28_DPSIG_WSRR-DP_Integration

advertisement
Andrew White – Software Developer
18 March 2010
Integrating WSRR and DataPower
© 2009 IBM Corporation
Agenda
 Introduction
 What is WSRR?
 WSRR Overview
 Integration WSRR and DataPower
2
© 2009 IBM Corporation
What is
WebSphere
Service
Registry &
Repository?
3
© 2009 IBM Corporation
WSRR is…
 A Registry – it is designed to represent and govern SOA
services
 A Repository – conceptually like a database – that stores artifacts
that can be queried at both design time and runtime
 A J2EE Application that runs on WebSphere Application Server
– Requires a relational backing store. DB/2, Oracle and MS SQL
Server are supported
– Leverages all security and clustering/HA capabilities of the
WAS platform
4
© 2009 IBM Corporation
WSRR Capabilities, Extensions and Customisations
Eclipse
/ VS
plug-in
Tooling
REST
Role based
UI
Perspectives
Web UI
IBM
Third Party
Customer
Representation
Products
Applications
Products
Of the Service
Web Service API
J2EE API Development
Emerging Standards
SOA
Lifecycle to be
WebSphere
Service Registry and Repository
Governance
Governed
Policies
Custom
Views
Extendable
Content
Model
Registry Repository
Create, Retrieve,
Update, Delete,
Query
Validation
Modification
Notification
Classifications
Content /
Business Models
Plugin
Extensions
Admin
Import,
Export,
Configure
Lifecycle
Access Control
Governance
Transition,
Validate,
Notify
Definition of the
Communication
Business
Decision
Rights
WebSphere Application Server
ORACLE
UDDI
DB2
Domains and
Service Focus
Operating Systems: Windows, AIX, Linux, HP, zOS Solaris
5
© 2009 IBM Corporation
WSRR and
WebSphere
DataPower
6
© 2009 IBM Corporation
WebSphere DataPower XI50
Purpose-Built ESB Appliance for
SOA Integration
 Purpose-built hardware ESB for simplified deployment and hardened security at the message level,
network level, and device level
 Code-free, drop-in integration across IBM SOA foundation including support for MQ and JMS
 Secures services on the network with sophisticated web services access control, policy enforcement,
message filtering, and field-level encryption
 Dynamic Web Services Policy framework (WS-Policy and WS-Security Policy) for SOA Policy
enforcement
 WS-I Basic Profile and Basic Security Profile support
 Optimized to bridge between leading standard protocols at wirespeed, including web services, messaging,
files, and database access
 Enables transformation between a wide range of data formats, including XML, legacy, and industry
standards and custom formats
 Captures and emits events to facilitate web services management and enable business visibility in
Business Activity Monitoring solutions
 Simplified customization and configuration for accelerated time-to-market
7
© 2009 IBM Corporation
Why an Appliance for SOA Governance?
 Hardened, specialized hardware for helping to integrate, secure &
accelerate SOA
 Many functions integrated into a single device:
– Impact: connectivity will require service level management, routing, policy,
transformation
 Higher levels of security assurance certifications require hardware:
– Example: government FIPS Level 3 HSM, Common Criteria
 Higher performance with hardware acceleration:
– Impact: ability to perform more security checks without slow downs
 Addresses the divergent needs of different groups:
– Example: enterprise architects, network operations, security operations,
identity management, web services developers
 Simplified deployment and ongoing management:
– Impact: reduces need for in-house SOA skills & accelerates time to SOA
benefits
8
© 2009 IBM Corporation
DataPower XI50 Support for WSRR
 Service Discovery
– DataPower WS-Proxy subscribes to service definitions stored
in WSRR
– Dynamically enforces policies and mediations for these
services
 Dynamic Endpoint Selection and Routing
– Query WSRR for endpoint location(s) and dynamically route
service requests
 Service Metadata Lookup
– Lookup service metadata such as XSLT, XML and XSD for
use in service mediation
9
© 2009 IBM Corporation
Service Discovery Example
 WebSphere DataPower XI50
– WS-Proxy – configuration object for proxying and/or mediating web
services
– WSRR Server – configuration object for WSRR server information
– WSRR Subscription Object – configuration object for subscribing to
WSRR
– Status Providers – view the current state of the WSRR
configuration objects
 WSRR
– WSDL Documents
– Concept – in the DataPower case, used to logically group service
definitions for which DataPower will provide mediation and policy
enforcement
10
© 2009 IBM Corporation
Configuring DataPower and WSRR for Service Discovery
WSRR Configuration
1.
Upload Service Definitions (WSDLs) to WSRR
11
2.
Configure WSRR Concept to group services
© 2009 IBM Corporation
Configuring DataPower and WSRR for Service Discovery
DataPower Configuration
1.
Configure DataPower WSRR Server Object
2.
Configure DataPower WSRR Subscription Object

DataPower queries WSRR via the
SOAP API

Subscribe to WSRR Concept or
WSDL objects

Support for WAS security and SSL

Support for polling and manual
updates

Configurable update interval
12
© 2009 IBM Corporation
Configuring DataPower and WSRR for Service Discovery
DataPower Configuration (cont’d)
3.
13
Configure DataPower WS-Proxy service to use WSRR
Subscription
© 2009 IBM Corporation
.
Configuring DataPower and WSRR for Service Discovery
DataPower Configuration (cont’d)
Configure Centralized Service Level Management for Subscribed Services
14

Configure SLM for all services
in the WSRR Subscription

Optionally configure SLM for
each individual WSDL
component
© 2009 IBM Corporation
Configuring DataPower and WSRR for Service Discovery
DataPower Configuration (cont’d)
5.
Centrally Configure and Enforce Policies and Mediations for Subscribed Services

Mediation applied to all services in the
subscription

In this case, WS-Security, SLM, SQL
Injection filter and transformation
15

Configure and enforce WS-I
compliance policy for the subscription
© 2009 IBM Corporation
Dynamic Endpoint Routing Example
16

Configure dynamic routing
using the DataPower “route”
action

Select WSRR endpoint lookup
routing control file (stylesheet)

Configure parameters
© 2009 IBM Corporation
Comments or Questions?
17
© 2009 IBM Corporation
At its core, WSRR manipulates objects
 Every entity in WSRR is represented as a Service Data Object (SDO).
 All objects in WSRR also implement the BaseObject Interface. This is
the parent interface that all other WSRR interfaces extend.
 The BaseObject interface defines the basic set of attributes that can be
found on all WSRR objects:
– bsrURI (ID)
– Name
– Namespace
– Version
– Description
– Owner
– CreationTimestamp
– LastModified
– LastModifiedBy
 It also defines the methods that allow you to associate metadata with
objects in WSRR:
– Properties
– Relationships
– Classifications
18
© 2009 IBM Corporation
Document objects
 Files stored in WSRR (WSDLs, XML schemas,
word docs, etc.) are all sub-types of the
Document type:
– WSDLDocument
– XSDDocument
– XMLDocument
– PolicyDocument
– GenericDocument, etc…
 For certain document types, WSRR creates
additional objects to represent the contents of
the document.
– These objects are known as Logical
Objects because they are derived
automatically from Document objects.
– For example, a WSDLPort object is a logical
object which is automatically derived from a
WSDLDocument object.
– It is not possible to create instances of
LogicalObjects directly.
19
© 2009 IBM Corporation
Business objects
 You can define your own types to represent
objects that make sense to you in your SOA
(e.g. an object type that represents an SLA).
– These objects are known as Business
Objects (referred to a concepts in the Web UI).
– All Business Objects in WSRR are instances
of GenericObject.
20
© 2009 IBM Corporation
Download