So, a client can directly access a RESTful Web Services using the URIs of the resources (same as you put a website address in the browser’s address bar and get some representation as response). Uniform interface: Resources are manipulated using a fixed set of four create, read, update, delete operations: PUT, GET, POST, and DELETE. Native S3 Ping for Amazon Web Services (AWS) 5.3. Changes to Flow Control in JGroups Transport Stacks; 5.4. REST Endpoint Authorization. Hot Rod Client Improvements. Support for Transactions; 8.3.2. Java Hot Rod Client Statistics in JMX. Red Hat supports specific hardware and software combinations for Red Hat Data Grid 7.3. Wilma - Combined HTTP/HTTPS service stub and transparent proxy solution. WireMock - Flexible library for stubbing and mocking web services. Unlike general purpose mocking tools it works by creating an actual HTTP server that your code under test can connect to as it would a real web service. The World Wide Web is the most popular distributed application in history, and Web services and mashups have turned it into a powerful distributed computing platform. But today's web service technologies have lost sight of the simplicity that made the Web successful.
The default Url is determined by the location attribute found in the service description from which the proxy class was generated. Derived classes supporting specific protocols, such as HttpGetClientProtocol and HttpPostClientProtocol might add extra information to Url to make the XML Web service request.
Different books and different organizations provide different definitions to Web Services. Some of them are listed here.
To summarize, a complete web service is, therefore, any service that −
Components of Web Services
The basic web services platform is XML + HTTP. All the standard web services work using the following components −
All these components have been discussed in the Web Services Architecture chapter.
How Does a Web Service Work?
A web service enables communication among various applications by using open standards such as HTML, XML, WSDL, and SOAP. A web service takes the help of −
You can build a Java-based web service on Solaris that is accessible from your Visual Basic program that runs on Windows.
You can also use C# to build new web services on Windows that can be invoked from your web application that is based on JavaServer Pages (JSP) and runs on Linux.
Example
Consider a simple account-management and order processing system. The accounting personnel use a client application built with Visual Basic or JSP to create new accounts and enter new customer orders.
The processing logic for this system is written in Java and resides on a Solaris machine, which also interacts with a database to store information.
The steps to perform this operation are as follows −
Here are the benefits of using Web Services −
![]() Exposing the Existing Function on the network
A web service is a unit of managed code that can be remotely invoked using HTTP. That is, it can be activated using HTTP requests. Web services allow you to expose the functionality of your existing code over the network. Once it is exposed on the network, other applications can use the functionality of your program.
Interoperability
Web services allow various applications to talk to each other and share data and services among themselves. Other applications can also use the web services. For example, a VB or .NET application can talk to Java web services and vice versa. Web services are used to make the application platform and technology independent.
Standardized Protocol
Web services use standardized industry standard protocol for the communication. All the four layers (Service Transport, XML Messaging, Service Description, and Service Discovery layers) use well-defined protocols in the web services protocol stack. This standardization of protocol stack gives the business many advantages such as a wide range of choices, reduction in the cost due to competition, and increase in the quality.
Low Cost Communication
Web services use SOAP over HTTP protocol, so you can use your existing low-cost internet for implementing web services. This solution is much less costly compared to proprietary solutions like EDI/B2B. Besides SOAP over HTTP, web services can also be implemented on other reliable transport mechanisms like FTP.
Web services have the following special behavioral characteristics −
XML-Based
Web services use XML at data representation and data transportation layers. Using XML eliminates any networking, operating system, or platform binding. Web services based applications are highly interoperable at their core level.
Loosely Coupled
A consumer of a web service is not tied to that web service directly. The web service interface can change over time without compromising the client's ability to interact with the service. A tightly coupled system implies that the client and server logic are closely tied to one another, implying that if one interface changes, the other must be updated. Adopting a loosely coupled architecture tends to make software systems more manageable and allows simpler integration between different systems.
Coarse-Grained
Object-oriented technologies such as Java expose their services through individual methods. An individual method is too fine an operation to provide any useful capability at a corporate level. Building a Java program from scratch requires the creation of several fine-grained methods that are then composed into a coarse-grained service that is consumed by either a client or another service.
Businesses and the interfaces that they expose should be coarse-grained. Web services technology provides a natural way of defining coarse-grained services that access the right amount of business logic.
Ability to be Synchronous or Asynchronous
Synchronicity refers to the binding of the client to the execution of the service. In synchronous invocations, the client blocks and waits for the service to complete its operation before continuing. Asynchronous operations allow a client to invoke a service and then execute other functions.
Asynchronous clients retrieve their result at a later point in time, while synchronous clients receive their result when the service has completed. Asynchronous capability is a key factor in enabling loosely coupled systems.
Supports Remote Procedure Calls(RPCs)
Web services allow clients to invoke procedures, functions, and methods on remote objects using an XML-based protocol. Remote procedures expose input and output parameters that a web service must support.
