Middleware - stg-tud.github.iostg-tud.github.io/ctbd/2016/CTBD_11_web_services.pdf · infrastructure implementing the abstractions must grow accordingly ... message broker internal

Web Services

Middleware

Middleware is a class of software technologies designed to help (I) manage the complexity and (II) heterogeneity inherent in distributed systems.

Middleware

What is Middleware?2

Middleware

Middleware as a Programming Abstraction

‣A software layer above the operating system and below the application program that provides a common programming abstraction across a distributed system ‣A higher-level building block than

APIs provided by the OS(such as sockets)

Distributed Application

Middleware API

Middleware

Operating System API

Operating System (Processes, Communication,

Memory Management)

Distributed Application

Middleware API

Middleware

Operating System API

Operating System (Processes, Communication,

Memory Management)

Network

3

Middleware


Programming abstractions offered by middleware mask some of the heterogeneity and handles some of the complexity programmers of a distributed application must deal with: ‣Middleware always mask heterogeneity of the underlying networks,

hardware ‣Most middleware mask heterogeneity of operating systems and/or

programming languages ‣Some middleware even mask heterogeneity among different vendor

implementations of the “same” middleware standard

4

heterogeneity =dt. Heterogenität Ungleichartigkeit Verschiedenartigkeit

e.g., CORBA-IDL

Middleware


‣An operating system (OS) is the software that makes the hardware useable(A bare computer without an OS could be programmed with great difficulty.)

‣Middleware is the software that makes a distributed system (DS) programmable(Programming a DS is much more difficult without middleware.)

Raising the Abstraction Level

5

Middleware

Middleware as Infrastructure

‣Behind programming abstractions there is a complex infrastructure that implements those abstractions(Middleware platforms are very complex software systems.) ‣As programming abstractions reach higher and higher levels, the underlying

infrastructure implementing the abstractions must grow accordingly ‣Additional functionality is almost always implemented through additional

software layers ‣The additional software layers increase the size and complexity of the

infrastructure necessary to use the new abstractions

6

E.g. to handle errors we can have “transactional RPCs”

Middleware


The infrastructure is also intended to support additional functionality that makes development, maintenance, and monitoring easier and less costly: ‣ logging, ‣ recovery, ‣advanced transaction models (e.g. transactional RPC), ‣ language primitives for transactional demarcation, ‣ transactional file system, ‣etc.

7

Middleware


The infrastructure also takes care of (all) the non-functional properties typically ignored by data models, programming models, and programming languages: ‣performance, ‣availability, ‣ resource management, ‣ reliability, ‣etc.

8

server processclient process

Middleware

Conceptual Model


RPCprotocols

securityservice ... distributed

file servicethreadservice

development environment

IDLsources

interfaceheaders

IDL compiler

IDLclientcode

client stub

RPC run timeservice library

language specificcall interface

RPC API

servercode

server stub

RPC run timeservice library

language specificcall interface

RPC API

runtime environment

[Alonso; Web services: Concepts, Architectures and Applications; Springer, 2004]

9

Dr.-Ing. Michael Eichberg

Web Services

[Web Services - Concepts, Architectures and Applications; Alonso et al.; Springer 2004]

Motivation

Point-to-point integration across companies

supplier customer

internal infrastructure

concrete message broker


concrete message broker

customer's adapter

customer's adapter supplier's

adapter

supplier's adapter

Problem Each company uses its

own “concrete” message broker - if we want to

communicate with multiple companies we have to implement and

maintain several adapters / solutions.

11

Definition by the UDDI consortium

Web Services

What is a Web Service?

[...] self-contained, modular business applications that have open, internet-oriented, standards-based interfaces.

[Web Services; Springer 2004]

Web Services


interactions based on protocols redesigned for peer to peer and B2B settings

internal functionality made available as a service

supplier

customer

warehouse

Web service


Web service

Web service



languages and protocols standardized, eliminating need for many different middleware infrastructures (need only the web services middleware)

internal procurment requests

13

customer

supplier


Web Services


internal service

middleware

client

internal service

Web service

Web service

Web service

Company A (provider)

wid

e ar

ea n

etw

ork

(Inte

rnet

)internal service

middleware

internal service

Company B (client)

14

Core Elements

Web Services


‣The components: ‣Service requester: The potential

user of a service ‣Service provider: The entity that

implements the service and offers to carry it out on behalf of the requester ‣Service registry: A place where

available services are listed


“Classical” Web Services

(using SOAP and WSDL)

Definition by the W3C



A Web service is a software system identified by a URI, whose public interfaces and bindings are defined and described using XML. Its definition can be discovered by other software systems. These systems may then interact with the Web service in a manner prescribed by its definition, using XML based messages conveyed by Internet protocols.

Definition by Webopedia



Web Services are: • A standardized way of integrating web-based applications using the XML,

SOAP, WSDL and UDDI open standards over an Internet protocol backbone.

