Devon M. Simmonds Computer Science Department 1 Introduction to Web Services Devon M. Simmonds...
-
Upload
rosamund-hunter -
Category
Documents
-
view
218 -
download
0
Transcript of Devon M. Simmonds Computer Science Department 1 Introduction to Web Services Devon M. Simmonds...
Devon M. Simmonds Computer Science Department 1
Introduction to Web Services
Devon M. SimmondsComputer Science Department
University of North Carolina, [email protected]
Web Services & SOAPSlides from various sources: Dr. Ghosh,
CSU; CERN link; Sun’s tutorial link; slides from this link;
Devon M. Simmonds Computer Science Department 2
What is a Web service?
• A Web service is a software system designed to support interoperable machine-to-machine interaction over a network. It has an interface described in a machine-processable format (specifically WSDL). Other systems interact with the Web service in a manner prescribed by its description using SOAP-messages, typically conveyed using HTTP with an XML serialization in conjunction with other Web-related standards.
Source: Web Services Glossaryhttp://www.w3.org/TR/ws-gloss/
Devon M. Simmonds Computer Science Department 3
What is a Web service (2)?
• A Web service is a software system designed to support interoperable machine-to-machine interaction over a network.
• It has an interface described in a WSDL machine-processable format.
• Other systems interact with the Web service in a manner prescribed by its description using SOAP-messages
• Web service is conveyed using HTTP – Identified by a URI
• Web service uses XML serialization • Web-related standards. (Internet Protocols)• Can be discovered by other systems
Source: Web Services Glossary
Devon M. Simmonds Computer Science Department 4
Web Service Examples
• A stock quote service.– An application requires the current value of a stock, the
web service returns it.
• A route finder for delivery of goods.– Given an initial and a final location, find the most cost-
effective delivery route.
• A weather service, a map service, a web search service… – any composition of Web services.
Devon M. Simmonds Computer Science Department 5
Why Web Services?
“The Web can grow significantly in power and scope if it is extended to support communication between applications, from one program to another.”
- From the W3C XML Protocol Working Group Charter
Devon M. Simmonds Computer Science Department 6
Devon M. Simmonds Computer Science Department 6
Sun RPC (1985) CORBA (1992) DCE / RPC (1993) Microsoft COM (1993) Microsoft DCOM (1996) Java RMI (1996)
Hype Check: Is this new?
Devon M. Simmonds Computer Science Department 7
Devon M. Simmonds Computer Science Department 7
What are Web Services?
XML
Application 2Application 1
Two applications communicating over the internet using an agreed message
format – encoded as XML.
Devon M. Simmonds Computer Science Department 8
Plateau ofproductivity
Slope of enlightenment
Trough of disillusionment
Peak of inflated
expectationsTechnology
trigger
Gartner’s ‘Hype’ CurveKey: Time to “plateau”
Less than two yearsTwo to five yearsFive to 10 yearsBeyond 10 years
Biometrics Grid Computing
Web Services
Nanocomputing
Personalfuel cells
Text-to-speech
WirelessLANs/802.11
Virtualprivatenetworks
Visibility
Maturity
Source: Gartner Group June 2002
Natural-language search
Identity services
Personal digitalassistant phones
E-tags
Speech recognition incall centers
Voice over IP
Bluetooth
Public key infrastructure
Speech recognition on desktopsLocationsensing
WAP/WirelessWeb
Peer-to-peercomputing
Devon M. Simmonds Computer Science Department 9
Gartner’s Hype Curve 2009
http://www.gartner.com/it/page.jsp?id=1124212
http://www.gartner.com/DisplayDocument?ref=g_search&id=1108412&subref=simplesearch
Devon M. Simmonds Computer Science Department 10
Gartner’s Hype Curve 2012
From This Source
Devon M. Simmonds Computer Science Department 11
How are Web services Different?
