions that it
t}
A
(sub-)transaction
can
specify
of
compensate the
same transaction
using the
same logic.
The
Web services vision is often understood as being about building integration bridges
that span
business
technology
process automation happen is the ability to describe the collab-
oration aspects of
inconsistencies and fail-
Web
services
transaction management solutions
preceding
sections.
(synchronous)
protocols,
and
thus
loosely coupled
Web-services-based
applications,
although they are likely to be used in some of the constituent technologies.
As we already
and isolation,
ioosely coupled
A
Web
properties
compensation,
because
processors
may
fail,
processes
be moved or
must span multiple transaction models and protocols
native
to
ture onto which the Web services are mapped. Finally, there
is a need to
form of correlation, but do not necessarily
require transactional behavior.
priorities,
viable outcomes, which
may involve non-critical
A Web services
indicates.
Whenever
transactional
services
service,
e.g.,
involve multiple
may either
how
to
corporate systems
the
following
characterisrics
e.g.,
supprly-
partner
agreement,
invoked
transaction
context.
enforce a
common outcome
a
failure
all
e.g., volatile
or durable
transactions and applications
To understand the nature of atomic actions we revert to our running example again.
Assume that a client application
(application
one
or
more
operations
from
a
particular
service
such
as
client
to
view
the
atomic unit of
simplest unit of work and behaves like existing X/Open XA-
compliant, two-phase
operations exposed by a single transactional
Web service
Non-atomic
found within
(with
presumed
[Webber
2001].
the consumed Web
and
confirm
phase.
timings
implicitly
permits
reservarion-
of a
order to cash may run for months, and very dynamic,
thus responding to demands
of
conventional
business
The initiator
before
business
activity
forming a particular
Under application control
such as timeouts
through a web service
by
an activity to other
and transaction processing
able to capture the information and exchange requirements between trading
part-
that
we
A
business
protocol
from its
captures
enterprise business
for conformance to
much to the difficulty of
establish-
transaction
transacrion
types
as
coordination protocols
which represent
that are imposed
on activities under
drives the
(applica-
tion)
is
context is a SOAP
header block that uniquely
identifier.
When
one of
the endpoints,
which case a new co-
ordinator is created, it is simply
passed
on
to
is an
entity that
services
A coordinator
new request arrives at any
of the endpoints, the activity identifier is used to look up the
coordinator
coordinating
the
particular
process,
Web services that participate
in the same activity
receive application messages with
services
joint
succeededfiailed
notification
through
of activities
as new activities
transaction. In
coordination since it
application. To
to the above request
point
reference
of
This is an endpoint reference as defined by the WS-Addressing
specification.
in the transaction would
(see
with
knows
to
take
some
action
e.g.,
prepare,
and a corresponding
allows
denote to the coordinator
for.
coordinator, the requestor
three kinds of transaclion coordination
protocols for atomic transactions. Different parti-
cipants
in
protor)ols
Completion
protocol.
This protocol is used by the application that controls the atomic
transaction. When
an application starts an atomic transaction, it establishes a coordin,ltor
that supports
yrro-
abort
the
transaction
of
where
ensure atomirity
behavior in the absence of
a successful outcome
coordinate a
decision, either a
receiving a
commit notification
sending
registered
participants.
All
participants
then
return
the
participants,
Figure 10.21 illustrates
of
of
databases, or ERP
to
enable
when
all
During
phase
2,
of a successful commit
each of the above
by trying to commit. To achieve this it sends a
corunit message
to
both
the
participants
(steps
4b
messages
with other standards such as WS-Security, WS-Policy, and WS-Trust to
express
policy
assertions
same product
one may
obtain it
in
the
inventory).
service that
occur when
used by a business
prior
applied to handle exceprions.
to leave a business
participant
txansaction
properties
for
maximum
query
multiple
participants
lt
also
compensated, business
The manu,
issue a
WS-Transaction and WS-
succeed or fail
as a unit.
in scopes with
a scope being
defined as a
of
In this
case it
service
using
dis-
tributed
computing
intiastructures
of context
specific work
of a
and
domain: it is
it
(the
context)
for multipie Web services
 
the
appropriate
SoAP
messages
are
services and composite
that use it)
CF can be considered
10.6.3
for all
framework
Source:
group
ible for
or LRAs depending upon tbe application
requirements. The business
process protocol is
transaction models such as WS-Transaction. This model mainly targets e-business applica-
tions and is specifically aimed at tying heterogeneous transaction
domains together into
services transaction spanning
to leverage
it important for Web
from WS-Coordination
products
suppliers to order
for
an
orders for
should
roll
spe-
to show how messages
participant.
