an architecture for an ebxml message service handler l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
An Architecture for an ebXML Message Service Handler PowerPoint Presentation
Download Presentation
An Architecture for an ebXML Message Service Handler

Loading in 2 Seconds...

play fullscreen
1 / 20

An Architecture for an ebXML Message Service Handler - PowerPoint PPT Presentation


  • 310 Views
  • Uploaded on

An Architecture for an ebXML Message Service Handler. Peter Stamps, Software AG, Darmstadt peter.stamps@softwareag.com. Topics. Objective and Design Goals of an ebXML Message Service Handler The message layout The architecture and functions Benefits of using Tamino – a Native XML Server

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'An Architecture for an ebXML Message Service Handler' - Mercy


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
an architecture for an ebxml message service handler

An Architecture for an ebXML Message Service Handler

Peter Stamps, Software AG, Darmstadt

peter.stamps@softwareag.com

topics
Topics
  • Objective and Design Goals of an ebXML Message Service Handler
  • The message layout
  • The architecture and functions
  • Benefits of using Tamino – a Native XML Server
  • Some security considerations
objective of ebxml message service handler msh
Objective of ebXML Message Service Handler (MSH)
  • The objective of an ebXML Message Service Handler (MSH) is to provide:

1. application interoperability and 2. integration services 3. based on XML standards4. irrespective of the middleware solutions that are already in place

design goals for message service handler
Design goals for Message Service Handler
  • Based on standards: XML, XSLT, HTTP, SMTP, SOAP
  • Flexible and adaptable processing
  • Open framework for customer specific processing
  • Use native XML as much as possible
  • Allow integration of existing middleware (MQ, Seebeyond, EntireX,…)
  • Support legacy integration
  • Provide encryption and signature support (XML signature, XML encryption)
  • Provide easy security integration
  • Support access to repositories (UDDI, ebXML repos)
fundamental connectivity aspects
Fundamental connectivity aspects
  • 3 fundamental aspects of any connectivity solution: addressing, business information and security
    • Addressing allows applications that support the business processes to exchange messages with each other
    • Business information is what applications act on in support of the business processes
    • Security allows exchange of information in a save way
message layout email soap ebxml

SOAP envelope

SOAP envelope

SOAP header

SOAP header

eb:MessageHeader

eb:MessageHeader

eb:TraceHeaderList

eb:TraceHeaderList

eb:Acknowledgement

eb:Acknowledgement

eb:Via

eb:Via

SOAP body

SOAP body

eb:Manifest

eb:Manifest

Message Layout:email, SOAP, ebXML

MIME envelope

MIME part

MIME part

Payload

MIME part

Payload

example message soap ebxml
Example Message: SOAP, ebXML

<eb:MessageHeader id="SAG-338661" eb:version="1.0" SOAP-ENV:mustUnderstand="1">-

<eb:From> <eb:PartyId eb:type="SAG_PartyID">ElectraCorp.Sales.Netherlands</eb:PartyId> </eb:From>-

<eb:To><eb:PartyId eb:type="SAG_PartyID">ElectraCorp.Sales.Netherlands</eb:PartyId> </eb:To>

<eb:CPAId>http://www.ElectraCorp.SAG/cpa/inter_domain/d1_d2.xml</eb:CPAId>

<eb:Service eb:type="SAG_service">OrderProcessing</eb:Service>

<eb:Action>NewPurchaseOrder</eb:Action>-

<eb:MessageData>

<eb:MessageId>mid:UUID-2</eb:MessageId>

<eb:Timestamp>2000-07-25T12:19:05Z</eb:Timestamp>

<eb:RefToMessageId>mid:UUID-1</eb:RefToMessageId>

</eb:MessageData>

<<eb:QualityOfServiceInfoeb:deliverySemantics="OnceAndOnlyOnce" eb:messageOrderSemantics="Guaranteed" eb:deliveryReceiptRequested="Signed" /></eb:MessageHeader>-

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2000/10/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/soap/envelope/ http://ebxml.org/project_teams/transport/envelope.xsd" xmlns:eb="http://www.ebxml.org/namespaces/messageHeader" xmlns:ino="http://namespaces.softwareag.com/tamino/response2" xmlns:xql="http://metalab.unc.edu/xql/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">-

<SOAP-ENV:Header>-

<eb:MessageHeader id="SAG-338661" eb:version="1.0" SOAP-ENV:mustUnderstand="1">-

<eb:From> <eb:PartyId eb:type="SAG_PartyID">ElectraCorp.Sales.Netherlands</eb:PartyId> </eb:From>-

<eb:To><eb:PartyId eb:type="SAG_PartyID">ElectraCorp.Sales.Netherlands</eb:PartyId> </eb:To>

