You are previewing Applied SOA Patterns on the Oracle Platform.
O'Reilly logo
Applied SOA Patterns on the Oracle Platform

Book Description

Fuse together your pragmatic Oracle experience with abstract SOA patterns with this practical guide

In Detail

For architects and developers, to solve business problems in the most efficient way possible, the experience of building complex collaboration and messaging systems in different industries combined with the architectural knowledge of practically realizing SOA patterns is what is required.

Applied SOA Patterns on the Oracle Platform is dedicated to problem solving with the application of common patterns. This book will help you face all the challenges that even seasoned architects can struggle with. It begins with a descriptive introduction to SOA principles and standards. Next, it explores how to balance the principles in different SOA frameworks and where you can try for standard implementations. Security aspects are covered in a chapter dedicated to the topic.

The aim of Applied SOA Patterns on the Oracle Platformis to enable you to service working components, suitable for all types of SOA implementation based on Oracle tools.

What You Will Learn

  • Understand the links between SOA principles, standards, and patterns in relation to the service characteristics you want to achieve
  • Identify the most suitable SOA tools for your task from the Oracle Fusion stack
  • Deploy your Business Rules in a centralized, controllable, and manageable faction to support dynamic service compositions
  • Implement flexible taxonomy for Enterprise Service Repository, service monitoring, and automated service recovery
  • Identify the SOA security risks and mitigate them with minimal impact on your composition's performance
  • Use the SOA design pattern for preparing your Enterprise for the cloud
  • Balance your long-running and fast-running service compositions between different service frameworks and service layers
  • Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at If you purchased this book elsewhere, you can visit and register to have the files e-mailed directly to you.

