SOA Using Java Web Services [Mark D. Hansen] on subiecte.info *FREE* shipping on qualifying offers. Expert Solutions and State-of-the-Art Code Examples. The definitive guide to using Service-Oriented Architecture (SOA) and Web .. Whether you use Java, C++, Visual Studio, CORBA, WebSphere MQ, or any other. JAX-WS – Accessing Web services using the latest Java APIs including JAX-WS, JSR, Session 1: Service Oriented Architecture (SOA) and Web Services.
|Language:||English, Spanish, Japanese|
|ePub File Size:||23.38 MB|
|PDF File Size:||13.58 MB|
|Distribution:||Free* [*Regsitration Required]|
SOA Using Java Web Services / Mark D. Hansen. p. cm. Includes bibliographical references and index. ISBN (pbk. Mark Hansen. Author, “SOA Using Java Web. Services”. MIT PhD from Laboratory of. Computer Science. AgileIT Founder subiecte.info AgileIT develops. Web services are often mentioned in the same sentence with SOA. 5 subiecte.info subiecte.info . NET and I am building my department's Web site in. Java? •. What if there is a unique department . The messages are typically sent through the Web using HTTP (the transport.
Don't have a Kindle? It is probably best used by someone who already understands the basic concepts of web services and SOAP. Authorization Controlling access to resources including individual Web services based on user identity or role. Atomic services do not rely on other services and are usually associated with straightforward business transactions or with executing data queries and data updates. Supporting the shift toward service-oriented development and SOA is a large cast of characters called Web services technologies.
There was a problem filtering reviews right now. Please try again later. Paperback Verified Purchase. It skips the basics about web services which I think is a good thing. Unfortunately it also skips some details later - some questions I had were answered by downloading the examples and reading through those, but they weren't called out in the text. The book also focuses a lot on code-first wrapping existing code in web services rather than WSDL-first development; and the author tends to focus on a provided approach to web services of his own, which I could have done without.
But overall the book provides some great information on JAX-WS, particularly the features that are more advanced and harder to find examples of using. Definitely not an introductory book, but I'd recommend to people who like to understand how things work more than just knowing how to use them. This is not a cookbook, and not an introduction. This book is a thorough in-depth discussion of web services.
Unlike optimistic "tutorials", which teach you to develop Hello World! In real life, Hello world! Gives a solid background for understanding how to use the latest Java web services APIs.
It is probably best used by someone who already understands the basic concepts of web services and SOAP. A colleague and I were already experienced Java developers. This book greatly helped getting us jump started into web services. I bought a couple similar books at the same time, but this is the one I used most.
That said, acronyms were over-used. If you are going to abbreviate that many things, create a table to decode them or at least include them in the glossary. This is an excellent book that helps put all the pieces together about what web services are. Then it gets into the details. Nicely done. This book covers many of the details needed for successful use of web services with Java.
It goes a little further and gives some philosophy for use of web services that should lead to maintainable services. I couldn't wait to dive into this book, as it covered precisely the topics that are sorely lacking in other books on the subject. For instance, the book covers topics related specifically to JEE 5.
But there's the rub: The author chokes you with details first, then, much later, gives the context into which the details should fit. Sometimes he even neglects to give any context at all, and you're left with a load of low-level details for which you have no use. The end. Also, the book assumes you already know all you need to know about SOA and Web Services, and focuses far too closely on the the implementation using the new tools of Java Web Services.
While that's the title of the book, the back cover makes you think that it covers issues broader than implementation details, by saying things like "practical techniques for managing the complexity of web services and SOA, including best-practice design examples".
In general I found that the information is badly organized, the sub-topics in a chapter don't build up well to the chapter's objective, the diagrams are confusing, and, usually, you don't get what the author is trying to achieve from the flood of information he provides. I've read all of the reviews here, which are interesting and provocative. The ironic thing is that I agree with much of what the one and two star reviewers said but still rate this book 5 stars.
Potential buyers need to know what they are getting. This is the single best book on JWS programming available. It's incredibly dense. The acronyms fly all over the place. Hansen dives into technologies and if you don't know the technologies already you will find yourself spending hours digging into things like XSLT.
We're talking about many, many hours to swallow the whole thing. But I also recommend the book to people who are less serious and have less time, and even to beginners. These readers should buy the book, start with section 7. Then put it on your shelf until you have a few hours free, and tackle a section of one of the chapters.
Keep at it, though it might take a while. This book will improve your understanding over time. I've encountered a few technical books which I've worn into a limp condition from reading and re-reading - this looks like another. See all 23 reviews. Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more about Amazon Giveaway. This item: Set up a giveaway.