Component development through Enterprise JavaBeans (EJBs) and .NET Components has increasingly become a part of architectures and enterprise deployments over the past couple of years. Both technologies are distributed and accessible through a variety of RPC mechanisms.
A web service supports RPC by providing services of its own, equivalent to those of a traditional component, or by translating incoming invocations into an invocation of an EJB or a .NET component.
Supports Document Exchange
One of the key advantages of XML is its generic way of representing not only data, but also complex documents. These documents can be as simple as representing a current address, or they can be as complex as representing an entire book or Request for Quotation (RFQ). Web services support the transparent exchange of documents to facilitate business integration.
There are two ways to view the web service architecture −
Web Service Roles
There are three major roles within the web service architecture −
Service Provider
This is the provider of the web service. The service provider implements the service and makes it available on the Internet.
Service Requestor
This is any consumer of the web service. The requestor utilizes an existing web service by opening a network connection and sending an XML request.
Service Registry
This is a logically centralized directory of services. The registry provides a central place where developers can publish new services or find existing ones. It therefore serves as a centralized clearing house for companies and their services.
Web Service Protocol Stack
A second option for viewing the web service architecture is to examine the emerging web service protocol stack. The stack is still evolving, but currently has four main layers.
Service Transport
This layer is responsible for transporting messages between applications. Currently, this layer includes Hyper Text Transport Protocol (HTTP), Simple Mail Transfer Protocol (SMTP), File Transfer Protocol (FTP), and newer protocols such as Blocks Extensible Exchange Protocol (BEEP).
XML Messaging
This layer is responsible for encoding messages in a common XML format so that messages can be understood at either end. Currently, this layer includes XML-RPC and SOAP.
Service Description
This layer is responsible for describing the public interface to a specific web service. Currently, service description is handled via the Web Service Description Language (WSDL).
Service Discovery
This layer is responsible for centralizing services into a common registry and providing easy publish/find functionality. Currently, service discovery is handled via Universal Description, Discovery, and Integration (UDDI).
As web services evolve, additional layers may be added and additional technologies may be added to each layer.
The next chapter explains the components of web services.
Few Words about Service Transport![]()
The bottom of the web service protocol stack is service transport. This layer is responsible for actually transporting XML messages between two computers.
Hyper Text Transfer Protocol (HTTP)
Currently, HTTP is the most popular option for service transport. HTTP is simple, stable, and widely deployed. Furthermore, most firewalls allow HTTP traffic. This allows XMLRPC or SOAP messages to masquerade as HTTP messages. This is good if you want to integrate remote applications, but it does raise a number of security concerns.ise a number of security concerns.
Blocks Extensible Exchange Protocol (BEEP)
This is a promising alternative to HTTP. BEEP is a new Internet Engineering Task Force (IETF) framework for building new protocols. BEEP is layered directly on TCP and includes a number of built-in features, including an initial handshake protocol, authentication, security, and error handling. Using BEEP, one can create new protocols for a variety of applications, including instant messaging, file transfer, content syndication, and network management.
SOAP is not tied to any specific transport protocol. In fact, you can use SOAP via HTTP, SMTP, or FTP. One promising idea is therefore to use SOAP over BEEP.
Over the past few years, three primary technologies have emerged as worldwide standards that make up the core of today's web services technology. These technologies are discussed below.
XML-RPC
This is the simplest XML-based protocol for exchanging information between computers.
To learn more about XML-RPC, visit our XML-RPC Tutorial.
SOAP
SOAP is an XML-based protocol for exchanging information between computers.
To learn more about SOAP, visit our SOAP Tutorial.
WSDL
WSDL is an XML-based language for describing web services and how to access them.
To learn more about WSDL, visit our WSDL Tutorial.
UDDI
UDDI is an XML-based standard for describing, publishing, and finding web services.
To learn more about UDDI, visit our UDDI Tutorial.
Based on the web service architecture, we create the following two components as a part of web services implementation −
Service Provider or Publisher
This is the provider of the web service. The service provider implements the service and makes it available on the Internet or intranet.
We will write and publish a simple web service using .NET SDK.
Service Requestor or Consumer
This is any consumer of the web service. The requestor utilizes an existing web service by opening a network connection and sending an XML request.
We will also write two web service requestors: one web-based consumer (ASP.NET application) and another Windows application-based consumer.
Given below is our first web service example which works as a service provider and exposes two methods (add and SayHello) as the web services to be used by applications. This is a standard template for a web service. .NET web services use the .asmx extension. Note that a method exposed as a web service has the WebMethod attribute. Save this file as FirstService.asmx in the IIS virtual directory (as explained in configuring IIS; for example, c:MyWebSerces).
To test a web service, it must be published. A web service can be published either on an intranet or the Internet. We will publish this web service on IIS running on a local machine. Let us start with configuring the IIS.
To test whether the IIS has been configured properly, copy an HTML file (For example, x.html) in the virtual directory (C:MyWebServices) created above. Now, open Internet Explorer and type http://localhost/MyWebServices/x.html. It should open the x.html file.
