Embed Size (px)
Citation preview
Application-to-application communication
and Web servicesISD3
Connecting Information Systems• Application silos
– Typically applications in a company are build with all three layers coupled together, perhaps with a web presentation layer
• Personnel (HR)• Project Management (PM)• Payroll• Purchase Order processing
– Application interactions• PM needs access to staff details• Job sheets are information about projects and payroll• PM system generates and tracks purchase orders
– Applications may be in different organisations:• Purchase Order processing in company X • To Order processing in supplier Company Y
• Service Oriented Architecture– Enabling the use of data and services in each application
within and between organisations
Silos to SOA
Reuse
• In Information Systems reuse is about use of existing information and information services - objects, resources, standards; processes
• In Computer systems , reuse is about use of generic software components – classes, functions
• Hosted applications (Blogger, Flickr, 37Signals, Del.icio.us) is about reuse of entire applications
Two different Web architectural styles
• Web services with SOAP or other protocol
• REST with just URLs over HTTP• Amazon's web services have both
SOAP and REST interfaces, and 85% of the usage is on the REST interface. (He 2004)
Creating a web service• For the client:
– Discovering an information service which provides the required information
– Understanding the data quality supported.– Understanding the communication protocol– Writing the client and converting the information
• from the form it which it is provided • to the form in which it will be used.
• For the server – Recognising a common service requirement– Establishing the right to disseminate the information.– Understanding the legacy system– Developing the service– Describing the interface to the service– Publishing the information– Gaining financial or other benefits from the service– Ensuring the security and reliability of the service
Web services in practice• www.webservicex.net provides a range of free services.
We will use a few of these in the workshop next week.
• Another collection of web services is Xmethods. Here there is also a simple interface to try a service.
• Other web services will require a payment to use. • Web services used within an organisation to provide a clean
interface between information providers and information requirers.
• Web services can be put on top of legacy systems to enable integration of existing systems.
• Web services lead to a Service Oriented Architecture (SOA)
Mechanisms
• These are all variations of the simple interaction protocol – one request with parameters sent, one reply returned.
• The differences lie in– the underlying communications
protocol used (these are all HTTP based) – in the way in which parameters are
packaged for sending and reply.
Simple GET Interaction
• Request/Response pattern
client server
function
Response
Get Request (+ parameters)
Simple URL
• Client-side– Parameters passed using GET with a formatted reply– Parameters are send in name=value pairs, each value
URL-encoded (space replaced by ‘+’, odd characters replaced by %hex value).
– Limited data structuring available (but names can be repeated).
– One or more parameters might be used to specify which operation to perform.
• operation=query means execute a query• operation=update means add a record to the database.
– The reply is a page whose structure is determined by the server. The client will be responsible for parsing the input to extract the information. This might range from a simple string to a complex XML document.
Simple URL• Server-side
– Script is invoked just as if it had been the target of a link on a page or a form.
– In PHP the parameters themselves can be accessed by :• $name (if the installation variable register_globals is set) • $_GET[‘name’] or $_POST[‘name’].
– Reply can be any string whose structure is determined by the service application
• Testing and testing scripts are easy to set up. • URLs can be
– Bookmarked perhaps using del.icio.us– Stored in a database– Communicated e.g. if I want another lecturer to check on a
programme structure, I email the URL with a comment (instead of giving her instructions about how to find this resource using a given navigational interface)
• POST, Frames , Flash, Java Applets all defeat simple URLS
Example
• The currency converter example was set up as a server.
• The SMS server is the client in this connection, the calculator script the server
• cursms.xql
Simple Interaction• Request/Response pattern
SMS server
Currency script On $host
cursms.xql
converttext=100+USD+NZD&code=CUR8&from=4478678777
$message= CUR 100 USD NZD
$from=4478678777
Reply: 100 US Dollars is 130 NZ Dollars
$response = file(“$host?text=100+USD+NZD&code=CUR8&from=4478678777”);
print $response;
e.g. $host=“stocks.cems.uwe.ac.uk:8080/exist/servlet/ChrisWallace/calulator”
Page scraping
• HTTP get as before• Server is unaware that the client is another
application, not a browser. • The information in the reply is contained in a
normal web page• Complex parsing of the result is required to dig
out the required information.• This ‘html-scrapping’ is common but there is no
guarantee that the format of the page or its location will remain stable, so it’s a very risky approach.