Pages with related products. See and discover other items: When implemented correctly for example, using BPM as a consumer of an SOA with Web services , organizations can more quickly respond to changing market conditions and seize opportunities for gaining a competitive advantage. Further efficiencies are gained when the graphical depiction of a business process can be used to generate an executable specification of the process. Business Operational Changes Most businesses have special operational characteristics derived from the reasons they got into business in the first place.
One example is a pizza shop with a minute delivery guarantee. To really make this happen without losing money, all kinds of operational characteristics have to be taken into account, such as pizza baking time, order-taking time, and delivery time within a defined area. Obviously, this is not the kind of operation that can be completely automated because it relies upon human drivers, but certainly many parts of the process could be automated, such as ordering from the Web, automatically triggering the delivery of new supplies to the restaurant, and using robots to prepare and cook the pizzas.
Ideally, you'd like to be able to introduce as many operational efficiencies as possible with minimal cost to the IT systems involved.
An SOA-based infrastructure can help. BPM simplifies the problem of how to combine the execution of multiple Web services to solve a particular business problem.
If we think about a service as the alignment of an IT system with a business function such as processing a purchase order, we can think about the BPM layer as something that ties multiple services together into a process flow of execution to complete the function, such as validating the order, performing a credit history check on the customer, calculating inventory to determine the ability to fill the order, and finally shipping the order and sending the customer an invoice.
By taking the process flow out of the application-level code, the business process can be more easily changed and updated for new application features and functions such as a change in suppliers, inventory management, or the shipping process. Figure illustrates the kind of graph that a business analyst might produce for automating the flow of purchase order processing.
The flow starts with the input of a purchase order document. These extended features are sometimes also called qualities of service because they help implement some of the harder IT problems in the SOA environment and make Web services better suited for use in more kinds of SOA-enabled applications. A class of applications will find the core specifications sufficient, while other applications will be blocked or hampered by the lack of one or more of the features in the extended specifications.
For example, companies may not wish to publish their Web services without adequate security or may not wish to accept purchase orders without reliable messaging guarantees. The core specifications were defined with built-in extensibility points such as SOAP headers in anticipation of the need to add the extended features.
Standardization Web services specifications progress toward standardization through a variety of ways, including small groups of vendors and formally chartered technical committees.
As a general rule of thumb, most specifications are started by a small group of vendors working together and are later submitted to a standards body for wider adoption. Microsoft and IBM are the de facto leaders of the Web services specification movement and have defined or helped to define all the major specifications. Standards bodies currently active in Web services include: WS-I produces specifications called profiles that provide a common interpretation of other specifications and provides testing tools to help Web services vendors ensure conformance to WS-I specifications.
These applications are often called composite applications because they work through a combination of multiple services. We've seen that SOA is not an end in itself but a preparation for a longer journey. It's a set of maps and directions to follow that lead to a better IT environment.
It's a blueprint for an infrastructure that aligns IT with business, saves money through reuse of assets, rapid application development, and multi-channel access. Web services have had an initial success with the core standards and are now on to the next step in the journey, which is to define extended features and functions that will support more and more kinds of applications. Service orientation provides a different perspective and way of thinking than object orientation.
It's as significant a change as going from procedure-oriented computing to object-oriented computing. Services tend toward complementary rather than replacement technology, and are best suited for interoperability across arbitrary execution environments, including object oriented, procedure oriented, and other systems.
Although Web services technologies provide the ideal platform for SOA-based solutions, including BPM, we also identify where and how the Web services platform does not yet provide a complete solution. Overview of Service-Oriented Architecture The notion of services is deeply rooted in the business world. Service orientation is an organizational principle that applies to business and government as well as to software.
The best place to start when trying to gain a better understanding of service-oriented architecture SOA is to review the types of services that businesses and governments provide to customers, clients, citizens, and partners, and how they provide them. Here are some examples: These services are delivered in a variety of ways.
The three most common approaches to service delivery are: Figure illustrates the service-oriented business. A single service can be delivered using one or more service delivery approaches. For example, checking the status of an airline flight can be achieved as follows: This document is created with the unregistered version of CHM2PDF Pilot This document is created with the unregistered version of CHM2PDF Pilot This document is created with the unregistered version of CHM2PDF Pilot Service-Oriented Architecture Concepts A service-oriented architecture SOA is a style of design that guides all aspects of creating and using business services throughout their lifecycle from conception to retirement , as well as defining and provisioning the IT infrastructure that allows different applications to exchange data and participate in business processes regardless of the operating systems or programming languages underlying those applications.
