chapter 19 web services. web services infrastructure and components security service descriptions...
TRANSCRIPT
![Page 1: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/1.jpg)
Chapter 19 Web Services
![Page 2: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/2.jpg)
Web services infrastructure and components
Security
Service descriptions (in WSDL)
Applications
Directory service
Web Services
XML
Choreography
SOAP
URIs (URLs or URNs) HTTP, SMTP or other transport
![Page 3: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/3.jpg)
The ‘travel agent service’ combines other web services
hotel bookinga
Travel Agent
flight booking
a
hire car bookingaService
Client
flight bookingb
hotel bookingbhire car bookingb
![Page 4: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/4.jpg)
SOAP message in an envelope
envelope
header
body
header element
body element
header element
body element
![Page 5: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/5.jpg)
Example of a simple request without headers
m:exchange
env:envelope xmlns:env =namespace URI for SOAP envelopes
m:arg1
env:body
xmlns:m = namespace URI of the service description
Hellom:arg2
World
In this figure and the next, each XML element is represented by a shaded box with its name in italic followed by any attributes and its content
![Page 6: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/6.jpg)
Example of a reply corresponding to the request in Figure 19.4
env:envelope
xmlns:env = namespace URI for SOAP envelope
m:res1
env:body
xmlns:m = namespace URI for the service description
m:res2World
m:exchangeResponse
Hello
![Page 7: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/7.jpg)
Use of HTTP POST Request in SOAP client-server communication
endpoint address
action
POST /examples/stringerHost: www.cdk4.netContent-Type: application/soap+xmlAction: http://www.cdk4.net/examples/stringer#exchange
<env:envelope xmlns:env= namespace URI for SOAP envelope><env:header> </env:header><env:body> </env:body></env:Envelope>
So
ap
me
ssa
ge
HT
TP
h
ead
er
![Page 8: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/8.jpg)
Java web service interface ShapeList
import java.rmi.*;
public interface ShapeList extends Remote {int newShape(GraphicalObject g) throws RemoteException; int numberOfShapes()throws RemoteException;int getVersion() throws RemoteException;int getGOVersion(int i)throws RemoteException;GraphicalObject getAllState(int i) throws RemoteException;
}
![Page 9: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/9.jpg)
Java implementation of the ShapeList server
import java.util.Vector;
public class ShapeListImpl implements ShapeList {private Vector theList = new Vector();private int version = 0;private Vector theVersions = new Vector();
public int newShape(GraphicalObject g) throws RemoteException{version++;theList.addElement(g); theVersions.addElement(new Integer(version)); return theList.size();
}public int numberOfShapes(){}public int getVersion() {} public int getGOVersion(int i){ }public GraphicalObject getAllState(int i) {}
}
![Page 10: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/10.jpg)
Java implementation of the ShapeList client
package staticstub;import javax.xml.rpc.Stub;
public class ShapeListClient {public static void main(String[] args) { /* pass URL of service */ try {
Stub proxy = createProxy();proxy._setProperty (javax.xml.rpc.Stub.ENDPOINT_ADDRESS_PROPERTY, args[0]); ShapeList aShapeList = (ShapeList)proxy;GraphicalObject g = aShapeList.getAllState(0);
} catch (Exception ex) { ex.printStackTrace(); }}
private static Stub createProxy() {return (Stub) (new MyShapeListService_Impl().getShapeListPort());
}}
![Page 11: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/11.jpg)
The main elements in a WSDL description
abstract concrete
how where
definitions
types
target namespace
interface bindings servicesmessage
document stylerequest-reply style
![Page 12: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/12.jpg)
WSDL request and reply messages for the newShape operation
message name = "ShapeList_newShape"
type = "ns:GraphicalObject"
part name="GraphicalObject_1"
tns ミ target namespacexsd ミ XML schema definitions
message name = "ShapeList_newShapeResponse"
part name="result" type = "xsd:int"
![Page 13: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/13.jpg)
Message exchange patterns for WSDL operations
Name
In-Out
In-Only
Robust In-Only
Out-In
Out-Only
Robust Out-Only
Client Server Delivery Fault message
Request Reply may replace Reply
Request no fault message
Request guaranteed may be sent
Reply Request may replace Reply
Request no fault message
Request guaranteed may send fault
Messages sent by
![Page 14: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/14.jpg)
WSDL operation newShape
operation name = "newShape"
input message = "tns:ShapeList_newShape"
output message = "tns:ShapeList_newShapeResponse"
pattern = In-Out
tns – target namespacexsd – XML schema definitions
The names operation, pattern, input and output are defined in the XML schema for WSDL