<eb:CPAId>http://www.ElectraCorp.SAG/cpa/inter_domain/d1_d2.xml</eb:CPAId>

<eb:Service eb:type="SAG_service">OrderProcessing</eb:Service>

<eb:Action>NewPurchaseOrder</eb:Action>-

<eb:MessageData>

<eb:MessageId>mid:UUID-2</eb:MessageId>

<eb:Timestamp>2000-07-25T12:19:05Z</eb:Timestamp>

<eb:RefToMessageId>mid:UUID-1</eb:RefToMessageId>

</eb:MessageData>

<<eb:QualityOfServiceInfoeb:deliverySemantics="OnceAndOnlyOnce" eb:messageOrderSemantics="Guaranteed" eb:deliveryReceiptRequested="Signed" /></eb:MessageHeader>-

<eb:TraceHeaderList eb:id="XMLSAG" eb:version="1.0" SOAP-ENV:mustUnderstand="1">-

<eb:TraceHeader>-

<eb:Sender>

<eb:PartyId>urn:SAGscheme.com:id:Sales-id</eb:PartyId>

<eb:Location>http://www.ElectraCorp.SAG/Sales/MessageServiceHub1</eb:Location>

</eb:Sender>-

<eb:Receiver>

<eb:PartyId>urn:SAGscheme.com:id:Production-id</eb:PartyId>

<eb:Location>http://www.ElectraCorp.SAG/Production/MessageServiceHub4</eb:Location>

</eb:Receiver>

<eb:Timestamp>2000-12-16T21:19:35Z</eb:Timestamp>

</eb:TraceHeader>

</eb:TraceHeaderList><eb:ViaSOAP-ENV:mustUnderstand="1" eb:version="1.0" SOAP-ENV:actor="http://schemas.xmlsoap.org/soap/actor/next" eb:syncReply="false" />

</SOAP-ENV:Header>-

<SOAP-ENV:Body>-

<eb:Manifest xmlns:eb="http://www.ebxml.org/namespaces/messageHeader" id="X0011" SOAP-ENV:mustUnderstand="1" eb:version="1.0">-

<eb:Reference id="X0012" xlink:href="cid:ebxmlpayload@www.ElectraCorp.SAG" xlink:role="XLinkRole" xlink:type="simple"><eb:Description xml:lang="en-us">New Purchase Order</eb:Description>

</eb:Reference>

</eb:Manifest>

</SOAP-ENV:Body>

</SOAP-ENV:Envelope>

from application to transport

ebXML Application

MSH Interface

Message Service Handler

Authentication, authorization and non-repudation services

Header Processing

Encryption, Digital Signature

MSH Services

Error Handling

Message Packaging

Delivery, Send/Receive, Transport mapping and Binding

HTTP

SMTP

IIOP

From application to transport
functions of a msh 1
Functions of a MSH - 1

Within a MSH, the following functions are distinguished:

  • Header Processing - the creation of the SOAP Header elements for the ebXML Message uses input from the application, passed through the Message Service Interface, information from the CPA that governs the message, and generated information such as digital signature, timestamps and unique identifiers.
  • Header Parsing - extracting or transforming information from a received SOAP Header or Body element into a form that is suitable for processing by the MSH implementation.
  • Security Services - digital signature creation and verification, authentication and authorization. These services may be used by other components of the MSH including the Header Processing and Header Parsing components.
functions of a msh 2
Functions of a MSH - 2
  • Reliable Messaging Services - handles the delivery and acknowledgment of ebXML Messages sent with a delivery requirement of once and only once. The service includes handling for persistence, retry, error notification and acknowledgment of messages requiring reliable delivery.
  • Message Packaging - the final enveloping of an ebXML Message (SOAP Header or Body elements and payload) into its SOAP Messages with Attachments container.
  • Error Handling - this component handles the reporting of errors encountered during MSH or Application processing of a message.
overview of environment

Application

Application

Application

Overview of environment

HTTP/SOAP Gateway

XML

Applications

Application

J2EE,.Net, Other Web Services

XML Config

XSLT + CPA

Logging

HTTP Server

Legacy Systems

XML Wrapper

Mainframe,Unix, AS400Windows, etc.

XML/SOAP

LDAP

OCSP

XKMS

SAML

e-mail Gateway

Mail

Directory/

Trust Service

Authorization

System

SMTP

EntiteXGateway

MQ

EntireX

….

OCSP=Online Certificate Status Protocol

LDAP=Lightweight Directory Access Protocol

XKMS=XML Key Management Specification

SAML=Security Assertions Markup Language

various

sequencing the processing components of the message service handler
Sequencing the processing components of the Message Service Handler

component

Emerger: examines the contents based on rules and set properties

emerger

Sequence

document

(flow control)

transformer

Transfomer: uses stylesheets (XSLT) to transform the XML stream

aggregator

validator

Gate-

Way

encryptor

Aggregator: cut and paste portions of various XML streams together based on your specifications

logger

decrementer

Validator: used to validate the XML document - i.e., the payload of an XML message -against a specified DTD or schema

payloadsetter

HTTP Gateway

Other Gateways

Encryptor: allows the encryption/decryption of XML documents

  • HTTP Gateway
  • EntireX XML Wrapper Gateway
  • EntireX Broker Gateway
  • SOAP Gateway
  • E-mail Gateway

