WS-* Standards. Szolgáltatásorientált rendszerintegráció Service-Oriented System Integration. Dr. Balázs Simon BME, IIT

Similar documents
SOA-Tag Koblenz 28. September Dr.-Ing. Christian Geuer-Pollmann European Microsoft Innovation Center Aachen, Germany

Composable Web Services Using Interoperable Technologies From Sun s Project Tango

Composable Web Services Using Interoperable Technologies from Sun's "Project Tango"

MTAT Enterprise System Integration. Lecture 11: Integrity Aspects in Enterprise System Integration

C exam. IBM C IBM WebSphere Application Server Developer Tools V8.5 with Liberty Profile. Version: 1.

Oliver Wulff / Talend. Flexibles Service Enabling mit Apache CXF

Artix Version Release Notes: Java

Takes 2 to Tango: Java Web Services and.net Interoperability

Evaluation of WS-* Standards Based Interoperability of SOA Products for the Hungarian e-government Infrastructure

CA SiteMinder Web Services Security

Oracle Fusion Middleware

Interoperable Business Web Services Using Project Metro and.net 3.5

Lesson 13 Securing Web Services (WS-Security, SAML)

Berner Fachhochschule. Technik und Informatik. Web Services. An Introduction. Prof. Dr. Eric Dubuis Berner Fachhochschule Biel

Web Services without JEE

Reliable and Transacted Web Services Between Sun s Project Tango and Microsoft Indigo

National Identity Exchange Federation. Web Services System- to- System Profile. Version 1.1

zentrale Sicherheitsplattform für WS Web Services Manager in Action: Leitender Systemberater Kersten Mebus

Apache Synapse. Paul Fremantle.

The SOAP Story. Martin Parry Developer & Platform Group Microsoft Ltd

The Business of Identity: Business Drivers and Use Cases of Identity Web Services

SHORT NOTES / INTEGRATION AND MESSAGING

Oracle Fusion Middleware

QUEUED TRANSACTION PROCESSING WITH WEB SERVICE RELIABLE MESSAGING

Developing Secure Java Web Services, Java EE 6

How to Overcome Web Services Security Obstacles

Services Interoperability With Java Technology and.net: Technologies for Web 2.0

Datapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record

Oracle Fusion Middleware

Chapter 17 Web Services Additional Topics

Federated Web Services with Mobile Devices

Oracle Developer Day

WSRP Web Services for Remote Portlets

Lab IV. Transaction Management. Database Laboratory

Java J Course Outline

Oracle Fusion Middleware

Microsoft Open Specification Promise

CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies

Interoperability Solutions Guide for Oracle Web Services Manager 12c (12.2.1)

IBM EXAM - C IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Buy Full Product.

Web Services Standards and Best Practices within WebSphere

Oracle Fusion Middleware

Novell Access Manager

WCF-Service-Endpoint. WCF Endpoint Components

;;;; ;;;; Created : 2006 Aug 09 (Wed) 11:13:54 by Harold Carr. ;;;; Last Modified : 2006 Oct 18 (Wed) 14:37:42 by Harold Carr.

Transport (http) Encoding (XML) Standard Structure (SOAP) Description (WSDL) Discovery (UDDI - platform independent XML)

Identity-Enabled Web Services

Oracle Fusion Middleware

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

We are ready to serve Latest Testing Trends, Are you ready to learn? New Batch Details

Exam Name: IBM WebSphere Datapower SOA. Appliances Firmware V3.8.1, Solution Implementation

IBM C IBM WebSphere App Server Dev Tools V8.5, with Liberty.

.NET Secure Coding for Client-Server Applications 4-Day hands on Course. Course Syllabus

Java Training Center, Noida - Java Expert Program

CREATION AND CONFIGURATION OF WEB SERVICE FROM RFC AND DEPLOYMENT IN ANOTHER SYSTEM

GlassFish Project Web Services Stack Metro : Easy to Use, Robust, and High-Performance

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt

eservices Integrated Capture Points Guide Web Service Capture Point

Service-Oriented Integration Goldschmidt, Balázs Simon, Balázs Szeberényi, Imre

Identity Provider for SAP Single Sign-On and SAP Identity Management

Authorization and authentication. Jakub Dominik Adam Szymczak Adam Świątek Łukasz Tomczak

Soap Based Web Services In Java Tutorial Eclipse Jboss

Policy Manager for IBM WebSphere DataPower 7.2: Configuration Guide

Next-Generation SOA Infrastructure. An Oracle White Paper May 2007

ebxml Transport Routing and Packaging Overview and Requirements

Web Services Advanced Topics

Active Endpoints. ActiveVOS Platform Architecture Active Endpoints

Open XML Gateway User Guide. CORISECIO GmbH - Uhlandstr Darmstadt - Germany -

ACORD Web Services Profile: 2.0 vs. 1.0

REST Web Services Objektumorientált szoftvertervezés Object-oriented software design

