You are previewing Web Services Platform Architecture: SOAP, WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging, and More.
O'Reilly logo
Web Services Platform Architecture: SOAP, WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging, and More

Book Description

"Other books claim to present the complete Web services platform architecture, but this is the first one I've seen that really does. The authors have been intimately involved in the creation of the architecture. Who better to write this book?"

—Anne Thomas Manes, Vice President and Research Director, Burton Group

"This is a very important book, providing a lot of technical detail and background that very few (if any) other books will be able to provide. The list of authors includes some of the top experts in the various specifications covered, and they have done an excellent job explaining the background motivation for and pertinent details of each specification. The benefit of their perspectives and collective expertise alone make the book worth reading."

—Eric Newcomer, CTO, IONA Technologies

"Most Web services books barely cover the basics, but this book informs practitioners of the "real-world" Web services aspects that they need to know to build real applications. The authors are well-known technical leaders in the Web services community and they helped write the Web services specifications covered in this book. Anyone who wants to do serious Web services development should read this book."

—Steve Vinoski, Chief Engineer, Product Innovation, IONA Technologies

"There aren't many books that are as ambitious as this one is. The most notable distinguishing factor of this book is that the authors have tried to pair down the specifications for the user and rather than focusing on competing specifications, they focus on complementary ones. Nearly every chapter provides a business justification and need for each feature discussed in the Web services stack. I would recommend this book to developers, integrators, and architects."

—Daniel Edgar, Systems Architect, Portland General Electric

"Rarely does a project arrive with such a list of qualified and talented authors. The subject matter is timely and significant to the industry. "

—Eric Newcomer, author of Understanding SOA with Web Services and Understanding Web Services and Chief Technology officer, IONA

The Insider's Guide to Building Breakthrough Services with Today'sNew Web Services Platform

Using today's new Web services platform, you can build services that are secure, reliable, efficient at handling transactions, and well suited to your evolving service-oriented architecture. What's more, you can do all that without compromising the simplicity or interoperability that made Web services so attractive. Now, for the first time, the experts who helped define and architect this platform show you exactly how to make the most of it.

Unlike other books, Web Services Platform Architecture covers the entire platform. The authors illuminate every specification that's ready for practical use, covering messaging, metadata, security, discovery, quality of service, business-process modeling, and more. Drawing on realistic examples and case studies, they present a powerfully coherent view of how all these specifications fit together—and how to combine them to solve real-world problems.

  • Service orientation: Clarifying the business and technical value propositions

  • Web services messaging framework: Using SOAP and WS-Addressing to deliver Web services messages

  • WSDL: Documenting messages and supporting diverse message interactions

  • WS-Policy: Building services that specify their requirements and capabilities, and how to interface with them

  • UDDI: Aggregating metadata and making it easily available

  • WS-MetadataExchange: Bootstrapping efficient, customized communication between Web services

  • WS-Reliable Messaging: Ensuring message delivery across unreliable networks

  • Transactions: Defining reliable interactions with WS-Coordination, WS-AtomicTransaction, and WS-BusinessActivity

  • Security: Understanding the roles of WS-Security, WS-Trust, WS-SecureConversation, and WS-Federation

  • BPEL: Modeling and executing business processes as service compositions

Web Services Platform Architecture gives you an insider's view of the platform that will change the way you deliver applications. Whether you're an architect, developer, technical manager, or consultant, you'll find it indispensable.

Sanjiva Weerawarana, research staff member for the component systems group at IBM Research, helps define and coordinate IBM's Web services technical strategy and activities. A member of the Apache Software Foundation, he contributed to many specifications including the SOAP 1.1 and WSDL 1.1 specifications and built their first implementations. Francisco Curbera, IBM research staff member and component systems group manager, coauthored BPEL4WS, WS-Addressing, and other specifications. He represents IBM on the BPEL and Web Services Addressing working groups. Frank Leymann directs the Institute of Architecture of Application Systems at the University of Stuttgart. As an IBM distinguished engineer, he helped architect IBM's middleware stack and define IBM's On Demand Computing strategy. IBM Fellow Tony Storey has helped lead the development of many of IBM's middleware, Web services, and grid computing products. IBM Fellow Donald F. Ferguson is chief architect and technical lead for IBM Software Group, and chairs IBM's SWG Architecture Board.