• Platform neutral• Open Standards
– Interoperable
• Based on ubiquitous software– XML Parsers– HTTP Server
Devon M. Simmonds Computer Science Department 12
General rules for services
• Messages are descriptive, not instructive
• Messages are written in a format, structure, and vocabulary that is understood by all parties
• Extensibility – otherwise you lock the parties into a version of the service– Tradeoff: extensibility vs
understandability• Discover a service under a specific
context and not in a centralized fashion
12
Devon M. Simmonds Computer Science Department 13
Other constraints
• Why? – To improve scalability, performance
and, reliability
• How?– Stateless service– Stateful service– Idempotent request
13
Devon M. Simmonds Computer Science Department 14
Stateless service
• Message must contain all necessary information for the provider to process it– Service provider more scalable; no need to
store state information between requests. – Monitoring software can inspect one single
request and figure out its intention– More reliable: No intermediate states to worry
about, so recovery from partial failure is also relatively easy
14
Devon M. Simmonds Computer Science Department 15
Stateful service
• Need to maintain sessions for efficiency or customized service
• Reduces overall scalability; need to remember shared context for consumer
• More coupling between provider and consumer; harder to switch providers
15
Devon M. Simmonds Computer Science Department 16
Idempotent request
• Duplicate requests have the same effect as one request
• Helps in increasing fault tolerance; resend request if fault occurs
16
Devon M. Simmonds Computer Science Department 17
What is Software Architecture
Devon M. Simmonds Computer Science Department 18
What is Architecture Formal Definition
• IEEE 1471-2000– Software architecture is the fundamental organization of a
system, embodied in its components, their relationships to each other and the environment, and the principles governing its design and evolution
IEEE 1471-2000
Devon M. Simmonds Computer Science Department 21
Utility
Performance
ResponseUnder normal conditions - update of an entity in the
persistent storage <0.5 Second
Latency
Under normal or stress conditions, critical alert
generated by the system will be displayed in less than 1 seconds (for generation)
Data Lossunder all conditions, a
message acknowledged by the system will not
be lost
Availability Hardware IssuesUnder all conditions, when a server crash, the system will
resume operation in less than 30 seconds
Usability
ComplianceThe system should comply
with maritime data standards (e.g. Mercator
projection)
Operability
The system should handle user request without
impeding the user's ability to continue controlling the
system (e.g. initiate additional requests)
Security Unauthorized users
under normal conditions and connectivity the system
should alert an unauthorized login attempt (intrusion) within 1 minute
Adaptability More Users
When additional users need access to the system, add new /more hardware (to
support load) under 4 man weeks
Quality Attributes
Devon M. Simmonds Computer Science Department 22
How Architecture
Architecture
Quality Attributes
Technology
Patterns & Anti-patterns
Principles
Community experience
Stakeholders
Architect
people
A “deliverable”
Produce
Key
Is an input
Constraints
Devon M. Simmonds Computer Science Department 23
23
What is a Service?
• A service is a reusable component that can be used as a building block to form larger, more complex business-application functionality.
• A service may be as simple as “get me some person data,” or as complex as “process a disbursement.”
Devon M. Simmonds Computer Science Department 24
24
What is a Service?
• A service provides a discrete business function that operates on data. Its job is to ensure that the business functionality is applied consistently, returns predictable results, and operates within the quality of service required.
Devon M. Simmonds Computer Science Department 25
25
What is a Service?
• How the service is implemented, and how a user of the service accesses it, are limited only by the SOA infrastructure choices of the enterprise.
• From a theory point of view, it really doesn’t matter how a service is implemented.
Devon M. Simmonds Computer Science Department 26
26
Characteristics of a Service
• Supports open standards for integration: Although proprietary integration mechanisms may be offered by the SOA infrastructure, SOA’s should be based on open standards. Open standards ensure the broadest integration compatibility opportunities.
Devon M. Simmonds Computer Science Department 27
27
Characteristics of a Service
• Loose coupling: The consumer of the service is required to provide only the stated data on the interface definition, and to expect only the specified results on the interface definition. The service is capable of handling all processing (including exception processing).