ITdumpsFree. Get free valid exam dumps and pass your exam test with confidence

Novell Access Manager

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Enterprise SOA Experience Workshop. Module 8: Operating an enterprise SOA Landscape

Protocol Buffers, grpc

Warm Up to Identity Protocol Soup

MOC 6461A C#: Visual Studio 2008: Windows Communication Foundation

Operational Enhancement Solutions. Release jxchange. Service Gateway Manual. Quarter 3: February 2016

SAML-Based SSO Solution

IBM Security Access Manager Version January Federation Administration topics IBM

BEAAquaLogic. Service Bus. Native MQ Transport User Guide

Network Security Essentials

ActiveVOS Technologies

DOC // JAVA TOMCAT WEB SERVICES TUTORIAL EBOOK

Major SAML 2.0 Changes. Nate Klingenstein Internet2 EuroCAMP 2007 Helsinki April 17, 2007

Implementing a Ground Service- Oriented Architecture (SOA) March 28, 2006

Web Services and SOA. The OWASP Foundation Laurent PETROQUE. System Engineer, F5 Networks

J2EE APIs and Emerging Web Services Standards

Programming Web Services in Java

Testpassport.

SAML-Based SSO Configuration

Implementing Interoperable SOA in Your Enterprise

1Z Java EE 6 Web Services Developer Certified Expert Exam Summary Syllabus Questions

BEAAquaLogic. Service Bus. MQ Transport User Guide

Securing WebLogic Web Services for Oracle WebLogic Server 12c (12.2.1)

Making Java /.Net Technology- Based Web Services Interoperability Real

WS-AtomicTransaction. Mark Little, Chief Architect Arjuna Technologies Ltd

1z0-479 oracle. Number: 1z0-479 Passing Score: 800 Time Limit: 120 min.

Introduction to Database Systems

Canadian Access Federation: Trust Assertion Document (TAD)

Transcription:

WS-* Standards Szolgáltatásorientált rendszerintegráció Service-Oriented System Integration Dr. Balázs Simon BME, IIT

Outline Integration requirements WS-* standards 2

Integration requirements 3

Integration within a company SAP.NET JEE SQL Server PHP Oracle DB MySQL 4

e-gov integration Tax authority Linux, Oracle e-gov portal Linux, JBoss Social security Windows,.NET Insurance Linux, IBM 5

Requirements Integration within a company transactions e-gov integration, integration between companies: security: encryption, digital signature reliability: no messages are lost Standardized solution 6

WS-* standards 7

Web service standards Metadata Security Reliable Messaging Transactions Messaging XML encryption, digital signature Transport pl. HTTP, HTTPS, TCP, UDP, JMS, SMTP,... 8

Messaging Messaging MTOM WS-Addressing SOAP WS-Addressing: SOAP headers: Action To From ReplyTo FaultTo MessageId RelatesTo analogy: e-mail MTOM: efficient byte transfer as MIME attachment 9

Reliable messaging Reliable messaging WS- Reliability WS- Reliable Messaging WS-Reliability: original version does not live well with the other WS-* protocols WS-ReliableMessaging: analogy: TCP widely supported lives well with the other WS-* protocols e.g. transactions, security,... 10

WS-ReliableMessaging Endpoint A Endpoint B CreateSequence() CreateSequenceResponse(Identifier= http://www.iit.bme.hu/seq123 ) Sequence(Identifier= http://www.iit.bme.hu/seq123, MessageNumber=1) Sequence(Identifier= http://www.iit.bme.hu/seq123, MessageNumber=2) Sequence(Identifier= http://www.iit.bme.hu/seq123, MessageNumber=3, LastMessage) SequenceAcknowledgement(Identifier= http://www.iit.bme.hu/seq123, AcknowledgementRange=1,3) bootstrap application-level messages 11

WS-ReliableMessaging Endpoint A Endpoint B Sequence(Identifier= http://www.iit.bme.hu/seq123, MessageNumber=2, AckRequested) SequenceAcknowledgement(Identifier= http://www.iit.bme.hu/seq123, AcknowledgementRange=1..3) CloseSequence(Identifier= http://www.iit.bme.hu/seq123 ) CloseSequenceResponse(Identifier= http://www.iit.bme.hu/seq123 ) application-level messages closing the sequence TerminateSequence(Identifier= http://www.iit.bme.hu/seq123 ) TerminateSequenceResponse(Identifier= http://www.iit.bme.hu/seq123 ) releasing resources 12

WS-ReliableMessaging (WS-RM) Non-persistent implementation: sequence session stored in memory problems: only relevant over an unreliable protocol (e.g. UDP) makes no sense over TCP, and hence over HTTP cannot outlive a shutdown-restart storing a lot of sessions can overload the server WCF only supports non-persistent WS-RM 13