• XML is used to tag the data, SOAP is used to transfer the data, WSDL is used for describing the services available and UDDI is used for listing what services are available.

just one type of

web services

Core Standards



‣Simple Object Access Protocol (SOAP)Web service message format ‣Web Services Description Language (WSDL)

Web service interface description ‣Universal Description, Discovery, and Integration (UDDI)

Web service discovery

19



Minimalist Infrastructure for Web Services

service providerservice requestor

application object(client)

application object(service provider)

stub skeleton

WSDL of service provider

WSDL compiler(server side)

WSDL compiler(client side)

<operation name="orderGoods"> <input message = "OrderMsg"/></operation>

SOAP-based middleware

SOAP-based middlewareSOAP

messages

20

Development

Time



Minimalist Infrastructure for Web Servicesservice providerservice requestor

application object(client)

application object(service provider)

stub skeleton


SOAP-based middlewareSOAP messages

service descriptions


SOAP messages(to publish service description)

SOAP messages(to look for services)

21

Runtime



Web Services Protocol Stack

Basic Protocol Stack

Extended Protocol Stack

Security TansactionsReliable

Messaging

XSD, WSDL, UDDI, Policy, MetadataExchange

XML, SOAP, Addressing

HTTP, HTTPS, SMTP

BPEL4WS

WS - Security

WS-Reliability WS-AtomicTransactionWS-BusinessActivity

Service Composition

Composable Service Assurances

Description

Messaging

Transports

22


W3C

Industry

OASIS

Related Specs

IETF

Advanced WS

Liberty Alliance

ISO/IEC

ITU-T

WS-I

JCP

WS_*Specifications

2003-12-26 - v13

Misc

D XML Key Management Specification (XKMS) D Web Service Choreography Interface (WSCI) 1.0

D Web Services Conversation Language (WSCL) 1.0D XML-Signature Syntax and Processing D XML Encryption Syntax and Processing

XML Protocol WG

D SOAP Version 1.2 Part 1: Messaging FrameworkD SOAP Version 1.2 Part 2: AdjunctsD SOAP Messages with Attachments

D SOAP Version 1.2 Message NormalizationD SOAP 1.2 Attachment Feature: Working Draft in Last Call

D SOAP Message Transmission Optimization Mechanism: Working DraftD SOAP Optimized Serialization Use Cases and Requirements: Working Draft

D SOAP Version 1.2 Email Binding: Working Group NoteD SOAP Version 1.2 Part 0: Primer: Recommendation

D SOAP Version 1.2 Specification Assertions and Test CollectionD SOAP Version 1.2 Usage Scenarios: Working Group NoteD XML Protocol (XMLP) Requirements: Working Group Note

D XML Protocol Abstract Model: Working Draft no longer in development

Web Services Architecture WG

D Web Services Architecture: Working Draft D Web Services Architecture Requirements: Working Draft

D Web Services Architecture Usage Scenarios: Working DraftD Web Services Glossary: Working Draft

Web Services Description WG

D Web Service Description Usage Scenarios: Working DraftD Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language

D Web Services Description Language (WSDL) Version 2.0 Part 2: Message PatternsD Web Services Description Language (WSDL) Version 1.2 Part 3: Bindings

D Web Services Description Requirements: Working Draft in Last Call

Web Services Choreography WGD Web Services Choreography Requirements 1.0: Working Draft

I18N WGD Requirements for the Internationalization of Web Services

D Web Services Internationalization Usage Scenarios

TAGD Architecture of the World Wide Web, First Edition

D WS-CHOR

BPEL

DBusiness Process Execution Language for Web Services, Version 1.0

Business Process Execution Language for Web Services, Version 1.1

DIBM, Web Services Flow Language (WSFL 1.0)

D Microsoft, XLANG

D WS-SecurityD

IBM/Microsoft/VeriSign, "Web Services Security (WS-Security)"

DIBM/Microsoft/VeriSign, "Web Services Security Addendum"

D OASIS, Web Services Security

WS-TrustD

IBM/Microsoft/VeriSign/RSA Security, Web Services Trust Language (WS-Trust), Version 1.0

Reliable MessagingD

Fujitsu/Hitachi/Oracle/Sonic/Sun, Web Services Reliability (WS-Reliability) Ver1.0

D

BEA/IBM/Microsoft/TIBCO Software, "Web Services Reliable Messaging Protocol (WS-ReliableMessaging)"

WS-Transaction Framework

DBEA/IBM/Microsoft, Web Services Coordination (WSCoordination)

DBEA/IBM/Microsoft, Web Services Transaction (WS-Transaction)

DBEA/IBM/Microsoft, Web Services Atomic Transaction (WS-AtomicTransaction)

Web Services Composite Application Framework (WS-CAF)

DArjuna/Fujitsu/IONA/Oracle/Sun, Web Services Context, 2003-07-28, Version 1.0

D

Arjuna/Fujitsu/IONA/Oracle/Sun, Web Services Coordination Framework, 2003-07-28, Version 1.0

