1 / 29

WEBSERVICES

WEBSERVICES. Surma Mukhopadhyay BUS 665. Paper presented. An Introduction to Oracle Web Services Manager An Oracle White Paper May 2005 [ http://www.oracle.com/johnblade/pdf/oracle_webservices.pdf ] WebServices Activity [ http://www.w3.org/2002/ws/ ]. Contents:.

hina
Download Presentation

WEBSERVICES

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WEBSERVICES Surma Mukhopadhyay BUS 665

  2. Paper presented • An Introduction to Oracle Web Services Manager An Oracle White Paper May 2005 [http://www.oracle.com/johnblade/pdf/oracle_webservices.pdf] • WebServices Activity [http://www.w3.org/2002/ws/]

  3. Contents: Topic 1: An introduction to ORACLE Webservice Manager Topic 2: Webservices Activity

  4. What Is Webservices? The World Wide Web is more and more used for application to application communication. The programmatic interfaces made available are referred to as Web services

  5. Positive & Negative Sides of Webservice Positive side: Increase access to useful data Cut time to market Negative side: Increases compliance risk Security holes

  6. What Is ORACLE Web Service Manager? Oracle Web Services Manager (WSM) is a Web Services security and management solution that provides the visibility and control required to deploy Web Services into production The advantage of using WSM: With Oracle WSM, organizations can enjoy a common security infrastructure for all Web service applications This allows best practice security policies and monitoring to be deployed across existing or new services

  7. How WSM Works • With Oracle WSM, an administrator creates security and management policies using a browser-based tool • A typical Web Service security policy might be: 1. Decrypt the incoming XML message 2. Extract the user’s credentials 3. Perform an authentication for this user 4. Perform an authorization check for this user and this Web Service 5. Write a log record of the above information 6. If all steps are successful, pass the message to the intended Web 7. If not, return an error and write an exception record

  8. How WSM Works cont. • The WSM product would then intercept every incoming request to a Web Service and apply the policy above • As the policy is executed, the WSM collects statistics about its operations and sends these to a monitoring server • The monitor displays errors, service availability data, etc • As a result, each Web Service in an enterprise network can automatically gain security and management control

  9. Key Features Web Services access control and single sign-on Centralized security policy management with localized enforcement Unified monitoring of cross-organization Web Services application

  10. Key benefits of WSM • Increased security • Lower development cost • Easier compliance reporting

  11. Oracle WebServices Manager Components • The WSM Platform consists of four components: Policy Manager, Gateways, Agents, and Monitor. Gateways and Agents are two policy enforcement points • The Oracle WSM provides significant architectural flexibility via the combination of Gateways and Agents

  12. Webservice Policy Manager • The WSM Policy Manager is a browser-based, graphical tool for creating and versioning security and management policies, using pre-built or custom policy steps Examples of policy steps are: decrypt the XML payload, perform an LDAP authentication, log an audit record, perform an authorization, etc • Policy steps are linked together into a policy pipeline • This pipeline can be executed at a single Web Service, a subset, or all Web Services

  13. Webservice Management Gateway • The WSM Gateway operates independently of the Services it protects, acting as a proxy to Service clients • The Gateway can virtualize an underlying Web Service, so that clients do not learn the address details of the Service • Gateways can enforce most policy steps, but also have the unique ability to route messages based on message or attachment content • The Gateway can transform messages from one format or protocol to another from XML-over-HTTP to JMS • Gateways are often deployed in an organization’s DMZ, to route messages to specific Services and obscure Service details from external clients • The Policy Manager periodically sends updates of the policy pipelines to the Gateway

  14. WebService Management Agent • WSM Agent is installed into the same process space as the underlying Service it is protecting • It can support encryption of messages all the way to the endpoint • Since it resides at an endpoint, it cannot route or transform messages • The Policy Manager periodically sends updates to its policy pipelines to the Agent.

  15. WebServices Monitor • As the Gateways and Agents enforce policies on incoming and outgoing messages, they collect statistics about response times, exceptions, etc • These statistics are sent in real-time to the WSM Monitor, a Web-based dashboard for monitoring service level agreements, service availability, and service responsiveness • The Monitor can alert administrators when boundary conditions are met • It can also automatically communicate with the Policy Manager to activate new policies

  16. WSM

  17. WebService Activity The goal of the Web Services Activity is to develop a set of technologies in order to lead Web services to their full potential Here we are going to discuss the W3C's work on this topic in more detail [Note: The World Wide Web Consortium (W3C) develops interoperable technologies (specifications, guidelines, software, and tools) to lead the Web to its full potential. W3C is a forum for information, commerce, communication, and collective understanding www.w3.org]