![Page 15: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/15.jpg)
SOAP binding and service definitions
soap:binding transport = URI
binding
style= "rpc"
endpoint
service name =
binding = "tns:ShapeListBinding"
soap:address location = service URI
name = "MyShapeListService"
name = "ShapeListPort"for schemas for soap/http
the service URI is:
operation
soap:operationsoapAction
"ShapeListBinding""tns:ShapeList"type =
name="newShape"
inputsoap:body
encoding, namespace
soap:body encoding, namespace
output
“http://localhost:8080/ShapeList-jaxrpc/ShapeList”
![Page 16: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/16.jpg)
The main UDDI data structures
tModel
businessServices
tModel
businessEntity
information
about the publisher
tModel
businessServiceshuman readable
service descriptions key key
URL
URL
URL
businessServices
information about a
family of services
human readable
service interfaces
bindingTemplate
bindingTemplate
bindingTemplateinformation about the
key
service interfaces
![Page 17: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/17.jpg)
Algorithms required for XML signature
Type of algorithm Name of algorithm Required reference
Message digest SHA-1 Required Section 7.4.3
Encoding base64 Required [Freed and Borenstein 1996]
Signature DSA with SHA-1 Required [NIST 1994]
(asymmetric) RSA with SHA-1 Recommended Section 7.3.2
MAC signature(symmetric)
HMAC-SHA-1 Required Section 7.4.2 and Krawczyket al. [1997]
Canonicalization Canonical XML Required Page 810
![Page 18: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/18.jpg)
Algorithms required for encryption(the algorithms in Figure 19.16 are also required)
Type of algorithm Name of algorithm Required reference
Block cipher TRIPLEDES, AES 128
required Section 7.3.1
AES-192 optional
Encoding base64 required [Freed and Borenstein 1996]
Key transport RSA-v1.5, RSA-OAEP
required Section 7.3.2[Kaliski and Staddon 1998]
Symmetric keywrap (signatureby shared key)
TRIPLEDESKeyWrap, AES-128 KeyWrap,
AES 256KeyWrap
required [Housley 2002]
AES-192 KeyWrap optional
Key agreement Diffie-Hellman optional [Rescorla, 1999]
AES-256
![Page 19: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/19.jpg)
Travel agent scenario
1. The client asks the travel agent service for information about a set of services; for example, flights, car hire and hotel bookings.
2. The travel agent service collects prices and availability information and sends it to the client, which chooses one of the following on behalf of the user:
(a) refine the query, possibly involving more providers to get more information, then repeat step 2;(b) make reservations;(c) quit.
3. The client requests a reservation and the travel agent service checks availability. 4. Either all are available; or for services that are not available;
either alternatives are offered to the client who goes back to step 3; or the client goes back to step 1.
5. Take deposit.6. Give the client a reservation number as a confirmation.7. During the period until the final payment, the client may modify or cancel reservations
![Page 20: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/20.jpg)
Open grid services architecture
Application specfic grid services
web services
application specific
OGSI services: naming, service data (metadata)
OGSA services: directory, management, security
service creation and deletion, fault model, service groups GridService e.g.
interfacese.g. astronomy, biomedical informatics, high-energy physics
Factory
grid service interfacesstandard
![Page 21: Chapter 19 Web Services. Web services infrastructure and components Security Service descriptions (in WSDL) Applications Directory service Web Services](https://reader035.vdocuments.site/reader035/viewer/2022081519/56649de65503460f94ade5d3/html5/thumbnails/21.jpg)
A selection of the grid projects presented in Foster & Kesselman[2004]
Description of the project Reference
1. Aircraft engine maintenance using fault histories andsensors for predictive diagnostics
www.cs.york.ac.uk/dame
2. Telepresence for predicting the effects ofearthquakes on buildings, using simulations and test sites
www.neesgrid.org
3. Bio-medical informatics network providingresearchers with access to experiments and visualizations of results
nbcr.sdsc.edu
4. Analysis of data from the CMS high energy particledetector at CERN by physicists world-wide over 15 years
www.uscms.org
5. Testing the effects of candidate drug molecules fortheir effect on the activity of a protein, by performing parallel
computations using idle desktop computers
[Taufer et al. 2003] [Chien 2004
6. Use of the Sun Grid Engine to enhance aerialphotographs by using spare capacity on a cluster of web servers
www.globexplorer.com
7. The butterfly Grid supports multiplayer games forvery large numbers of players on the internet over the Globus toolkit
www.butterfly.net
8. The Access Grid supports the needs of small groupcollaboration, for example by providing shared workspaces
www.accessgrid.org