© 2009 IBM Corporation Integrating WSRR and DataPower Andrew White – Software Developer 18 March...

© 2009 IBM Corporation

Integrating WSRR and DataPower

Andrew White – Software Developer

18 March 2010

© 2009 IBM Corporation2

Agenda

Introduction

What is WSRR?

WSRR Overview

Integration WSRR and DataPower

© 2009 IBM Corporation3 IBM Confidential

What is WebSphere

Service Registry &

Repository?


WSRR is… A Registry – it is designed to represent and govern SOA

services

A Repository – conceptually like a database – that stores artifacts that can be queried at both design time and runtime

A J2EE Application that runs on WebSphere Application Server– Requires a relational backing store. DB/2, Oracle and MS SQL

Server are supported– Leverages all security and clustering/HA capabilities of the

WAS platform


WSRR Capabilities, Extensions and Customisations

DB2WebSphere Application Server

Operating Systems: Windows, AIX, Linux, HP, zOS Solaris

WebSphere Service Registry and Repository

Classifications

Access Control

Lifecycle

Validation

Notification

J2EE API Web Service API

ORACLE

IBMProducts

IBMProducts Third Party

Products

Third PartyProducts Plugin

Extensions

Plugin Extensions

CustomerApplications

CustomerApplications

Eclipse/ VS

plug-in

Eclipse/ VS

plug-in

Web UIWeb UI

Custom Views

ToolingTooling

Emerging Standards

UDDI

Content / Business Models

Registry RepositoryCreate, Retrieve,Update, Delete,Query

AdminImport, Export,Configure

GovernanceTransition,Validate,Notify

Definition of the Business

Domains and Service Focus

RepresentationOf the Service Development

Lifecycle to be Governed

Decision Rights

SOA Governance

Policies

Communication

Extendable Content Model

REST

Modification

Role based UIPerspectives


WSRR and WebSphere DataPower


Purpose-built hardware ESB for simplified deployment and hardened security at the message level, network level, and device level

Code-free, drop-in integration across IBM SOA foundation including support for MQ and JMS

Secures services on the network with sophisticated web services access control, policy enforcement, message filtering, and field-level encryption

Dynamic Web Services Policy framework (WS-Policy and WS-Security Policy) for SOA Policy enforcement

WS-I Basic Profile and Basic Security Profile support

Optimized to bridge between leading standard protocols at wirespeed, including web services, messaging, files, and database access

Enables transformation between a wide range of data formats, including XML, legacy, and industry standards and custom formats

Captures and emits events to facilitate web services management and enable business visibility in Business Activity Monitoring solutions

Simplified customization and configuration for accelerated time-to-market

WebSphere DataPower XI50Purpose-Built ESB Appliance for

SOA Integration


Why an Appliance for SOA Governance?

Hardened, specialized hardware for helping to integrate, secure & accelerate SOA

Many functions integrated into a single device:– Impact: connectivity will require service level management, routing, policy,

transformation

Higher levels of security assurance certifications require hardware:– Example: government FIPS Level 3 HSM, Common Criteria

Higher performance with hardware acceleration:– Impact: ability to perform more security checks without slow downs

Addresses the divergent needs of different groups:– Example: enterprise architects, network operations, security operations,

identity management, web services developers

Simplified deployment and ongoing management:– Impact: reduces need for in-house SOA skills & accelerates time to SOA

benefits


DataPower XI50 Support for WSRR

Service Discovery– DataPower WS-Proxy subscribes to service definitions stored in

WSRR– Dynamically enforces policies and mediations for these services

Dynamic Endpoint Selection and Routing– Query WSRR for endpoint location(s) and dynamically route

service requests

Service Metadata Lookup– Lookup service metadata such as XSLT, XML and XSD for use

in service mediation


Service Discovery Example

WebSphere DataPower XI50– WS-Proxy – configuration object for proxying and/or mediating web

services– WSRR Server – configuration object for WSRR server information– WSRR Subscription Object – configuration object for subscribing to

WSRR– Status Providers – view the current state of the WSRR

configuration objects

WSRR– WSDL Documents– Concept – in the DataPower case, used to logically group service

definitions for which DataPower will provide mediation and policy enforcement


Configuring DataPower and WSRR for Service DiscoveryWSRR Configuration

1. Upload Service Definitions (WSDLs) to WSRR 2. Configure WSRR Concept to group services


Configuring DataPower and WSRR for Service DiscoveryDataPower Configuration

1. Configure DataPower WSRR Server Object 2. Configure DataPower WSRR Subscription Object

DataPower queries WSRR via the SOAP API

Support for WAS security and SSL

Subscribe to WSRR Concept or WSDL objects

Support for polling and manual updates

Configurable update interval


Configuring DataPower and WSRR for Service DiscoveryDataPower Configuration (cont’d)

3. Configure DataPower WS-Proxy service to use WSRR Subscription



4. Configure Centralized Service Level Management for Subscribed Services

Configure SLM for all services in the WSRR Subscription

Optionally configure SLM for each individual WSDL component



5. Centrally Configure and Enforce Policies and Mediations for Subscribed Services

Mediation applied to all services in the subscription

In this case, WS-Security, SLM, SQL Injection filter and transformation

Configure and enforce WS-I compliance policy for the subscription


Dynamic Endpoint Routing Example

Configure dynamic routing using the DataPower “route” action

Select WSRR endpoint lookup routing control file (stylesheet)

Configure parameters


Comments or Questions?


At its core, WSRR manipulates objects

Every entity in WSRR is represented as a Service Data Object (SDO).

All objects in WSRR also implement the BaseObject Interface. This is the parent interface that all other WSRR interfaces extend.

The BaseObject interface defines the basic set of attributes that can be found on all WSRR objects:

– bsrURI (ID)– Name– Namespace– Version– Description– Owner– CreationTimestamp– LastModified– LastModifiedBy

It also defines the methods that allow you to associate metadata with objects in WSRR:

– Properties– Relationships– Classifications


Document objects

Files stored in WSRR (WSDLs, XML schemas, word docs, etc.) are all sub-types of the Document type:

– WSDLDocument– XSDDocument– XMLDocument– PolicyDocument– GenericDocument, etc…

For certain document types, WSRR creates additional objects to represent the contents of the document.

– These objects are known as Logical Objects because they are derived automatically from Document objects.

– For example, a WSDLPort object is a logical object which is automatically derived from a WSDLDocument object.

– It is not possible to create instances of LogicalObjects directly.


Business objects

You can define your own types to represent objects that make sense to you in your SOA (e.g. an object type that represents an SLA).

– These objects are known as Business Objects (referred to a concepts in the Web UI).

– All Business Objects in WSRR are instances of GenericObject.

© 2009 IBM Corporation Integrating WSRR and DataPower Andrew White – Software Developer 18 March...

Documents

Transcript of © 2009 IBM Corporation Integrating WSRR and DataPower Andrew White – Software Developer 18 March...