Professional Documents
Culture Documents
Web Services Building Blocks
Web Services Building Blocks
Web Services Building Blocks
BUILDING
BLOCKS
TRANSPORT PROTOCOLS FOR
WEB SERVICES
►Transportsuch as HTTP and TCP are
becoming common for SOAP traffic
►However UDP and SMTP are also used for
SOAP Messaging
►Anyway SOAP is designed to be transport
independent
TRANSPORT PROTOCOLS FOR
WEB SERVICES
►TCP – More traffic in world runs over TCP/IP
stack and this is most popular networking
stack.
Tcp code …
TcpClient tcpClient=new TcpClient();
tcpClient.Connect(txtServer.Text,55);
txtServer.Text is to access text from
txtServer textbox
NetworkStream stream=tcpClient.GetStream();
If(stream.CanWrite && stream.CanRead)
while(true){
IPEndPoint endpoint=null;
Byte[] buffer=client.Receive(ref,endpoint);
String message=Encoding.ASCII.GetString(buffer);
MessageBox.Show(message);
}
Client.DropMulticastgroup(multicastAddress);
IPAddress multicastAddress=IPAddress.Parse(“244.0.0.1”);
IPEndPoint m_RemoteEP=new IPEndPoint(multicastAddress,555);
UdpClient client=new UdpClient(555);
Client.JoinMulticastGroup(multicastAddress,100);
Rompothong, Senivongse 03
UDDI Query
► UDDI Search API allows users to query for service providers that
provide particular service.
► A UDDI query may be for
A business entity
► Using business name, business key or business category (i.e. find_business())
A list of publisher assertions
► Using business key (i.e. find_relatedBusiness())
A business service
► Using the business key of service key and service name (i.e. find_service())
Service key of a bussiness entity
► Using a binding template (i.e. find_binding())
A set of business entities and business services adopting same tModel
► Using a tModel (i.e. find_tModel())
► After finding the requited UDDI entry, a set of API is used to get details
of those entries from UDDI
get_businessDetail(), get_serviceDetail(), get_bindingDetail(), get_tModelDetail()
UDDI and WSDL relationship
Adams, Boeyen 02
tModel
► A WSDL document is registered as a tModel into UDDI
registry
In order to describe a service in more expressive way, an
external information is referenced where the type and format of
this information should be arbitrary.
UDDI Specs. leaves the responsibility of defining such
arbitrary information types and formats to programmers.
► tModel is a UDDI construct to refer an interface
describing WSDL document.
► The tModel idea:
to better describe a service we tend to reference information
such information type or format should not be anticipated
replacing such information about a service with a unique key
provides a reference to arbitrary information types
tModels for Categorization
► Using categorization, UDDI directory can be
queried for specific type of services.
► Each classification in a taxonomical system is
registered as a tModel.
► Three standard taxonomies cited by UDDI are
North American Industry Classification System (NAICS)
taxonomy – an industry classification
The Universal Standard Products and Services Code
System (UNSPSC) taxonomy – a classification of
products and services
The International Organization for Standardization
Geographic taxonomy (ISO 3166)
A simplified tModel definition
<tModel tModelKey=““>
<name>http://www.travel.org/e-checkin-interface</name>
<description xml:lang=“en”>
Standard service interface definition for travel services
</description>
<overviewDoc>
<description xml:lang=“en”>
WSDL Service Interface Document
</description>
<overviewURL>
http://www.travel.org/services/e-checkin.wsdl
</overviewURL>
</overviewDoc>
<categoryBag> ...
</categoryBag>
</tModel>
WEB SERVICE INSPECTION
► While UDDI is the best-known mechanism for service
discovery, it is neither the only mechanism nor always the
best tool for the job. In many cases, the complexity and
scope of UDDI is overkill if all that is needed is a simple
pointer to a WSDL document or a services
URL endpoint. Recognizing this, IBM and Microsoft got
together and worked out a proposal for a new Web Service
Inspection Language that can be used to create a simple
index of service descriptions at a given network location.
► An example WS-Inspection document is illustrated in
Example 6-38. It contains a reference to a single service
(Hello World) with two descriptions—one WSDL-based
description and one UDDI-based description.
WEB SERVICE INSPECTION
<?xml version="1.0"?>
<inspection
xmlns="http://schemas.xmlsoap.org/ws/2001/10/inspection/"
xmlns:uddi="http://schemas.xmlsoap.org/ws/2001/10/inspection/uddi/">
<service>
<abstract>The Hello World Service</abstract>
<description
referencedNamespace="http://schemas.xmlsoap.org/wsdl/"
location="http://example.com/helloworld.wsdl"/>
<description referencedNamespace="urn:uddi-org:api">
<uddi:serviceDescription
location="http://www.example.com/uddi/inquiryapi">
<uddi:serviceKey>
4FA28580-5C39-11D5-9FCF-BB3200333F79
</uddi:serviceKey>
</uddi:serviceDescription>
</description>
</service>
<link
referencedNamespace="http://schemas.xmlsoap.org/ws/2001/10/inspection/"
location="http://example.com/moreservices.wsil"/>
</inspection>
WEB SERVICE INSPECTION -
SYNTAX
► The syntax of a WS-Inspection document is simple. The root inspection
element contains a collection of
abstract
link
service elements.
► The abstract element provides for simple documentation throughout
the WS-Inspection document.
► The link element allows the inspection document to link to other
external inspection documents or even other discoverymechanisms
(such as a UDDI registry) where additional information can be found.
► The Programming Web Services with SOAP service element represents
a web service being offered by the publisher of the inspection
document.
► The service element itself is a collection of abstract and description
elements. You can describe a service in several ways.
AD-HOC DISCOVERY
►Discovery for Client is about finding services
►From service’s point of view ,discovery is
about publishing location and other
information about the service and the
information needed are as below
Description Information
Service Location
Contact and Service API Documentation
Service Classification
SECURING WEB SERVICES
SECURING WEB SERVICES
► Securing is all about
Authentication
Confidentiality
Integrity
► This can be either performed as
Public Key Encryption
Private Key Encryption
► The namespace where we can find the definition
of the security features is
using System.Security.Cryptography;
SECURING WEB SERVICES
► XML ENCRYPTION ► Encrypting a portion of the
source file
Source file
SECURING WEB SERVICES
►Encrypting the entire document
SECURING WEB SERVICES
► Encrypting SSN Number
SECURING WEB SERVICES
►Preservation of Integrity is performed as
follows
SECURING WEB SERVICES
This figure
shows a
xml
signature
SECURING WEB SERVICES
►Web Service Security Protocols
The following are components
►Claim
►Subject
►Policy
WS-Security
►This specification tells of a single SOAP header
named <security> with each actor.
SECURING WEB SERVICES
► Here is a WS-Security namespace and the protocols usage
SECURING WEB SERVICES
►Security Tokens
A WS-Security Message is as below
SECURING WEB SERVICES
►UserName Token is shown below
SECURING WEB SERVICES
Integrity and Encryption – The following is an
example of Using X509 Certificates and
Signatures
THE END