Note − If it does not work, try replacing the localhost with the IP address of your machine. If it still does not work, check whether IIS is running; you may need to reconfigure the IIS and the Virtual Directory.
To test this web service, copy FirstService.asmx in the IIS virtual directory created above (C:MyWebServices). Open the web service in Internet Explorer (http://localhost/MyWebServices/FirstService.asmx). It should open your web service page. The page should have links to two methods exposed as web services by our application. Congratulations! You have written your first web service!
Testing the Web Service
As we have just seen, writing web services is easy in the .NET Framework. Writing web service consumers is also easy in the .NET framework; however, it is a bit more involved. As said earlier, we will write two types of service consumers, one web-based and another Windows application-based consumer. Let us write our first web service consumer.
Web-Based Service Consumer
Write a web-based consumer as given below. Call it WebApp.aspx. Note that it is an ASP.NET application. Save this in the virtual directory of the web service (c:MyWebServicesWebApp.axpx).
This application has two text fields that are used to get numbers from the user to be added. It has one button, Execute, that when clicked gets the Add and SayHello web services.
After the consumer is created, we need to create a proxy for the web service to be consumed. This work is done automatically by Visual Studio .NET for us when referencing a web service that has been added. Here are the steps to be followed −
Windows Application-Based Web Service Consumer
Writing a Windows application-based web service consumer is the same as writing any other Windows application. You only need to create the proxy (which we have already done) and reference this proxy when compiling the application. Following is our Windows application that uses the web service. This application creates a web service object (of course, proxy) and calls the SayHello, and Add methods on it.
Compile it using
c:>csc /r:FirstService.dll WinApp.cs . It will create WinApp.exe. Run it to test the application and the web service.
Now, the question arises: How can you be sure that this application is actually calling the web service?
It is simple to test. Stop your web server so that the web service cannot be contacted. Now, run the WinApp application. It will fire a runtime exception. Now, start the web server again. It should work.
Security is critical to web services. However, neither XML-RPC nor SOAP specifications make any explicit security or authentication requirements.
There are three specific security issues with web services −
Confidentiality
If a client sends an XML request to a server, can we ensure that the communication remains confidential?
Answer lies here −
A single web service may consist of a chain of applications. For example, one large service might tie together the services of three other applications. In this case, SSL is not adequate; the messages need to be encrypted at each node along the service path, and each node represents a potential weak link in the chain. Currently, there is no agreed-upon solution to this issue, but one promising solution is the W3C XML Encryption Standard. This standard provides a framework for encrypting and decrypting entire XML documents or just portions of an XML document. You can check it at www.w3.org/Encryption
Authentication
If a client connects to a web service, how do we identify the user? Is the user authorized to use the service?
The following options can be considered but there is no clear consensus on a strong authentication scheme.
Network Security
There is currently no easy answer to this problem, and it has been the subject of much debate. For now, if you are truly intent on filtering out SOAP or XML-RPC messages, one possibility is to filter out all HTTP POST requests that set their content type to text/xml.
Another alternative is to filter the SOAPAction HTTP header attribute. Firewall vendors are also currently developing tools explicitly designed to filter web service traffic.
This chapter gives you an idea of all the latest standards related to web services.
Transports
BEEP, the Blocks Extensible Exchange Protocol (formerly referred to as BXXP), is a framework for building application protocols. It has been standardized by IETF and it does for Internet protocols what XML has done for data.
Messaging
These messaging standards and specifications are intended to give a framework for exchanging information in a decentralized, distributed environment.
Description and DiscoveryHat Tip 1 3 – Http Web Services Client Sfr Client
Web services are meaningful only if potential users may find information sufficient to permit their execution. The focus of these specifications and standards is the definition of a set of services supporting the description and discovery of businesses, organizations, and other web services providers; the web services they make available; and the technical interfaces which may be used to access those services.
Hat Tip 1 3 – Http Web Services Client Sfr EspaceSecurity
Using these security specifications, applications can engage in secure communication designed to work with the general web services framework.
Management
Web services manageability is defined as a set of capabilities for discovering the existence, availability, health, performance, usage, as well as the control and configuration of a web service within the web services architecture. As web services become pervasive and critical to business operations, the task of managing and implementing them is imperative to the success of business operations.
In this tutorial, you have learnt how to use web services. However, a web service also include components such as WSDL, UDDI, and SOAP that contribute to make it active. The next step is to learn WSDL, UDDI, and SOAP.
WSDL
WSDL is an XML-based language for describing web services and how to access them.
WSDL describes a web service, along with the message format and protocol details for the web service.
To learn more about WSDL, visit our WSDL Tutorial.
UDDI
UDDI is an XML-based standard for describing, publishing, and finding web services.
To learn more about UDDI, visit our UDDI Tutorial.
SOAP
SOAP is a simple XML-based protocol that allows applications to exchange information over HTTP.
Hat Tip 1 3 – Http Web Services Client Sfr Messagerie
To learn more about SOAP, visit our SOAP Tutorial.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |