Presentation is loading. Please wait.

Presentation is loading. Please wait.

7 Sep 2006NVO Summer School 20061 T HE US N ATIONAL V IRTUAL O BSERVATORY Building Web Services Matthew J. Graham CACR/Caltech.

Similar presentations


Presentation on theme: "7 Sep 2006NVO Summer School 20061 T HE US N ATIONAL V IRTUAL O BSERVATORY Building Web Services Matthew J. Graham CACR/Caltech."— Presentation transcript:

1 7 Sep 2006NVO Summer School T HE US N ATIONAL V IRTUAL O BSERVATORY Building Web Services Matthew J. Graham CACR/Caltech

2 7 Sep 2006NVO Summer School Overview WSDL Attachments Security State Asynchrony Message orientation

3 7 Sep 2006NVO Summer School Design styles Contract-last development –Implement service –java org.apache.axis.wsdl.Java2WSDL contract coupled to service implemenations interface Contract-first development –Write XSD and WSDL –java org.apache.axis.wsdl.WSDL2Java -s –Fill in business logic

4 7 Sep 2006NVO Summer School What is WSDL? Web Services Description Language An XML grammar for describing a web service as a collection of endpoints capable of exchanging messages in a particular fashion W3C specification (http://www.w3.org/TR/wsdl) Use WSDL 1.1

5 7 Sep 2006NVO Summer School Anatomy of a WSDL file *- model data exchanged * *- formatting and representation of SOAP *message on the wire *- identifies actual endpoint for WS * *- include other WSDLs - define datatypes used in * *- describe interfaces supported for *an endpoint - define input and output parameters *

6 7 Sep 2006NVO Summer School WSDL example … … … Return the comoving line of sight distance...

7 7 Sep 2006NVO Summer School What about the binding?

8 7 Sep 2006NVO Summer School Binding attributes Style (representation on the wire) –rpc: the endpoint treats child elements in the body as XML representation of method call (SOAP 1.1, sec. 7) –document: the body can contain arbitrary XML Use (how data is serialized across the wire) –encoded: rules in a URL specified by encodingStyle attribute –literal: rules specified by XML schema

9 7 Sep 2006NVO Summer School WSDL binding flavours (I) RPC Document Literal Encoding

10 7 Sep 2006NVO Summer School WSDL binding flavours (II) RPC Document Literal Encoding

11 7 Sep 2006NVO Summer School Document/literal wrapped

12 7 Sep 2006NVO Summer School Which flavour to use? Doc style can pass entire transaction as an XML document (state) Doc style not constrained by RPC-oriented encoding Doc style can be validated at call time Processing overhead in encoding payloads with RPC Doc style can use low memory parsers such as SAX and StAX RPCs natural tendency to expose programming language object structures doc/literal wrapped (95%)

13 7 Sep 2006NVO Summer School Why not doc/literal wrapped? - I 5 5 > 5 rpc/literaldoc/literaldoc/literal wrapped

14 7 Sep 2006NVO Summer School Why not doc/literal wrapped? - II Overloaded operations: public void myMethod (int x, float y); public void myMethod (int x); Number of parameters: public void someOtherMethod(int x, float y); Data graphs: RPC/encoding: Literal: A A B B B A Left Right B Left Right

15 7 Sep 2006NVO Summer School Interoperability Suitable for and capable of being implemented in a neutral manner on multiple operating systems and in multiple programming languages Not all web services are interoperable! Web Services Interoperability Organisation (http://www.ws-i.org)http://www.ws-i.org WS-I Testing Tools

