web services advanced topics - software...

Colorado Software Summit: October 26 – 31, 2003 © Copyright 2003, IBM Corporation

Kelvin Lawrence – Web Services Advanced Topics: Beyond SOAP, WSDL, and UDDI

Web Services Advanced Topics:Beyond SOAP, WSDL, and UDDI

Kelvin R. LawrenceDistinguished Engineer & CTO Dynamic e-business TechnologyIBM Software Group, Austin, [email protected]

NOTE: This is a fast moving area and updated slides may be used in the actual presentation. The updated slides will

be on the post conference CD

mailto:[email protected]



NewAbout Updated SlidesInserted slides are marked “ “

Modified slides are marked “ “

This version of the slides will be on the post conference CD.

New



AgendaAn overview of several new technologies for Web Services:

The Web Services “stack” of technologiesWeb Services Security (covered in detail in my other session) Web Services PolicyTrust and long running secure conversationsWeb Services FederationWeb Services Reliable MessagingBusiness Process Execution LanguageWeb Services Interoperability

Note: subjects listed in Bold Font are presented in more depth than the others.



What’s New with SOAP and UDDIW3C publishes SOAP 1.2 Recommendation

June 2003“Recommendation” status means finished, effectively a standardSpecs available at http://w3.org:

• SOAP Version 1.2 Part 0: Primer• SOAP Version 1.2 Part 1: Messaging Framework• SOAP Version 1.2 Part 2: Adjuncts

UDDI 2.0 declared an OASIS StandardSpecs available at http://oasis-open.org

http://w3.org/

http://oasis-open.org/



The Web Services “Stack”

WS-Policy

WS-Security family of

specifications

WS-ReliableMessaging

UDDI

Qualityof Service

Messagingand Encoding

Transport

BusinessProcesses

Other protocolsOther services

Business Process Execution Language

Descriptionand DiscoveryWSDL

SOAP, SOAP Attachments

XML, XML Infoset

Transports

WS-Coordination

WS-Transactions



Technologies Discussed in This Presentation

WS-Policy

WS-Security family of

specifications


UDDI

Qualityof Service


Transport

BusinessProcesses



Descriptionand DiscoveryWSDL


XML, XML Infoset

Transports

WS-Coordination

WS-Transactions



Namespaces and Web Services Specifications

The composable and extensible Services Oriented Architecture built on Web services technologies is managed by way of XML Namespaces that identify the vocabulary that defines a given element.The abbreviations are arbitrary; yet there are conventional abbreviations that we use here.

S: SOAP 1.2 envelope elementshttp://www.w3.org/2002/06/soap-envelope

wsse: WS-Security SOAP envelope extensionshttp://schemas.xmlsoap.org/ws/2003/07/secext

wsu: Web services utility extensionshttp://schemas.xmlsoap.org/ws/2002/07/utility

wsp: WS-Policy extensionshttp://schemas.xmlsoap.org/ws/2002/12/policy

wsrm: WS-Reliable Messaging extensions

http://www.w3.org/2002/06/soap-envelope

http://schemas.xmlsoap.org/ws/2003/07/secext

http://schemas.xmlsoap.org/ws/2002/07/utility

http://schemas.xmlsoap.org/ws/2002/12/policy



WS-Securityhttp://oasis-open.org/committees/download.php/1204/doc-index.html

Descriptionand DiscoveryWS-Policy


UDDI


Transport

BusinessProcesses



WSDL


XML, XML Infoset

Transports

WS-Coordination

WS-Transactions

WS-Security Qualityof Service

WS-SecurityPolicy WS-Privacy

WS-SecureConversation WS-Authorization

X509profile

Kerberosprofile

XrMLprofile

Usernameprofile

XCBFprofile

SAMLprofile

WS-Security (framework)

WS-Trust

WS-Federation

http://oasis-open.org/committees/download.php/1204/doc-index.html



Why HTTPS Is Not Enough for Web Services

HTTPS is protocol-level securityPoint-to-point: lasts only for duration of the connectionDoes not secure solutions that use other protocols (JMS, MQ)“All or nothing” encryption onlyWeak integrity conceptDoes not support other security mechanisms

FIRE

WAL

L

Back endApplication

"SECURE"

HTTPS to JMS

Gateway

HTTPS securitystops here

SECURE?

Internet

BusinessPartner

SECURE?

Internet

ServiceRequester

App



Security Considerations with SOAP Messaging

How to include security credentials in the messageHow to use element-wise encryption: expose some parts for routing, hide critical data from unauthorized partiesHow to use digital signaturesSecurity must persist from originator to processing end-point, for the life of the transactionSecurity survives call to external business partnerUse with, or instead of, protocol-level security

FIR

EW

ALL

Back endApplication

IntranetInternetService

RequesterApp

Gateway

credentialsSOAP message

BusinessPartner

Internet



WS-Security: SOAP Message Security

A foundational set of SOAP message extensions for building secure Web servicesDefines SOAP usage for several popular security technologies in message-level security:

• Kerberos, Public Key Encryption, HTTPS, IPSEC, XrML• XML Signature, XML Encryption, XKMS from W3C• SAML, XACML from OASIS• Six new and planned specifications

Goals:Enable enterprises to protect their investments and assets as business processes become Web servicesSame-domain and cross-domain secure messagingPlatform-neutral interoperabilityEnd-to-end securityExtensibility