Devon M. Simmonds Computer Science Department 28
28
Characteristics of a Service
• Stateless: The service does not maintain state between invocations. It takes the parameters provided, performs the defined function, and returns the expected result. If a transaction is involved, the transaction is committed and the data is saved to the database.
Devon M. Simmonds Computer Science Department 29
29
Characteristics of a Service
• Location agnostic: Users of the service do not need to worry about the implementation details for accessing the service. The SOA infrastructure will provide standardized access mechanisms with service-level agreements.
Devon M. Simmonds Computer Science Department 30
A Service edge is a natural boundary
Warning: Remoting and other RPCs trick us into thinking that there is no substantial difference
between a local and a remote object. In fact, they hide the presence of the network.
Devon M. Simmonds Computer Science Department 31
Fallacies of distributed Computing
The Network is reliable
Latency is zero
Bandwidth is infinite
The Network is Secure
Topology doesn’t change
There is one administrator
Transport cost is zero
The Network is
homogenous
Devon M. Simmonds Computer Science Department 32
Services are Autonomous
Devon M. Simmonds Computer Science Department 33
Service
describes
End Point Exposes
Messages Sends/Receives
Contracts
Binds to
Service Consumer
implements
Policy governed by
Sends/Receives
Adheres to
Component
Relation
Key
Understands
Serves
Devon M. Simmonds Computer Science Department 34
© attachmate 2004
SOA
ServiceRequestor
ServiceProvider
ServiceRegistry
• Uses open standards to integrate software assets as services
• Standardizes interactions of services
• Services become building blocks that form business flows
• Services can be reused by other applications
Find
Bind
Publish
Devon M. Simmonds Computer Science Department 35
© attachmate 2004
Shift To A Service-Oriented Architecture
• Function oriented• Build to last• Prolonged development
cycles
From To
• Coordination oriented • Build to change• Incrementally built and
deployed
Application silos Tightly coupled Object oriented
Known implementation
Enterprise solutions Loosely coupled
Message oriented Abstraction
Source: Microsoft (Modified)
Devon M. Simmonds Computer Science Department 36
Benefits of SOA
• Services can be provided locally or outsourced to external providers
• Services are language-independent• Investment in legacy systems can be preserved• Inter-organisational computing is facilitated
through simplified information exchange
Devon M. Simmonds Computer Science Department 37
SOA & Web Services: The Components
To discover where you can get web services and what businesses have to offer – UDDI
To describe a web service and how to interact with it – WSDL
To package your interaction with the Web Service – SOAP
To carry the data envelope across the internet – HTTP Post
To fragment and deliver the http post request to the end point – TCP/IP
Devon M. Simmonds Computer Science Department 38
Web Services Interoperability Stack
Network
Transport HTTP, HTTPS, SMTP,…
Packaging/Messaging XML, SOAP, WS-Addressing
Description WSDL, WS-Policy, WS-ResourceProperties…
Discovery UDDI, WS-Inspection, …
Quality of Experience WS-Security, WS-Transactions, WS-ReliableMessaging, …
Compositional BPEL4WS, WS-Notification, …
Devon M. Simmonds Computer Science Department 39
Transport
• HTTP POST is most common• But other protocols such as
– FTP– SMTP– HTTP GET
• And other exotic ones:– Jabber– BEEP
Devon M. Simmonds Computer Science Department 40
Packaging – Soap
• Used to mean – Simple– Object– Access– Protocol
• From SOAP 1.2 > SOAP is no longer an acronym
• Two Types of SOAP
Devon M. Simmonds Computer Science Department 41
Types of SOAP Web services
• SOAP-RPC web services– Encodes remote procedure calls in
messages– Prescribes both system behaviors and
application semantics– Generally not interoperable– Breaks constraint of SOA (thus, not
SOA)
• Document-oriented web services
41
Devon M. Simmonds Computer Science Department 42
Packaging – Soap
• SOAP RPC:– encode and bind data structures into
xml.– encode an RPC call
Devon M. Simmonds Computer Science Department 43
Serialization
class PurchaseOrder {String item = “socks”;int amount = 1;}
<PurchaseOrder><item type=“xsd:string”>
socks</item><amount type=“xsd:int”>
1</amount></PurchaseOrder>
Serializer
Devon M. Simmonds Computer Science Department 44
Packaging - SOAP
• SOAP ‘document style’– packages xml in an envelope
Devon M. Simmonds Computer Science Department 45
Packaging – SoapHTTP Post
SOAP Envelope
SOAP Body
SOAP Head
Devon M. Simmonds Computer Science Department 46
Packaging – Soap
<s:Envelope xmlns:s=“URN”><s:header>
<s:transaction xmlns:m=“soap-transaction”>
<m:transactionID>1234
</m:transactionID >
</s:transaction></s:header>
Devon M. Simmonds Computer Science Department 47
Packaging – Soap
<s:Body><n:purchaseOrder xmlns:n=“URN”>
<n:item>socks</n:item><n:amount>1</n:amount>
</n:purchaseOrder></s:Body>
</s:Envelope>
Devon M. Simmonds Computer Science Department 48
Description – WSDL
• Web Services Description Language– “Web Services Description Language (WSDL)
provides a model and an XML format for describing Web services.” w3c.org
• WSDL is written in XML • WSDL is an XML document • WSDL is used to describe Web services
– What operations does the service expose?
• WSDL is also used to locate Web services – Where is the web service located?
Devon M. Simmonds Computer Science Department 49
WSDL Major Elements
Element Defines
<portType> The operations performed by the web service
<message> The messages used by the web service
<types> The data types used by the web service
<binding> The communication protocols used by the web service
Devon M. Simmonds Computer Science Department 50
WSDL Structure
<definitions> <types> definition of types... </types> <message> definition of a message. </message> <portType> definition of a port... </portType> <binding> definition of a binding </binding></definitions>
Devon M. Simmonds Computer Science Department 51
WSDL Sample Fragment
<message name="getTermRequest"> <part name="term" type="xs:string"/> </message> <message name="getTermResponse"> <part name="value" type="xs:string"/> </message><portType name="glossaryTerms">
<operation name="getTerm"><input message="getTermRequest"/><output message="getTermResponse"/></operation>
</portType>
Devon M. Simmonds Computer Science Department 52
WSDL Ports
• The <portType> element is the most important WSDL element.
• It defines a web service, the operations that can be performed, and the messages that are involved.
• The <portType> element can be compared to a function library (or a module, or a class) in a traditional programming language.
Devon M. Simmonds Computer Science Department 53
WSDL Messages
• The <message> element defines the data elements of an operation.
• Each messages can consist of one or more parts. The parts can be compared to the parameters of a function call in a traditional programming language.
Devon M. Simmonds Computer Science Department 54
Messages
<message name=“purchase"><part name=“item" type="xsd:string"/><part name=“quantity" type="xsd:integer"/>
</message>
Devon M. Simmonds Computer Science Department 55
WSDL Types
• The <types> element defines the data type that are used by the web service.
• For maximum platform neutrality, WSDL uses XML Schema syntax to define data types.
Devon M. Simmonds Computer Science Department 56
Types
<types><schema targetNamespace=" IMessageService.xsd" xmlns="…/XMLSchema"
xmlns:SOAPENC="…/soap/encoding/"/></types>
Devon M. Simmonds Computer Science Department 57
WSDL Bindings
• The <binding> element defines the message format and protocol details for each port.