Figure illustrates that the services created using an SOA and provided by an organization's IT systems should directly support the services that the organization provides to customers, clients, citizens, partners, and other organizations. As mentioned earlier, this concept can and should be applied to all levels of the organization including the corporate level, the business unit level, and all the way down to the department level.
Figure also illustrates that the services provided using an SOA support all delivery channels, from human-mediated delivery to system-to-system service delivery. Using SOA to align business and information technology. Until the emergence of SOA-based IT systems, business and government organizations were faced with a difficult trade-off between the expense of a custom solution and the convenience of a packaged application. The promise of SOA is that it will break down the barriers in IT to implementing business process flows in a cost-effective and agile manner that combine the advantages of custom solutions and packaged applications while reducing lock-in to any single IT vendor.
Not surprisingly, the key organizing concept of an SOA is a service. The processes, principles, and methods defined by the SOA are oriented toward services sometimes called service-oriented development. The development tools selected by an SOA are oriented toward creating and deploying services.
The run-time infrastructure provided by an SOA is oriented to executing and managing services. In an SOA, services are the fundamental unit of the architecture for the following: However, SOA is a discipline and mindset, not just an application of technology, and it touches almost every IT activity including the processes, methods, and tools that are used for designing, developing, deploying, managing, and maintaining IT assets. SOA governance is really an extension of IT governance that focuses on managing services and the related service-level abstractions.
SOA governance recognizes that services are corporate assets that need to be managed throughout their service lifecycle. This is because services provide a common unit of management for requirements, service-level agreements, business and technical performance, and resource utilization.
The SOA governance policies and processes must answer basic questions such as: Who The stakeholders and participants in the governance process. What Their roles, responsibilities, and activities. How The processes, structures, and meetings that must be in place for the SOA governance framework to operate effectively. When The timing around activities. At a minimum, the SOA governance policies and processes should define and implement the following processes: This section presents the key characteristics that should go into the design, implementation, and management of services in order to deliver the touted technical and business benefits.
The benefits derived from these characteristics are discussed in the next two sections. The primary characteristics that should go into the design, implementation, and management of services are as follows: A service should also possess as many of the following secondary characteristics as possible in order to deliver the greatest business and technical benefits: For maximum business agility and reuse, every service should possess all of these characteristics.
However, this is not always possible, and sometimes the cost of adding a particular service characteristic e. When faced with these types of trade-offs, focus on the primary characteristics listed above because they are the key to delivering the greatest business and technical benefits. In general, these are considered technical benefits because they deliver most of their benefits to the IT organization in terms of lower development costs, faster development cycles, and lower maintenance costs.
Some of these benefits also contribute to the business benefits discussed in the next section. This modularity has positive implications for the development of composite applications because: In fact, the developers working on a service have no need to interact with or even know about the developers working on the other business services.
In the past, individual business applications were developed for a particular group of users to automate a particular business process. This high degree of specialization resulted in business logic that was tightly coupled to that particular business application and business process.
As SOAs mature, we'll begin to see organizations developing reusable business services independently of any single business application or business process, and application development will increasingly rely on creating composite applications by assembling pre-existing business services.
The degree to which organizations will create reusable Web services will depend on the extent to which they are designed as reusable business services. Evaluating the Range of SOA Benefits The benefits that an organization reaps from using services depend on the goals it sets and the approach it takes: Of course, these represent only three points on the spectrum. This is a familiar pattern that we've seen many times for earlier technologies.
Consider, for example, the early days of object-oriented computing. At one end of the spectrum were organizations that simply converted to an object-oriented programming language but did not adopt any other object-oriented techniques.
At the other end of the spectrum were organizations that adopted the "complete OO lifestyle," including the following: In this chapter, we defined what a service is, the key concepts of an SOA, the characteristics that a service should possess, and the business and technical benefits of using an SOA with Web services.
In this chapter, we consider the relationship between SOA and Web services. An SOA based on Web services has the following advantages: Allow service requesters and service providers both line of business services and reusable technical services to interact in a consistent manner independent of the underlying software domains i.
Enforce business rules and policies such as data validation rules, service-level security, service-level management, and service-level agreements.
Allow an SOA to scale up to handle enterprise-wide, mission-critical business requirements. The Web services platform to the greatest extent possible is based on open standards that are product-neutral, technology-neutral, and middleware-neutral so that it can support and integrate services created using a wide variety of products, technologies, platforms, and middleware. Figure is a high-level diagram showing the role of the Web services platform.
Web services platform. Service Contract Elements Some elements of the service contract apply to the entire service, while other elements apply to the operations that make up the service. The elements of the service contract should be machine-readable so that tools can be used to automate development, run-time, and management activities.