WS-Security: SOAP Message Security

Flexible, composable specificationDesigned to be used as basis for securing Web servicesWide variety of security models including PKI, Kerberos, and SSL

Provides support for Multiple security token formatsMultiple trust domainsMultiple signature formatsMultiple encryption technologies

This specification replaces and extends earlier worke.g. the IBM/Microsoft W3C "SOAP-Sec" Note (January 2001) is now obsolete



Resources: SecurityLatest WS-Security specifications are available on http://oasis-open.org

Incorporates errata, includes changes from working group

Other specs are available on http://ibm.com/developerworksSearch for WS-Security to get the entire list

Whitepaper: “Web Services Security: Moving up the stack“http://ibm.com/developerworks/webservices/library/ws-secroad/Published December, 2002

Original plan for WS-Policy is described in the WS-Security Roadmaphttp://ibm.com/developerworks/webservices/library/ws-secmap/Published April, 2002. Differs somewhat from specifications, which are the definitive source of information

Full-length presentation on WS-Security:Visit http://ibm.com/developerworks/speakers/colan

http://oasis-open.org/

http://ibm.com/developerworks

http://ibm.com/developerworks/webservices/library/ws-secroad/

http://ibm.com/developerworks/webservices/library/ws-secmap/

http://ibm.com/developerworks/speakers/colan



WS-Policy: Web Services Policy Framework

WS-Security WS-ReliableMessaging

UDDI

Qualityof Service


Transport

BusinessProcesses



WSDL


XML, XML Infoset

Transports

WS-Coordination

WS-Transactions

WS-Policy Descriptionand Discovery

WS-PolicyAttachments

WS-SecurityPolicy

WS-PolicyAssertions other policies

WS-Policy(framework)



What Is a Policy?A policy is a set of capabilities, requirements, preferences, and general characteristics about entities in a systemThe elements of a policy (policy assertions) can express:

Security requirements or capabilitiesVarious Quality of Service (QoS) characteristicsAny other kinds of policies that are required

WS-Policy defines a general purpose, extensible model and grammar (“framework”) for describing policies in a Web services system

Simple, declarative policiesMore complex, conditional policies



WS-Policyhttp://ibm.com/developerworks/webservices/library/ws-polfram


WS-SecurityPolicy



WS-Policy defines the framework for policy definition

The container element <Policy>The organizing operator elementsThe “Preference” and “Usage” concepts / attributesAn inclusion / reuse mechanism

WS-Policy does NOT define:Any specific policy assertions. These are defined by WS-PolicyAssertions, WS-SecurityPolicy, others yet to be inventedThe binding to a policy subject. This is defined in WS-PolicyAttachment.

http://ibm.com/developerworks/webservices/library/ws-polfram



Policy Example: Security and Authentication Options

<wsp:Policy xmlns:wsse="..." xmlns:wsp="..."><wsp:ExactlyOne>

<wsse:SecurityToken TokenType="wsse:Kerberosv5TGT“wsp:Usage="wsp:Required“wsp:Preference="100"/>

<wsse:SecurityToken TokenType="wsse:X509v3“wsp:Usage="wsp:Required“wsp:Preference="1"/>

</wsp:ExactlyOne></wsp:Policy>

Meaning:A valid request can contain any of one the two SecurityTokensKerberos and X509 are supported authentication tokensKerberos is preferred over X509



Policy Terminology<wsp:Policy xmlns:wsse="..." xmlns:wsp="..."><wsp:ExactlyOne>




Policy assertion: a preference, requirement, capability or other property

Policy statement: a group of policy assertions

Policy expression: a representation of one or more policy statements

A policy subject is an entity (e.g. an endpoint, object, or resource) to which a policy can be bound (see WS-PolicyAttachment).



Policy Operators<wsp:Policy xmlns:wsp="..." xmlns:wsse="..."><wsp:ExactlyOne> <wsp:All wsp:Preference="100"/> <wsse:SecurityToken TokenType="wsse:Kerberosv5TGT" /> <wsse:Algorithm Type="wsse:AlgSignature“

URI=“http://www.w3.org/2000/09/xmlenc#aes"/> </wsp:All><wsp:All wsp:Preference="1"/><wsse:SecurityToken TokenType="wsse:X509v3" /><wsse:Algorithm Type="wsse:AlgEncryption“

URI="http://www.w3.org/2001/04/xmlenc#3des-cbc"/></wsp:All>


Operators can be ExactlyOne, OneOrMore, or All. In this example:The primary operator ExactlyOne is a policy statementThe subordinate operator All groups two related policy assertions



Policy Preferences<wsp:Policy xmlns:wsp="..." xmlns:wsse="..."><wsp:ExactlyOne><wsp:All wsp:Preference="100"/> <wsse:SecurityToken TokenType="wsse:Kerberosv5TGT" /> <wsse:Algorithm Type="wsse:AlgSignature“

URI=“http://www.w3.org/2000/09/xmlenc#aes"/> </wsp:All><wsp:All wsp:Preference="1"/><wsse:SecurityToken TokenType="wsse:X509v3" /><wsse:Algorithm Type="wsse:AlgEncryption“

URI="http://www.w3.org/2001/04/xmlenc#3des-cbc"/></wsp:All>


The Preference attribute indicates the preferred policy assertions among the listed choices.

