CS 483 Enterprise and Web Application Programming Week 7 Web Services 1 What are Web Services? W3C (establishes standards for Web services) defines Web services as: “A Web service is a software system identified by a URL whose public interfaces and bindings are defined and described using XML. Its definition can be discovered by other software systems. These systems may then interact with the Web service in a manner prescribed by its definition, using XML-based messages conveyed by Internet protocols.” 2 What are Web Services? Web services are a result of the natural evolution of the Web Initially – the Web consisted of sites that were plain HTML pages Later – Web pages became dynamically generated Now – Web services provide a standardized way for applications to expose their functionality over the Web or communicate with other applications over a network – regardless of the app’s implementation, programming language, or computer platform 3 Why Implement a Web Service? Web services can provide a means for an enterprise to: Expand its business offerings Increase the efficiency of it business processing Improve its customer experience Automate business processing by streamlining interactions with outside services (e.g., credit card and shipping services) 4 Why Implement a Web Service? Most important reason: Promote interoperability across different platforms, systems and languages 5 Service-Oriented Architecture (SOA) A Web service enables a service-oriented architecture SOA is an architectural style that promotes software reusability by creating reusable services Strategy where applications make use of services available in a network (such as WWW) SOA addresses complex enterprise environments due to the user of a variety of software and hardware platforms, Internetbased communication, and enterprise application integration (EAI) 6 Service-Oriented Architecture (SOA) Considered the wave of the future. Gartner reports that “By 2008, SOA will be a prevailing software engineering practice, ending the 40-year domination of monolithic software architecture” “Through 2008, SOA and Web services will be implemented together in more than 75% of new SOA Web service projects” 7 Service A service provides a specific function (usually business) Service can provide a single discrete function Service can perform a set of related business functions such as converting one type of currency to another such as airline reservation system called “course-grained” SOA is a way of sharing functions in a widespread and flexible way 8 Service-Oriented Architecture 9 Service-Oriented Architecture In SOA, you have the following: Service that implements the business logic and exposes this business logic through well-defined interfaces. Registry where the service publishes its interfaces to enable clients to discover the service Clients who discover the service using registries and access the service directly through the exposed interfaces Loose coupling – means that the client of the service is essentially independent of the service Client does not have to know much about the service to use it (i.e., implementation language, platform) it just needs to know the interface 10 SOA • SOA uses the find-bind-execute paradigm. • In this paradigm, service providers register their service in a public registry. • This registry is used by consumers to find services that match certain criteria. • If the registry has such a service, it provides the consumer with a contract and an endpoint address for that service. 11 Benefits of Web Services Interoperability in a heterogeneous environment Business services through the Web Allows distributed services to run on a variety of software platforms and architectures, and use different languages Example – supply chain management Integration with existing systems Provide developers with standard ways to access middle-tier and back-end services or legacy systems and integrate them with other applications 12 Benefits of Web Services Freedom of choice Support multiple clients Large number of choices for tools, products and technologies to enhance developer productivity Java, Microsoft, wireless, etc Programming productivity Web services create a common programming environment for faster development 13 Web Services Infrastructure and Components Applications Directory serviceSecurity Choreography Web Services Service descriptions (in WSDL) SOAP URIs (URLs or URNs) XML HTTP, SMTP or other transport 14 Challenges of Web Services Development Key challenge today is that Web services are still in their infancy Evolving technologies and products Security More important than ever! Exchange and distribute data requires top security Key issues: reliability, availability, and scalability 16 Web Services Protocols and Technologies Web services approach is based on a maturing set of standards that are widely accepted and used This enables clients and services to communicate and understand each other across a wide variety of platforms and across language boundaries These are: XML SOAP WSDL Emerging standards 17 XML eXtensible Markup Language (XML) has become the de facto standard for describing data to be exchanged on the Web An XML tag identifies the information in a document and the structure of a document For example: <bookshelf> <book> <title>My Life and Times</title> <author>Felix Harrison</author> <price>39.95</price> </book? </bookshelf> XML document typically associated with a schema that specifies what tags are allowed, their structure, and their meaning Adopted as the language of Web services 18 Simple Object Access Protocol (SOAP) Though agreeing on the meaning and structure of XML tags makes the use of XML an effective way to exchange data, it's not sufficient for data interchange over the Web. For instance, you still need some agreed-upon protocol for formatting an XML document so that the receiver understands what the main, "payload," part of the message is, and what part contains additional instructions or supplemental content. That's where Simple Object Access Protocol (SOAP) comes in. 19 Simple Object Access