The service contract for a service should include all of the following elements. Also indicate required fields, optional fields, cardinality of fields, dependencies among fields, and data validation rules. How are correlation identifiers handled for matching requests and responses? This data model is independent of the data types that the service requesters and service providers use internally.
The service-level data model see Figure is also shared by the service requesters and the service providers and provides the mechanism by which they exchange data in a format and structure that they both can interpret i. Service-level data model. When the service requester wishes to invoke a service, it must compose a service request that conforms to the service contractto do this, it may have to perform a data transformation to translate data elements from its internal data model to the service-level data model in XML.
Similarly, when the service requester receives a response from the service provider, it may have to perform a data transformation to translate data elements from the service-level data model in XML to its internal data model. These transformations are a purely internal implementation matter encapsulated within the service requester, and they are completely hidden from the service provider and the Web services platform.
UDDI creates a platform-independent, open framework for describing services, discovering businesses, and integrating business services using the Internet. UDDI takes an approach that relies upon a distributed registry of businesses and their service descriptions implemented in a common XML format. Broadly speaking, there are two types of UDDI registries: The public registries are a logically centralized, physically distributed service that replicate data with each other on a regular basis.
When a business registers with a single instance of the public UDDI registry, the data is automatically shared with other public UDDI registries and becomes freely available to anyone who needs to discover which Web services are exposed by a given business. A private registry is a UDDI that is not publicly accessible and is only accessible within a single organization or shared by a well-defined set of business partners. An SOA is primarily concerned with service-level security, although transport-level security mechanisms such as HTTPS are still widely used because of their ubiquity.
Listed in Table are the key factors in providing service-level security. WS-Security is the key Web services standard for security because it incorporates existing standards for XML encryption and signing while also providing an extensible framework for authentication.
Table HTTPBasic authentication user name and password ,. HTTPSAuthenticates through the use of certificates, which can be used on the server side, the client side, or both sides.
SAMLSupports exchanging authentication and authorization information between security domains. Authorization Controlling access to resources including individual Web services based on user identity or role. XACMLProvides an access-control policy language for specifying the rules about who can do what and when, and a protocol for making access requests. Data privacy and encryption Ensures that the data in the SOAP message is only viewable by the intended parties.
To accommodate this, an SOA needs to support a variety of service interaction patterns. The most common interaction patterns are the following: In this section, we look at how Web services support these interaction patterns.
To work well over the tremendous scale of the Web, HTTP deliberately omits a very key and essential aspect of typical RPC implementationspersistent sessions. There is no way in the standards at least to correlate requests with replies, no way for the client to know for sure whether or not the request was processed, and no mechanism to associate transaction, security, or any other context with the transport for multiple related interactions.
Atomic services and composite services. Atomic services do not rely on other services and are usually associated with straightforward business transactions or with executing data queries and data updates. Composite services use other services.
In all other respects, composite services are just like any other service, in that they: The declarative approach provides more flexibility because it is easier to change. The programmatic approach may be more appropriate when specialized processing is required.
Service proxies are programming language classes that represent the service and that can be incorporated into service requesters to simplify invoking them. Service skeletons are programming language classes that provide the framework for implementing new services.
The main advantages of generating and using service proxies and service skeletons is that developers can work with familiar programming language constructs when invoking and implementing services without having to deal with lowlevel WSDL and SOAP details.
Most Web services products and IDEs provide this capability. For many applications, HTTP is perfectly acceptable; however, HTTP deliberately omits certain features such as persistent sessions so that it can scale up and work well over the Web.
One of the advantages of a well-defined service contracts is that the logical contract can be defined in a manner that is independent of the underlying communication transport or middleware.
This allows the service requesters and service providers to be developed without being tied to a particular transport. WSDL supports this approach by providing extension mechanisms so that alternative non-HTTP communication transports can be specified refer to the figure on page This makes it possible to isolate the application-level code from the underlying communication transports: The application can take advantage of the qualities of service provided by the enterprise messaging infrastructure such as guaranteed message delivery and security without being tightly bound to any particular protocol or middleware.
The underlying communication transport or middleware can be changed at any time by simply modifying the WSDL without affecting the application code at all.
Defining multiple transports for a service. For instance, the port definitions can be extended to specify address information for alternative transports. A port defines an individual endpoint by specifying a single address for a binding.
Here is the syntax for a port: Some people are surprised to learn that service-oriented architectures have been in use for more than 20 years. This is because SOAs are based upon a design philosophy and a broad set of design principles that are technologyindependent see Chapter 2 in the section "Key Service Characteristics".
Although SOAs have been in use for years and adhere to some common principles, each IT department historically has had to create its own SOA and develop most of the practices and infrastructure required to support the SOA itself. Because of the "roll your own nature" of historical SOAs, the implementation of SOAs across organization has been very uneven: Even today, as organizations begin rolling out SOAs based on Web services technology, they are finding that they still need to define the appropriate SOA governance framework, development processes, principles, and guidelines.
They are also finding that they need to figure out how to piece together the various Web services technologies and fill in any gaps themselves. Of course, some of these technologies are better suited for SOAs than others. The more capabilities a technology provides that match the Web services platform, the better that technology is suited to implement an SOA. It begins by presenting an overview of integration, including business drivers, common business and technical goals, and recurring technical challenges.
Next, it discusses why XML and Web services are ideal technologies for solving integration problems. It then presents Web services integration WSI and service-oriented integration SOI , which represent two alternative views about how to use Web services technology for integration. Organizations can choose between WSI and SOI, depending on business and technical requirements and goals and the level of formality that they wish to incorporate into the integration process.
In reality, most organizations will fall somewhere in between these two views. Finally, the chapter illustrates using Web services for integration by demonstrating the integration of.
Before we can fully appreciate how and why Web services will change integration, we need to review some of the business drivers and technical factors that make integration such a hard problem in the first place. In general, it boils down to the fact that integration techniques and products have the unenviable job of reconciling the differences between multiple IT systems whenever those systems need to interact.
Of course, if all of these differences happened to lie along one dimension such as reconciling data between systems , then the problem wouldn't be so tough to solve. However, integration is required to resolve multiple layers of business and technical requirements among systems that, more often than not, were developed by different development teams using different technology and solving different business problems.
Common Business Drivers for Integration First, let's review a list of common business drivers for integration and why organizations need to invest in SOA with Web services: For example, consider a telecommunications company that has a dozen different billing systems.
For example, you might want to give all employees a single view of the customer.
Eventually, other companies in the same industry have to adopt the same changes to stay competitive. Examples include relationship banking, billing on behalf of others in telecommunications, and just-in-time manufacturing.
Instead of dealing with the complexity of multiple incompatible applications on multiple computers, programming languages, and application packages by introducing yet another programming environment, it turns out that it's possible to add a layer of abstraction or system of extensions to virtually any new or existing environment.
However, it is entirely possible, and often done in practice, to define a Web service as a free form or special form of XML document exchanged by private agreement. In practice, using the standards provides the basis for interoperability and integration because they provide more structure and commonality than simply using XML and HTTP. Web services also support the clean separation of application from infrastructure functionalitythe SOAP engine can automatically manage infrastructure functionality, such as security, reliability, and transactions.
Common approaches to using Web services for integration include: In these cases, the contract is typically derived from the business data that needs to be shared, rather than the format of the legacy data or the program APIs of the underlying software systems. After the Web services are defined, it is necessary for them to be categorized and stored in a UDDI or other service registry so that service requestors can locate them.
In particular, Web services technologies: Both approaches use the same technology defined by the Web services platform, but only SOI applies them in a strategic and systematic manner based on the principles of an SOA, including defining an SOA governance framework and defining SOA processes and best practices that are implemented on a department-wide or organization-wide basis.
For instance, both approaches might use UDDI as a service registry, but SOI will define a consistent service taxonomy that satisfies the organization's requirements across multiple projects, while WSI has each integration team catalog services in the UDDI registry with little or no regard for consistency across multiple projects.
Neither approach is inherently better, although they lead to different outcomes and are better or worse depending on your goals. Web Services Integration WSI WSI tends to work best for opportunistic, tactical integration projects when immediate results and short-term ROI are required and when longer-term costs are less important.
A typical WSI project involves a small number of systems two to four that need to exchange data. The project team defines SOAP messages based on the following: The team then defines WSDL contracts, which include interfaces, operations, and message exchange patterns that fulfill the immediate project requirements.
Enterprise qualities of service such as security, reliable messaging, transaction management, and failover are implemented on an as-needed basis and defined using associated policy information. Here are some of the advantages of WSI: NET and J2EE Interoperability Web services are typically created for the purpose of exchanging data between applications or services, or for exposing an object method for access by another software program.
Web services is a documentoriented technology, not an object-oriented technology. Nevertheless, it is a fact of life that some analysts and vendors recommend that the best way for, say, a C requestor to communicate with, say, a Java provider is using RPC-oriented Web services. In an ideal world, a Java bean could seamlessly invoke any. In a nutshell, the. NET platform is designed for close compatibility with the Windows operating system, and it takes full advantage of native Windows features such as multithreading, memory management, file system access, and other system-level APIs.