Larger numbers are preferred



Policy Usage<wsp:Policy xmlns:wsse="..." xmlns:wsp="..."><wsp:ExactlyOne>




The Usage attribute specifies how the assertion is usedRequired – assertion must be applied to the subject; if not supported, fail.Rejected – assertion is not allowed. If present, fail.Optional – assertion may be made, but may not be appliedObserved – assertion is applied, and requesters are informed that it is appliedIgnored – assertion is processed, but ignored, and requestors are informed.



Policy Inclusion<wsp:Policy wsu:Id="audit" xmlns:wsu="..." xmlns:wssx="...">

<wssx:Audit wsp:Usage="wsp:Observed"/></wsp:Policy>

<wsp:Policy xmlns:wsse="..."><wsp:PolicyReference URI="#audit"/><wsse:SecurityToken TokenType="wsse:X509v3“

wsp:Usage="wsp:Required"/>

</wsp:Policy>

<wsp:PolicyReference> allows assertions to be shared among policy expressions. It includes the content of one policy expression in another expression. In this example:

the wsu:ID attribute defines a reference to the <wssx:Audit> elementthe <wssx:Audit> element effectively replaces the <wsp:PolicyReference> element in the policy statement.



Reusing a Portion of a Policy<wsp:Policy xmlns:SecurityNS="..." xmlns:cus="...">

<cus:Assert1><wsp:ExactlyOne wsu:Id="options">

<cus:Option1 wsp:Usage="wsp:Required" /><cus:Option2 wsp:Usage="wsp:Required" /><cus:Option3 wsp:Usage="wsp:Required" />

</wsp:ExactlyOne ></cus:Assert1><cus:Assert2>

<wsp:PolicyReference URI="#options"/></cus:Assert2>

</wsp:Policy>

The identification mechanism for <wsp:PolicyReference> can also be used with operator elements. In this example:

the wsu:ID attribute defines a reference to the <wsp:ExactlyOnce> groupthe < wsp:ExactlyOnce > group effectively replaces the <wsp:PolicyReference> element in the policy statement.





UDDI

Qualityof Service


Transport

BusinessProcesses



WSDL


XML, XML Infoset

Transports

WS-Coordination

WS-Transactions


WS-SecurityPolicy






WS-PolicyAttachment Specificationhttp://ibm.com/developerworks/webservices/library/ws-polatt/

Defines means of associating a policy expression with one or more subjects or resources:

arbitrary XML element(s) (policy is defined as part of the definition of the subject)arbitrary non-XML resource(s) (policy is externally bound)

Describes the use of these mechanisms with WSDL and UDDI artifacts: How to reference policies from WSDL definitions

• Messages and PortTypes

How to associate policies with specific instances of WSDL services• Services and Ports

How to associate policies with UDDI entities• businessService and bindingTemplate

How to define a policy expression in a UDDI registry as a tModel

Such bindings need to be able to be secured (so they can be trusted)

http://ibm.com/developerworks/webservices/library/ws-polatt/



WS-PolicyAssertions


UDDI

Qualityof Service


Transport

BusinessProcesses



WSDL


XML, XML Infoset

Transports

WS-Coordination

WS-Transactions


WS-SecurityPolicy other policies



WS-PolicyAssertions



WS-PolicyAssertionshttp://ibm.com/developerworks/webservices/library/ws-polas

Defines a set of basic assertions for describing general processing semantics for Web services:

Types of text encodings that are allowed, rejected, required, preferredNatural languages that are allowed, rejected, required, preferredWeb services specifications and version numbers to which the subject conformsEnsure that a message conforms to a given pre-conditionExamples:

• policy-assertions-language.xml• policy.xsd

http://ibm.com/developerworks/webservices/library/ws-polas



NewWS-SecurityPolicyhttp://www.ibm.com/developerworks/webservices/library/ws-secpol/

Defines a set of assertions that are typical when dealing with issues of security.Includes assertions for:

SecurityToken• Example: I will only accept certain token types (e.g. SAML, X.509).

Integrity• Example: Message must be signed and must use specific algorithms.

Confidentiality• Example: I require a specific encryption algorithm be used.

MessageAgeBuilds upon the WS-Policy framework.Example:

Policy-expression.xml

http://www.ibm.com/developerworks/webservices/library/ws-secpol/



Resources: PolicyAll specs are available on http://ibm.com/developerworks

Search for WS-Policy to get the entire list

Whitepaper: “Web Services Security: Moving up the stack“http://ibm.com/developerworks/webservices/library/ws-secroad/Published December, 2002

Original plan for WS-Policy is described in the WS-Security Roadmap

http://ibm.com/developerworks/webservices/library/ws-secmap/Published April, 2002. Differs somewhat from specifications, which should be considered the definitive source of information.


http://ibm.com/developerworks/webservices/library/ws-secroad/

http://ibm.com/developerworks/webservices/library/ws-secmap/



NewEstablishing “Trust”Trust is the characteristic that one entity is willing to rely upon a second entity to execute a set of actions and/or to make set of assertions about a set of subjects and/or scopes.Direct trust is when a relying party accepts as true all (or some subset of) the claims in the token sent by the requestor.Direct Brokered Trust is when one party trusts a second party who, in turn, trusts or vouches for, a third party.Indirect Brokered Trust is a variation on direct brokered trust where the second party negotiates with the third party, or additional parties, to assess the trust of the third party.