© Copyright Pearson Education. All rights reserved.

Table of Contents

  1. Copyright
    1. Dedication
  2. Praise for Web Services Platform Architecture
  3. Foreword by Steve Mills
  4. Foreword by Ronald Schmelzer
  5. Preface
    1. Who Should Read this Book?
  6. Acknowledgments
  7. About the Authors
  8. 1. Introduction
    1. 1. Service-Oriented Architectures
      1. 1.1. Virtual Enterprises
        1. 1.1.1. Business Process Optimization
        2. 1.1.2. Collaborations, Mergers, and Acquisitions
        3. 1.1.3. Resource Sharing
      2. 1.2. The Need for Loose Coupling
        1. 1.2.1. Issues with Current Distributed System Technologies
          1. Fragility of Object Systems
          2. Lack of Interoperability
        2. 1.2.2. Advantages of Message-Oriented Middleware
          1. Adapters and Channels
          2. Interaction Patterns
        3. 1.2.3. Future Proofing
          1. Technology Abstraction
          2. Provider Abstraction
      3. 1.3. What Is a Service?
        1. 1.3.1. Evolution of Major Software Granules
          1. Functions and Packages
          2. Objects and Classes
          3. Components
        2. 1.3.2. The Software Version of a Service
          1. Characteristics of a Service
          2. Solutions—Composition of Services
      4. 1.4. Service-Oriented Architecture
        1. 1.4.1. Bind/Publish/Find
        2. 1.4.2. Framework for SOA
      5. 1.5. Summary
    2. 2. Background
      1. 2.1. XML
        1. 2.1.1. XML Basics
        2. 2.1.2. DTDs, XML Schema, and RelaxNG
          1. DTDs
          2. XML Schema
          3. RelaxNG
        3. 2.1.3. XML Namespaces
          1. XML Infoset
          2. DOM, SAX, and So On
          3. XPath
      2. 2.2. World Wide Web
        1. 2.2.1. URIs
        2. 2.2.2. HTTP
        3. 2.2.3. MIME
      3. 2.3. Summary
    3. 3. Web Services: A Realization of SOA
      1. 3.1. Scope of the Architecture
      2. 3.2. Transport Services
      3. 3.3. Messaging Services
        1. 3.3.1. SOAP
        2. 3.3.2. WS-Addressing
      4. 3.4. Service Description
        1. 3.4.1. WSDL
        2. 3.4.2. Policy
      5. 3.5. Discovery Services
        1. 3.5.1. UDDI
        2. 3.5.2. MetaData Exchange
      6. 3.6. Quality of Service
        1. 3.6.1. WS-Security
        2. 3.6.2. Reliable Messaging
        3. 3.6.3. Transactions
      7. 3.7. Service Components
        1. 3.7.1. Composition of Web Services
      8. 3.8. Composeability
      9. 3.9. Interoperability
        1. 3.9.1. WS-I
      10. 3.10. REST
        1. 3.10.1. “Representational” in REST
        2. 3.10.2. “State Transfer” in REST
        3. 3.10.3. REST Interface Structure
        4. 3.10.4. REST and Web Services
      11. 3.11. Scope of Applicability of SOA and Web Service
      12. 3.12. Summary
  9. 2. Messaging Framework
    1. 4. SOAP
      1. 4.1. A Brief History of SOAP
      2. 4.2. Architectural Concepts
        1. 4.2.1. Defining Some Terms
        2. 4.2.2. The SOAP Processing Model
        3. 4.2.3. SOAP Roles
          1. Enforcing SOAP Roles—The “mustUnderstand” Attribute
          2. Passing Headers—The “relay” Attribute
        4. 4.2.4. SOAP Faults
        5. 4.2.5. Documents and RPC
        6. 4.2.6. Message Exchange Patterns
        7. Request/Response MEP
        8. Long-Running Conversational MEP
        9. 4.2.7. SOAP Bindings
          1. SOAP and HTTP
          2. SOAP and WebSphereMQ
      3. 4.3. SOAP Attachments
      4. 4.4. Differences Between SOAP 1.1 and 1.2
      5. 4.5. Summary
    2. 5. Web Services Addressing