Protocol (SOAP) SOAP is an XML-based protocol for exchanging information in a distributed environment. SOAP provides a common message format for exchanging data between clients and services. The basic item of transmission in SOAP is a SOAP message, which consists of a mandatory SOAP envelope, an optional SOAP header, and a mandatory SOAP body. 20 SOAP Message Soap Envelope specifies XML namespace encoding style – data types recognized in message Header names that can be used in message usually used to convey security-related information to be processed Body Main part of message 21 SOAP Message Example – Retrieve the Price of a Book 22 SOAP Messages A related standard called SOAP Messages with Attachments (SAAJ) specifies the format of a SOAP message that includes attachments For example – images SOAP messages are transported using protocols such as HTTP or SMTP SOAP messages are platform and operating system independent 23 Web Service Description Language (WSDL) WSDL is an XML document that is a description of the Web service’s interface WSDL defines an XML schema for defining a Web service Describes the format client uses in making a request for a service Defines the request itself To uncover the description of a Web service, a client needs to find the service’s WSDL document Most common way is for the client to find a pointer to the WSDL document in the Web service’s registration This is done in an UDDI registry or ebXML registry 24 Web Service Description Language (WSDL) Typical scenario Business registers its service in a UDDI (Universal Description, Discovery, and Integration) registry or ebXML registry Registry entry includes a pointer to the WSDL file that contains the WSDL document for the service Client searches the registry and finds the service Programmer uses the interface information in the WSDL document to construct the appropriate calls to the service 25 UDDI UDDI defines how to publish and discover information about services in a UDDIconforming registry Identifies the types of XML data structures that comprise an entry in the registry for a service Think of it as a “yellow pages” for Web services Provides name of service Brief description of what it does Address where it can be accessed Description of the interface for accessing the service 26 UDDI Example - BooksToGo 27 Emerging Standards WS-Security Standard released in March 2004 Describes security-related enhancements to SOAP messaging that provide for message integrity and confidentiality Integrity means that the SOAP message is not tampered with as it travels from a client to its final destination Confidentiality means that a SOAP message is only seen by intended recipients Quite flexible and can be used with security models and encryption technologies Public-key infrastructure (PKI) Secure Sockets Layer (SSL) 28 Emerging Standards SAML Security Markup Assertion Language XML-based framework for exchanging security information Through SAML, multiple services can exchange security information Can do things like single sign-on for accessing multiple, related services 29 Emerging Standards WS-BPEL Web Services Business Process Execution Language XML-based language for coordinating Web services Example – processing a purchase order – involves multiple steps performed in a specific sequence that need to act like a unit WS-BPEL uses WSDL to describe Web services that participate in a process and how the services interact 30 Realizing SOA with Web Services with Sun Sun's Java Web Services Developer Pack 1.5 (Java WSDP 1.5) and Java 2 Platform, Enterprise Edition (J2EE) 1.4 can be used to develop state-of-the-art web services to implement SOA. The J2EE 1.4 platform enables you to build and deploy web services in your IT infrastructure on the application server platform. It provides the tools you need to quickly build, test, and deploy web services and clients that interoperate with other web services and clients running on Java-based or non-Java-based platforms. It enables businesses to expose their existing J2EE applications as web services. Servlets and Enterprise JavaBeans components (EJBs) can be exposed as web services that can be accessed by Java-based or nonJava-based web service clients. J2EE applications can act as web service clients themselves, and they can communicate with other web services, regardless of how they are implemented. 31 Sun Web Service APIs Java API for XML Processing (JAXP) This API lets you process XML documents by invoking a SAX or DOM parser in your application. JAXP 1.2 supports W3C XML Schema. Java API for XML-based RPC (JAX-RPC) This is an API for building and deploying SOAP+WSDL web services clients and endpoints. Java APIs for XML Registries (JAXR) This is a Java API for accessing different kinds of XML registries. It provides you with a single set of APIs to access a variety of XML registries, including UDDI and the ebXML Registry. You don't need to worry about the nitty-gritty details of each registry's information model. 32 Sun Web Service APIs SOAP with Attachments API for Java (SAAJ) This API lets you produce and consume messages conforming to the SOAP 1.1 specification and SOAP with Attachments note. JSR 109: Web services for J2EE JSR 109 defines deployment requirements for web services clients and endpoints by leveraging the JAXRPC programming model. In addition, it defines standard deployment descriptors using the XML Schema, thereby providing a uniform method of deploying web services onto application servers through a wide range of tools. 33 Sun Web Service APIs With these APIs, you can focus on high-level programming tasks, rather than low-level issues of XML and web services. You can start developing and using Java WSDP 1.5 and J2EE 1.4 web services without knowing much about XML and web services standards. You only need to deal with Java semantics, such as method invocation and data types. The dirty work is done behind the scenes, as discussed further in the next section. 34 Web Services Publish-Discover-Invoke Model 35 Java Client Calling a J2EE Web Service 36 J2EE 1.4 Platform Architecture 37