• Parsing the html page and the data requires tricky programming using pattern-matching
XML responses
• Define a schema for the response• Publicise this schema as part of the interface
to the SMS server• Return all replies as XML• Program can use generic XML parser to read
<Reply> <action>Send</action> <message> 100 US Dollars is 130 NZ Dollars</message></Reply>
RESTRepresentational State Transfer
• An architectural Style (or Pattern) whose name was suggested by Roy Fielding in 200
• Key ideas– Every resource has a unique URI – Logical not
Physical– Request uses HTTP GET with simple URI – Reply is an XML document, a summary of the
resource, with links to related resources– State of interaction is held only by the Client
• Client can fetch further detail as the user selects links• no need for session
– Use HTTP operations (GET, POST, PUT, DELETE) to provide a CRUD interface to the information resources
Example : Modules and Programmes
• Request data about a modulewww.uwe.ac.uk/Module/UFIEKG-20-3
this may be re-written to become :www.uwe.ac.uk/fold/module.xql?code=UFIEKG-20-3But this is transparent to the client, allowing changes in server implementation
• Receive XML document<module id=“UFIE8V-20-3><title>Information systems development 3</title><credits>20</credits><level>3</level><specification link=“www.uwe.ac.uk/ModuleSpec/UFIE8V-20-3”/><run link=“www.uwe.ac.uk/ModuleRun/UFIE8V-20-
3&version=2006/1”/></module>
• Reply is a summary of data, with links to related resources• Client will present this and provide navigation
Server
• Need to decide on – the Resources to be provided
• Module• Run
– Collections can also be resources• All Modules in a Field for a given Year
– The granularity of the data• Slow reveal, not everything at once
– The schemas for the ‘representation’• Provide mapping (de-referencing) from URI
to internal calls• Provide access to the schemas themselves
Client
• Client may be – Running Server side, constructing a
static HTML page for the end user– Running Client-side, with JavaScript
code to unpack the XML and dynamically construct pages
– End users obtain client code from the service provider
– AJAX enables complex Client-side scripting
Example• New site isbn.com
– http://isbndb.com/– http://isbndb.com/data-intro.html
• Create an account• Create an access key
http://isbndb.com/api/books.xml?access_key=TRE9KNJB&index1=isbn&value1=156592262X
Response is <?xml version="1.0" encoding="UTF-8" ?> - <ISBNdb server_time="2006-03-09T07:17:03">- <BookList total_results="1" page_size="10" page_number="1"
shown_results="1">- <BookData book_id="java_in_a_nutshell_a01" isbn="156592262X"> <Title>Java in a Nutshell</Title> <TitleLong>Java in a Nutshell (The Java Series)</TitleLong> <AuthorsText>David Flanagan,</AuthorsText> <PublisherText publisher_id="oreilly">O'Reilly</PublisherText> </BookData> </BookList> </ISBNdb>
REST sources
• wikipedia entry– http://
en.wikipedia.org/wiki/Representational_State_Transfer• Roger Costello
– http://www.xfront.com/REST-Web-Services.html• Roy Fielding’s PhD (2000)
– http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm
• Hao He, 2004 Implementing REST Web Services: Best Practices and Guidelines– http://www.xml.com/pub/a/2004/08/11/rest.html
• They are all here and may be updated (and a great Rest example):– http://del.icio.us/perdika/rest
Web services via SOAP• Web services are a response to the problems of the simple URL
based mechanism. – The main problem is the formatting of the sent and received data. If
there was a standard way of formatting both, and a standard way of describing that format, life would be much easier.
• Web service interaction– an XML file sent using HTP POST – response is also an XML document– the client has to parse the returned XML document to discover what
information has been provided. • Parsing XML is not a simple task, but with the increased use of
XML, it is a routine task, for which many packages already exist. PHP has built-in support for XML parsing.
• • The convention for the structure of both the sent and returned
data is called SOAP Simple Object Access Protocol).• • There also needs to be a way of describing the structure of both
documents, there is a third use of XML – in the Web Service Definition Language WSDL.
Web services and PHP
• Creating a web service at a low level is a bit complicated but packages are available in most languages such as PHP, Perl and Java to simplify the task of writing a client or server.
• We can use a package for PHP called nusoap. It can be downloaded from here, and just needs to be unzipped into a suitable directory to use. . It is an open source project under Sourceforge.
• SOAP is included in PHP5 and the interface is slightly different, but this package works fine with PHP4.
ISBN application
• One of the free web services is a service to locate book details given the ISBN – International Standard Book Number
• 0-201-32563-2 is the ISBN for UML Distilled by Martin Fowler
• Run my simple client
ISBN Web ServiceThe interface is defined by the WDSL for this service. Service URI:
www.webserviceX.NET/isbn.asmx
Operation: GetISBNInformation
Parameters:
Code Output:
An XML structure with fields for:AUTHORFULLTITLESHORTTITLEISBNDATESUBJSECTPUBLISHER
SOAP and Java
• Object-orientation is at the heart of all modern approaches to systems development – Java, .NET, Object-oriented databases…
• SOAP is object-oriented but it has a much simpler model than Java and other object oriented languages.
• The following slides contrast the two
Web services as information services
• WSDL defines (part of ) the formal interface• But what defines the information quality of
the service?– Which are books in the ISBN service – what’s the
coverage of the service?– How current is the data? – How accurately has the data been collected?– Who is responsible for the content of the
service?– What guarantees of service availability?– How stable is the defied interface?
Web Service Security issues
• Web services open up an application to the web and to malicious access– Accessing confidential data– Unauthorised interaction with a core
system– Denial of service attacks
• Web2.0 is based on – sharing– trust