      1. 5.1. Addressing Web Services
      2. 5.2. Architectural Concepts
        1. 5.2.1. Endpoint References
        2. 5.2.2. Comparing Endpoints
        3. 5.2.3. Message Information Headers
        4. 5.2.4. Binding Endpoint References to SOAP Messages
        5. 5.2.5. Request-Reply Pattern in WS-Addressing
          1. Request Message
          2. Reply Message
      3. 5.3. Example
      4. 5.4. Future Directions
      5. 5.5. Summary
  10. 3. Describing Metadata
    1. 6. Web Services Description Language (WSDL)
      1. 6.1. Role of WSDL in WS-*/SOA
      2. 6.2. History
      3. 6.3. Architectural Concepts
        1. 6.3.1. Extensibility
        2. 6.3.2. Support for Multiple Type Systems
        3. 6.3.3. Unifying Messaging and RPC
        4. 6.3.4. Separation of “What” from “How” and “Where”
        5. 6.3.5. Support for Multiple Protocols and Transports
        6. 6.3.6. No Ordering
        7. 6.3.7. No Semantics
      4. 6.4. WSDL 1.1
        1. 6.4.1. Language Structure
          1. Definitions
          2. Types
          3. Messages
          4. PortTypes
          5. Bindings
            1. SOAP Binding
            2. HTTP & MIME Binding
          6. Services
        2. 6.4.2. Best Practices
        3. 6.4.3. Problems and Limitations
          1. 6.4.3.1. Messages
          2. 6.4.3.2 . SOAP Binding
          3. 6.4.3.3 . Services
      5. 6.5. WSDL v2.0
        1. 6.5.1. Overall Language Structure
        2. 6.5.2. Interface Extensions
        3. 6.5.3. Elimination of <message>
        4. 6.5.4. Message Exchange Patterns
        5. 6.5.5. Services
        6. 6.5.6. Features and Properties
      6. 6.6. Future Directions
      7. 6.7. Summary
    2. 7. Web Services Policy
      1. 7.1. Motivation for WS-Policy
      2. 7.2. Architectural Concepts
        1. 7.2.1. Policy Framework
          1. The Policy Container
          2. Policy Operators
            1. ExactlyOne Operator
            2. All Operator
            3. “Optional” Operator
          3. Policy Vocabulary
          4. Policy Identification and Inclusion
          5. Policy Intersection
        2. 7.2.2. Attaching Policies to Web Services
      3. 7.3. Future Directions
      4. 7.4. Summary
  11. 4. Discovering Metadata
    1. 8. Universal Description, Discovery, and Integration (UDDI)
      1. 8.1. Role of UDDI in SOA and the WS Stack
        1. 8.1.1. Use of UDDI During Design and Development
        2. 8.1.2. Use of UDDI at Runtime
      2. 8.2. Motivation for UDDI
      3. 8.3. Architectural Concepts
        1. 8.3.1. UDDI V3 Data Model
          1. Categorization
          2. businessEntity
          3. businessService
          4. bindingTemplate
          5. tModel
          6. publisherAssertion
        2. 8.3.2. UDDI and WSDL
          1. Mapping of WSDL portType Element
          2. Mapping of WSDL Binding Element
          3. Mapping of WSDL Service Element
          4. Mapping of WSDL Port Element
          5. UDDI and WSDL at Development Time
          6. UDDI and WSDL at Runtime
        3. 8.3.3. UDDI and WS-Policy
          1. Referencing Remote Policy Expressions Directly
          2. Referencing Remote Policy Expressions Indirectly
          3. Querying UDDI Using Policy Expressions
        4. 8.3.4. UDDI V3 Architecture and APIs
          1. Client to Node Operations
          2. Node to Client Operations
          3. Node to Node Operations
          4. Node to Taxonomy Server Operations
        5. 8.3.5. New Features in UDDI V3
          1. Publisher-Assigned Keys
          2. Support for Digital Signatures