16 7 Sep 2006NVO Summer School WS-* WS-I Basic Profile WS-I Basic Security Profile WS-Manageability WS-Management WS-MetadataExchange WS-Notification WS-Policy WS-PolicyAssertions WS-PolicyAttachment WS-PolicyFramework WS-Polling WS-Provisioning WS-Reliability WS-ReliableMessaging WS-RemotePortals WS-ResourceFramework WS-ResourceLifetime WS-ResourceProperties WS-Routing WS-SecureConversation WS-Security WS-SecurityPolicy WS-Addressing WS-AtomicTransaction WS-Attachments WS-BaseNotification WS-BPEL WS-BrokeredNotification WS-BusinessActivity WS-CAF WS-Choreography WS-CDL WS-Context WS-Coordination WS- CoordinationFramework WS-Discovery WS- DistributedManagement WS-Enumeration WS-Eventing WS-ExperienceLanguage WS-Federation WS-GAF WS-Inspection WSIL WS-Semantics WS-Topic WS-Transaction WS-Transaction Management WS-Transfer WS-Trust ASAP ebXML MTOM SAML SOAP SwA UBL UDDI WSDL XACML XML Encryption XML Signature XKMS

17 7 Sep 2006NVO Summer School Attachments: opaque data By value –XML representation or –use xs:hexBinary or xs:base64Binary within the body –data expansion by a factor of ~ –anything within SOAP body gets parsed –processing costs of encoding/decoding By reference –attach pure binary data as external unparsed entity outside SOAP message –use reference URI within the body

18 7 Sep 2006NVO Summer School Reference solutions SwA (SOAP with Attachments) –Multipart MIME message: SOAP (0), data (1-n) –Use Content-Id as reference in body –Lack of length header on message sections –No recommendation just W3C Note DIME (Direct Internet Message Encapsulation) –Uses faster and more efficient binary encoding –No standard, disowned by Microsoft Both introduce a data structure outside realm of XML data model: no rules to specify how attachment content related to SOAP envelope so incompatible with WS-*

19 7 Sep 2006NVO Summer School MTOM Message Transmission Optimization Mechanism Uses MIME - backwards compatible with SwA Uses XOP:Include as reference mechanism (XOP = XML Binary Optimized Packaging) Conceptually binary data is base64-encoded in SOAP XML document compatible with WS-* Implementations: –Axis2 (http://ws.apache.org/axis2)http://ws.apache.org/axis2 –Xfire (http://xfire.codehaus.org) –WSE 3.0 (http://msdn.microsoft.com/library/default.asp?url=/li brary/en-us/dnwse/html/newwse3.asp)

20 7 Sep 2006NVO Summer School Security Transport level (https) Message level: –End-to-end: allows for unlimited intermediaries –Data origin authentication –Different types of security tokens/credentials: unsigned (username/password) binary (X.509 certificate) XML (SAML token) –Multiple credentials

21 7 Sep 2006NVO Summer School WS-Security OASIS standard (http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss)(http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss)) Security token validation (authentication): –validate authentication assertions made by principals Message integrity (signing): –verify message origin –validate encryption keys –confirm security token claims Message confidentiality (encryption ) Introduces extra XML into SOAP header

22 7 Sep 2006NVO Summer School WSS Implementations Java: –WSS4J (http://ws.apache.org/wss4j) used by Axis2/XFirehttp://ws.apache.org/wss4j C#: –WSE 2.0 (http://msdn.microsoft.com/webservices/webservices/build ing/wse/default.aspx) –WSRF.Net ( ) Perl : –WSRF::Lite (http://www.sve.man.ac.uk/Research/AtoZ/ILCT) Python: –pyGridWare (http://dsd.lbl.gov/gtg/projects/pyGridWare/ )http://dsd.lbl.gov/gtg/projects/pyGridWare/

23 7 Sep 2006NVO Summer School State Stateless is good: –In case of failure, just restart without concern of previous interactions (reliability) –New service instances can be created/destroyed in response to system load (scalability) How to handle state? –Separate web service and state information (resource) –Identify resource with a unique key –Use message exchanges with the service to interact with the resource (manipulate state)

24 7 Sep 2006NVO Summer School WS-Resource An entity composed of a web service and a stateful resource The address is called an endpoint reference (WS-Addressing) ACID: –Updates made in all-or-nothing fashion (atomicity) –Consistent state even after failure (consistency) –Updates isolated within a given work unit (isolation) –Permanence of updates (durability)