Devon M. Simmonds Computer Science Department 58
WSDL Operation Types
Type Definition
One-way The operation can receive a message but will not return a response
Request-response The operation can receive a request and will return a response
Solicit-response The operation can send a request and will wait for a response
Notification The operation can send a message but will not wait for a response
Devon M. Simmonds Computer Science Department 59
Operations
<operation name="setMessage"><input name="setMessageRequest“
message="tns:setMessageRequest"/><output name="setMessageResponse“
message="tns:setMessageResponse"/></operation>
Devon M. Simmonds Computer Science Department 60
WSDL Sample Binding
<binding type="glossaryTerms" name="b1"><soap:binding style="document“ transport= "http://schemas.xmlsoap.org/soap/http" /> <operation> <soap:operation
soapAction="http://example.com/getTerm"/> <input> <soap:body use="literal"/> </input>
<output> <soap:body use="literal"/> </output> </operation></binding>
Devon M. Simmonds Computer Science Department 61
Java APIs for XML
• JAXP -- Java API for XML Processing– processes XML documents using various
parsers • JAX-RPC -- Java API for XML-based RPC
– sends SOAP method calls to remote parties over the Internet and receives the results
• JAXM -- Java API for XML Messaging – sends SOAP messages over the Internet
• JAXR -- Java API for XML Registries– provides a standard way to access business
registries and share information
Devon M. Simmonds Computer Science Department 62
JAX-RPC and SOAP
• JAX-RPC -- Java API for XML-based RPC.• SOAP – Simple Object Access Protocol• In JAX-RPC, a remote procedure call is
represented by an XML-based protocol such as SOAP.
• The SOAP specification defines envelope structure, encoding rules, and a convention for representing remote procedure calls and responses.
• These calls and responses are transmitted as SOAP messages over HTTP.
Devon M. Simmonds Computer Science Department 63
JAX-RPC -- SOAP
• JAX-RPC hides this complexity from the application developer.
• On the server side, the developer specifies the remote procedures by defining methods in an interface.
• The developer also codes one or more classes that implement those methods.
• Client programs create a proxy, a local object representing the service, and then simply invokes methods on the proxy.
Devon M. Simmonds Computer Science Department 64
JAX-RPC -- Java API for XML-based RPC
• A JAX-RPC client can access a Web service that is not running on the Java platform and vice versa.
• This flexibility is possible because JAX-RPC uses technologies defined by the World Wide Web Consortium (W3C): HTTP, SOAP, and WSDL.
Devon M. Simmonds Computer Science Department 65
Description – WSDL
Messages
Types
Operations
Encoding
Endpoint
Devon M. Simmonds Computer Science Department 66
Encoding
<soap:operation soapAction="" style="rpc"/><input name="setMessage0Request">
<soap:body use="encoded" namespace="MessageService"
encodingStyle="…/soap/encoding/"/></input>
Devon M. Simmonds Computer Science Department 67
Endpoint
<service name="MessageService"><port name="MessageServicePort" binding="tns:MessageServiceBinding"><soap:address location="http://localhost:8080/setMessage/"/></port></service>
Devon M. Simmonds Computer Science Department 68
Discovery – UDDI
• Universal Description, Discovery and Integration
• A UDDI Server acts as a registry for Web Services and makes them searchable.