D

Arjuna/Fujitsu/IONA/Oracle/Sun, Web Services Transaction Management, 2003-07-28, Version 1.0

D

Arjuna/Fujitsu/IONA/Oracle/Sun, Web Services Composite Application Framework, 2003-07-28, Version 1.0

WS-PolicyD

IBM/Microsoft/BEA/SAP, Web Services Policy Assertions Language (WS-PolicyAssertions)

DIBM/Microsoft/BEA/SAP, Web Services Policy Attachment (WS-PolicyAttachment)

DIBM/Microsoft/BEA/SAP, Web Services Policy Framework (WS-Policy)

WS-AddressingD

BEA/IBM/Microsoft, Web Services Addressing (WS-Addressing)

WS-FederationD

Web Services Federation Language (WS-Federation), Version 1.0

D WS-Federation: Active Requestor ProfileD WS-Federation Passive Requestor Profile

D WS-Inspection D WS-Inspection

D Resource Management

D WS-EventsD WSMF-FoundationD WSMF-WSMD WSMF

D WS-ManageabilityD WS-Managebility-ConceptD WS-Manageability - Representation

D WS-ProvisioningD WSXL D WS-WSXL

Security D Web Services Security Keberos Binding

Microsoft Web Services Enhancements(WSE)

EbXML Messaging Services TCD Message Service Specification, Version 2.0

OASIS ebXML Collaboration Protocol Profile and Agreement TC

DCollaboration-Protocol Profile and Agreement Specification, Version 2.0

UDDI TC

DUniversal Description, Discovery and Integration (UDDI) Version 3.0

DUniversal Description, Discovery and Integration (UDDI) V2.0

DSchema Centric XML Canonicalization, Version 1.0

EbXML Registry TCD

OASIS/ebXML Registry Information Model v2.0

DOASIS/ebXML Registry Services Specification v2.0

OASIS-UN/CEFACTD

EbXML Business Process Specification Schema (BPSS), Version 1.01

SAML Security Assertion Markup LanguageD

Security Assertion Markup Language (SAML) v1.1

DSecurity Assertion Markup Language (SAML), v1.0

XACML XML Access Control Markup Language

DEXtensible Access Control Markup Language (XACML) Version 1.0

EbBPSS - ebXML Business ProcessEbMS - EbXML Messaging

EbCPPA - EbXML Collaboration Protocol Profile and AgreementD SPML - Service Provisioning Markup Language

WSRP(Web Services for Remote Portlets) TCD

Web Services for Remote Portlets Specification

UBL(Universal Business Language) TCWSBPEL(Web Services Business Process Execution Language) TC

WS-CAF(Web Services Composite Application Framework) TCWSDM(Web Services Distributed Management) TC

WSIA(Web Services Interactive Application) TCWSRM(Web Services Reliable Messaging) TC

Web Services Security TCEGOV TC

Semantic Web

DARPAD

DAML-S (and OWL-S) 0.9 Draft Release, 2003-05

W3C

OWL

D OWL Web Ontology Language GuideD OWL Web Ontology Language OverviewD OWL Web Ontology Language Reference

DOWL Web Ontology Language Semantics and Abstract Syntax

D OWL Web Ontology Language Test Cases

DOWL Web Ontology Language Use Cases and Requirements

RDF

DLBase: Semantics for Languages of the Semantic Web

D RDF PrimerD RDF SemanticsD RDF Test Cases

DRDF Vocabulary Description Language 1.0: RDF SchemaD RDF/XML Syntax Specification (Revised)

DResource Description Framework (RDF): Concepts and Abstract Syntax

SOAP AttachmentsD

AT&T/BEA/Canon/Microsoft/SAP/ , SOAP Messages with Attachments, 1 Apr 2003

DIBM/Microsoft, WS-Attachments, 17 June 2002

Secure ConversationsD

IBM/Microsoft/VeriSign/RSA Security, Web Services Secure Conversation Language (WS-SecureConversation), Version 1.0

D

IBM/Microsoft/VeriSign/RSA Security, Web Services Security Policy Language (WS-SecurityPolicy), Version 1.0

BEA Building Blocks (RF)

DSOAP Conversation Protocol (SOAP Conversation) 1.0

D WS-CallBack Protocol (WS-CallBack)

DWeb Service Acknowledgement Protocol (WS-Acknowledgement)

DWeb Services Message Data (WS-MessageData)

AS2

DDirect Internet Message Encapsulation (DIME)

D

IETF, Using the Simple Object Access Protocol (SOAP) in Blocks Extensible Exchange Protocol (BEEP), RFC 3288