    Table of Contents

    1. Applied SOA Patterns on the Oracle Platform
      1. Table of Contents
      2. Applied SOA Patterns on the Oracle Platform
      3. Credits
      4. About the Author
      5. About the Reviewers
        1. Support files, eBooks, discount offers, and more
          1. Why subscribe?
          2. Free access for Packt account holders
          3. Instant updates on new Packt books
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Downloading the example code
          2. Downloading the color images of this book
          3. Errata
          4. Piracy
          5. Questions
      8. 1. SOA Ecosystem – Interconnected Principles, Patterns, and Frameworks
        1. The characteristics, goals, and benefits of SOA
        2. An example of architecting for tactical goals
          1. SOA principles
            1. Standardized service contract
            2. Loose Coupling
            3. Service abstraction
              1. Level of abstraction – granularity and models
            4. Service reusability
            5. Service autonomy
            6. Service statefulness
            7. Service discoverability
            8. Service composability
          2. SOA technology concept
            1. XML
            2. Web Services (WS)
            3. WS transports
            4. Need for the WS-* extensions
          3. SOA standards
            1. Methodology and governance
              1. SOA Repository Artifact Model and Protocol (S-RAMP)
              2. Service definitions, routing, and reliability
                1. WSDL
                2. WS-Addressing
                3. WS-ReliableMessaging
              3. Policy and metadata
                1. WS-MetadataExchange
                2. Standard Business Document Header (SBDH)
                3. WS-Policy
              4. Transaction control and activity coordination
                1. WS-Coordination
              5. Security
            2. Interconnected WS-* standards
          4. SOA frameworks
            1. The Application Business Connector Services framework
            2. The Object Modeling and Design framework
            3. The XML Modeling and Design framework
            4. The Enterprise Business Flows framework
            5. The Enterprise Business Services framework
            6. The Enterprise Service Repository / Inventory framework
          5. SOA Service Patterns that help to shape a Service inventory
        3. Summary
      9. 2. An Introduction to Oracle Fusion – a Solid Foundation for Service Inventory
        1. The Oracle SOA technology platform
          1. The Oracle SOA development roadmap – past, present, and future
          2. Oracle SOA frameworks and technology layers
          3. Oracle SOA Foundation – methodology
            1. Enterprise Business Object
            2. Enterprise Business Message
            3. Enterprise Business Services
            4. Application Business Object and Message
          4. Oracle SOA foundation – runtime backbone
            1. The Oracle database
            2. The Oracle application server
            3. The Oracle Rule Engine
            4. Oracle transformation and translation engine
          5. How Oracle products compose the SOA framework
            1. Service creation – Object and XML Design frameworks
            2. Service development – automated test and deployment
            3. Establishing the adapter framework
            4. Providing orchestration – enterprise business flows
            5. Setting up Service Bus – enterprise business services
            6. Discovering enterprise – enterprise service repository
            7. Service governing – monitoring, error handling, and recovering
            8. Securing service interactions – Security Gateway
        2. Summary
      10. 3. Building the Core – Enterprise Business Flows
        1. Oracle SOA's dynamic Orchestration platform
          1. The telecommunication primer
          2. Basic facts about the telecommunication enterprise
          3. History of CTU
            1. Technical infrastructure and automation environment
            2. Business goals and obstacles
        2. Oracle Enterprise Business Flows SOA patterns
          1. Establishing a Service Inventory
            1. Initial analysis
            2. A summary of the initial solution
          2. Detailed analysis – functional decomposition
          3. Asynchronous agnostic Composition Controller
            1. Extending the asynchronous agnostic Composition Controller
          4. Usage and limitations of a Mediator as a dynamic router
          5. Dynamic compensations in a simple agnostic controller
          6. The Rule Engine endpoint and decision service
            1. Using Mediator for process discoverability
          7. The Orchestration pattern and embedded Java
        3. Summary
      11. 4. From Traditional Integration to Composition – Enterprise Business Services
        1. The Dynamic Service Collaboration platform
          1. Improving the Agnostic Composition Controller
          2. The Proxy design pattern and its relatives
            1. Implementing a basic Proxy on OSB
        2. From Message Broker to Service Broker
          1. A simplified Message Broker implementation
            1. Receive
            2. Transform
            3. Deliver
              1. The pros and cons of a simplified Message Broker
        3. Oracle Enterprise Business Service's SOA patterns
          1. Detailed analysis – functional decomposition
            1. Short summary
          2. Establishing a Service Inventory
          3. Asynchronous Agnostic Composition Controller
            1. Business Delegate (main dispatcher)
            2. Execution plan extraction
            3. Parameter initiation
            4. Main tasks loop
          4. Service invocation
            1. Invoking custom services
            2. Invoking Generic Adapter
          5. Transformation
            1. Validation
              1. Enrich
              2. Operate
                1. Routing to the protocol adapters (delivery)
                2. Conclusion – the pros and cons of OSB Agnostic Composition Controller
        4. Summary
      12. 5. Maintaining the Core – Service Repository
        1. Flexible taxonomy for Service Repository
          1. General objectives
          2. Service metadata for Agnostic Composition Controller
          3. Exploring the Oracle Repository's taxonomy
          4. Open standards for the SOA taxonomy
            1. The UDDI taxonomy (V.3) in Oracle OSR
          5. Runtime Discoverability analysis
            1. Runtime lookup
          6. Entity types
            1. Entity types' relations
          7. Decentralized realization
            1. The application project store
          8. Centralized realization
            1. Domain Repository
            2. The Cross-domain Utility layer
            3. The Enterprise Service Repository
        2. Creating a lightweight taxonomy for dynamic service invocations
          1. Service as an entity model
            1. Object
            2. Service/Task
            3. Composition/Process
            4. Rules
            5. Event
            6. Message
            7. The SQL implementation of the service taxonomy (example)
            8. The XML implementation of Execution Plan
        3. Managing Service Repository
        4. Summary
      13. 6. Finding the Compromise – the Adapter Framework
        1. Optimizing the Adapter Framework
          1. Logistic primer
            1. Basic facts about the company
              1. RRD history
              2. Technical infrastructure and automation environment
          2. Initial analysis
          3. Refactoring the DB-centric Fusion Application
            1. Events registration
            2. Events filtering
            3. Message construction
            4. Message parsing
            5. Endpoint handling
              1. Enqueue
              2. Dequeue
              3. Conclusion
        2. Establishing the Adapter Framework
          1. Exposing EJB through OSB
          2. Traditional DB Adapter implementation
          3. Dynamic Adapters implementation and DB Transport Adapter
        3. Summary
      14. 7. Gotcha! Implementing Security Layers
        1. Where are we now?
          1. Initial analysis
            1. Common SOA vulnerabilities
              1. Error handling vulnerability analysis
                1. Information leakage
                2. Missing error handling
                3. Empty catch block/uncaught exception
                4. Catching NullPointerException
                5. Return inside the finally block
                6. Inappropriate cleaning
                7. Handling dissimilar exceptions in the same block
              2. Authentication and authorization vulnerabilities
                1. Simple authentication protocol
                2. Password system exploits
                3. Authentication decision based on the Referer field
                4. Authentication decision based on the DNS name resolution
                5. Single-factor authentication
                6. Least Privilege Violation
                7. File Access Race Condition
            2. Common SOA risks
              1. Injection
              2. Broken authentication and session management
              3. Cross-site scripting (XSS)
              4. Insecure direct object references
              5. Security misconfiguration
              6. Sensitive data exposure
              7. Missing function-level access control
              8. Cross-site request forgery (CSRF)
              9. Using components with known vulnerabilities
            3. Attack types
              1. Reflection attacks
              2. Identity spoofing
              3. Replay attack
              4. SQL injection
              5. XPATH injection
              6. JSON injection/JavaScript injections
              7. Schema poisoning
              8. Forced browsing
          2. Risk mitigation design rules
            1. Identity management – defending credentials verification systems
              1. Directory services products
            2. Exception shielding – preventing an information leakage
              1. EH05
              2. EH06
            3. Message screening – preventing injection attacks
          3. Oracle Enterprise (API) Gateway
            1. Vendor-neutral (generic) requirements
            2. Performance requirements
        2. Summary
      15. 8. Taking Care – Error Handling
        1. Associating SOA patterns with OFM standard tools
          1. Initial analysis
          2. Common requirements
            1. Maintaining Exception Discoverability
          3. Error-handling design rules
        2. Basis for proactive Fault Management
          1. Technical monitoring for proactive Fault Management
        3. OFM Fault Management frameworks
          1. Policy-based handling
          2. Compensative transactions
          3. Exception handling in OSB
        4. Complex exception handling
        5. Automated recovery concepts
        6. Summary
      16. 9. Additional SOA Patterns – Supporting Composition Controllers
        1. Processing complex events
          1. Initial analysis
            1. Processing Object Context in business logic events
              1. Case 1 – basic event type
              2. Cases 2 and 3 – complex event type
              3. Realization of business cases using event processing (Rule Engine)
            2. Communication and machine events
            3. Fast events + Big Data
          2. EDN in the SOA stack – a practitioner's approach
        2. High service performance combined with High Availability
          1. Coherence and OSB
          2. Coherence and event processing
        3. Monitoring service activities
          1. Direct integration of BAM and BPEL
          2. The BAM and JMS connection
          3. BAM and the webservice API
        4. SOA as a cloud foundation
        5. Summary
      17. Index