25 7 Sep 2006NVO Summer School WS-RF: the nuts and bolts WSDL for a stateful service: * … Implementations: –Java: GT4 (htttp://www.globus.org); Apache WSRF (http://ws.apache.org/wsrf)http://ws.apache.org/wsrf –.NET: WSRF.Net (http://www.cs.virginia.edu/~gsw2c/wsrf.net.html)http://www.cs.virginia.edu/~gsw2c/wsrf.net.html –Python: pyGridWare (http://dsd.lbl.gov/gtg/projects/pyGridWare/)http://dsd.lbl.gov/gtg/projects/pyGridWare/ –Perl: WSRF::Lite (http://www.sve.man.ac.uk/Research/AtoZ/ILCT)

26 7 Sep 2006NVO Summer School Asynchrony Real world is asynchronous No current standards for asynchronous services but most promising is OASIS ASAP (http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=asap)http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=asap Toolkits exist which facilitate asynchronous activities: –WS-RF (see above) –Axis2 (http://ws.apache.org/axis2)http://ws.apache.org/axis2 –JMS (http://java.sun.com/products/jms) /http://java.sun.com/products/jms Caffeine (http://caffeine.berlios.de/site/)http://caffeine.berlios.de/site/ –WSIF (http://www.apache.org/wsif)

27 7 Sep 2006NVO Summer School Messaging operations WSDL 1.1 defines four types of messaging operation that an endpoint can support: –One-way: endpoint receives a message –Request/response: endpoint receives a message and sends a correlated message –Solicit/response: endpoint sends a message and receives a correlated message –Notification: endpoint sends a message One-way/two-way transport behaviour

28 7 Sep 2006NVO Summer School Patterns for asynchrony (I) Fire and Forget: Request/response (Transport timeout) CSCS CS

29 7 Sep 2006NVO Summer School Patterns for asynchrony (II) Polling: Callback: CS CS

30 7 Sep 2006NVO Summer School WS-Addressing No standard SOAP way to specify: –where a message is going –how to return a response –where to report an error WS-Addressing provides: –To –ReplyTo –FaultsTo –Anonymous –MessageId / RelatesTo –Standard for including service-specific attributes

31 7 Sep 2006NVO Summer School Whats wrong with WSDL (for SOAP)? Focuses on interface abstraction to describe services (RPC mindset) Limited modelling of interaction patterns (no more than 2 message exchanges) No choreographical information (x y z) Difficult to describe infrastructure protocols that use SOAP headers Technologies that use WSDL as a basis tend to be more verbose and complex than necessary

32 7 Sep 2006NVO Summer School MEST (MESsage Transfer) Messaging: –No notion of client/server: just peers –Largely time independent: messages delivered when peer is available –Messages can be duplicated and delivered to multiple peers Messages and services are first class abstractions (no interfaces, data and operations) SSDL (http://www.ssdl.org) Indigo: dual contracts are beyond WSDL

33 7 Sep 2006NVO Summer School SSDL SOAP is the messaging vector over arbitrary transport (and transfer) protocols WS-Addressing used for embedding addressing information within SOAP envelopes and binding those addresses onto underlying transport protocols XML Infoset is the underlying component model Use Xinclude for contract modularization Promotes protocol framework extensibility

34 7 Sep 2006NVO Summer School SSDL structure Schemas –XML Schemas Messages –SOAP documents Protocols (how messages relate to each other) –MEP (WSDL 2.0) –Communicating Sequential Processes –Rules (uses preconditions on send and receive events) – Sequential Constraints Endpoints –WS-Addressing Endpoint Reference


Download ppt "7 Sep 2006NVO Summer School 20061 T HE US N ATIONAL V IRTUAL O BSERVATORY Building Web Services Matthew J. Graham CACR/Caltech."

Similar presentations


Ads by Google