          3. UDDI Policy
          4. Subscription API
          5. Categorization Enhancements
          6. Changes in Authentication
      4. 8.4. Future Directions
        1. 8.4.1. Standardization of Taxonomy Language
        2. 8.4.2. Semantic Searching
        3. 8.4.3. Instance-Based Security
      5. 8.5. Summary
    2. 9. Web Services Metadata Exchange
      1. 9.1. Architectural Concepts
        1. 9.1.1. Extensibility of Metadata Dialects
          1. Dialects and Identifiers
        2. 9.1.2. Use of Indirection: Metadata References and Locations
        3. 9.1.3. Metadata Request Operations
          1. GetMetadata Requests
          2. GetMetadata Responses
          3. Get Request
          4. Metadata Exchange Example
        4. 9.1.4. Default Protocol Binding
      2. 9.2. Future Directions
      3. 9.3. Summary
  12. 5. Reliable Interaction
    1. 10. Reliable Messaging
      1. 10.1. Motivation for Reliable Messaging
        1. 10.1.1. The Network Is Reliable
        2. 10.1.2. Latency Is Zero
        3. 10.1.3. There Is One Administrator
      2. 10.2. Reliable Messaging Scenarios
        1. 10.2.1. Store and Forward
        2. 10.2.2. Batch Window
        3. 10.2.3. Failure Recovery
        4. 10.2.4. Long-Running Transactions
      3. 10.3. Architectural Concepts
      4. 10.4. Processing Model
        1. 10.4.1. Sequence Lifecycle
        2. 10.4.2. Basic Syntax
        3. 10.4.3. Sequence Element
        4. 10.4.4. SequenceAcknowledgement Element
        5. 10.4.5. AckRequested Element
        6. 10.4.6. SequenceFault Element
        7. 10.4.7. Delivery Semantics Supported
        8. 10.4.8. Policy Assertions
        9. 10.4.9. Inactivity Timeout
        10. 10.4.10. Retransmission Interval
        11. 10.4.11. Acknowledgement Interval
        12. 10.4.12. Basic WS-Reliable Messaging Profile
      5. 10.5. Strengths and Weaknesses
      6. 10.6. Examples
      7. 10.7. Future Directions
      8. 10.8. Summary
    2. 11. Transactions
      1. 11.1. Role of Transactions in Web Services/SOA
      2. 11.2. Motivation for Transactions
        1. 11.2.1. Classic Transactions
        2. 11.2.2. Business Transactions
      3. 11.3. Architectural Concepts
        1. 11.3.1. Definition of Transaction Architectural Terms
          1. Coordination
          2. Protocols for Atomic Transactions (WS-Atomic Transaction)
          3. Protocols for Business Transactions (WS-BusinessActivity)
        2. 11.3.2. Services and Protocols
          1. WS-Coordination Service
          2. Context
          3. Activation Service
          4. Registration Service
          5. Transaction Protocols
          6. WS-Atomic Transaction
          7. Completion Protocol
          8. Durable Two-Phase Commit Protocol
          9. Volatile Two-Phase Commit Protocol
          10. WS-Business Activity
          11. Business Agreement with Participant Completion
          12. Business Agreement with Coordinator Completion
          13. General Considerations
      4. 11.4. Example
        1. 11.4.1. Travel Agent Scenario Using Atomic Transaction
          1. Activation
          2. Application Calls Web Service
          3. Registration
          4. Completion/Coordination
        2. 11.4.2. Travel Agent Scenario Using Business Activity
          1. Activation
          2. Application Calls Web Service
          3. Registration
          4. Web Service Completion
          5. Coordination
      5. 11.5. Summary
  13. 6. Security
    1. 12. Security
      1. 12.1. A Motivating Example: Travel Agent Web Services