D Microsoft page D Web Services Protocol Workshops

D ApacheD Glossary System D Reference page

Topics

WS-AcknowledgementWS-ActiveProfile D WS-Federation Active Requestor Profile

WS-AddressingD WS-AttachmentsWS-AuthorizationWS-AtomicTransactionWS-BusinessActivityWS-CAFWS-CallbackWS-CoordinationWS-FederationWS-InspectionD WS-ManageabilityWS-PassiveProfile D WS-Federation Passive Requestor Profile

WS-EndpointResolutionWS-MessageData

WS-MetadataExchangeWS-PolicyWS-PolicyAssertionsWS-PolicyAttachmentD WS-Provisioning

WS-PrivacyWS-ReliabilityWS-ReliableMessagingD WS-RoutingD WS-ReferralWS-SecureConversationWS-SecurityWS-SecurityPolicyWS-Transaction

WS-TransmissionControlWS-TrustBPEL4WSWS-Choreography (WS-CHOR)WSRPWS-WSXLD WS-TXMD WS-CFD WS-CTX WSCIWSCLD WS-Security XML TokensWS-Events

ID-FF - IDentity Federation FrameworkID-WSF - IDentity Web Services Framework

D

Information Technology - Document Description and Processing Languages, The XML Topic Maps (XTM) Syntax 1.1, JTC 1/SC34 N0398, 2003-04-03

D Fast Web Services

D Basic Profile Version 1.0aD WS-I Usage Scenarios

DProfile Conformance Framework Working Group Draft

DSimple SOAP Binding Profile 1.0 Working Group Draft

D Attachments Profile 1.0 Working Group DraftD Monitor Tool Functional SpecificationD Analyzer Tool Functional Specification

D Testing Tool Test Assertion Document (TAD)

D JSR 172: J2ME Web services D Web services for J2EE (JSR109) 0.3

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\OLKD40\WS_Advanced.mmp - 2003-12-26 - 전종홍 - hollobit@et

W3C

Industry

OASIS

Related Specs

IETF

Advanced WS

Liberty Alliance

ISO/IEC

ITU-T

WS-I

JCP

WS_*Specifications

2003-12-26 - v13

Misc

D XML Key Management Specification (XKMS) D Web Service Choreography Interface (WSCI) 1.0

D Web Services Conversation Language (WSCL) 1.0D XML-Signature Syntax and Processing D XML Encryption Syntax and Processing

XML Protocol WG

D SOAP Version 1.2 Part 1: Messaging FrameworkD SOAP Version 1.2 Part 2: AdjunctsD SOAP Messages with Attachments

D SOAP Version 1.2 Message NormalizationD SOAP 1.2 Attachment Feature: Working Draft in Last Call

D SOAP Message Transmission Optimization Mechanism: Working DraftD SOAP Optimized Serialization Use Cases and Requirements: Working Draft

D SOAP Version 1.2 Email Binding: Working Group NoteD SOAP Version 1.2 Part 0: Primer: Recommendation

D SOAP Version 1.2 Specification Assertions and Test CollectionD SOAP Version 1.2 Usage Scenarios: Working Group NoteD XML Protocol (XMLP) Requirements: Working Group Note

D XML Protocol Abstract Model: Working Draft no longer in development

Web Services Architecture WG

D Web Services Architecture: Working Draft D Web Services Architecture Requirements: Working Draft

D Web Services Architecture Usage Scenarios: Working DraftD Web Services Glossary: Working Draft

Web Services Description WG

D Web Service Description Usage Scenarios: Working DraftD Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language

D Web Services Description Language (WSDL) Version 2.0 Part 2: Message PatternsD Web Services Description Language (WSDL) Version 1.2 Part 3: Bindings

D Web Services Description Requirements: Working Draft in Last Call

Web Services Choreography WGD Web Services Choreography Requirements 1.0: Working Draft

I18N WGD Requirements for the Internationalization of Web Services

D Web Services Internationalization Usage Scenarios

TAGD Architecture of the World Wide Web, First Edition

D WS-CHOR

BPEL

DBusiness Process Execution Language for Web Services, Version 1.0

Business Process Execution Language for Web Services, Version 1.1

DIBM, Web Services Flow Language (WSFL 1.0)

D Microsoft, XLANG

D WS-SecurityD

IBM/Microsoft/VeriSign, "Web Services Security (WS-Security)"

DIBM/Microsoft/VeriSign, "Web Services Security Addendum"

D OASIS, Web Services Security

WS-TrustD

IBM/Microsoft/VeriSign/RSA Security, Web Services Trust Language (WS-Trust), Version 1.0

Reliable MessagingD

Fujitsu/Hitachi/Oracle/Sonic/Sun, Web Services Reliability (WS-Reliability) Ver1.0

D

BEA/IBM/Microsoft/TIBCO Software, "Web Services Reliable Messaging Protocol (WS-ReliableMessaging)"

WS-Transaction Framework

DBEA/IBM/Microsoft, Web Services Coordination (WSCoordination)

DBEA/IBM/Microsoft, Web Services Transaction (WS-Transaction)

DBEA/IBM/Microsoft, Web Services Atomic Transaction (WS-AtomicTransaction)

Web Services Composite Application Framework (WS-CAF)

DArjuna/Fujitsu/IONA/Oracle/Sun, Web Services Context, 2003-07-28, Version 1.0

D

Arjuna/Fujitsu/IONA/Oracle/Sun, Web Services Coordination Framework, 2003-07-28, Version 1.0

D

Arjuna/Fujitsu/IONA/Oracle/Sun, Web Services Transaction Management, 2003-07-28, Version 1.0

D

Arjuna/Fujitsu/IONA/Oracle/Sun, Web Services Composite Application Framework, 2003-07-28, Version 1.0

WS-PolicyD

IBM/Microsoft/BEA/SAP, Web Services Policy Assertions Language (WS-PolicyAssertions)

DIBM/Microsoft/BEA/SAP, Web Services Policy Attachment (WS-PolicyAttachment)

DIBM/Microsoft/BEA/SAP, Web Services Policy Framework (WS-Policy)

WS-AddressingD

BEA/IBM/Microsoft, Web Services Addressing (WS-Addressing)

WS-FederationD

Web Services Federation Language (WS-Federation), Version 1.0

D WS-Federation: Active Requestor ProfileD WS-Federation Passive Requestor Profile

D WS-Inspection D WS-Inspection

D Resource Management

D WS-EventsD WSMF-FoundationD WSMF-WSMD WSMF

D WS-ManageabilityD WS-Managebility-ConceptD WS-Manageability - Representation

D WS-ProvisioningD WSXL D WS-WSXL

Security D Web Services Security Keberos Binding

Microsoft Web Services Enhancements(WSE)

EbXML Messaging Services TCD Message Service Specification, Version 2.0

OASIS ebXML Collaboration Protocol Profile and Agreement TC

DCollaboration-Protocol Profile and Agreement Specification, Version 2.0

UDDI TC

DUniversal Description, Discovery and Integration (UDDI) Version 3.0

DUniversal Description, Discovery and Integration (UDDI) V2.0

DSchema Centric XML Canonicalization, Version 1.0

EbXML Registry TCD

OASIS/ebXML Registry Information Model v2.0

DOASIS/ebXML Registry Services Specification v2.0

OASIS-UN/CEFACTD

EbXML Business Process Specification Schema (BPSS), Version 1.01

SAML Security Assertion Markup LanguageD

Security Assertion Markup Language (SAML) v1.1

DSecurity Assertion Markup Language (SAML), v1.0

XACML XML Access Control Markup Language

DEXtensible Access Control Markup Language (XACML) Version 1.0

EbBPSS - ebXML Business ProcessEbMS - EbXML Messaging

EbCPPA - EbXML Collaboration Protocol Profile and AgreementD SPML - Service Provisioning Markup Language

WSRP(Web Services for Remote Portlets) TCD

Web Services for Remote Portlets Specification

UBL(Universal Business Language) TCWSBPEL(Web Services Business Process Execution Language) TC

WS-CAF(Web Services Composite Application Framework) TCWSDM(Web Services Distributed Management) TC

WSIA(Web Services Interactive Application) TCWSRM(Web Services Reliable Messaging) TC

Web Services Security TCEGOV TC

Semantic Web

DARPAD

DAML-S (and OWL-S) 0.9 Draft Release, 2003-05

W3C

OWL

D OWL Web Ontology Language GuideD OWL Web Ontology Language OverviewD OWL Web Ontology Language Reference

DOWL Web Ontology Language Semantics and Abstract Syntax

D OWL Web Ontology Language Test Cases

DOWL Web Ontology Language Use Cases and Requirements

RDF

DLBase: Semantics for Languages of the Semantic Web

D RDF PrimerD RDF SemanticsD RDF Test Cases

DRDF Vocabulary Description Language 1.0: RDF SchemaD RDF/XML Syntax Specification (Revised)

DResource Description Framework (RDF): Concepts and Abstract Syntax

SOAP AttachmentsD

AT&T/BEA/Canon/Microsoft/SAP/ , SOAP Messages with Attachments, 1 Apr 2003

DIBM/Microsoft, WS-Attachments, 17 June 2002

Secure ConversationsD

IBM/Microsoft/VeriSign/RSA Security, Web Services Secure Conversation Language (WS-SecureConversation), Version 1.0

D

IBM/Microsoft/VeriSign/RSA Security, Web Services Security Policy Language (WS-SecurityPolicy), Version 1.0

BEA Building Blocks (RF)

DSOAP Conversation Protocol (SOAP Conversation) 1.0

D WS-CallBack Protocol (WS-CallBack)

DWeb Service Acknowledgement Protocol (WS-Acknowledgement)

DWeb Services Message Data (WS-MessageData)

AS2

DDirect Internet Message Encapsulation (DIME)

D

IETF, Using the Simple Object Access Protocol (SOAP) in Blocks Extensible Exchange Protocol (BEEP), RFC 3288

D Microsoft page D Web Services Protocol Workshops

D ApacheD Glossary System D Reference page

Topics

WS-AcknowledgementWS-ActiveProfile D WS-Federation Active Requestor Profile

WS-AddressingD WS-AttachmentsWS-AuthorizationWS-AtomicTransactionWS-BusinessActivityWS-CAFWS-CallbackWS-CoordinationWS-FederationWS-InspectionD WS-ManageabilityWS-PassiveProfile D WS-Federation Passive Requestor Profile

WS-EndpointResolutionWS-MessageData

WS-MetadataExchangeWS-PolicyWS-PolicyAssertionsWS-PolicyAttachmentD WS-Provisioning

WS-PrivacyWS-ReliabilityWS-ReliableMessagingD WS-RoutingD WS-ReferralWS-SecureConversationWS-SecurityWS-SecurityPolicyWS-Transaction

WS-TransmissionControlWS-TrustBPEL4WSWS-Choreography (WS-CHOR)WSRPWS-WSXLD WS-TXMD WS-CFD WS-CTX WSCIWSCLD WS-Security XML TokensWS-Events

ID-FF - IDentity Federation FrameworkID-WSF - IDentity Web Services Framework

D

Information Technology - Document Description and Processing Languages, The XML Topic Maps (XTM) Syntax 1.1, JTC 1/SC34 N0398, 2003-04-03

D Fast Web Services

D Basic Profile Version 1.0aD WS-I Usage Scenarios

DProfile Conformance Framework Working Group Draft

DSimple SOAP Binding Profile 1.0 Working Group Draft

D Attachments Profile 1.0 Working Group DraftD Monitor Tool Functional SpecificationD Analyzer Tool Functional Specification

D Testing Tool Test Assertion Document (TAD)

D JSR 172: J2ME Web services D Web services for J2EE (JSR109) 0.3

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\OLKD40\WS_Advanced.mmp - 2003-12-26 - 전종홍 - hollobit@et


RESTful Web ServicesSome of the following slides are based upon the presentation:

RESTful Web Services; John Cowan; [email protected] http://www.ccil.org/~cowan

(In the context of restful web services.)

RESTful Web Services

What’s a Web Service?

‣A web service is just a web page meant for a computer to request and process ‣More precisely, a Web Service is a “web page” that’s meant to be

consumed by an autonomous program as opposed to a web browser or similar UI tool

25

(In the context of restful web services.)


What’s a Web Service?

‣Web Services require an architectural style to make sense of them, because there’s no smart human being on the client end to keep track ‣The pre-web techniques of computer interaction don't scale on the

Internet They were designed for small scales and single trust domains.

26

Architectural Style ‣ “...a set of design rules that identify the kinds of components and connectors

that may be used to compose a system or subsystem." ‣ Some common examples of architectural styles include: ‣ Pipes and Filter ‣ Layered Architecture ‣ ...

Basically, a set of design principles to judge architectures.


REST Style

‣Client-server ‣Stateless ‣Cached ‣Uniform interface ‣Layered system ‣ (Code on demand)

27


RESTful?

‣REST = Representational State Transfer (Basically, a set of design principles to judge architectures) ‣ Resources are identified by uniform resource identifiers ‣ Resources are manipulated through their representations ‣ Messages are self-descriptive and stateless ‣ Multiple representations are accepted or sent ‣ Hypertext is the engine of application state ‣One possible architecture is “the” resource-oriented architecture (ROA)

The ROA qualifies as being RESTful. ‣Method information goes into the HTTP method‣Scoping information goes into the URI/IRI

28

Here, hypertext basically means that a message/representations contains the necessary links to other resources.

Foundations



‣HTTP… as the underlying transport protocol; important property: stateless ‣URI (or IRIs if you wish)

... to locate resources ‣XML or JSON (not necessarily, but in most cases) (Alternative

XHTML)… to get a representation(The Web already supports machine-to-machine integration. What's not machine-processable about the current Web (i.e. HTML) isn't the protocol, it's the content.)

29


Surfing the Web

Surfing the web: ‣To fetch a web page, the browser does a GET on some URI and retrieves

a representation (HTML, plain text, JPEG, or whatever) of the resource identified by that URI ‣ GET is fundamental to browsers because mostly they just browse ‣REST requires a few more verbs to allow taking actions

(However, in REST we use universal verbs only.)


“Universal Verbs”

‣GET … to retrieve information ‣POST

… to add new information, showing its relation to old information ‣PUT

… to update information ‣DELETE

… to discard information

31

Nouns...


Web Pages as Resources

‣A web page is a representation of a resource ‣Resources are just concepts ‣URIs tell a client that there's a concept somewhere ‣Clients can then request a specific representation of the concept

from the representations the server makes available

32

First: Application(/Session) State


Two Types of State

‣ “State” means application/session stateApplication state is the information necessary to understand the context of an interaction (Authorization and authentication information are examples of application state.) ‣Maintained as part of the content transferred from client to server and

back to client ‣Thus any server can potentially continue a transaction from the point

where the transaction was left off

Second: Resource State


Two Types of State

‣Resource state is the kind of state that the S in REST refers to ‣The "stateless" constraint means that all messages must include all

application state(Basically, that we don’t have sessions.)


(Multiple) Representations

‣Most resources have only a single representation REST can support any media type, but XML/JSON is expected to be the most popular transport for structured information. (HTTP supports content negotiation.) ‣XML makes it possible to have as many representations as you need ‣You can even view them in a clever way, thanks to the magic of XSLT

and CSS ‣Links can be embedded

Links mirror the structure of how a user makes progress through an application. The user is in control, thanks to the back button and other non-local actions. In a web service, the client should be in control in the same sense.

35


Test of RESTfulness

‣Can I do a GET on the URLs that I POST to? ‣ If so, do I get something that in some way represents the state of what

I've been building up with the POSTs? (HTML forms almost always fail miserably.) ‣Would the client notice if the server were to be... ‣ restarted at any point between requests, ‣ re-initialized by the time the client made the next request.

These tests are

not anything like

complete!

36

Is a “uniform” interface enough?


Is REST Enough?

‣What happens when you think you need application semantics that don't fit into the GET / PUT / POST / DELETE generic interfaces and representational state model? ‣People tend to assume that the REST answer is: ‣ If the problem doesn't fit HTTP, build another protocol ‣Extend HTTP by adding new HTTP methods (e.g. WEBDav,

WEBCal,..). ‣However, the four standard verbs are considered sufficiently general!

37


RESTful Web Services a first Example

http://www.peej.co.uk/articles/restfully-delicious.html


Example (Based Upon del.icio.us)

‣Lets start with describing what it is the Web Service does ‣ It allows us to: ‣Get a list of all our bookmarks and to filter that list by tag or date or limit

by number ‣Get the number of bookmarks created on different dates ‣Get the last time we updated our bookmarks ‣Get a list of all our tags ‣Add a bookmark ‣Edit a bookmark ‣Delete a bookmark ‣Rename a tag

39

Example (based upon del.icio.us)


Resources

‣Bookmarkshttp://del.icio.us/api/[username]/bookmarks‣Tagshttp://del.icio.us/api/[username]/tags ‣ [username] is the username of the user’s bookmarks we're interested in

Beware - URI design is important, but not the most important aspect!

40

Example (based upon del.icio.us)


Resource Representations

‣We define some XML document formats and mimetypes to identify them:

Mimetype Description

delicious/bookmarks+xml A list of bookmarks

delicious/bookmark+xml A bookmark

delicious/bookmarkcount+xml Count of bookmarks per datedelicious/update+xml When the bookmarks were last updated

delicious/tags+xml A list of tags

delicious/tag+xml A tag

41


Getting Bookmarks

URL http://del.icio.us/api/[username]/bookmarks/

Method GET

Querystring

tag= Filter by tag

dt= Filter by date

start= The number of the first bookmark to return

end= The number of the last bookmark to return

Returns

200 OK & XML (delicious/bookmarks+xml)

401 Unauthorized

404 Not Found

GET http://del.icio.us/api/peej/bookmarks/?start=1&end=2

<?xml version="1.0"?><bookmarks start="1" end="2" next="http://del.icio.us/api/peej/bookmarks?start=3&end=4"> <bookmark url="http://www.example.org/one" tags="example,test" href="http://del.icio.us/api/peej/bookmarks/a211528fb5108cddaa4b0d3aeccdbdcf" time="2005-10-21T19:07:30Z"> Example of a Delicious bookmark </bookmark> <bookmark url="http://www.example.org/two" tags="example,test" href="http://del.icio.us/api/peej/bookmarks/e47d06a59309774edab56813438bd3ce" time="2005-10-21T19:34:16Z"> Another example of a Delicious bookmark </bookmark></bookmarks>

Example delicious/bookmarks+xml document


Getting Bookmarks


Get Information on a Specific Bookmark

URL http://del.icio.us/api/[username]/bookmarks/[hash]

Method GET

Returns

200 OK & XML (delicious/bookmark+xml)

401 Unauthorized

404 Not Found

GET http://del.icio.us/api/peej/bookmarks/a211528fb5108cddaa4b0d3aeccdbdcf

<?xml version="1.0"?><bookmark url="http://www.example.org/one" time="2005-10-21T19:07:30Z"> <description> Example of a Delicious bookmark </description> <tags count="2"> <tag name="example" href="http://del.icio.us/api/peej/tags/example"/> <tag name="test" href="http://del.icio.us/api/peej/tags/test"/> </tags></bookmark>



Get Information on a Specific Bookmark


Get Count of Posts per Date

URL http://del.icio.us/api/[username]/bookmarks/count

Method GET

Querystring tag= filter by tag

Returns


401 Unauthorized

404 Not Found


Get Last Update Time for the User

URL http://del.icio.us/api/[username]/bookmarks/update

Method GET

Returns


401 Unauthorized

404 Not Found


Add a Bookmark

URL http://del.icio.us/api/[username]/bookmarks/

Method POST

Request Body XML (delicious/bookmark+xml)

Returns

201 Created & Location

401 Unauthorized

415 Unsupported Media Type(if the send document is not valid)

POST http://del.icio.us/api/peej/bookmarks/

<?xml version="1.0"?><bookmark url="http://www.example.org/one" time="2005-10-21T19:07:30Z"> <description>Example of a Delicious bookmark</description> <tags> <tag name="example" /> <tag name="test" /> </tags></bookmark>



Add a Bookmark


Modify a Bookmark


Method PUT

Request Body XML (delicious/bookmark+xml)

Returns

201 Created & Location

401 Unauthorized

404 Not Found(new bookmarks cannot be created using put!)415 Unsupported Media Type(if the send document is not valid)


Delete a Bookmark


Method DELETE

Returns

204 No Content

401 Unauthorized

404 Not Found

Example scenario - navigating and deleting entries


Using the Service

‣GET http://del.icio.us/api/Fetching the API’s homepage. We parse the response XML and find the tags URL of the user with the name "Peej"… ‣GET http://del.icio.us/api/peej/tags/

We parse the XML and see if the tag "test" is mentioned. If it isn't, then we GET the URL in the "next" attribute and try again. Eventually we'll get the URL http://del.icio.us/api/peej/tags/test... ‣GET http://del.icio.us/api/peej/tags/test

We've got the details for the tag "test", i.e. all bookmarks with the tag. Eventually we'll have a list of all bookmarks tagged with "test". ‣DELETE http://del.icio.us/api/peej/bookmarks/[hash]

Finally we can walk through our list of bookmarks and call the DELETE HTTP method on each of their URLs.

52


RESTful Web Services a second Example using Jersey

(Developing RESTful Web Services using JAX-RS 1.0 (JSR 311))https://jersey.dev.java.net/

package samples.helloworld.resources; import javax.ws.rs.*;

// The Java class will be hosted at the URI path "/helloworld" @Path("/helloworld") public class HelloWorldResource {

// The Java method will process HTTP GET requests @GET // The Java method will produce content identified by // the MIME Media type "text/plain" @Produces("text/plain") public String getClichedMessage() { return "Hello World";

}

@POST @Consumes("text/plain") public void postClichedMessage(String message) { // Store the message

} }

Implementation


A First Example

The annotation's value is a relative URI path.

The @GET annotation is a request method designator, along with@POST, @PUT, @DELETE, and @HEAD, that is defined by JAX-RS, and which correspond to the similarly named HTTP methods.

The @Produces annotation is used to specify the MIME media types of representations a resource can produce and send back to the client.

The @Consumes annotation is used to specify the MIME media types of representations a resource can consume that were sent by the client.

JAX RS 1.0 Mini-Tutorial


The @Path Annotation and URI Path Templates

‣The @Path annotation identifies the URI path template to which the resource responds, and is specified at the class level of a resource ‣The @Path annotation's value is a partial URI path template relative to the

base URI of the server on which the resource is deployed ‣URI path templates are URIs with variables embedded within the URI

syntax. These variables are substituted at runtime in order for a resource to respond to a request based on the substituted URI

GIVEN: @Path("/users/{username}") public class UserResource { @GET @Produces("application/xml") public String getUser(@PathParam("username") String userName) { ... } }

THEN THE URL: http://example.com/users/Galileo WILL RESULT IN A CALL OF THE “getUser” METHOD WHERE THE “userName” is set to “Galileo”.

55

Customize Requests and Responses - JAX RS 1.0 Mini-Tutorial


Using @Consumes and @Produces

‣The information sent to a resource and then passed back to the client is specified as a MIME media type in the headers of an HTTP request or response ‣The @Produces annotation is used to specify the MIME media types or

representations a resource can produce and send back to the client ‣@GET @Produces("text/html") public String getHtml() { return "<html><body><h1>Hello World!</body></h1></html>"; }

56

Customize Requests and Responses - JAX RS 1.0 Mini-Tutorial


Using @Consumes and @Produces

‣The @Consumes annotation is used to specify which MIME media types of representations a resource can accept, or consume, from the client.E.g. Consuming form data: ‣ @POST @Consumes("application/x-www-form-urlencoded") public void post(@FormParam("name") String name) { // Store the message } e.g. to make a HTTP “POST” call use curl: curl -d "description=LSP%20-%20Liskov-substitution-principle" http://localhost:8080/glossary/LSP

‣ @POST @Consumes("text/plain") public void postClichedMessage(String message) { // Store the message }

57