Académique Documents
Professionnel Documents
Culture Documents
Mineure SOA
Cécile Hardebolle
cecile.hardebolle@supelec.fr
Programme de la mineure
Introduction. Enjeux, rôle de l'architecte SI Deux intervenants :
16 nov. Partie n°1 du cas d'étude Olivier Besnard (Solucom)
Cécile Hardebolle (Supélec)
Architectures applicatives
D1.13E
23 nov. et inter-applicatives
} Interface
} Masque la logique d’implémentation
} Contrat d’utilisation (contrat de service)
Découverte Publication
Client Fournisseur
Internet
Application Web Service
Utilisation Interface
Déploiement
Enregistrement du service
Recherche du service A
Contrat de service
Requête
Réponse
© innoQ Deutschland GmbH. All Rights Reserved. The poster may also contain references to other company, organisation, brand and product names. These company, organisation, brand and product names are used herein for identification purposes only and may be the trademarks of their respective owners.
Messaging Specifications
SOAP 1.1
Issues Specifications
WS-Notification
Business Process Execution WS-Choreography Model Web Service Choreography Web Service Choreography Management Using Web Management Of WS-BaseNotification
WS-Management
Metadata
Resource
Security
Language for Web Services 1.1 Overview Interface Description Language Services (WSDM-MUWS) Web Services (WSDM-MOWS) AMD, Dell, Intel, Microsoft and Sun WS-Topics
(BPEL4WS) · 1.1 · BEA Systems, IBM, (WSCI) · 1.0 · W3C 1.0 1.0 Microsystems
1.0 · W3C (CDL4WS) · 1.0 · W3C WS-BrokeredNotification
Microsoft, SAP, Sun Microsystems, SAP, BEA Systems OASIS OASIS Published Specification Web Services for Remote
Working Draft Candidate Recommendation
Basic Profile Siebel Systems · OASIS-Standard and Intalio · Note OASIS-Standard OASIS-Standard
Portlets (WSRP) WS-Addressing – Core
1.1
WS-I ! Business Process Execution Language for Web Services ! WS-Choreography Model Overview defines the format ! Web Service Choreography Interface (WSCI) describes ! Web Service Choreography Description Language ! Web Service Distributed Management: Management Using ! Web Service Distributed Management: Management Of ! WS-Management describes a general SOAP-based 2.0 WS-Addressing – WSDL Binding
1.1(BPEL4WS) provides a language for the formal and structure of the (SOAP) messages that are exchanged, how Web Service operations can be choreographed in the (CDL4WS) is to specify a declarative, XML based language Web Services (WSDM-MUWS) defines how an IT resource Web Services (WSDM-MOWS) addresses management of protocol for managing systems such as PCs, servers, OASIS
Final Specification specification of business processes and business interaction and the sequence and conditions in which the messages context of a message exchange in which the Web Service that defines from a global viewpoint the common and connected to a network provides manageability interfaces the components that form the network, the Web services devices, Web services and other applications, and other
protocols using Web Services. are exchanged. participates. complementary observable behaviour, where message such that the IT resource can be managed locally and from endpoints, using Web services protocols. manageable entities. Committee Draft WS-Addressing – SOAP Binding
exchanges occur, and when the jointly agreed ordering remote locations using Web services technologies.
! Basic Profile – The Basic Profile 1.1 provides rules are satisfied. " Web Services for Remote Portlets (WSRP) defines a WS-Eventing
implementation guidelines for how related set of non-
proprietary Web Service specifications should be used Business Process Execution Business Process Management XML Process Definition
set of interfaces and related semantics which standardize
interactions with components providing user-facing WS-Enumeration
together for best interoperability. Language for Web Services 2.0 Language (BPML) Language (XPDL) Service Modeling Language markup, including the processing of user interactions with
that markup.
(BPEL4WS) · 2.0 1.1 IBM, BEA, BMC, Cisco, Dell, HP, Intel,
Metadata Specifications
2.0
OASIS, BEA Systems, IBM, Microsoft, SAP, BPMI.org Microsoft, Sun
Final
Siebel Systems · Committee Draft Final Draft Draft Specification
Basic Profile
1.2 ! Business Process Execution Language for Web Services ! Business Process Management Language (BPML) ! XML Process Definition Language (XPDL) provides an WS-Policy
2.0 (BPEL4WS) provides a language for the formal provides a meta-language for expressing business XML file format that can be used to interchange process ! Servcie Modeling Language (SML) is used to model
WS-I specification of business processes and business interaction processes and supporting entities. models between tools. complex IT services and systems, including their structure, WS-PolicyAssertions
Working Group Draft protocols using Web Services.
Security
constraints, policies, and best practices.
WS-PolicyAttachment
! Basic Profile – The Basic Profile 1.2 builds on Basic Profile
Messaging
1.1 by incorporating Basic Profile 1.1 errata, requirements WS-Discovery
from Simple SOAP Binding Profile 1.0, and adding support
for WS-Addressing and MTOM. WS-MetadataExchange
Messaging
OASIS-Standard
Reliability
Metadata
rules, required security tokens, supported encryption applications. ! WS-Coordination describes an extensible framework for providing
algorithms, privacy rules). protocols that coordinate the actions of distributed applications. ! Web Services Resource Framework (WSRF) defines a family of WS-Security: X.509 Certificate Token Profile
! Attachments Profile – The Attachment Profile 1.0 specifications for accessing stateful resources using Web Services.
complements the Basic Profile 1.1 to add support ! WS-ReliableMessaging describes a protocol that allows
WS-Business Activity WS-Security: Username Token Profile
for interoperable SOAP Messages with attachments-based
Web Services.