WS-Trusthttp://www.ibm.com/developerworks/webservices/library/ws-trust/

New

Builds upon WS-Security by adding:A Web Services “trust model”Describes methods for • Issuing and exchanging security tokens• Issuing and responding to challenges as necessary

(challenge response protocol).

Examples: • WS-Trust spec (trust model diagram)• Token request and response elements

http://www.ibm.com/developerworks/webservices/library/ws-trust/



WS-SecureConversationhttp://www.ibm.com/developerworks/library/ws-secon/

New

Building upon WS-Trust, allows a long running, secure context to be established.

Defines how contexts are establishedSpecifies how derived keys are generated

Participants establish a shared context in one of three ways:

A security token service creates a “context token”One party creates and propagates a tokenThrough defined negotiation protocols

http://www.ibm.com/developerworks/library/ws-secon/



WS-Federationhttp://ibm.com/developerworks and other Web sources

Qualityof Service



UDDI


Transport

BusinessProcesses



WSDL


XML, XML Infoset

Transports

WS-Coordination

WS-Transactions

WS-SecurityPolicy WS-Privacy

WS-SecureConversation WS-Authorization

X509profile

Kerberosprofile

XrMLprofile

Usernameprofile

XCBFprofile

SAMLprofile

WS-Security (framework)

WS-Trust

WS-Federation

WS-Security




WS-Federation – What Is It?A federation is a collection of security realms (e.g. partner organizations) that have established trust to share security information about users belonging to the realms, such as:

IdentificationAuthenticationAttributesAuthorization

WS-FederationBuilds upon WS-Security, WS-Trust and WS-SecureConversationCan share this data using different or like mechanismsDefines mechanisms for the brokering of trust and for security token exchange between trust domainsDoes not require local identities at target servicesOptionally allows hiding of identity info and other attributesDefines attribute and pseudonym services



WS-Federation – PurposeSuppose

A value network is composed of various organizations, systems, applications, and business processes.Participants include customers, employees, partners, suppliers, and distributorsThere is no single entity for identity, authentication, authorization, etc., because the cost of centralized identity management is high. Instead, there may be several such entities.We need to manage security across multiple trust domains and among multiple business partners using multiple identity authorities.

WS-Federation is a specification to solve this and other problems.



WS-FederationOther applications:

Single-sign-on for users – don’t have to present new credentials (e.g. a username and password) when entering a new trust domainMultiple identity formats including pseudonymsProvision users between organizationsProvision services between organizationsPolicy-driven trust managementSingle sign-out



WS-Federation Builds on Other Security Technologies

WS-Federation is not intended as a complete security solution.Instead, it builds on other Web services technologies:

WS-Policy specs can be used to indicate that a Web service requires a set of claims (security tokens and related message elements) in order to process an incoming requestWS-Trust mechanisms can be used by the requester to acquire additional security tokens it may requireWS-Security (WSS-SOAP Message Security) defines SOAP extensions used to provide security tokens



Security Token ServicesA generic service that issues or exchanges security tokens using a common model and set of messages.

Follows the WS-Trust specification.May be part of requester organization, provider organization, or a third party trusted by both of these.

Common functions:Verify credentials for entrance to a security realmEvaluate the trust of supplied security tokensIdentity Provider – performs peer entity authentication and can make identity claims in issued security tokens



A Simple Direct Trust Federation Scenario

Security tokens from Requester’s organization are used

SecurityToken Service

SecurityToken(s)

ServiceRequester

SecurityToken(s)


SecurityToken(s)

ServiceProvider

Policy

TRUST

Requester’s organization

Provider’s organization

SecurityToken(s)

to acquire security tokens from Provider’s organization

which are required by the provider for the service request message.

The requester’s token is exchanged, stamped, or cross-certified by provider’s Security Token Service.



Another Direct Trust Federation Scenario

Security tokens from Requester’s organization are

The service uses its Security Token Service to understand and validate the requester’s security token.

sent directly to provider’s service.


SecurityToken(s)

ServiceRequester

SecurityToken(s)


SecurityToken(s)

ServiceProvider

Policy

TRUST


Provider’s organization

SecurityToken(s)

The validation response is sent as a security token which includes authentication and authorization data.



Federation Scenario with Indirect Trust

There may not be a direct trust relationship between requester and provider organizations.

In that case, the two organizations may choose to use a trusted third party to establish and confirm trust for the transaction.

The provider asks the third party to verify the security token

The third party contacts the requester to verify the security token

Steps 1, 2, and 5 are as before.


SecurityToken(s)

ServiceRequester

SecurityToken(s)


SecurityToken(s)

ServiceProvider Policy

Requester’s organizatio

n

Provider’s organizatio

n

SecurityToken(s)

Third-party Security Token Service

SecurityToken(s)

TRU

STPolicy

TRU

ST



Multi-party FederationThere might be several organizations involved in a business process, with multiple trust realms. Steps 4 and 5 are the same as 2 and 3, except they are for a different transaction from a different provider.


ServiceRequester


ServiceProvider

TRUST


Provider 2


ServiceProvider

Provider 1

TRUST



DelegationA Web service provider may need to access another Web service onbehalf of a requester. The delegator provides security tokens to allow or indicate proof of delegation. There are other possible variations on this scenario.


ServiceProvider


ServiceProvider

TRUST

Delegator’sorganization

Provider 2


ServiceRequester


TRUST



Attributes and PseudonymsPrivacy protection may require additional controls and mechanisms:

To provide access control on any private informationTo prevent unwanted correlationTo automatically map identitiesSharing of data between authorized parties

WS-Federation defines mechanisms to supportAttribute services to personalize the experience using restricted information (subject to authorization and privacy rules)Pseudonym services to facilitate single sign-on with automatic mapping of identities while keeping identity private



Resources: WS-Federationhttp://ibm.com/developerworks/webservices

Federation of Identities in a Web services world

Overview of goals and technologies

Web Services Federation LanguageThe specification itself

WS-Federation: Active Requestor ProfileWS-Federation: Passive Requestor Profile

These specs define how the WS-Federation model is applied to active and passive requestors

http://ibm.com/developerworks/webservices




WS-Policy

WS-Security

UDDI

Qualityof Service


Transport

BusinessProcesses



WSDL


XML, XML Infoset

Transports

WS-Coordination

WS-Transactions

Descriptionand Discovery


WS-MetadataExchange


WS-Addressing WS-TransmissionControl

WS-EndpointResolution

Planned



WS-RM: Web Services Reliable Messaging

Goal: Reliable message exchange in the presence of software component, system, or network failures.Errors in transmission may disrupt a conversation

Messages can be lost, duplicated, or arrive in a different order than they were sentHost systems may fail and lose volatile state

Reliable messaging means:A message is delivered exactly onceMessages are delivered in the same order they are sentWhen this is not possible, a fault is raised on the Initial Sender, or the Ultimate Receiver, or both



WS-ReliableMessaging: Features

WS-RM (WS-ReliableMessaging) defines:A messaging protocol to identify, track, and manage reliable delivery between a source and a destination.Defines a SOAP binding for interoperability

WS-RM is extensible:Bindings for other protocols may also be definedAdditional functionality (e.g. security) can be tightly integrated

WS-RM integrates with and complements other specsIntegrating WS-RM and WS-Security yields secure and reliable message exchangeWS-RM uses the WS-Policy specifications for defining and attaching reliable messaging policy assertions



The Reliable Messaging Model

RequesterApp

Source(e.g. sender’s

platform)

Destination(e.g. receiver’s

Platform)

ProviderApp

Send

Transmit

Deliver

Acknowledge

Requester App sends a message for reliable deliverySource transmits the message (one or more times)Destination receives and acknowledges the messageDestination delivers the message to the Provider App



Setup for Reliable MessagingThere are three requirements that must be satisfied prior to using Reliable Messaging:

1. Source must resolve Destination’s endpoint reference2. Source must obtain Destination’s policies, if any, and

send messages that conform to these requirements3. A security context must be set up if required



ExampleThe Source labels messages with a <Sequence>:

Constructs a unique sequence group id (e.g. “http://fabrikam123.com/abc”)Sends first message with id and sequence number 1Sends second message with id and sequence number 2Sends third message with id and sequence number 3, along with a token to indicate that this is the last message of the sequence

The <Sequence> element looks like this for the third message:

<wsrm:Sequence ...><wsu:Identifier>http://fabrikam123.com/abc</wsu:Identifier><wsrm:MessageNumber>3</wsrm:MessageNumber><wsrm:LastMessage/><wsu:Expires> [dateTime] </wsu:Expires> (optional)

</wsrm:Sequence>



Example (Continued)

Suppose message 2 is lost or delayed. The Destination:Receives message 1Receives message 3Acknowledges receipt of messages 1 and 3, like so:

<wsrm:SequenceAcknowledgement ...>

<wsu:Identifier>http://fabrikam123.com/abc</wsu:Identifier><wsrm:AcknowledgementRange Lower=“1" Upper=“1“/><wsrm:AcknowledgementRange Lower=“3" Upper=“3“/>

<wsrm:SequenceAcknowledgement>

Notes:The <AcknowledgementRange> indicates a range of received messages, from a lower number to an upper numberMore than one <AcknowledgementRange>s can be used when there are gaps in the sequence of received message (as here)



Example (Continued)

The Source:Receives acknowledgement for messages 1 and 3Decides to resend message 2 with same sequence group ID, along with a tag requesting immediate acknowledgement

The Destination:Receives re-sent message 2, sends acknowledgement

The Source receives the acknowledgement. The sequence is now complete.Meanwhile:

Destination later receives the lost copy of message 2Destination identifies and drops duplicate message (sequence id and number were retained to detect duplicates).



Reliable Messaging Policy Assertions

WS-RM defines a set of policy assertions for use with the WS-Policy framework specification

DeliveryAssurance assertion: AtMostOnce, AtLeastOnce, ExactlyOnce, and InOrder are possible valuesExpires assertion: specify a dateTime indicating expiration of a sequence groupInactivityTimeout assertion: specify an interval as milliseconds, after which a retry may be attemptedRetransmissionInterval: how often retries will be attemptedExponentialBackoff: modifies retry algorithmwsp:SpecVersion policy assertion from WS-PolicyAssertionswsp:Usage=”…” from WS-PolicyAssertions for other assertions

WS-PolicyAttachment may be used to associate a policy with a <Sequence>



Fault Management<SequenceFault>, used with the SOAP fault mechanism, signals specific exceptions in reliable message processingSome fault codes:

wsrm:SequenceTerminatedwsrm:UnknownSequencewsrm:InvalidAcknowledgementwsrm:MessageNumberRollover (message number overflows unsigned long)wsrm:LastMessageNumberExceeded (message number is greater than number of previously received message that was marked “LastMessage”)wsrm:SequenceRefused (can’t start requested sequence)



Security ConsiderationsWS-RM recommends use of WS-Security when security is required

The <wsrm:Sequence> header needs to be signed with the body in order to "bind" the two together<wsrm:SequenceAcknowlegement> header MAY be signed independently (this reply, independent of the message, may not be a security concern)Because Sequences commonly exchange a number of messages, it is recommended that a security context be established using WS-Trust and WS-SecureConversation



Resources: Reliable MessagingAvailable on http://ibm.com/developerworks/webservices

Specs for WS-ReliableMessaging, WS-Policy, and WS-SecurityWhitepaper: “Reliable Message Delivery in a Web Services World”. Overview and roadmap discussing WS-RM, WS-Addressing, and planned specifications WS-TransmissionControl, WS-MetadataExchange, and WS-EndpointResolutionNew Whitepaper: “Implementation Strategies for WS-ReliableMessaging”, also on developerworks

A balanced (non-IBM) perspective on the comparison of WS-RM vs. WS-Reliability, by David Chappel:

http://xml.coverpages.org/ChappellReliability20030313.html


http://xml.coverpages.org/ChappellReliability20030313.html



Business Process Execution Language (BPEL)

Qualityof ServiceWS-Security



UDDI


Transport


WSDL


XML, XML Infoset

Transports

WS-Coordination

WS-Transactions

BusinessProcessesBusiness Process Execution Language



Requirements for Business Processes

We need a model for describing simple or complex exchanges that characterize business partner interactions

Stateful, long-running interactions involving two or more partiesSequences of peer-to-peer message exchanges

• Synchronous exchanges• Asynchronous exchanges

with correlation

Public Processes

Private Processes



WSDL Provisions for Web Services

Organizes Web services interfaces as“Port types” – groups of related operationsThe operations themselves

Defines Web services as A stateless interaction model of Individual peer-to-peer message exchanges

• Synchronous exchanges or• Uncorrelated asynchronous exchanges Port Type

operations



Separation of WHAT from HOWBusiness Process: what to do

A sequence of activities models a business processIT provides tools to allow business people to define, monitor, and manage business processes

WSDL: how to execute activities An activity can be a Web service, defined by a SOAP interface and a WSDL description; internal, or from a business partnerA business process can be externalized as an activity for a client app or another business process Application

WSDL:HOW

C

E

BusinessProcess:

WHAT

A

D

B



IBM WebSphere Studio Application Developer Integration Edition for Linux and Windows, V5



The BPEL4WS Specificationhttp://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsbpel

A model for describing simple or complex exchanges that characterize business partner interactions

Use standard Web services to invoke partner’s processExpose resulting business process as a Web serviceDefine control elements for workflowCreate a fully-executable, portable script

Began as technology proposal by IBM, BEA, and MicrosoftVersion 1.0 published in August 2002Version 1.1 published in April 2003A merger of IBM’s WSFL and Microsoft’s XLangSubmitted to OASIS BPEL TC Builds on and extends XML and Web Services specificationsExpressed in XMLUses and extends WSDLWSDL and XML Schema for data modelXPath for assignments, conditions, etc.

http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsbpel



Web Services and Choreography

Port type

1

2

3

A

CB

DE

Activities

Port type

Port type

Port type

RE

QU

ES

TER

A Business ProcessIs composed of choreography elements (“activities”) to define behaviorActivities include ability to invoke Web services, control flow, etc.Resulting business process is exposed as one or more Web services

The BPEL model describes:Operation sequencing constraints Service Behavior (ordered activities) Service identity managementDynamic partner and service selection



BPEL and PortabilityA BPEL script will run on any BPEL-compliant engine, so it’s platform- and vendor-neutral

Create with your favorite BPEL Modeling Tool

BPEL Execution

Environment

BPEL Modeling

Tool

BPEL Modeling

Tool

BPEL Modeling

Tool

BPEL Execution

Environment

BPEL Execution

Environment

BPEL Model

Run on any BPEL-compliant platform

Port type

1

2

3

A

CB

DE



Handling an Incoming RequestThe <receive> activity

Specifies partner, port type, operation it expects to receiveDoes a blocking waitWakes up when the specified message is receivedProceeds to next activityOptionally specifies that a new BP instance should be created on receiving the message

The <reply> activitySpecifies same partner, port type, and operation as <receive>Sends the response messageProceeds to next activity

Note: this is the synchronous modelAsynch model discussed on next page.