  18. Activity Group The Activity, coordinated by one coordination group and one interest group The coordination group works in six different subroups as follows: • Semantic Annotations for Web Services Description Language Working Group • Web Services Addressing Working Group • Web Services Choreography Working Group • Web Services Description Working Group • Web Services Policy Working Group • XML Protocol Working Group • XML Schema Patterns for Databinding Working Group The interest group consists of Semantic Web Services Interest Group

  19. Semantic Annotations for Web Services Description Language Working Group • The objective of the Working Group is to develop a mechanism to enable semantic annotation of Web services • This mechanism will take advantage of the WSDL 2.0 extension mechanisms to build a simple and generic support for adding semantic descriptions for Web services • Semantic Annotations for WSDL and XML Schema (SAWSDL) specification defines mechanisms using which semantic annotations can be added to WSDL components

  20. The Key Design Points of SAWSDL • The specification enables semantic annotations for Web services using and building on the existing extensibility framework of WSDL. • It is agnostic to semantic representation languages. • It enables semantic annotations for Web services not only for discovering Web services but also for invoking them.

  21. SAWSDL: Extensions in WSDL • ModelReference: This is to specify the association between a WSDL component and a concept in some semantic model. • LiftingSchemaMapping and LoweringSchemaMapping: They add to XML Schema element declarations, complex type definitions and simple type definitions for specifying mappings between semantic data and XML.

  22. Webservice Addressing Web Services Addressing provides transport-neutral mechanisms to address Web services and messages Here are some useful links to know much about webservice addressing: • Web Services Addressing - Core [http://dev.w3.org/cvsweb/~checkout~/2004/ws/addressing/ws-addr-core.html?content-type=text/html;%20charset=utf-8] • Web Services Addressing - SOAP Binding [http://dev.w3.org/cvsweb/~checkout~/2004/ws/addressing/ws-addr-soap.html?content-type=text/html;%20charset=utf-8] • Web Services Addressing Metadata [http://dev.w3.org/cvsweb/~checkout~/2004/ws/addressing/ws-addr-wsdl.html?content-type=text/html;%20charset=utf-8] • Web Services Addressing XML Schema [http://dev.w3.org/cvsweb/~checkout~/2004/ws/addressing/ws-addr.xsd] • Web Services Addressing Metadata XML Schema [http://dev.w3.org/cvsweb/~checkout~/2004/ws/addressing/ws-addr-wsdl.xsd]

  23. Web Services Choreography Working Group • As the momentum around Web Services grows, the need for effective mechanisms to co-ordinate the interactions among Web Services and their users becomes more pressing • The Web Services Choreography Working Group has been tasked with the development of such a mechanism in an interoperable way [Link: http://www.w3.org/2002/ws/chor/]

  24. Web Services Description Working Group One of the requirements for the development of Web services is the ability to describe the interface, the boundary across which applications (Web services user agents and Web services) communicate The Web Services Description Working Group is chartered to design the following components of the interface: The message: a definition for the types and structures of the data being exchanged The message exchange patterns: the descriptions of the sequence of operations supported by a Web service The protocol binding: a mechanism for binding a protocol used by a Web service, independently of its message exchange patterns and its messages [http://www.w3.org/2002/ws/desc/]

  25. Web Services Policy Working Group The mission of the Web Services Policy Working Group is to produce W3C recommendations for Web Services Policy Web Services Policy defines a flexible policy data model and an extensible grammar for expressing the capabilities, requirements and general characteristics of a Web service It also presents the mechanisms for associating policies with Web service constructs [http://www.w3.org/2002/ws/policy/]

  26. XML protocol working group • The Working Group is responsible for updating errata documents and publishing new editions incorporating published errata • In addition to the maintenance effort, the XML Protocol Working Group is chartered to work on SOAP Version 1.2 extensions [http://www.w3.org/2000/xp/Group/]

  27. XML Schema Patterns for Databinding Working Group • The mission of this Working Group is to define a set of XML Schema patterns that will be efficiently implementable by the broad community who use XML databindings • Agreeing on a set of XML Schema patterns for which databinding optimizations can be made will facilitate the ability of Web services and other toolkits to expose a more comprehensible data model to the developer [http://www.w3.org/2002/ws/databinding/]

  28. Semantic Web Services Interest Group The Semantic Web Services Interest Group is part of the Web Services Activity. The purpose of the Semantic Web Services Interest Group is to provide an open forum for W3C Members and non-Members to discuss Web Services topics essentially oriented towards integration of Semantic Web technology into the ongoing Web Services work at W3C. [link: http://www.w3.org/2002/ws/swsig/]

  29. Conclusion In this way, an organization can construct “best practice” security policies and ensure that these are enforced no matter how the Service is implemented or designed

More Related