web services and service oriented architectures - mpi.nl · web services and service oriented...
TRANSCRIPT
Web Services and Service Oriented Architectures
Thomas Soddemann, RZG
Delaman Workshop 2004
Web Services and Service Oriented Architecture
Delaman Workshop 2004 2Thomas Soddemann
Overview
• The Garching Supercomputing Center - RZG
• Diving into the world of Web Services
• Service Oriented Architectures
• And beyond
Web Services and Service Oriented Architecture
Delaman Workshop 2004 3Thomas Soddemann
RZG – Rechen-Zentrum GarchingSupercomputing Center for the
Max Planck Society (MPG)
Services and involvements:
• Supercomputing facility with a 5 TFlop IBM Regatta system• Linux compute farms• Data Storage
• DEISA• MiGenAS• D-Grid – German Grid initiative• Data Acquisition for ASDEX Upgrade and
Wendelstein 7X (Plasma Physics)
Web Services and Service Oriented Architecture
Delaman Workshop 2004 4Thomas Soddemann
Machine Room
Web Services and Service Oriented Architecture
Delaman Workshop 2004 5Thomas Soddemann
DEISA – Distributed European Infrastructure for Supercomputing Applications
• Consortium of leading national supercomputing centers
• focuses in deploying an Grid empowered infrastructure
• to build a distributed terascale supercomputing facility
Web Services and Service Oriented Architecture
Delaman Workshop 2004 6Thomas Soddemann
Web Services and more
Web Services and Service Oriented Architecture
Delaman Workshop 2004 7Thomas Soddemann
Client Server Architectures
● 2-Server Side Tier Applicationsintegrated Controller/View/Business logic, legacy applications and databases
Clie
nt
Serv
er
Lega
cy
IntranetInternet
e.g. Web ServerPHP app.
e.g. DatabasesBatch systems
e.g. Web BrowserRich Client
Web Services and Service Oriented Architecture
Delaman Workshop 2004 8Thomas Soddemann
Client Server Architectures
● 3-Server Side Tier Applications
Clie
nt
Fron
tend
Lega
cy
IntranetInternet
e.g. Web Serverand Web App.
Enterpriseapplication
e.g. Web BrowserRich Client
Ente
rpris
e
Web Services and Service Oriented Architecture
Delaman Workshop 2004 9Thomas Soddemann
Client Server Architectures
● 3-Server Side Tier Applications with explicit services
Clie
nt Fron
tend
Lega
cy
IntranetInternet
Enterpriseapplication
Service Client
Ent
erpr
ise
Pro
xy
Web Services and Service Oriented Architecture
Delaman Workshop 2004 10Thomas Soddemann
Service
A service ...
● ... can be discovered & dynamically bound.● ... is self-contained & modular.● ... exhibits a coarse grained service interface.● ... is based on a loose coupling between provider & consumer.● ... is interoperable.● ... is addressable and locatable via a network.● ... can be composed out of other services.
Web Services and Service Oriented Architecture
Delaman Workshop 2004 11Thomas Soddemann
Web Service Definition
W3C, Web Services Architecture, http://www.w3.org/TR/ws-arch
A Web Service is a software system designed to support interoperable machine-
to-machine interaction over a network. It has an interface described in a
machine-processable format (specifically WSDL). Other systems interact with the
Web service in a manner prescribed by its description using SOAP messages,
typically conveyed using HTTP with an XML serialization in conjunction with other
Web-related standards.
Web Services and Service Oriented Architecture
Delaman Workshop 2004 12Thomas Soddemann
Message Oriented Model View
message
body
header(s) Message transport
agent
originates processes
delivers
Web Services and Service Oriented Architecture
Delaman Workshop 2004 13Thomas Soddemann
Service Oriented View
Service
agent
messagemeta-data
realizes
signals
describes
owns/controls
Web Services and Service Oriented Architecture
Delaman Workshop 2004 14Thomas Soddemann
Resource Oriented View
resource
URI
representation
has
may have
owns
Web Services and Service Oriented Architecture
Delaman Workshop 2004 15Thomas Soddemann
Policy Model View
policy
agent
resourceaction
establishes
subject to
applies to constraints
Web Services and Service Oriented Architecture
Delaman Workshop 2004 16Thomas Soddemann
Web Services Examples
Web service http://live.capescience.com/ccx/GlobalWeather
● Provides airport and flight weather information
Amazon Web Services (AWS & ECS)http://www.amazon.com/webservices
● Provide e-commerce services such as lookup of books
Google Web APIhttp://www.google.com/apis/
● Guess ...
Web Services and Service Oriented Architecture
Delaman Workshop 2004 17Thomas Soddemann
Services: Roles and Interaction
Service Broker(Registry)
Service Consumer Service Provider
find
bind
publish
Implementations:
UDDIJNDICORBA naming
Web Services and Service Oriented Architecture
Delaman Workshop 2004 18Thomas Soddemann
Services: (Dynamic) Proxy
Service Broker(Registry)
Service Provider
find
bind
Service Consumer
Implementation Code Proxy
WS
DL
e.g.
Web Services and Service Oriented Architecture
Delaman Workshop 2004 19Thomas Soddemann
Objects
● Reference identifier to reference an object during its lifetime
● State state of the object represented by its attributes
● Interface “collection” of methods which are necessary to interact with the object
Web Services and Service Oriented Architecture
Delaman Workshop 2004 20Thomas Soddemann
Is a Service an Object in general?
A service ...
● ... can be referenced during its lifetime RQ
● ... does not necessarily have a state Q
● ... does have an interface R
[ A service is not an Object in general.
Web Services and Service Oriented Architecture
Delaman Workshop 2004 21Thomas Soddemann
Service Oriented Architectures (SOA)
Service Oriented Architecture
EJBWeb Services JiniCORBA
An architecture of software which is composed of services.
Objects Objects ObjectsNo Objects
Simple WS: No session, no state [ e.g. Shopping Cart realization?
Desirable: Object like Web services
Web Services and Service Oriented Architecture
Delaman Workshop 2004 22Thomas Soddemann
Example: Shopping Cart in J2EE
Servlet containter
Database
EJB containter
Controller
R
Request
Response
View
EJB
Web Services and Service Oriented Architecture
Delaman Workshop 2004 23Thomas Soddemann
Problem: Shopping Cart in a Web Service world
Servlet containter
Database
EJB containter
R
Request
Response
Problem: No State, no session[ no shopping cart service
Note: HTTP(S) session is not enough
Web Services and Service Oriented Architecture
Delaman Workshop 2004 24Thomas Soddemann
Services Architectures
Web service
● Is not an object in general● Rather XML documents are exchanged● Are the interface to a part of the Business Logic
Enterprise Java Beans
● Are Objects by definition● Encapsulate the Business Logic of J2EE applications
CORBA – Common Object Resource Broker Architecture
● CORBA Objects are Objects by definition● Encapsulate the Business Logic of Enterprise Applications
Further: Jini, ...
Web Services and Service Oriented Architecture
Delaman Workshop 2004 25Thomas Soddemann
From a simple Web Services to an (quasi) Object
The Web Services Resource Framework WS-RF
A Web Service Resource (WS-Resource)
● ... can be destroyed (explicit destroy or expiration) and its lifetime may be monitoredWS-ResourceLifetime
● ... contains a state through attributes/propertiesWS-ResourceProperties
● ... references can be renewedWS-AddressingWS-RenewableReferences
● ... employs a (more) standardized fault reporting mechanismWS-BaseFault
Further: By-reference collections of Web Services can be defined.WS-ServiceGroup
Web Services and Service Oriented Architecture
Delaman Workshop 2004 26Thomas Soddemann
Web Services Architecture Stack
Secu
rity
Communication Layer (HTTP, SMTP, ...)
ProcessesDiscovery, Aggregation, Choreography, ...
Descriptions (WSDL)
Messages
SOAP Extensions
SOAP
XM
L, X
SD
Web Services and Service Oriented Architecture
Delaman Workshop 2004 27Thomas Soddemann
Software Architecture for the Access Infrastructure
kWorkflow Services
Business Services
Data Services
Component Services
Enterprise Resources
Con
sum
ers
Tran
spor
t
Cor
e S
ervi
ces
Business processes, services with external interaction
Complex Services composed of component services
Data querying and access to mutitple data sources
Atomic services potentially acting on single ERs
DB LegacyCode PartnersHTT
PSM
TPM
essa
ge B
roke
r
Sec
urity
Por
tals
Ric
h C
lient
sP
artn
ers
Bro
kers
Inte
rcep
trors
Cod
e
Pol
icie
s
Man
agem
ent
Web Services and Service Oriented Architecture
Delaman Workshop 2004 28Thomas Soddemann
WS-Security
Original Requester
Security Intermediary
Ultimate Receiver
SOAP with security context
SOAP with security context
End to end security
Web Services and Service Oriented Architecture
Delaman Workshop 2004 29Thomas Soddemann
WS-Security
Threats:
● Message Alteration – modififying the message content
● Confidentiality – accessing message parts such as credit card info
● Man-in-the-middle – establishing complete access to messages
● Spoofing – exploting trusted relationships
● Denial of Service – preventing a legitimate user from accessing a service
● Replay Attacks – interception of messages and playing to back to the service
Web Services and Service Oriented Architecture
Delaman Workshop 2004 30Thomas Soddemann
WS-Security
WS-Security has to insure/provide
● Authentication mechanisms (PKI)● Authorization● Data integrity and confidentiality● Integrity of transactions and communications● Non-repudiation (detection of transaction initiated/altered by a 3rd party)● End-to-end integrity and confidentiality of messages● Audit trails (trace user's behavior)
Web Services and Service Oriented Architecture
Delaman Workshop 2004 31Thomas Soddemann
Implementation and deployment: J2EE
Web Server
Servlet Container
EJB Container
Database
Network
Client
Web Services and Service Oriented Architecture
Delaman Workshop 2004 32Thomas Soddemann
Distributed Service Centers
Web Server
Servlet Container
EJB Container
Database
Network
Client
Web Server
Servlet Container
EJB Container
DatabaseNetwork