Devon M. Simmonds Computer Science Department 69
Examples (Java Server)
• A Web service Server is simple:– New class with method
• Then:– Register class with soap router– Or– Place the source code in a jws file
Devon M. Simmonds Computer Science Department 70
Examples (VB Client)
• High Level API (After adding a Web Service Reference)
Dim serv As clsws_MessageService
Set serv = New clsws_MessageService
serv.wsm_setMessage txtName.Text, txtColor.Text
Devon M. Simmonds Computer Science Department 71
Examples (VB Client)
Serializer.Init Connector.InputStreamSerializer.startEnvelope , ENC
Serializer.SoapNamespace "xsi", XSISerializer.SoapNamespace "SOAP-ENC", ENCSerializer.SoapNamespace "xsd", XSDSerializer.startBody
Serializer.startElement Method, URI, , "method"
Serializer.startElement “parameter“Serializer.SoapAttribute "type", ,
"xsd:string", "xsi"Serializer.writeString usernameSerializer.endElement
Serializer.endBodySerializer.endEnvelope
Connector.EndMessage
Devon M. Simmonds Computer Science Department 72
Examples (VB Client)
Name
Colour
Call Web Service
Devon M. Simmonds Computer Science Department 73
Examples (C# Client)• Add a Web References to a
project
Localhost.MessageService serv = new Localhost.MessageService();
serv.setMessage(x, y);
Devon M. Simmonds Computer Science Department 74
Examples (C# Server)public class Demo :
System.Web.Services.WebService {
public Demo() { InitializeComponent();
}
[Web Method]public string HelloWorld() {
return “Hello World”;}
}
Devon M. Simmonds Computer Science Department 75
Let’s Compare
Devon M. Simmonds Computer Science Department 76
Service-orientation vs object-orientation [1]
– (Ref: Thomas Erl’s book)
• Service reusability, object reusability• Service contract (WSDL first), object
contract (interfaces)• Service loose coupling, OO high
coupling (inheritance, other OO mechanisms)
• Service abstraction, OO encapsulation
76
Devon M. Simmonds Computer Science Department 77
Service-orientation vs object-orientation [2]
• Service composability, aggregation & composition
• Service statelessness, objects stateful
• Service discoverability
77
Devon M. Simmonds Computer Science Department 78
Service-orientation/web services vs distributed object systems
(Refs: Vogels’ viewpoint, CDK text 19.2.2)
Remote object references and URIs may seem to be similar, but aren’t
Rem obj refs cannot be returned or passed as arguments in web services
Remote object instances cannot be created in web services
No constructors or main methods in web services
No garbage collection of “remote objects”; there is only one
78
Devon M. Simmonds Computer Science Department 79
Web ServicesFuture
Devon M. Simmonds Computer Science Department 81
Security
Bookstore
Client Application
Devon M. Simmonds Computer Science Department 82
Security
Client Application
Bookstore
Bank
Warehouse
Devon M. Simmonds Computer Science Department 83
WS Security Standardisation W3C - http://www.w3c.org
XML EncryptionXML Digital Signatures
WS-I - http://www.ws-i.orgWS Security Profile
OASIS - http://www.oasis-open.orgWS-Security SAML - Security Assertion Markup
LanguageXACML - Extensible Access Control Markup
LanguageXKMS - XML Key Management
Specification
Devon M. Simmonds Computer Science Department 84
Fire Wall
Security – Fire Walls
Bookstore
Client Application
Devon M. Simmonds Computer Science Department 86
WS-I
• Web Services Interoperability Organization
http://www.ws-i.org
R1017 A RECEIVER MUST NOT mandate the use of the xsi:type attribute in messages except as required in order to indicate a derived typeWS-I Basic Profile Version 1.0
Devon M. Simmonds Computer Science Department 87
Missing Pieces
• Security– Single Sign-on, credentials
• Transactions• Quality of service
– Timeliness guarantees
• Asynchronous operations– Co-ordination, workflow
Devon M. Simmonds Computer Science Department 88
Real Examples
• Amazon Web Services API• Google Web API• HP & IBM online stores
Devon M. Simmonds Computer Science Department 89
Plateau ofproductivity
Slope of enlightenment
Trough of disillusionment
Peak of inflated
expectationsTechnology
trigger
Gartner’s ‘Hype’ CurveKey: Time to “plateau”
Less than two yearsTwo to five yearsFive to 10 yearsBeyond 10 years
Web Services
Visibility
Maturity
Source: Gartner Group June 2002
Devon M. Simmonds Computer Science Department 90
Tutorials
• Demo source code, etc.:– http://java.sun.com/webservices/docs/1.6/
tutorial/doc/ – http://ais.cern.ch/presentations
Devon M. Simmonds Computer Science Department 91
Q u e s t i o n s ?
The End
Devon M. Simmonds, Computer Science Department, University of North Carolina Wilmington