Web services to communicate reliable in the presence of
software component, system, or network failures. It defines WS-Security: WS-Security: 1.1 WS-BaseFaults (WSRF) WS-SecurityPolicy
a SOAP binding that is required for interoperability. SOAP Message Security Username Token Profile OASIS 1.2
WS-PolicyAttachment WS-Discovery 1.1 1.1 Working Draft OASIS WS-Trust
1.2 Microsoft, BEA Systems, Canon, OASIS OASIS Working Draft
! WS-Business Activity provides the definition of the business activity
Simple SOAP W3C Intel and webMethods WS-Reliable Messaging Public Review Draft Public Review Draft coordination type that is to be used with the extensible coordination WS-Federation
! WS-BaseFaults (WSRF) defines a base set of information
Binding Profile W3C Member Submission Draft Policy Assertion (WS-RM Policy) framework described in the WS-Coordination specification. that may appear in fault messages. WS-BaseFaults defines an WS-SecureConversation
1.0 ! WS-Security: SOAP Message Security describes ! WS-Security: Username Token Profile describes how XML schema type for base faults, along with rules for how
1.1
WS-I
! WS-PolicyAttachment defines two general-purpose ! WS-Discovery defines a multicast discovery protocol for OASIS
enhancements to SOAP messaging to provide message
integrity and confidentiality. Specifically, this specification
a Web Service consumer can supply a Username Token as a
means of identifying the requestor by username, and
WS-Atomic Transaction this base fault type is used and extended by Web Services.
Final Specification
Basic Profile
Transaction
Profile consists of those Basic Profile 1.0 requirements be defined independently and associated through an defined in the associated profile documents. OASIS
Metadata
(WS-RM Policy) describes a domain-specific policy assertion WS-ReliableMessaging
Security
related to the serialization of the envelope and its external binding to the subject. ! WS-Atomic Transaction defines protocols that enable existing
representation in the message.
for WS-ReliableMessaging that that can be specified within
transaction processing systems to wrap their proprietary protocols
Working Draft
a policy alternative as defined in WS-Policy Framework.
and interoperate across different hardware and software vendors. WS-Reliability
! WS-ServiceGroup (WSRF) defines a means by which Web
WS-MetadataExchange Universal Description, WS-Security: WS-Federation Services and WS-Resources can be aggregated or grouped
1.1 WS-Composite Application together for a domain specific purpose. WS-Reliable Messaging Policy Assertion
Discovery and Integration (UDDI) Kerberos Binding 1.0
Framework (WS-CAF)
Basic Security Profile BEA Systems, Computer Associates,
3.0.2 WS-Reliability 1.0 IBM, Microsoft, BEA Systems, WS-ResourceProperties
1.0
WS-I
IBM, Microsoft, SAP, Sun Microsystems and
webMethods
Public Draft
OASIS
OASIS-Standard
1.1
OASIS
Microsoft, IBM, OASIS
Working Draft
RSA Security, and VeriSign
Initial Draft
1.0 · Arjuna Technologies, Fujitsu, IONA,
Oracle and Sun Microsystems
Committee Specification
1.2
OASIS
Resource Specifications
Board Approval Draft OASIS-Standard Working Draft
! WS-MetadataExchange enables a service to provide ! Universal Description, Discovery and Integration (UDDI) ! WS-Security: Kerberos Binding defines how to encode ! WS-Federation describes how to manage and broker the ! WS-Composite Application Framework (WS-CAF) is a Web Service Resource Framework
metadata to others through a Web services interface. Given defines a set of services supporting the description Kerberos tickets and attach them to SOAP messages. As trust relationships in a heterogeneous federated collection of three specifications aimed at solving problems ! WS-ResourceProperties specifies the means by which the
! Basic Security Profile defines the WS-I Basic Security only a reference to a Web service, a user can access a set and discovery of businesses, organizations, and other Web ! WS-Reliability is a SOAP-based protocol for exchanging well, it specifies how to add signatures and encryption to the environment including support for federated identities. that arise when multiple Web Services are used in combina- definition of the properties of a WS-Resource may be declared WS-BaseFaults
Profile 1.0, based on a set of non-proprietary Web services of WSDL /SOAP operations to retrieve the metadata that services providers, the Web services they make available, SOAP message, in accordance with WS-Security, which tion. It proposes standard, interoperable mechanisms for
Transaction
SOAP messages with guaranteed delivery, no duplicates, as part of the Web Service interface. The declaration of the
Messaging
specifications, along with clarifications and amendments describes the service. and the technical interfaces which may be used to access uses and references the Kerberos tokens. managing shared context and ensuring business processes
and guaranteed message ordering. WS-Reliability is WS-Resource properties represents a projection of or a view WS-ServiceGroup
Security
to those specifications which promote interoperability. those services. defined as SOAP header extensions and is independent of achieve predictable results and recovery from failure. on the WS-Resource state.
the underlying protocol. This specification contains a WS-ResourceProperties
binding to HTTP. WS-Context (WS-CTX) WS-ResourceLifetime
Web Service Description Web Service Description WS-Security: WS-Trust 1.0 1.2
WS-ResourceLifetime
REL Token Profile Language 2.0 Language 2.0 Core SAML Token Profile BEA Systems, Computer Associates, IBM, Layer 7 Arjuna Technologies, Fujitsu, IONA, Oracle OASIS
This poster is not to be reproduced or transmitted in any form or for any purpose without the express permission of innoQ Deutschland GmbH. · Copyright
Technologies, Microsoft, Netegrity, Oblix, WS-Transfer
1.0 SOAP Binding 2.0 1.1 OpenNetwork, Ping Identity Corporation,
and Sun Microsystems
Committee Draft
Working Draft
WS-I 2.0 W3C OASIS Reactivity, RSA Security, VeriSign and Westbridge Resource Representation SOAP Header Block (RRSHB)
Working Group Draft Candidate Recommendation Public Review Draft ! WS-ResourceLifetime is to standardize the terminology,
W3C · Working Draft Technology · Initial Draft ! WS-Context (WS-CTX) is intended as a lightweight mechanism concepts, message exchanges, WSDL and XML needed to
for allowing multiple Web Services to share a common context.
Management Specifications
monitor the lifetime of, and destroy WS-Resources.
! Web Service Description Language SOAP Binding ! Web Service Description Language 2.0 Core is an XML- ! WS-Security: SAML Token Profile defines the use of ! WS-Trust describes a framework for trust models that enables Additionally, it defines resource properties that may be used
! REL Token Profile is based on a non-proprietary
Web services specification, along with clarifications and
describes the concrete details for using WSDL 2.0 in based language for describing Web services and how to Security Assertion Markup Language (SAML) v1.1 assertions Web Services to securely interoperate. It uses WS-Security base WS-Coordination to inspect and monitor the lifetime of a WS-Resource.
conjunction with SOAP 1.1 protocol. access them. It specifies the location of the service and the in the context of WSS: SOAP Message Security including mechanisms and defines additional primitives and extensions
amendments to that specification which promote Framework (WS-CF)
Meta
operations (or methods) the service exposes. for the purpose of securing SOAP messages and SOAP for security token exchange to enable the issuance and
interoperability. message exchanges. dissemination of credentials within different trust domains. 1.0 · Arjuna Technologies, Fujitsu, IONA, WS-Transfer WS-Management
Messaging
Security
Oracle and Sun Microsystems W3C
Management Of Web Services
Committee Draft W3C Member Submission
Resource
Web Service Description WS-Security: X.509 WS-SecureConversation ! WS-Coordination Framework (WS-CF) allows the Management Using Web Services
SAML Token Profile BEA Systems, Computer Associates, IBM, management and coordination in a Web Services interaction ! WS-Transfer describes a general SOAP-based protocol for
1.0 Language 1.1 Certificate Token Profile Layer 7 Technologies, Microsoft, Netegrity, of a number of activities related to an overall application. accessing XML representations of Web service-based resources.
Service Modeling Language
WS-I 1.1 1.1 Oblix, OpenNetwork,
Working Group Draft W3C OASIS Ping Identity Corporation, Reactivity, WS-Transaction Resource Representation
Note Public Review Draft RSA Security, VeriSign and Westbridge
Technology ·Public Draft
Management (WS-TXM)
1.0 · Arjuna Technologies, Fujitsu, IONA,
SOAP Header Block (RRSHB)
W3C
Business Process Specifications
! SAML Token Profile is based on a non-proprietary ! Web Service Description Language 1.1 is an XML-based ! WS-Security: X.509 Certificate Token Profile describes ! WS-SecureConversation specifies how to manage and Recommendation
Web services specification, along with clarifications and Oracle and Sun Microsystems
language for describing Web services and how to access the use of the X.509 authentication framework with the authenticate message exchanges between parties including Committee Draft Business Process Execution Language for Web Services
amendments to that specification which promote them. It specifies the location of the service and the ! Resource Representation SOAP Header Block (RRSHB)
WS-Security: SOAP Message Security specification. security context exchange and establishing and deriving
interoperability. operations (or methods) the service exposes. session keys. ! WS-Transaction Management (WS-TXM) defines a core infrastructure complements MTOM by defining mechanisms for Web Service Choreography Description Language
service consisting of a Transaction Service for Web Services. describing and conveying non-XML resource representations
Transaction
Messaging
in a SOAP 1.2 message.
Reliability
Web Service Choreography Interface
Security
Conformance Claim WS-Choreography Model Overview
Attachment Mechanism (CCAM)
1.0 Business Process Management Language
WS-I
Final Specification Business Process Execution Language for Web Serv. 2.0
Messaging
Metadata
WS-Business Activity
Reliable Asynchronous " WS-Notification is a " WS-BrokeredNotification " WS-BaseNotification " WS-Eventing defines a " WS-Addressing – Core " SOAP Message
Messaging Profile (RAMP) family of related white defines the interface for standardizes the terminology, baseline set of operations provides transport-neutral SOAP Message Transmission WS-Atomic Transaction
1.0 WS-Notification papers and specifications WS-BrokeredNotification the NotificationBroker. WS-BaseNotification concepts, operations, WSDL
WS-Eventing that allow Web services to WS-Addressing – Core mechanisms to address SOAP Transmission Optimization
Optimization
WS-Coordination
Security
WS-I that define a standard A NotificationBroker is an and XML needed to express provide asynchronous Web services and messages. Mechanism
1.3 1.3 1.3 1.0 1.2
Working Draft OASIS
Web services approach to
notification using a topic- OASIS
intermediary, which, among
other things, allows OASIS
the basic roles involved in
Web services publish and
W3C notifications to interested
parties. W3C
This specification defines
XML elements to identify W3C Mechanism (MTOM) describes an
abstract feature for WS-Composite Application Framework
OASIS-Standard OASIS-Standard OASIS-Standard Public Draft Recommendation Recommendation 1.0 · W3C
Reliability
based publish/subscribe publication of messages subscribe for notification Web service endpoints and optimizing the
! Reliable Asynchronous Messaging Profile (RAMP) is a pattern. from entities that are not message exchange. to secure end-to-end Recommendation transmission and/or WS-Transaction Management
profile, in the fashion of the WS-I profiles, that enables, themselves service endpoint identification in wire format of a
among other things, basic B2B integration scenarios using providers. messages. SOAP message. WS-Context
Web services technologies.
" WS-Enumeration describes " WS-Topics defines three " WS-Addressing – WSDL " WS-Addressing – SOAP " SOAP is a lightweight,
WS-Enumeration a general SOAP-based
protocol for enumerating WS-Topics
topic expression dialects
that can be used as sub-
WS-Addressing – WSDL Binding defines how the
abstract properties defined
WS-Addressing – Binding provides transport-
neutral mechanisms to SOAP
XML-based protocol for
exchange of information
WS-Coordination Framework
Systinet, Microsoft, Sonic Software, BEA a sequence of XML
1.3
scription expressions in Binding in Web Services Addressing SOAP Binding address Web services and
1.1
in a decentralized,
Systems and
Presentation Specifications
elements that is suitable subscribe request messages 1.0 – Core are described using 1.0 messages. distributed environment.
for traversing logs, message OASIS and other parts of the WSDL. W3C
Computer Associates W3C W3C
queues, or other linear OASIS-Standard WS-Notification system. Note
Public Draft information models. Candidate Recommendation Recommendation
Reliab.
Secur.
Mess.