PayloadSetter:

allows you to completely replace the XML document portion of the current message with some new XML document

Logger: logs XML documents and properties in file system or Tamino

Decrementer: allows you to decrement a counter in a sequence document

flexible and adaptable processing
Flexible and adaptable processing
  • A XML sequence or emerger document is assigned to an ebXML input document
  • The sequence document describes the flow of (conditional) processing steps
  • In case of errors another sequence can be executed to handle the error properly
  • Each processing step activates a component (e.g. servlet)
  • Each component has (optional) properties for input and control of the process
  • (New) properties can be set and checked to control the flow of following processing steps
  • Standard components are available for various tasks
  • Customer can develop and use its own components
example of a sequence document

<SOAP-ENV:Envelope…..

<eb:CPAId>http://www.ElectraCorp.SAG/cpa/inter_domain/d1_d2.xml</eb:CPAId>

…..

</SOAP-ENV:Envelope>

Example of a sequence document

<sequence>

<block on_error=" http://saghost/error01sequence.xml">

<step component="SagTaminoLogger" logmessage="Original SOAP Envelope with ebXML payload " xbd.taminoLogger.database="http://saghost/tamino/ebXML/LogMessage" />

<step component="SagEmerger" xbd.emerger.modelName="CheckCPAId"

xbd.emerger.modelSourceURL="http://saghost/CPAIdemerger.xml" />

<if property="CPAId.present" relation="exists">

<block on_error=" http://saghost/error02sequence.xml">

<step component="SagLogger" logmessage="before gateway to CPA Server" />

<replicate xbd.aggregator.collection.model="ebXMLmodel"

xbd.aggregator.modelSourceURL="http://saghost/CPAIdaggregator.xml">

<replicant ID="original">

<step component="SagHttpGateway" xbd.http.method="GET"

xbd.http.target.url="http://saghost/tamino/xml/ebxml?_xql =/CollaborationProtocolAgreement[@tp:cpaid='http://www.ElectraCorp.pais/cpa/inter_domain/d1_d2.xml']" />

……

</block>

……

</sequence>

Mediator

the msh architecture explained with example
The MSH architecture – explained with example

ApplicationServer

yes

SOAP-ebXML message

logging

log?

no

yes

XML keyinfo & certificate

decrypt

decrypt?

no

W

E

B

S

E

R

V

E

R

XML signature

yes

verifysignature

authen-ticate?

XML

no

Web

Services

yes

OK?

HTTPgateway

no

errorhandling

collaboration protocolagreement

no

yes

errorhandling

CPA-id

exists?

get CPA

stylesheet

response

transform

XML doc

yes

trans-formation?

XQUERY

no

yes

OK?

no

Variousgateways

OUT

no

final

destination?

errorhandling

yes

application

gateway

the msh architecture benefits tamino as msh repository
The MSH architecture – benefits Tamino as MSH repository

SOAP-ebXML message

  • Native XML storage
    • Validated against XML Schema or DTD
    • Well-formed
  • Non-XML Storage (binary)
  • XQUERY retrieval incl Full text access
  • Transactional node-level update
  • Support for UDDI
  • Xtentions (remote function integration)
  • Xnode (remote data access: rdbms, Adabas)
  • WebDAV & WebServices support
  • Security
  • Replication & Clustering support

XML keyinfo & certificate

XML signature

collaboration protocolagreement

stylesheet

XQUERY

msh message processing transport routing and packaging

World Wide Web

Application

Application

MSH Message processingTransport, routing and packaging

Authentication/Authorize

Call application

Build ebXML SOAP blocks

Final?

Add header info

Encrypt?

Encrypt

Process ebXML information

Create ebXML SOAP message

Encrypt?

Decrypt?

Decrypt

Get ebXML SOAP blocks

Receive ebXML SOAP message

ebXML message

Pass on to the next MSH

security requirements
Security Requirements
  • Confidentiality
    • Only intended recipient should be able to read messages
  • Authentication
    • Service provider must verify identity of requestor
  • Authorization
    • Service provider must verify that requestor is allowed to access the service requested
  • Integrity
    • Service provider must check messages were not modified by some third party
  • Non-repudiation/Accountability
    • Service provider must track usage of services to ensure accountability for transactions processed
  • Data validation
    • Service provider must ensure that content of message is not damaging to the Service
requirements
Requirements

The following technologies satisfy the various security principles

  • Confidentiality
    • SSL, XML Encryption
  • Authentication
    • X.509 certificates (LDAP directories, XKMS services)
  • Authorization
    • SAML, X.509 certificates (Authorization Servers)
  • Integrity
    • XML Signature
  • Non-repudiation/Accountability
    • XML Signature + X.509 certificates
  • Data validation
    • XML Signature, XML Schema and XPath