WS-ReliableMessaging (WS-RM) Persistent implementation: sequence session stored in a persistent store e.g. file or database advantages: relevant over TCP, and hence over HTTP can outlive a shutdown-restart sessions don t overload the server IBM and Oracle have persistent WS-RM implementations 14

Transactions WS- Atomic Transaction Transactions WS-Coordination WS- Business Activity WS-Coordination: managing transactions WS-AtomicTransaction: short term transaction 2PC WS-BusinessActivity: long running transaction rollback: compensation 15

Transactions ACID principles: Atomicity: either the transaction as a whole succeeds or fails. Consistency: data before and after the transaction must be in a consistent state. Isolation: parallel transactions act isolated from each other; it appears as though they are running sequentially. Durability: data state after a successful transaction is persistent; survives a crash. Operations: Commit: finish the transaction successfully and persist the outcome. Rollback: discard all data manipulations performed since the transaction began. 16

WS-Coordination Runtime Runtime Client Message+ context Service Message+ context Service... Create context Register Register Activation Service (root) Coordinator Registration Service Protocol Service Registration Service Protocol Service (subordinate) Coordinator...... 17

WS-AtomicTransaction: 2PC Phase 1: prepare (Can everyone commit?) Runtime Runtime Client Service Service... 1. commit 2. prepare 3. OK 5. prepare 6. OK (root) Coordinator 4. prepare 7. OK (subordinate) Coordinator... 18

WS-AtomicTransaction: 2PC Phase 2: commit (Do commit.) Runtime Runtime Client Service Service... 7. commited 1. commit 2. OK 4. commit 5. OK (root) Coordinator 3. commit 6. OK (subordinate) Coordinator... 19

WS-BusinessActivity For long-running transactions Problem: cannot lock databases for days WS-AtomicTransaction cannot be used Solution: assume we can commit and do the operation (e.g. reserve flight) if later a rollback has to be done, undo the operation, i.e. compensate (e.g. cancel flight) But: ACID is no longer valid the system can be in an inconsistent state for a while 20

Security Security WS-Federation WS-Trust WS-SecureConversation WS-Security WS-Security: encryption, digital signature WS-SecureConversation: symmetric-key crypto (analogy: SSL) WS-Trust: issuing tokens (analogy: Kerberos) WS-Federation identity management between trusted domains single sign-on 21

WS-Security XML encryption and digital signature in the message Authentication information in the message username-password, X.509. certificate, etc. Signed parts: WS-Addressing, WS-ReliableMessaging headers SOAP body Encrypted parts: keys, username-password, etc. SOAP body Uses asymmetric key cryptography => slow Usually for a single call 22

WS-SecureConversation Bootstrap protocol: client and server agree in a symmetric key Application-level messages: encrypted by the symmetric key => faster Faster for multiple calls (from about 10 calls) on a single connection The bootstrap protocol is configured like a WS-Security protocol uses asymmetric keys 23

WS-Trust sample Driving license STS: Security-Token Service Client Client 1. Buy wine 2. Adult? Web-shop Service 24

Federation problem Company A Company B STS A STS B request token for user-pass token from STS A Client A how to use service B with a token from STS A??? Service B Won t work! 25

WS-Federation Company A Company B STS A Trust STS B request token for user-pass token from STS A Client A Service B use service with token from STS B 26

WS-Federation Advantages: Company B does not have to maintain a database of users from Company A Authorization rights are always up-to-date Builds on WS-Trust WS-Trust: issue, renew and cancel tokens authentication: username-password, X.509 certificates, SAML, tokens from another STS, etc. 27

Metadata Metadata WS-MetadataExchange WS-Policy WSDL WS-Policy: describes the capabilities of the service extends the WSDL configures the WS-* protocols e.g.: WS-Security Policy WS-ReliableMessaging Policy WS-AtomicTransaction Policy WS-MetadataExchange: retrieving WSDL exchanging Policy information dynamic protocol discovery 28

WS-* standards Security Reliable Messaging Transactions WS-Federation WS-Trust WS-SecureConversation WS-Security WS-Transfer WS-Enumeration WS-Reliability WS-ReliableMessaging Messaging WS-EventNotification WS-Addressing SOAP WS- Atomic Transaction WS-Coordination MTOM WS- Business Activity Metadata WS- Metadata Exchange WS-Policy WSDL XML Encryption XML XML Digitial Signature XML XML Schema XML Namespaces Transport HTTP HTTPS SMTP TCP 29

Configuration of WS-* standards WCF (.NET): wshttpbinding in App.config or Web.config JAX-WS does not cover WS-* standards vendors provide their own extensions Metro (GlassFish server) WS-Policy assertions in the WSDL Apache CXF (Tomcat, JBoss, WildFly) Spring configuration + WS-Policy assertions in the WSDL Oracle WebLogic custom XML files or WS-Policy assertions IBM WebSphere custom XML files and WS-Policy assertions 30

Interoperability of the WS-* standards 31

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback