12. Defining a message: SOAP <?xml version="1.0"?> <soap:Envelope xmlns:soap="http://www.w3.org/2001/12/soap-envelope" soap:encodingStyle="http://www.w3.org/2001/12/soap-encoding"> <soap:Header> ... </soap:Header> <soap:Body> ... <soap:Fault> ... </soap:Fault> </soap:Body> </soap:Envelope> SOAP is an XML-based protocol to let applications exchange information over HTTP.
13.
14.
15.
16. WADL - REST equivalent of a WSDL WADL – Web Application Description Language
Advantages of SOA Service-oriented architecture (SOA) helps organizations more easily transform their business processes for high performance by simplifying the underlying information systems Service-oriented architectures enable organizations to become more agile Drives cost reductions Simpler systems Lowering maintenance costs Enhancing architectural flexibility Lowering integration costs.
Gartner is an information technology research and advisory company providing technology related insight. More info http://www.databaseanswers.org/web_services_history.htm
Microsoft, IBM and SAP have shut down their public UDDI registries. Use jUDDI for learning and experimentation. [http://ws.apache.org/juddi/]
[http://www.xml.com/pub/at/29] [http://www.javaworld.com/javaworld/jw-03-2003/jw-0321-wssecurity.html] [http://www.ibm.com/developerworks/java/library/j-jws4/] Security! • &quot;SOAP is firewall friendly&quot; – Normally transported over HTTP – Firewalls expect HTTP to be Web requests, not procedure calls • Fetch the brochure… • Not update my bank account… – This is probably a good thing! • Have to rely on strong security rather than weaker physical security WS-Security • Proposal from IBM & MS • SOAP header extensions – Protect integrity and confidentiality of messages – Attach encoded security tokens • X509, Kerberos • Leverage XML standards – XML Signature – XML Encryption More WS-Security • WS-Policy – Specifying requirements & capabilities – Policies including privacy, encoding security tokens, QoS, … – First published Dec 2002 • WS-Trust – Establishing trust relationships – Trusted security tokens – First published Dec 2002 More WS-Security • WS-Privacy • WS-SecureConversation • Ws-Federation • Ws-Authorization And probably a few more… More Security Standards • SAML – Representing authentication and authorisation information • XACML – Access Control • XrML – Digital Rights
REST stands for Re presentational S tate T ransfer. (It is sometimes spelled &quot;ReST&quot;.) It relies on a stateless, client-server, cacheable communications protocol -- and in virtually all cases, the HTTP protocol is used. REST is an architecture style for designing networked applications. The idea is that, rather than using complex mechanisms such as CORBA, RPC or SOAP to connect between machines, simple HTTP is used to make calls between machines. In many ways, the World Wide Web itself, based on HTTP, can be viewed as a REST-based architecture. RESTful applications use HTTP requests to post data (create and/or update), read data (e.g., make queries), and delete data. Thus, REST uses HTTP for all four CRUD (Create/Read/Update/Delete) operations.
Along with this you must also know the tools like Java2WSDL, and WSDL2Java Java2WADL, and WADL2Java in case you break your deployment with the Web service.
[http://www.xml.com/pub/at/29] [http://www.javaworld.com/javaworld/jw-03-2003/jw-0321-wssecurity.html] [http://www.ibm.com/developerworks/java/library/j-jws4/] Security! • &quot;SOAP is firewall friendly&quot; – Normally transported over HTTP – Firewalls expect HTTP to be Web requests, not procedure calls • Fetch the brochure… • Not update my bank account… – This is probably a good thing! • Have to rely on strong security rather than weaker physical security WS-Security • Proposal from IBM & MS • SOAP header extensions – Protect integrity and confidentiality of messages – Attach encoded security tokens • X509, Kerberos • Leverage XML standards – XML Signature – XML Encryption More WS-Security • WS-Policy – Specifying requirements & capabilities – Policies including privacy, encoding security tokens, QoS, … – First published Dec 2002 • WS-Trust – Establishing trust relationships – Trusted security tokens – First published Dec 2002 More WS-Security • WS-Privacy • WS-SecureConversation • Ws-Federation • Ws-Authorization And probably a few more… More Security Standards • SAML – Representing authentication and authorisation information • XACML – Access Control • XrML – Digital Rights
Data formates REST permits many different data formats where as SOAP only permits XML. Caching REST reads can be cached, SOAP based reads cannot be cached. Bandwidth Usage REST is Lighter Security SOAP provides better security for enterprise applications Tools SOAP has lot of tools support