On the other hand, the J2EE platform takes advantage of the Java virtual machine's portability layer to provide the same features and functionality across all operating systems on which it runs. Web services can be used to provide interoperability across applications developed using. NET and J2EE, but there are limitations because of the level of functionality currently available in Web services and because of significant differences between the.
Figure places the. NET and J2EE environments side by side, highlighting the fundamental difference in their designs with respect to operating system integration.
NET is designed to integrate very closely with the Windows operating system, while J2EE is designed to work on any operating system, including Windows. Comparing J2EE and. NET architectures. NET platform and the J2EE platform is limited and can only be achieved at a fairly high level of abstraction. The best approach is to define service contracts i. This contract is described using XML and is expressed using a pattern of messages exchanged between the described applications.
The contract defines a mutually agreed abstraction of the systems being bridged. Because J2EE,. One of the advantages of well-defined service contracts is that they can be extended beyond newly developed Web services to also incorporate legacy systems. The benefit of this approach is that it allows organizations to cost-effectively reuse valuable legacy assets without adopting expensive and risky "rip-and-replace" strategies.
Almost any legacy system can be service-enabled, including the following: In the following sections, we give some practical examples of service-enabling legacy systems. A common solution to this problem is defining a reusable technical service using the enterprise service bus ESB pattern. The ESB see Figure accepts information requests from service requesters such as "retrieve all information on Fred's Accounts with ABC Bank" and returns the requested information based on metadata describing what information is available from a collection of data services i.
This example also illustrates how reusable technical services like an ESB can be built on top of the Web services platform without being embedded in the Web services platform.
ESB pattern example. Because integration is a multifaceted problem, many different technologies, products, and processes have been used over the years to address it. XML and Web services provide the technical tools needed for application integration, but they do not provide a structured integration process to guide their use. WSI tends to be more tactical and opportunistic, whereas SOI tends to be more strategic and systematic.
Organizations can choose between WSI and SOI depending on business and technical requirements and goals and the level of formality that they want to incorporate into the integration process.
In reality, most organizations will fall somewhere in between these two. Using Web services for legacy integration and as the basis of an ESB are also important aspects of using SOA and Web services to solve integration problems. SOA and Multi-Channel Access The primary purpose of most organizations commercial, government, nonprofit, and so on is to deliver services to clients, customers, partners, citizens, and other agencies.
Table illustrates this for four key industries by listing the services they deliver, the channels they use to deliver these services, and some of the end-user devices and technologies used to deliver these services. This can be seen in systems ranging from applications for money transfer to browser-based applications specifically designed for e-commerce.
The proliferation of delivery channels and end-user devices has given service-oriented businesses the opportunity to better serve their customers anytime and anywhere, but it has also placed an enormous strain on IT departments, as they struggle to convert monolithic applications to make them multi-channel-ready.
It is now necessary for these organizations to deliver these same services and new ones in a consistent manner across all channels. This poses real problems because it is difficult to multi-channel-enable monolithic applications originally built for a single channel. The solution is to use SOA with Web services. In general, business services change much more slowly than delivery channels see Figure This is because the business services represent long-standing business functions such as account management, order management, and billing, whereas client devices and delivery channels are often based on new devices or new market niches, which tend to change more frequently.
In some cases, the rate of change at the presentation layer is times faster than the rate of change at the business services layer. Multi-Channel Access Eliminates Obsolete and Expensive Infrastructure Evolutionary migration from monolithic applications to multi-channel systems based on an SOA provides the opportunity to re-engineer existing processes and eliminate obsolete and expensive infrastructure.
Consolidating numerous departmental Web servers can do the same. NET Framework client applications can simultaneously reduce costs, improve response times, and improve employee productivity.
Service-Oriented Architecture Reduces Costs and Improves Efficiency Evolutionary migration from monolithic applications to multi-channels systems based on an SOA opens up opportunities for application migration and consolidation that in turn reduces costs and improves organizational efficiency. This is possible because an SOA defines the business services in a manner that is independent of a particular legacy application or packaged application. Here is a typical application migration scenario: Consider an existing application that is expensive to maintain and that no longer delivers the functionality needed to meet new business requirements.
An SOA infrastructure allows the application to be wrapped as a set of business services and then incrementally replaced with a less expensive, easier-to-maintain application that delivers better overall capabilities. Here is a typical application consolidation example: Consider an organization that has numerous customer care systems.