Buyer

<process>

Port type

OtherActivities

<reply>

A

B

Seller’s Business Process

<partner>link

<receive>

operation

A

B



Invoking a Web ServiceA partner can invoke a service from another partner using SOAP and WSDL.Two models:Synchronous

<invoke> sends a message and the protocol waits for the response

Asynchronous<invoke> sends a message and the BPEL engine waits for a response on the “callback” operation

Q

P

Seller

<process>

Port type

<invoke>(synchronous) P

<invoke>(asynchronous)

Buyer’s Business Process

Seller’sBusiness

Processes

<partner>links

“callback”operation

<receive>

<reply>

<receive>

<invoke>

Q

Note: services that are invoked can be ordinary Web services or other business processes.



The <sequence> and <flow> Activities

<sequence> activities run one at a time in the order they are listed

A<sequence>

B

<flow> activities run concurrently

The flow activity does not complete until all its activities complete (synchronization)Flow branches are often <sequence>s

A B

<flow>



Combining Flows and Sequences<flow>s and <sequence>s can nest to any required depth

A <sequence> can contain <flow>sA <flow> can contain <sequence>sActivities link other Business Processes or Web services

Port type<process>

<sequence>

<flow>

<receive>

<reply>



Cross-dependenciesA <link> can be used to alter the behavior of a <flow>, crossing the boundaries of <sequence> and <flow> as required.In this example:

X is declared as the sourceof the linkY is declared as the target of the linkWhen X completes, the link becomes “activeBoth W and X must complete before Y can run. If either is not completed, Y waits until both are completed.

Port type<process>

<sequence>

<flow>

Y

W X



BPEL Data ModelVariables* represent <process> context

Like object instance dataPersistent messages shared between activities in a business processCan also be used for any required non-message dataDefine input/output of activities or context for fault- and compensation handlersDefined by WSDL messages or using XML SchemaGlobal or scoped definitionCan be manipulated via<assign> activity

* Variables were called “containers” in BPEL 1.0

output

input

<variable>

message

activity

<process>

Port type

Port type



Process Instances and Correlation

Manage interaction between stateful service instancesInstance identification via selected

“token” in messages exchanged between services

<correlationSet> identifies tokensUsed by activities to address

appropriate service instancesGlobal or scoped definitionNOTE: This is similar in nature to

object references in more traditional OO programming.

For more info: http://www-106.ibm.com/developerworks/webservices/library/ws-bpelcol6/

orderNocustomerID

<correlationSet>

init

useactivities

Tokens chosen for

<correlations>

<process>Port type Port type

http://www-106.ibm.com/developerworks/webservices/library/ws-bpelcol6/



Other BPEL FeaturesThese can be defined (or redefined) within a <scope>:

Fault handlingEvent handlingCompensationVariablesCorrelation setsConcurrency

Compensation handlingDefine flow for undoing previously completed activities

Fault handlingDefine steps for handling a fault thrown by any activity

<wait>For intervalUntil specified time

<switch>Like C++/Java switch except condition for each case

<pick>Combination of <receive> and switchHandle one of a list of expected incoming messages

Event handling



Executable and Abstract Processes

Executable processesComplete business process detailsCan be run on all compliant environments

Abstract processesSpecify constraints of message exchangeDescribe business protocolSimplified model for use in business partner integration

A

B C

D

Property 1 Property n...

Property = 42

A

B C

V

Q R

T

D

U

S Variable n

Variable 1

Hide Complexity



Business Processes in Today’s Products

WebSphere Application Server Enterprise v5.0Implementation of FDML (flow description markup language), a subset of WSFL, a predecessor of BPELVery similar runtime requirements to BPELMigration tool for FDML to BPEL will be provided

WebSphere Studio Application Developer Integration Edition v5.0

Eclipse plug-in for modeling and creating business processes in FDML

These reflect our Business Process work pre-BPEL.FDML is a subset of WSFL, a predecessor of BPELWe will provide tools to migrate from FDML to BPEL



BPWS4J – Experimental BPEL Engine and Editor

Experimental BPEL engine in JavaCan execute business processes written in BPEL4WSA set of samples demonstrating the use of BPEL4WSA tool that validates BPEL4WS documents

Eclipse plugin: simple BPEL4WS editorSynchronized XML source and tree views of the business process Accommodates bottom-up as well as top-down process design Context-sensitive menus guide creation of spec-compliant processes Validation of process against specification requirements while editing

Download: http://ibm.com/alphaworks, search for BPWS4J

http://ibm.com/alphaworks



BPEL and StandardizationBPEL 1.1 Specification – published April, 2003

http://ibm.com/developerworks/library/ws-bpel/Event handlingReorganization of spec“containers” renamed to “variables”Variables can be declared in <scope> as well as globally

An OASIS TC is hard at work on standardizing BPELBPEL 1.1 was input to the TC

• http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsbpel

http://ibm.com/developerworks/library/ws-bpel/

http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wsbpel



Resources – BPEL Whitepapers and Specs

Visit http://ibm.com/developerworks/webservicesBPEL4WS 1.1 SpecificationPaper: “Automating business processes and transactions in Web services: An introduction to BPELWS, WS-Coordination, and WS-Transaction”Paper: “Business processes in a Web services world: A Quick Overview of BPEL4WS”A series of papers: “Understanding BPEL4WS” (explains the new alphaWorks BPEL editor and runtime)

…and more. Search for “BPEL4WS” for full list.




One Final Key Topic:

Web ServicesInteroperability



The Role of the WS-I Organization

Sta

ndar

ds B

odie

s S

tand

ards

Bod

ies

and

Indu

stry

and

Indu

stry

“WS-I will act as a standards integrator, therefore bringing some coherence to the effort carried out concurrently by the W3C, Oasis, OAG and other informal groups.” - Gartner Group

ToolsTools

ToolsTools

ToolsTools

ToolsTools

ToolsTools

ToolsToolsToolsTools

SampleSampleAppsApps

ProfilesProfilesBP 1.0

available

Fall ’03availability

Underway…

• Attachments

• Basic Security

Achieve Web services interoperabilityEncourage Web services adoptionAccelerate Web services deployment



WS-I OrganizationAn industry initiative for Web services, founded February 2002

Open to any organization committed to Web servicesPromote and accelerate adoption, deployment

Focused on promoting Web service interoperability Across platforms, applications, and programming languagesPromote a common, clear definition for Web services

Mission statement

“The Web Services Interoperability Organization is an open industry effort chartered to promote Web Services interoperability across platforms, applications, and programming languages. The organization brings together a diverse community of Web services leaders to respond to customerneeds by providing guidance, recommended practices, and supporting resources for developing interoperable Web services.”



WS-I in the MarketplaceTool vendors will advertise that their products support development and deployment of WS-I conformant servicesMiddleware vendors will advertise that their products support conformant Web service hostingCustomers will look for WS-I conformance on:

ProductsDeployed instances, andVertical standard interface descriptions



WS-I Community160+ membersSoftware vendors of all sizes

IBM, Microsoft, BEA, Oracle, HP, Sun, CapeClear, Hummingbird, Filenet, Iona, webMethods, …

Enterprise customersAT&T, Daimler-Chrysler, NTT, Fidelity, United, …

Others interested in Web servicesAccenture, EDS, …

All members are invited to actively participate



WS-I DeliverablesUse Cases and Usage Scenarios

Use Case - business usage of Web services, Usage Scenario -technical usage of Web servicesFormalized way to communicate community requirementsSpecific emphasis on “real-world” use cases and scenarios

ProfilesNamed sets of specifications at given version levelsConstraints, clarifications and conventions about how they are used together

Sample ApplicationsDemonstrated use of Profiles as defined in Use Cases and Scenarios

Test suites and supporting materialsConformance testing toolsTest assertions for the profile



WS-I.org ProfilesA profile is a named set of Web services specifications and their versions

Base specifications are normative

Profile adds constraints and guidance as to their interoperable usage based upon implementation experienceGeneral format is statement, refinement, rationale, examples where appropriate



WS-Basic Profile 1.0http://ws-i.org/Profiles/Basic/2003-01/BasicProfile-1.0-WGAD.html

Basic Profile 1.0 is based on these specifications:SOAP1.1WSDL1.1UDDI2.0XML SchemaXML1.0 (Second Edition)HTTP1.1SSLv3

http://ws-i.org/Profiles/Basic/2003-01/BasicProfile-1.0-WGAD.html



Basic Profile 1.0 Technical Highlights

SOAP1.1Use of SOAP encoding disallowed“Trailers” (element content after soap-env:Body) disallowedMost spec ambiguity issues resolved in alignment with SOAP1.2Use of SOAPAction, soap-env:actor clarified

WSDL1.1Limited to use of rpc/literal and document/literalSOAP/HTTP binding required

• Other bindings out of scope, but may be usedSchema errata fixed

• Spec treated as normativeExclude use of wsdl:import for XSD filesNumerous spec clarifications



Technical Highlights (Continued)

UDDI2.0Require WSDL1.1 as description languageEstablished category to identify WS-I conformant entities

SecurityMay use SSLv3 (HTTP/S)HTTP1.1 Basic AuthIdentify risks and countermeasures within Basic Profile

• Mapped these risks/threats to use cases and scenariosXML Schema

Any valid XSD constructs may be used (all, choice, sequence, etc)Recommend use of xsi:nil xs:nillable to designate NULL values

HTTP1.1Clarify use of HTTP response status codes

• soap:Fault == 500, redirect == 307Cookies permitted, but must not be required



Resources: WS-I.orgWS-I.org

http://www.ws-i.org/

Basic Profile 1.0http://ws-i.org/Profiles/Basic/2003-01/BasicProfile-1.0-WGAD.html

Whitepaper: “First look at the WS-I Basic Profile 1.0”http://www-106.ibm.com/developerworks/webservices/library/ws-basicprof.html

http://www.ws-i.org/

http://ws-i.org/Profiles/Basic/2003-01/BasicProfile-1.0-WGAD.html

http://www-106.ibm.com/developerworks/webservices/library/ws-basicprof.html



Thank You!

Please feel free to ask questions if we have time or send e-mail

Kelvin R. [email protected]

mailto:[email protected]



Copyright© Copyright IBM Corporation 2003. All rights reserved.

IBM, the IBM logo, the e-business logo and other IBM products and services are trademarks or registered trademarks of the International Business Machines Corporation, in the United States, other countries or both. References in this publication to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates.

Product release dates and/or capabilities referenced in this publication may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way.

Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries or both.

Microsoft, Windows, Windows NT and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries or both.

All other trademarks, company, products or service names may be trademarks, registered trademarks or service marks of others.

web services advanced topics - software...

Documents