Web Services for Remote Portlets
Standards Bodies
The Organization for the Advancement of Structured Information
Standards (OASIS) is a not-for-profit, international consortium
that drives the development, convergence, and adoption of e-business standards. The
consortium produces more Web services standards than any other organization along with stan-
dards for security, e-business, and standardization efforts in the public sector and for applica-
tion-specific markets. Founded in 1993, OASIS has more than 4,000 participants representing
Version 3.0 · February 2007
The World Wide Web Consortium (W3C) was created in October 1994 to lead the
XML Specifications
World Wide Web to its full potential by developing common protocols that promote
its evolution and ensure its interoperability. W3C has over 350 Member organiza-
tions from all over the world and has earned international recognition for its contributions to the
growth of the Web. W3C is designing the infrastructure, and defining the architecture and the core
technologies for Web services. In September 2000, W3C started the XML Protocol Activity to address
the need for an XML-based protocol for application-to-application messaging. In January 2002, the
Web Services Activity was launched, subsuming the XML Protocol Activity and extending its scope. " XML – Extensible Markup " XML – Extensible Markup " Namespaces in XML " XML Information Set is " XML Schema – XML " XML binary Optimized " Describing Media Content
Language is a pared-down Language is a pared-down provides a simple method an abstract data set to Schema Definition Language
XML binary Optimized Packaging (XOP) is an XML Describing Media Content of Binary Data in XML
The Web Services Interoperability Organization (WS-I) is an open industry
organization chartered to promote Web services interoperability across platforms, XML 1.1 version of SGML, designed
especially for Web
XML 1.0 version of SGML, designed
especially for Web
Namespaces in XML for qualifying element and
attribute names used in XML
XML Information Set provide a consistent set of
definitions for use in other
XML Schema is an XML language for
describing and constraining Packaging (XOP)
language for describing and
constraining the content of of Binary Data in XML
(DMCBDX) specifies how to
indicate the content-type
operating systems and programming languages. The organization’s diverse community of Web 1.1 documents. It allows one to 1.0 documents. It allows one to 1.1 documents by associating 1.0 specifications that need to 1.1 the content of XML XML documents. associated with binary
services leaders helps customers to develop interoperable Web services by providing guidance, W3C W3C W3C W3C W3C 1.0 (DMCBDX)
create own customized tags, create own customized tags, them with namespaces refer to the information documents. element content in an XML
recommended practices and supporting resources. Specifically, WS-I creates, promotes and
Recommendation enabling the definition, Recommendation enabling the definition, Recommendation identified by IRI references. Recommendation in a well-formed XML Working Draft W3C W3C document and to specify, in
supports generic protocols for the interoperable exchange of messages between Web services. Recommendation
transmission, validation, and transmission, validation, and document. Note XML Schema, the expected
The Internet Engineering Task Force (IETF) is a large open international
interpretation of data interpretation of data content-type(s) associated
between applications and between applications and with binary element
community of network designers, operators, vendors, and researchers
concerned with the evolution of the Internet architecture and the smooth between organizations. between organizations. content. innoQ Deutschland GmbH innoQ Schweiz GmbH
operation of the Internet.
Halskestraße 17 Gewerbestrasse 11
D-40880 Ratingen CH-6330 Cham
Phone +49 21 02 77 162 -100 Phone +41 41 743 01 11
info@innoq.com · www.innoq.com
} OASIS
(Organization for the Advancement of Structured Information Standards)
} Consortium international d’éditeurs de logiciel
} Objectif = développement, convergence et adoption de standards e-business
} Organisme le plus productif dans le domaine des Web Services :
} UDDI, BPEL, WSRP, WS-Security, SAML, WS-Transactions…
XML XML
UDDI UDDI
Découverte Publication
Client Fournisseur
Internet
Application HTTP Web Service
Utilisation Interface
SOAP WSDL
XML XML
12 Web Services 30 novembre 2012
Comment ça marche ?
Serveur web
Client wwwdi.supelec.fr
1 – Requête :
C:\server\htdocs\hardebolle\
GET http://wwwdi.supelec.fr/hardebolle/fichier. html
3 – Affichage : HTML
interprétation HTML
HTML
2 – Réponse :
fichier. html contenu de fichier.html
fichier. html
Gaston Lagaffe
compagnie boite_postale ville code_postal pays
XML XML
UDDI UDDI
Découverte Publication
Client Fournisseur
Internet
Application HTTP Web Service
Utilisation Interface
SOAP WSDL
XML XML
20 Web Services 30 novembre 2012
WSDL
(Web Service Description Language)
} Standard du W3C
} Version 1.1 en 2001
} Version 2.0 en 2007, encore peu supporté par les outils
Protocole de transport et
Binding Binding format des messages
PortType
Operation Operation
Interface
du service Input Output
(fonctionnelle)
Message Noms, types et ordre des paramètres
Type
Type
Part Part Type
<portType […]>
<operation […]>
<input […] />
<output […] />
</operation>
</portType>
<binding […]>[…]</binding>
<service […]>
<port […]>[…]</port>
</service>
</definitions>
23 Web Services 30 novembre 2012
WSDL
Exemple d’interface de service
} Avec des types simples
<portType name="Hello">
<operation name="sayHello">
<input message="tns:sayHello" />
<output message="tns:sayHelloResponse" />
</operation>
</portType>
<message name="sayHello">
<part name="name" type="xsd:string" />
</message>
<message name="sayHelloResponse">
<part name="return" type="xsd:string" />
</message>
<service name="HelloService">
<port name="HelloPort" binding="tns:HelloPortBinding">
<soap:address location="REPLACE_WITH_ACTUAL_URL"/>
</port>
</service>
XML XML
UDDI UDDI
Découverte Publication
Client Fournisseur
Internet
Application HTTP Web Service
Utilisation Interface
SOAP WSDL
XML XML
27 Web Services 30 novembre 2012
SOAP (Simple Object Access Protocol)
} Standard du W3C
} Version1.2 en 2003
} Objectif = formater les requêtes et les réponses échangées entre client et
Web Service pour le transport (notamment sur HTTP)
} Grammaire dérivée d’XML
</Envelope>!
} Un modèle de traitement des messages
XML XML
UDDI UDDI
Découverte Publication
Client Fournisseur
Internet
Application HTTP Web Service
Utilisation Interface
SOAP WSDL
XML XML
30 Web Services 30 novembre 2012
UDDI (Universal Discovery
Description and Integration)
} Standard porté par un consortium d’industriels
} Version 3 en 2005
} Définit :
} UDDI Business Registry (UBR) = annuaire pour permettre d'automatiser les
communications entre prestataires, clients, etc. (orienté « business »)
} Méthodes de publications (basées sur SOAP)
} Méthodes de consultation (basées sur SOAP)
© innoQ Deutschland GmbH. All Rights Reserved. The poster may also contain references to other company, organisation, brand and product names. These company, organisation, brand and product names are used herein for identification purposes only and may be the trademarks of their respective owners.
Messaging Specifications
SOAP 1.1
Issues Specifications
WS-Notification
Business Process Execution WS-Choreography Model Web Service Choreography Web Service Choreography Management Using Web Management Of WS-BaseNotification
WS-Management
Metadata
Resource
Security
Language for Web Services 1.1 Overview Interface Description Language Services (WSDM-MUWS) Web Services (WSDM-MOWS) AMD, Dell, Intel, Microsoft and Sun WS-Topics
(BPEL4WS) · 1.1 · BEA Systems, IBM, (WSCI) · 1.0 · W3C 1.0 1.0 Microsystems
1.0 · W3C (CDL4WS) · 1.0 · W3C WS-BrokeredNotification
Microsoft, SAP, Sun Microsystems, SAP, BEA Systems OASIS OASIS Published Specification Web Services for Remote
Working Draft Candidate Recommendation
Basic Profile Siebel Systems · OASIS-Standard and Intalio · Note OASIS-Standard OASIS-Standard
Portlets (WSRP) WS-Addressing – Core
1.1
WS-I ! Business Process Execution Language for Web Services ! WS-Choreography Model Overview defines the format ! Web Service Choreography Interface (WSCI) describes ! Web Service Choreography Description Language ! Web Service Distributed Management: Management Using ! Web Service Distributed Management: Management Of ! WS-Management describes a general SOAP-based 2.0 WS-Addressing – WSDL Binding
1.1(BPEL4WS) provides a language for the formal and structure of the (SOAP) messages that are exchanged, how Web Service operations can be choreographed in the (CDL4WS) is to specify a declarative, XML based language Web Services (WSDM-MUWS) defines how an IT resource Web Services (WSDM-MOWS) addresses management of protocol for managing systems such as PCs, servers, OASIS
Final Specification specification of business processes and business interaction and the sequence and conditions in which the messages context of a message exchange in which the Web Service that defines from a global viewpoint the common and connected to a network provides manageability interfaces the components that form the network, the Web services devices, Web services and other applications, and other
protocols using Web Services. are exchanged. participates. complementary observable behaviour, where message such that the IT resource can be managed locally and from endpoints, using Web services protocols. manageable entities. Committee Draft WS-Addressing – SOAP Binding
exchanges occur, and when the jointly agreed ordering remote locations using Web services technologies.
! Basic Profile – The Basic Profile 1.1 provides rules are satisfied. " Web Services for Remote Portlets (WSRP) defines a WS-Eventing
implementation guidelines for how related set of non-
proprietary Web Service specifications should be used Business Process Execution Business Process Management XML Process Definition
set of interfaces and related semantics which standardize
interactions with components providing user-facing WS-Enumeration
together for best interoperability. Language for Web Services 2.0 Language (BPML) Language (XPDL) Service Modeling Language markup, including the processing of user interactions with
that markup.
(BPEL4WS) · 2.0 1.1 IBM, BEA, BMC, Cisco, Dell, HP, Intel,
Metadata Specifications
2.0
OASIS, BEA Systems, IBM, Microsoft, SAP, BPMI.org Microsoft, Sun
Final
Siebel Systems · Committee Draft Final Draft Draft Specification
Basic Profile
1.2 ! Business Process Execution Language for Web Services ! Business Process Management Language (BPML) ! XML Process Definition Language (XPDL) provides an WS-Policy
2.0 (BPEL4WS) provides a language for the formal provides a meta-language for expressing business XML file format that can be used to interchange process ! Servcie Modeling Language (SML) is used to model
WS-I specification of business processes and business interaction processes and supporting entities. models between tools. complex IT services and systems, including their structure, WS-PolicyAssertions
Working Group Draft protocols using Web Services.
Security
constraints, policies, and best practices.
WS-PolicyAttachment
! Basic Profile – The Basic Profile 1.2 builds on Basic Profile
Messaging
1.1 by incorporating Basic Profile 1.1 errata, requirements WS-Discovery
from Simple SOAP Binding Profile 1.0, and adding support
for WS-Addressing and MTOM. WS-MetadataExchange
Messaging
OASIS-Standard
Reliability
Metadata
rules, required security tokens, supported encryption applications. ! WS-Coordination describes an extensible framework for providing
algorithms, privacy rules). protocols that coordinate the actions of distributed applications. ! Web Services Resource Framework (WSRF) defines a family of WS-Security: X.509 Certificate Token Profile
! Attachments Profile – The Attachment Profile 1.0 specifications for accessing stateful resources using Web Services.
complements the Basic Profile 1.1 to add support ! WS-ReliableMessaging describes a protocol that allows
WS-Business Activity WS-Security: Username Token Profile
for interoperable SOAP Messages with attachments-based
Web Services.
Web services to communicate reliable in the presence of
software component, system, or network failures. It defines WS-Security: WS-Security: 1.1 WS-BaseFaults (WSRF) WS-SecurityPolicy
a SOAP binding that is required for interoperability. SOAP Message Security Username Token Profile OASIS 1.2
WS-PolicyAttachment WS-Discovery 1.1 1.1 Working Draft OASIS WS-Trust
1.2 Microsoft, BEA Systems, Canon, OASIS OASIS Working Draft
! WS-Business Activity provides the definition of the business activity
Simple SOAP W3C Intel and webMethods WS-Reliable Messaging Public Review Draft Public Review Draft coordination type that is to be used with the extensible coordination WS-Federation
! WS-BaseFaults (WSRF) defines a base set of information
Binding Profile W3C Member Submission Draft Policy Assertion (WS-RM Policy) framework described in the WS-Coordination specification. that may appear in fault messages. WS-BaseFaults defines an WS-SecureConversation
1.0 ! WS-Security: SOAP Message Security describes ! WS-Security: Username Token Profile describes how XML schema type for base faults, along with rules for how
1.1
WS-I
! WS-PolicyAttachment defines two general-purpose ! WS-Discovery defines a multicast discovery protocol for OASIS
enhancements to SOAP messaging to provide message
integrity and confidentiality. Specifically, this specification
a Web Service consumer can supply a Username Token as a
means of identifying the requestor by username, and
WS-Atomic Transaction this base fault type is used and extended by Web Services.
Final Specification
Basic Profile
Transaction
Profile consists of those Basic Profile 1.0 requirements be defined independently and associated through an defined in the associated profile documents. OASIS
Metadata
(WS-RM Policy) describes a domain-specific policy assertion WS-ReliableMessaging
Security
related to the serialization of the envelope and its external binding to the subject. ! WS-Atomic Transaction defines protocols that enable existing
representation in the message.
for WS-ReliableMessaging that that can be specified within
transaction processing systems to wrap their proprietary protocols
Working Draft
a policy alternative as defined in WS-Policy Framework.
and interoperate across different hardware and software vendors. WS-Reliability
! WS-ServiceGroup (WSRF) defines a means by which Web
WS-MetadataExchange Universal Description, WS-Security: WS-Federation Services and WS-Resources can be aggregated or grouped
1.1 WS-Composite Application together for a domain specific purpose. WS-Reliable Messaging Policy Assertion
Discovery and Integration (UDDI) Kerberos Binding 1.0
Framework (WS-CAF)
Basic Security Profile BEA Systems, Computer Associates,
3.0.2 WS-Reliability 1.0 IBM, Microsoft, BEA Systems, WS-ResourceProperties
1.0
WS-I
IBM, Microsoft, SAP, Sun Microsystems and
webMethods
Public Draft
OASIS
OASIS-Standard
1.1
OASIS
Microsoft, IBM, OASIS
Working Draft
RSA Security, and VeriSign
Initial Draft
1.0 · Arjuna Technologies, Fujitsu, IONA,
Oracle and Sun Microsystems
Committee Specification
1.2
OASIS
Resource Specifications
Board Approval Draft OASIS-Standard Working Draft
! WS-MetadataExchange enables a service to provide ! Universal Description, Discovery and Integration (UDDI) ! WS-Security: Kerberos Binding defines how to encode ! WS-Federation describes how to manage and broker the ! WS-Composite Application Framework (WS-CAF) is a Web Service Resource Framework
metadata to others through a Web services interface. Given defines a set of services supporting the description Kerberos tickets and attach them to SOAP messages. As trust relationships in a heterogeneous federated collection of three specifications aimed at solving problems ! WS-ResourceProperties specifies the means by which the
! Basic Security Profile defines the WS-I Basic Security only a reference to a Web service, a user can access a set and discovery of businesses, organizations, and other Web ! WS-Reliability is a SOAP-based protocol for exchanging well, it specifies how to add signatures and encryption to the environment including support for federated identities. that arise when multiple Web Services are used in combina- definition of the properties of a WS-Resource may be declared WS-BaseFaults
Profile 1.0, based on a set of non-proprietary Web services of WSDL /SOAP operations to retrieve the metadata that services providers, the Web services they make available, SOAP message, in accordance with WS-Security, which tion. It proposes standard, interoperable mechanisms for
Transaction
SOAP messages with guaranteed delivery, no duplicates, as part of the Web Service interface. The declaration of the
Messaging
specifications, along with clarifications and amendments describes the service. and the technical interfaces which may be used to access uses and references the Kerberos tokens. managing shared context and ensuring business processes
and guaranteed message ordering. WS-Reliability is WS-Resource properties represents a projection of or a view WS-ServiceGroup
Security
to those specifications which promote interoperability. those services. defined as SOAP header extensions and is independent of achieve predictable results and recovery from failure. on the WS-Resource state.
the underlying protocol. This specification contains a WS-ResourceProperties
binding to HTTP. WS-Context (WS-CTX) WS-ResourceLifetime
Web Service Description Web Service Description WS-Security: WS-Trust 1.0 1.2
WS-ResourceLifetime
REL Token Profile Language 2.0 Language 2.0 Core SAML Token Profile BEA Systems, Computer Associates, IBM, Layer 7 Arjuna Technologies, Fujitsu, IONA, Oracle OASIS
This poster is not to be reproduced or transmitted in any form or for any purpose without the express permission of innoQ Deutschland GmbH. · Copyright
Technologies, Microsoft, Netegrity, Oblix, WS-Transfer
1.0 SOAP Binding 2.0 1.1 OpenNetwork, Ping Identity Corporation,
and Sun Microsystems
Committee Draft
Working Draft
WS-I 2.0 W3C OASIS Reactivity, RSA Security, VeriSign and Westbridge Resource Representation SOAP Header Block (RRSHB)
Working Group Draft Candidate Recommendation Public Review Draft ! WS-ResourceLifetime is to standardize the terminology,
W3C · Working Draft Technology · Initial Draft ! WS-Context (WS-CTX) is intended as a lightweight mechanism concepts, message exchanges, WSDL and XML needed to
for allowing multiple Web Services to share a common context.
Management Specifications
monitor the lifetime of, and destroy WS-Resources.
! Web Service Description Language SOAP Binding ! Web Service Description Language 2.0 Core is an XML- ! WS-Security: SAML Token Profile defines the use of ! WS-Trust describes a framework for trust models that enables Additionally, it defines resource properties that may be used
! REL Token Profile is based on a non-proprietary
Web services specification, along with clarifications and
describes the concrete details for using WSDL 2.0 in based language for describing Web services and how to Security Assertion Markup Language (SAML) v1.1 assertions Web Services to securely interoperate. It uses WS-Security base WS-Coordination to inspect and monitor the lifetime of a WS-Resource.
conjunction with SOAP 1.1 protocol. access them. It specifies the location of the service and the in the context of WSS: SOAP Message Security including mechanisms and defines additional primitives and extensions
amendments to that specification which promote Framework (WS-CF)
Meta
operations (or methods) the service exposes. for the purpose of securing SOAP messages and SOAP for security token exchange to enable the issuance and
interoperability. message exchanges. dissemination of credentials within different trust domains. 1.0 · Arjuna Technologies, Fujitsu, IONA, WS-Transfer WS-Management
Messaging
Security
Oracle and Sun Microsystems W3C
Management Of Web Services
Committee Draft W3C Member Submission
Resource
Web Service Description WS-Security: X.509 WS-SecureConversation ! WS-Coordination Framework (WS-CF) allows the Management Using Web Services
SAML Token Profile BEA Systems, Computer Associates, IBM, management and coordination in a Web Services interaction ! WS-Transfer describes a general SOAP-based protocol for
1.0 Language 1.1 Certificate Token Profile Layer 7 Technologies, Microsoft, Netegrity, of a number of activities related to an overall application. accessing XML representations of Web service-based resources.
Service Modeling Language
WS-I 1.1 1.1 Oblix, OpenNetwork,
Working Group Draft W3C OASIS Ping Identity Corporation, Reactivity, WS-Transaction Resource Representation
Note Public Review Draft RSA Security, VeriSign and Westbridge
Technology ·Public Draft
Management (WS-TXM)
1.0 · Arjuna Technologies, Fujitsu, IONA,
SOAP Header Block (RRSHB)
W3C
Business Process Specifications
! SAML Token Profile is based on a non-proprietary ! Web Service Description Language 1.1 is an XML-based ! WS-Security: X.509 Certificate Token Profile describes ! WS-SecureConversation specifies how to manage and Recommendation
Web services specification, along with clarifications and Oracle and Sun Microsystems
language for describing Web services and how to access the use of the X.509 authentication framework with the authenticate message exchanges between parties including Committee Draft Business Process Execution Language for Web Services
amendments to that specification which promote them. It specifies the location of the service and the ! Resource Representation SOAP Header Block (RRSHB)
WS-Security: SOAP Message Security specification. security context exchange and establishing and deriving
interoperability. operations (or methods) the service exposes. session keys. ! WS-Transaction Management (WS-TXM) defines a core infrastructure complements MTOM by defining mechanisms for Web Service Choreography Description Language
service consisting of a Transaction Service for Web Services. describing and conveying non-XML resource representations
Transaction
Messaging
in a SOAP 1.2 message.
Reliability
Web Service Choreography Interface
Security
Conformance Claim WS-Choreography Model Overview
Attachment Mechanism (CCAM)
1.0 Business Process Management Language
WS-I
Final Specification Business Process Execution Language for Web Serv. 2.0
Messaging
Metadata
WS-Business Activity
Reliable Asynchronous " WS-Notification is a " WS-BrokeredNotification " WS-BaseNotification " WS-Eventing defines a " WS-Addressing – Core " SOAP Message
Messaging Profile (RAMP) family of related white defines the interface for standardizes the terminology, baseline set of operations provides transport-neutral SOAP Message Transmission WS-Atomic Transaction
1.0 WS-Notification papers and specifications WS-BrokeredNotification the NotificationBroker. WS-BaseNotification concepts, operations, WSDL
WS-Eventing that allow Web services to WS-Addressing – Core mechanisms to address SOAP Transmission Optimization
Optimization
WS-Coordination
Security
WS-I that define a standard A NotificationBroker is an and XML needed to express provide asynchronous Web services and messages. Mechanism
1.3 1.3 1.3 1.0 1.2
Working Draft OASIS
Web services approach to
notification using a topic- OASIS
intermediary, which, among
other things, allows OASIS
the basic roles involved in
Web services publish and
W3C notifications to interested
parties. W3C
This specification defines
XML elements to identify W3C Mechanism (MTOM) describes an
abstract feature for WS-Composite Application Framework
OASIS-Standard OASIS-Standard OASIS-Standard Public Draft Recommendation Recommendation 1.0 · W3C
Reliability
based publish/subscribe publication of messages subscribe for notification Web service endpoints and optimizing the
! Reliable Asynchronous Messaging Profile (RAMP) is a pattern. from entities that are not message exchange. to secure end-to-end Recommendation transmission and/or WS-Transaction Management
profile, in the fashion of the WS-I profiles, that enables, themselves service endpoint identification in wire format of a
among other things, basic B2B integration scenarios using providers. messages. SOAP message. WS-Context
Web services technologies.
" WS-Enumeration describes " WS-Topics defines three " WS-Addressing – WSDL " WS-Addressing – SOAP " SOAP is a lightweight,
WS-Enumeration a general SOAP-based
protocol for enumerating WS-Topics
topic expression dialects
that can be used as sub-
WS-Addressing – WSDL Binding defines how the
abstract properties defined
WS-Addressing – Binding provides transport-
neutral mechanisms to SOAP
XML-based protocol for
exchange of information
WS-Coordination Framework
Systinet, Microsoft, Sonic Software, BEA a sequence of XML
1.3
scription expressions in Binding in Web Services Addressing SOAP Binding address Web services and
1.1
in a decentralized,
Systems and
Presentation Specifications
elements that is suitable subscribe request messages 1.0 – Core are described using 1.0 messages. distributed environment.
for traversing logs, message OASIS and other parts of the WSDL. W3C
Computer Associates W3C W3C
queues, or other linear OASIS-Standard WS-Notification system. Note
Public Draft information models. Candidate Recommendation Recommendation
Reliab.
Secur.
Mess.