Each one requires its own separate hardware infrastructure, administrators, user training, and so on. An SOA infrastructure allows all of these customer care systems to be seamlessly consolidated to one or two systems along with the savings in hardware, administrative costs, reduced user-training costs, and reduced software maintenance fees. A multi-channel access architecture based on service-oriented principles makes the organization more agile by allowing it to deliver all products and services in a consistent manner across all distribution channels.
The multi-channel access pattern is characterized by the need to provide several different types of users with access to a common set of business services where the users employ a diverse set of end-user devices and technologies. Figure shows a subset of the delivery channels that might be used in a typical system and some of the related client technology.
Some end-user devices used to access applications. Here are some of the characteristics of these systems that need to be considered more on these later: Architecture for Multi-Channel Access Figure shows a layered architecture for providing multi-channel access to business services. Layered architecture for providing multi-channel access. For example: Channel access tier. The service lookup facilities should support load balancing across service instances and service-level failover when a service fails.
The communication infrastructure is a messy place that: The best way to do this is using an SOA where there is a clean separation between the logical service contracts and the physical contracts that define the bindings to particular data formats and protocols. Figure illustrates this by showing three views of the same system: Multilayer view of multi-channel communications access.
Business service access tier. Session management may be also required for stateless interactionsespecially when strong authentication is required, such as in WS-SecureConversation. Many of these services are also included in the channel access tier. The main difference here is that the implementations of these services for the business service access tier must be faster, more scalable, more robust, and more reliable due to the transaction processing load that production-quality business services must handle.
The most important additional service that the business service access tier provides is legacy service gateways for quickly and non-invasively exposing legacy systems as Web services. Business service tier.
Typically, these systems were not implemented according to an SOA, so they need to be service-enabled using the facilities provided by the business service access tier. More and more, these tools include capabilities for exposing the new services as Web services.
Composite business services should themselves be implemented according to SOA principles so that they can use multiple services implemented using different technologies.
A good business example of this is decoupling mobile telephone product selection and validation from actual provisioning. After the customer has selected the products and services, the customer call can be completed, and the order or orders placed using an asynchronous service request invocation that is moved through a workflow process that performs that actual provisioning.
Figure shows a system diagram for this example, and the following list describes the services provided at each layer of the architecture: Composite application for service selection and provisioning. NET platform, and written in C , for example. Security services for role-based access control and single sign-on. Suppose that the telecommunications provider described in the previous section needed to extend the service selection and provisioning application so that it was available to customers via the Web and to mobile workers via wireless devices, such as laptops and PDAs.
Figure illustrates what this system might look like. The challenges in this system are the following: SOA for multi-channel application.
With this in mind, let's look at the specifics of this example. Just like the previous example, the back-office applications have been made available as reusable Web services using legacy gateways and are accessible to other applications using SOAP and the internal communication infrastructure, which is based on HTTP and WS-ReliableMessaging. Together, SOA and Web services provide an ideal approach to multi-channel access because SOA emphasizes defining loosely coupled business services while Web services provide an open, standards-based approach that enables access to these business services from a wide range of delivery channels and client devices.
When Web services technologies are deployed using such an architecture, they can address the challenges in providing consistent multi-channel access to applications, wherever they are.
Business processes range from short-lived taking minutes or hours to long-lived taking weeks, months, or even years.
Business process management BPM addresses how organizations can identify, model, develop, deploy, and manage their business processes, including processes that involve IT systems and human interaction. BPM has a long tradition, starting with early workflow systems and progressing up to modern Web services orchestration and choreography systems. The main goals and benefits of BPM include the following: This allows organizations to be more agile, responding quickly to market changes and quickly seizing competitive advantages.
Business process automation is the conversion of the activities of an organization from manual or partially computerized systems to enterprise-wide, highly automated systems.
Obviously, all IT systems support and implement business processes in one form or another. However, what makes business process management unique is that it explicitly separates business process logic from other business rules this contrasts with other forms of system development where the process logic is deeply embedded in the application code. Business Process Management Systems Whereas BPM is the discipline associated with defining, managing, and executing business processes as a corporate asset, business process management systems BPMS provide the technology that implements one or more of these core BPM functions.
In general, a business process includes activities to be performed, links between the activities that determine the order in which activities can be performed and the data that is passed between activities, and business rules for enabling transitions between activities. Simple business process. The steps in the business process are: Collect account information Gather all necessary customer and account information to open the account. When this step is further elaborated, it might involve one or more of the following: Customer already has an account, so the customer information is extracted from a database.
Validate account information After the information has been collected, it needs to be validated, and business rules need to be checked. The benefits include a more flexible and agile implementation of a BPM system and the ability to more easily create, manage, and maintain composite applications.
Typically there are numerous application silos so named due to their stand-alone nature, which includes everything from application GUIs to application-specific business logic to application databases , and sharing information among applications is difficult due to differences in technology platforms and data models.
Typical application and technology landscape. The services layer consists of line of business services that are aligned to a particular business domain including data models suitable for each business domain , reusable technical services that can be shared across multiple business domains, and the Web services platform, which allows services to be defined and utilized in a manner that is independent of the underlying application and technology platforms.
Services layer based on SOA and Web services. Two languages for Web service composition have emerged: The goal of these languages is to glue Web services together in a processoriented way.
Comparing Web Services Orchestration and Choreography The terms orchestration and choreography are frequently used to describe two approaches to composing Web services.
Although the two terms overlap somewhat, Web services orchestration WSO refers to composing web services for business processes, whereas Web services choreography WSC refers to composing Web services for business collaborations see Figure Comparing orchestration and choreography. In the case of WSO, the focus is on creating a composite service in a declarative non-programmatic manner.
In general, there are two approaches to implementing the same business process: These approaches are described in further detail in the following subsections. Orchestration-Centric Approach This approach is called orchestration-centric because it defines the entire process in a top-down manner, with the top-level flow being an orchestration, each task in the orchestration being either a Web service or a sub-orchestration that is called by the top-level orchestration, and each task in the suborchestrations being either a Web service or an orchestration that is called by the sub-orchestrations, and so on.
OpenAccount process using Web services orchestration. Modeling tools allow business analysts to communicate business needs and requirements. Process logic is maintained separately from the underlying applications and is not hard-coded into these applications, thus making it easier to quickly modify business processes as business needs and requirements change. Process automation streamlines business processes and reduces process cycle times.
Process automation ensures that processes are executed in a consistent fashionfor example, ensuring that all necessary steps are completed, that tasks are only routed to authorized users, and that government regulations are enforced.
BAM tools provide real-time information on business processes for decision makers and relate that information to key business performance metrics. SOA Strong architectural focus e. Services provide an ideal level of abstraction for aligning business needs and technical capabilities compared to procedures, objects, or components. Services provide an ideal level of abstraction for creating reusable, coarse-grained business functionality compared to procedures, objects, or components.
Extended Web Services Specifications This part of the book discusses the major extended Web services specifications, focusing on those most significant for SOA-enabled applications. The book does not describe every proposed Web services specification. Instead, we have picked the most important specifications for SOA-enabled applications. What Are Extended Specifications?
An additional level of Web services technology is evolving that includes security, transactions, reliability, orchestration, and metadata management for extended SOA-based applications that involve integration and business process management. As Web services products include more and more of these features, an SOA based on Web services can be used for more and more kinds of applications.
The widespread adoption of extended technologies is a prerequisite for success in large-scale Web services projects, and understanding the extent to which the various specifications are supported is important when using products from multiple vendors. Care should be taken to minimize dependency on vendorspecific features or to isolate them for easy replacement when standards are completed and available. Extended specifications are proposed primarily in the following areas: The degree to which extended functionality is required varies significantly from application to application; care is needed when assessing what's required from each of these areas for any particular project, particularly when more than one is used in combination.
Metadata Management Metadata is data about data, or more precisely, data about a software entity associated with it in some way. For example, a file is an entity, and a file record layout is metadata associated with the file that tells you how to interpret the contents of the file. A Web service may have a variety of metadata associated with it, including data types and structures for messages, message exchange patterns for exchanging messages, the network addresses of the endpoints that exchange the messages, and any requirements for extended features such as security, reliability, or transactions.
Web services metadata is an important part of basic and SOA-based Web services solutions. In general, the more complex the application of Web services, the greater the need for metadata and comprehensive metadata management solutions. Web services metadata and metadata management technologies include the following: These different kinds of metadata work together to define the characteristics of any Web service, from simple to complex.
All of the metadata items benefit from the use of consistent design and naming conventions, especially for enterprise solutions. Naming Conventions and Easy Retrieval When thinking about metadata and its management, it's at least as important to develop a consistent means of storing and retrieving the metadata as it is to define it in the first place. One of the reasons UDDI failed to gain broad adoption is that it doesn't provide sufficient methods for effectively categorizing and identifying metadata for easy search and retrieval.
It's an old saying in the database world that you have to know how you're going to retrieve something before you figure out how you're going to store it, and this definitely holds true for metadata. How you name your service is important, for example. You don't want to call the "customer lookup" service the "customer lookup service" because that's redundant, but you might want to call it the "customer ID lookup" if it uses the customer ID as the search field.