      2. 12.2. Roles of Security in Web Services
      3. 12.3. Motivation for Using WS-Security
      4. 12.4. End-to-End Security When Intermediaries Are Present
      5. 12.5. Federating Multiple Security Domains
      6. 12.6. A Brief History
      7. 12.7. Architectural Concepts
      8. 12.8. Processing Model
        1. 12.8.1. XML Signature
        2. 12.8.2. XML Encryption
      9. 12.9. Putting the Pieces Together
        1. 12.9.1. The Basic Model
        2. 12.9.2. Model with Intermediary
        3. 12.9.3. Trust Relationships
      10. 12.10. Interoperability
        1. 12.10.1. Basic Security Profile
      11. 12.11. Future Directions
      12. 12.12. Summary
    2. 13. Advanced Security
      1. 13.1. WS-Trust
        1. 13.1.1. In-Band
        2. 13.1.2. Out-of-Band
      2. 13.2. WS-SecureConversation
      3. 13.3. WS-Privacy
      4. 13.4. WS-Federation
      5. 13.5. WS-Authorization
      6. 13.6. Web Services Authorization Model
      7. 13.7. Security and Policy
      8. 13.8. Assertion Model
      9. 13.9. Other Security Topics
        1. 13.9.1. Public-Key Cryptography
      10. 13.10. Non-Repudiation
        1. 13.10.1. Data Integrity and Data-Origin Authentication
        2. 13.10.2. Proof of Message Origin
        3. 13.10.3. Proof of Message Receipt
        4. 13.10.4. Delivery of Proof of Message Receipt
      11. 13.11. Summary
  14. 7. Service Composition
    1. 14. Modeling Business Processes: BPEL
      1. 14.1. Motivation for BPEL
        1. 14.1.1. A Brief History
      2. 14.2. Architectural Concepts
        1. 14.2.1. Overview of the Process Composition Model
        2. 14.2.2. Abstract and Executable Processes
        3. 14.2.3. Recursive, Type-Based Composition
          1. Composing Services
          2. Binding to Concrete Endpoints of Partner Services
          3. A Conversational Approach
          4. Process Views
          5. 14.2.4. Process Instance Lifecycle
          6. Correlation
        4. 14.2.5. Event Handling
        5. 14.2.6. Dealing with Exceptional Behavior
          1. Fault Handling
          2. Compensation
          3. Compensation and Business Agreement Protocols
        6. 14.2.7. Extensibility and the Role of Web Services Policies
      3. 14.3. BPEL Processing Model
        1. 14.3.1. Deployment
        2. 14.3.2. Interacting with the Process
        3. 14.3.3. Navigating the Process Model
          1. Dead Path Elimination
        4. 14.3.4. Scopes and Handlers
          1. Fault Handling and Compensation
      4. 14.4. Future Directions
      5. 14.5. Summary
  15. 8. Case Studies
    1. 15. Case Study: Car Parts Supply Chain
      1. 15.1. Scenario Description
      2. 15.2. Architecture
      3. 15.3. Web Service Descriptions
      4. 15.4. Messages and Protocols
      5. 15.5. Summary
    2. 16. Case Study: Ordering Service Packs
      1. 16.1. Scenario Description
      2. 16.2. Architecture
      3. 16.3. Web Service Descriptions
      4. 16.4. Messages and Protocols
      5. 16.5. Summary
  16. 9. Conclusion
    1. 17. Futures
      1. 17.1. Semantics
      2. 17.2. Wiring
      3. 17.3. Ordering Constraints
      4. 17.4. Contracting
      5. 17.5. Summary
    2. 18. Conclusion
      1. 18.1. A Summary of the Web Services Platform
      2. 18.2. Standardization
        1. 18.2.1. Concerns About the Standardization Process
      3. 18.3. Competing Specifications
      4. 18.4. Perspectives
        1. 18.4.1. Why Will It Succeed?
        2. 18.4.2. Risks
      5. 18.5. Building on the Core Platform
      6. 18.6. Summary
  17. References