Web Services for Remote Portlets
Standards Bodies
The Organization for the Advancement of Structured Information
Standards (OASIS) is a not-for-profit, international consortium
that drives the development, convergence, and adoption of e-business standards. The
consortium produces more Web services standards than any other organization along with stan-
dards for security, e-business, and standardization efforts in the public sector and for applica-
tion-specific markets. Founded in 1993, OASIS has more than 4,000 participants representing
Version 3.0 · February 2007
The World Wide Web Consortium (W3C) was created in October 1994 to lead the
XML Specifications
World Wide Web to its full potential by developing common protocols that promote
its evolution and ensure its interoperability. W3C has over 350 Member organiza-
tions from all over the world and has earned international recognition for its contributions to the
growth of the Web. W3C is designing the infrastructure, and defining the architecture and the core
technologies for Web services. In September 2000, W3C started the XML Protocol Activity to address
the need for an XML-based protocol for application-to-application messaging. In January 2002, the
Web Services Activity was launched, subsuming the XML Protocol Activity and extending its scope. " XML – Extensible Markup " XML – Extensible Markup " Namespaces in XML " XML Information Set is " XML Schema – XML " XML binary Optimized " Describing Media Content
Language is a pared-down Language is a pared-down provides a simple method an abstract data set to Schema Definition Language
XML binary Optimized Packaging (XOP) is an XML Describing Media Content of Binary Data in XML
The Web Services Interoperability Organization (WS-I) is an open industry
organization chartered to promote Web services interoperability across platforms, XML 1.1 version of SGML, designed
especially for Web
XML 1.0 version of SGML, designed
especially for Web
Namespaces in XML for qualifying element and
attribute names used in XML
XML Information Set provide a consistent set of
definitions for use in other
XML Schema is an XML language for
describing and constraining Packaging (XOP)
language for describing and
constraining the content of of Binary Data in XML
(DMCBDX) specifies how to
indicate the content-type
operating systems and programming languages. The organization’s diverse community of Web 1.1 documents. It allows one to 1.0 documents. It allows one to 1.1 documents by associating 1.0 specifications that need to 1.1 the content of XML XML documents. associated with binary
services leaders helps customers to develop interoperable Web services by providing guidance, W3C W3C W3C W3C W3C 1.0 (DMCBDX)
create own customized tags, create own customized tags, them with namespaces refer to the information documents. element content in an XML
recommended practices and supporting resources. Specifically, WS-I creates, promotes and
Recommendation enabling the definition, Recommendation enabling the definition, Recommendation identified by IRI references. Recommendation in a well-formed XML Working Draft W3C W3C document and to specify, in
supports generic protocols for the interoperable exchange of messages between Web services. Recommendation
transmission, validation, and transmission, validation, and document. Note XML Schema, the expected
The Internet Engineering Task Force (IETF) is a large open international
interpretation of data interpretation of data content-type(s) associated
between applications and between applications and with binary element
community of network designers, operators, vendors, and researchers
concerned with the evolution of the Internet architecture and the smooth between organizations. between organizations. content. innoQ Deutschland GmbH innoQ Schweiz GmbH
operation of the Internet.
Halskestraße 17 Gewerbestrasse 11
D-40880 Ratingen CH-6330 Cham
Phone +49 21 02 77 162 -100 Phone +41 41 743 01 11
info@innoq.com · www.innoq.com
SOAP/HTTP
WSDL
} Traitement du XML
} Pré-traitement du XML entrant Comment exposer une application
sous forme de Web Service ?
} Passage des appels à la couche métier
} Formulation des réponses en XML
@WebMethod(operationName="sayHello")
public String sayHello(@WebParam(name = "n") String n) {
return "Hello dear "+n+" !";
}
}
} Le serveur d’application a un rôle majeur
} Gère le cycle de vie du composant
} Gère les communications (JAX-WS + JAX-B)
} Intercepte les requêtes SOAP, les transforme en appels de méthodes
} Intercepte les résultats d’appels de méthodes, les transforme en réponses SOAP
35 Web Services 30 novembre 2012
JAX-WS
(Java API for XML Web Services)
} API de Java Enterprise Edition et Standard Edition, basée sur JAX-B
SOAP/HTTP
WSDL
SOAP/HTTP
WSDL
} Traitement du XML
Comment créer une
} Pré-traitement du XML entrant
application cliente
} Passage des appels à la couche métier pour un Web Service ?
} Formulation des réponses en XML
System.out.println("serviceClient : "+serviceClient);
System.out.println("portStub : "+portStub);
SOAP/HTTP
WSDL
Client Fournisseur
SOAP/HTTP
WSDL
Java Java
JAX-WS JAX-WS
+JAXB +JAXB
} Contraintes de conception :
} Opérations idempotentes
} Pas de session client-serveur (mais le serveur peut être stateful)
} Equivalent SOAP
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<serv:reverse xmlns:serv="http://open.mapquestapi.com/nominatim/v1/">
<format>xml</format>
<lat>48.7099500104522</lat>
<lon>2.16758762635404</lon>
</serv:reverse >
</soap:Body>
</soap:Envelope>
} Applications =
} Intégration inter-applications point-à-point événementielle
} Flux A2A : intégration de développement spécifiques, de COTS, de progiciels, de legacy,
diversification des types de clients d'applications existantes…
} Flux B2B : exposition de fonctionnalités à des partenaires
Outils de
Modélisation de
Processus Serveur d’applications
Application nouvelle
Ecran
technologie (Ex :
Utilisateur J2EE / .NET / PHP) Web
WebService
Service
Web
WebService
Service
SOAP
SOAP Base de
HTTP
Service
ServiceIMS
HTTP IMS
Revamping données
Outils de IMS (ex: SCORT) Progiciel
Application nouvelle (ex: SAP)
développment
technologie (Ex : Application
intégrant les Web
62 Services
J2EE / .NET / PHP)Web Services
« legacy » 30 novembre 2012
Atouts & Challenges
} Interopérabilité } Point-à-point inhérent
} Environnement technologique } Normes, produits et technologies
hétérogène en évolution
} Systèmes existants, composants sur } Sécurité (authentification,
étagère (COTS)
autorisation, confidentialité)
} Diversité des clients
} Robustesse
} Services riches
} Passage à l’échelle
} Agrégation dynamique de contenu
} …
} Applications variées
} A2A, B2B, ESB…
} Mais
} Malgré une « apparente » simplicité, les Web Services ne sont pas simples
} Beaucoup de standards différents et concurrents
} Beaucoup d’implémentations concurrentes
} Le traitement de certains aspects transverses n’est pas suffisamment mature
} Sécurité
} Fiabilité et cohérence
} Processus métier
} La communication point-à-point n’est pas suffisante
} http://www.saxproject.org/
} Modèle arborescent / objet = vision « arbre »
} DOM (Document Object Model), standard W3C
} http://www.w3.org/DOM/
} Des implémentations de SAX et DOM existent pour presque tous les langages
(Java, Javascript, C, C++, Perl, Python, langages .Net…)
67 Web Services 30 novembre 2012
Exemple avec Java : JAXP
(Java API for XML Processing)
} API de Java Standard Edition
} Objectif = traitement du XML
} Définit des APIs + des processeurs XML
} Support du modèle événementiel SAX
} Support du modèle arborescent DOM
} Support du modèle événement StAX (Streaming API for XML)
‣ ≈ SAX en mode « pull », streaming
} Support des transformations XSLT (eXtensible Stylesheet Language Transformation)
} Méthodes homonymes
} Génération automatique de noms possible mais peu « ergonomique »
} Désambiguïsation systématique et explicite des noms