Replace
the
WS-AtomicActivity
some other
product
the WS-BusinessActivity is
nested. This means
that the overall
a
parent
activity,
while
there can be a number of child activities for this activity, where
each
may
Demonstrate
using WS-Coordination and
durable
exchanges defined in specifica-
the
participant
(supplier
service).
l:ta, r'1 rJy.}f.:
The current
However, before SOAs
can support mission-
critical, longJived Web
by
private,
trusted
enterprise
be
used
network and uses content filters to
permit/deny
packet
destination of the
configured to implement
of
this,
until
resources by build-
every application
and
entelprises must institute
network
(including
parricipants
of application
layer,
security that Web services require. This means a careful migration
from network-level to
Web services security
coherent,
Web services
traditional
concem to us throughout
The objective of Web services
is
processes
easy
availability
and
pricing
of
also introduces
has created this
level of exposure to critical business applications. One major concem is
that
services are designed to
security is required to
threats. While network
protect
firewalls must understand who the requestors are,
what information
is being
incoming
a
proprietary
interface since more is known about the standardized interface. Further,
SOAP messages
application, for instance,
what
municated from
1,7.2.1
communications across these networks,
and to safeguard against malicious use. Firewalis are built between
an organization's
perimeter where
an enterprise
and block
all access
to local
name, IP address, application,
checked against the access
pass
into
they are the essential
perfect
brick
wall
is, however,
from
protocols
they
without
policy, will
unauthorized communication between the intemal and the external network is
prevented.
traffic can
enter the
intemal network
from the Internet, and limiting the intemal addresses to which traffic
for
different
applications
can
go.
o
application
used
the lntemet backbone to or from some other security
gateway.
network to achieve
chosen for
base
securify-related
decisions.
of
firewall
architectures:
packet
filtering,
circuit
and
oldest firewall architectures.
a filter-
type, source address,
destination address, and
A
static
packetfilter
and compares
this information
allows
specifying
packet
of IP
information
to or from ports
related to specific services.
IP
address
and
viewing
the
the
static
packet
and an established
allowing
only
allowing
are fairly easy
checking.
application,
up through
the application
copy, forward, and filter. For
example, only an HTTP
relies only on an application-
level
gateway,
incoming
specific application, a
of new IP
more
pro-
is their capability
because
(abbrevi-
is a defense system which detects and
responds
IDS tools are capable
the organization
break-ins by analyzing
network
misconfigurations;
identifies
(called
plain
easily
be
descrambled
without
knowledge
text as outp,ut.
The function involves
tion-level
security
requirements:
authenrication,
confidentiality,
message
integrity,
and
non-repudiation.
symmetric
This key is balled
an encryption
key and
is meaningless
and
public-key
encrypti
on
digital
signature
that
verifies
the issuing organization's
identity. Digital certificates are exchanged during the set up of communication links to
verify that
the trading
is the intended recipient of a
message transmission and to
identification to its
encrypted
message.
The
certification
authority's
a massive spread
Digital certificates are interlinked with digital
signatures, which can solve
a
with a
of a
unique
key.
Digital
signature
yerification
the digital
signature was
created for
that same
message using
be
differ-
ensure th:rt
way
sends
not
match
conjunction with
a hashing
a separate data
if
wholly
disassociated
recipient uses
the digital
signature was
by
network-
level
authenticators
(proofs
of
protection domain
for other
is mapped.
11..3.2 Authorization
Autborization mechanisms
pages,
components,
and
database
authorization
while
groups
are
may aiso restrict
(e.g.,
amount of withdrawals
perform
what
identity, the user's access
limit
are able to perform
rules
determine if the requestor
resource.
without
process
of
ensuring
applied in a distributed environment for
protecting
particular business
full
control rules for distributed
domain)
and
the ability to perform a certain operation according to functional
role
grained, and
in
cases
programmatic
authorization is used to associate application logic with the state of
a
signer
of
the
container
arises.
may indicate
attempts to
is
with
a
security
shall
briefly
examine
for transport security
that may become
called a
recently been authenticated
generated
session
client and
generated
for each server
(KDC)
be
persisted
during
that only the legitimate
application
(in
this
provided
then
key, a
ciient identifier,
The client uses the session ticket
to establish secure TCP/P
i.-r:.;.if
is
ectory
Patterns:
Prentice
Hall,
2006.
Reoroduced
to
first concentrate
integrate
options and
based
firewalls. The assumption is that the infrastructure residing in the
DMZ
needs
to be compromised
protect
ment in a DMZ
availability, scalability,
Figure 11.12 illusnates an horizontally scaled security architecture for a
J2EE
applica-
components), and back-end resources. The horizontal scalability is achieved by using
multiple instances of Web and application servers. The
Web
tier and the applications tier
are separated by a firewall. This enhances security because the traffic between the Web
and application servers is required to
pass
suitable
f