Scribd
Upload
101 views16 pages

Oracle Developer Day: Web Services Guide

This document summarizes a session on developing and managing web services. The session will cover web service architecture, development, quality of service aspects like security and reliability, and best practices. It will also demonstrate publishing a bottom-up web service using annotations and discuss topics like web service interoperability, standards, and frameworks for invocation. Finally, it discusses administration of web services through monitoring, auditing, and applying operational policies across services.

Uploaded by

Uday Kumar
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
101 views16 pages

Oracle Developer Day: Web Services Guide

This document summarizes a session on developing and managing web services. The session will cover web service architecture, development, quality of service aspects like security and reliability, and best practices. It will also demonstrate publishing a bottom-up web service using annotations and discuss topics like web service interoperability, standards, and frameworks for invocation. Finally, it discusses administration of web services through monitoring, auditing, and applying operational policies across services.

Uploaded by

Uday Kumar
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

Oracle

Developer Day

Sponsored by:

Track # 1: Session #2
Web Services

Speaker

1
Agenda

 Developing Web services


– Architecture, development and interoperability
 Quality of service
– Security, reliability, management
– QoS deployment options
 Best Practices
– Web Services and Management

Basic Web Services


Points to
UDDI
description
Registry WSDL

Points to
service
Finds Describes
Service Service

Web
WebService
Service SOAP Web
WebService
Service
Client
Client (J2EE,
(J2EE,PL/SQL,
PL/SQL,
(J2EE, .NET,C/C++,
(J2EE,.NET,
.NET, .NET,C/C++,
PL/SQL Legacy
Legacy…)
PL/SQL…)…) Invokes with …)
XML Messages

2
Enterprise Web Services
 Standards + QoS + Processes
TPM, Mainframe,
Web Service Distributed Management Legacy Sys

Web Service Orchestration


Web Service Transactions
Web Service Policy
Applications
Web Service Security
Web Service Reliable Messaging

JAX-
JAX-*: JAX-
JAX-B, JAX-
JAX-P, JAX-
JAX-RPC, … Databases
SOA Tools
WS-
WS-I Basic Profile
SOAP, WSDL, UDDI

B2B Partners

J2EE 1.4 Standards


Java APIs
Description
for XML

JAXP Java API for XML Parsing

JAXB Java API for XML Data Binding

JAX-RPC Java API for XML Remote Procedure Call

SAAJ SOAP API for Attachments in Java

JAXR Java API for XML Registries

EJB 2.1 Stateless Session EJB Endpoint Model

JSR 109 Web Services Deployment Model

3
JAX-RPC
 Core WS standard for Java
– Enables portability across containers
(different vendors implemented differently before JAX-RPC
for J2EE 1.4)
 Standard class and interface structure for client and
server
– Various hook-points for custom serializers, custom
handlers, attachments
 Tools must provide abstractions to handle service as
set of classes
– Navigator structure for quick location
– Wizard support for declarative definition

Web Services Interoperability

 Web Services Interoperability


– Develops profiles
– Suggests best practices
– Provides testing tools
 Runtime and tools uptake
– Oracle JDeveloper analysis
– OracleAS compliance

4
Beyond J2EE 1.4
Description

JSR- 181 Web Services Metadata for the JavaTM Platform

EJB 3.0 Simplifying EJB development

WSIF Web Services Invocation Framework

JSR-181 Annotations

 Support a code-driven version of the


bottom up use case : create web services
implicitly by annotating the source code
 Example annotations
– @WebService
– @WebMethod
– @WebParam
– @WebResult
– @SOAPBinding
– …

5
EJB 3.0 as Web Service

 Annotate business package buslogic;

interface import java.rmi.RemoteException;


import java.rmi.Remote;
 Deploys to Java EE import javax.jws.WebMethod;
container(s) as a Web import javax.jws.WebService;
Service @WebService
public interface CustomerFacade
{
@WebMethod
public Integer getCreditRating(String
ssn);
}

Web Services Invocation


Framework (WSIF)
 Describe any artifact with WSDL, invoke with
native protocols
– No overhead from SOAP processing
– Focus on performance and transactionality
 Used extensively by BPEL

6
Two Development Use Cases
Top Down Contract Driven And Bottom Up
Bottom Up Top Down

Service
WSDL
Implementation

Service
WSDL
Implementation

e.g. EJB/Java Class e.g. WSDL contract as the


to WSDL interface & message description

D E M O N S T R A T I O N

Publishing with Annotations


Bottom-Up Web Service

7
Agenda

 Developing Web services


– Architecture, development and interoperability
 Quality of service
– Security, reliability, management
– QoS deployment options
 Best Practices
– Web Services and Management

Quality of Service Requirements

 Reliability
– Are my messages actually being delivered?
Guaranteed delivery, ordered delivery
– WS-ReliableExchange standard in OASIS
 Security
– Are my messages secure?
Authentication, encryption and signing
– WS-Security standard in OASIS
 Management
– How is my system handling messages?
Configuration, logging, monitoring
– WS for Distributed Management (WSDM) standard in OASIS

8
Web Services Reliability
Sender Receiver

Application Application
Layer Layer

Msg
SOAP Node SOAP Node
With With
Reliable Messaging Reliable Messaging
Ack

• At least once semantics • Guaranteed message ordering


• At most once semantics • Exactly once semantics

Web Services Security


Client Server
SOAP SOAP
Message Security Security Message

Add Auth Chck Auth Check


Sign Encrypt Decrypt
Token Token Signature JAX-
JAX-RPC
JAX-
JAX-RPC Service
Client Endpoint
Check Chck Auth Add Auth
Decrypt Encrypt Sign
Signature Token* Token*

SOAP Transport SOAP


Message HTTP, JMS Message
Keystore Keystore

• Authentication • XML Digital Signatures


- User name/password token • XML Encryption
- X.509 token
- SAML token for SSO Applications

9
Administration of Web Services
Auditing, Logging,
Reliability and
WS-Security

Monitoring and
Performance
Analysis

D E M O N S T R A T I O N

Administration of
Web Services

10
Web Services Management
 Managing and deploying operational policies
across applications and Web services
– Layer best-practice security and management
across all services
 No modifications to applications or services
– Support WS-* standards
 Can secure/manage Web services
implemented in heterogeneous languages
and environments

Oracle Web Services Manager:


Components
BUILD ENFORCE MONITOR
Policies Policies Policies

Policy
Gateway

Policy
Policy Agents Web Service
Manager Monitor

Web Services

11
Policy Enforcement and
Visibility: Monitoring
 Provide real-time
visibility into Web
Service interactions
– Automatic issue
resolution by
dynamically
updating policies
– Alerts about
anomalies
– Enforce policies
– Validate compliance
with IT best practices

Deployment Options QoS

 Oracle Application Server


– Administrator manages policies service by service
– Configuration for Oracle Application Server services only
– Designed to be seamless with Oracle Application Server
 Integration in JDeveloper and Application Server Control
 Independent Web Service Manager
– Framework manage groups of policies for groups of services
– Configuration for any service
 J2EE (Oracle, IBM, BEA …), .NET, C, Perl, PHP …
– Designed to scale to large scale heterogeneous deployments

12
D E M O N S T R A T I O N

Web Services Management

Agenda

 Developing Web services


– Architecture, development and interoperability
 Quality of service
– Security, reliability, management
– QoS deployment options
 Best Practices
– Web Services and Management

13
Best Practices – Web Services

 Build coarse grained Web services not fine grained


 Design to an interface, not an implementation
 Interoperability
– Target conformity to WS-I
– Avoid language dependent types to maximize interoperability
(e.g. Java collections)
– Provide sample clients to jumpstart clients
 Know when to use Web services
– Often native protocols are all that is available or may be faster
– Use WSIF bindings for native protocols and BPEL

Best Practices – Web Services


Management
 Development
– Use native container for development and testing
 Security, Reliability, Management …
 Deployment
– If working homogeneously use Oracle Application Server
– If working in a heterogeneous environment strongly consider a
Web Services Management framework

14
Join Over 3,000,000 Developers!
Free Technical Advice
Free Software Downloads
www.oracle.com/technology/products/jdev
www.oracle.com/technology/products/jdev
otn.oracle.com/tech/
otn.oracle.com/tech/webservices
.oracle.com/tech/webservices
otn.oracle.com/tech/java
otn.oracle.com/tech/java
otn.oracle.com/
otn.oracle.com/bpel
.oracle.com/bpel

Learn Oracle From Oracle

 Instructor led training  Oracle Certification


 Self-Study  Oracle iLearning
 Online learning  Oracle Tutor

oracle.com/education

15
Q&QUESTIONS

A ANSWERS

Oracle
Developer Day

Sponsored by:

16

You might also like