web services n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Web Services PowerPoint Presentation
Download Presentation
Web Services

Loading in 2 Seconds...

play fullscreen
1 / 11
grace-guy

Web Services - PowerPoint PPT Presentation

71 Views
Download Presentation
Web Services
An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Web Services Software Implementation VINAY AHUJA Columbia University E6125: Web Enhanced Info Mgmt Spring 2008 va2199@columbia.edu

  2. About Web Services • Another client / server technology … but different • Platform Independent • Heavily XML based • Overrides client / server paradigm mismatch • Different Programming Languages • Different Operating Systems • HTTP Communication • Promotes internet scale applications • Aligns well with Internet proxies

  3. Server Side APPLICATION SERVER (Apache Tomcat) SOAP ENGINE (Apache Axis) Web Services Web Services

  4. Intermediate Processes • Deploy with a descriptor • Generate the WSDL • Java2WSDL • Generate the Server / Client Stubs • WSDL2Java • Modify stubs to match business logic • Redeploy • Use stubs to invoke web services

  5. Client & Server INTERNET CLIENT SERVER PROGRAMS WEB SERVICES STUBS STUBS HTTP Request <?xml version… <soapenv:Envelope … <soapenv:Body> … … … </soapenv:Body> </soapenv:Envelope … HTTP Response

  6. Complex Types • string, int, long vs. ‘Student’ object • WSDL includes what ‘Student’ represents - <wsdl:types> - <schema targetNamespace="urn:StudentService" xmlns="http://www.w3.org/2001/XMLSchema"> <import namespace="http://schemas.xmlsoap.org/soap/encoding/" /> - <complexType name="Student"> - <sequence> <element name="active" nillable="true" type="xsd:string" /> <element name="city" nillable="true" type="xsd:string" /> <element name="department" nillable="true" type="xsd:string" /> <element name="email" nillable="true" type="xsd:string" /> <element name="firstName" nillable="true" type="xsd:string" /> <element name="lastName" nillable="true" type="xsd:string" /> <element name="middleName" nillable="true" type="xsd:string" /> <element name="phone" nillable="true" type="xsd:string" /> <element name="state" nillable="true" type="xsd:string" /> <element name="streetAddress" nillable="true" type="xsd:string" /> <element name="studentId" type="xsd:long" /> <element name="zip" nillable="true" type="xsd:string" /> </sequence> </complexType> </schema> </wsdl:types>

  7. Student Services Modules Student Mgmt Course Mgmt Bank Account Schedule Bursars

  8. Student ‘Web’ Services Architecture Apache Tomcat H I BERNATE SERVLETS Apache Axis DB PostgreSQL BROWSER Student WS Course WS Bursars WS* Bank Account WS* * WS-Security

  9. SOAP Envelope (Unsecure) <?xml version="1.0" encoding="utf-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <soapenv:Body> <ns1:addStudentsoapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns1="http://ws.student.columbia.edu"> </ns1:addStudent> <multiRef id="id0" soapenc:root="0" soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xsi:type="ns2:Student" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns2="urn:StudentService"> <email xsi:type="xsd:string">va2199@columbia.edu</email> <firstNamexsi:type="xsd:string">Vinay</firstName> <lastNamexsi:type="xsd:string">Ahuja</lastName> </multiRef> </soapenv:Body> </soapenv:Envelope>

  10. Security – WS Specification • WS Security • OASIS Standard Specification • UsernameToken Extensions <wsse:UsernameToken> <wsse:Password> • PasswordText and PasswordDigest • Replay Attacks: • Nonce • Created • WSS4J API (Apache)

  11. SOAP Envelope (Secure) • Secure Financial Transactions • PasswordDigest must be known by both client and server • Implement javax.security.auth.callback.CallbackHandler <S11:Envelope xmlns:S11="..." xmlns:wsse="..." xmlns:wsu= "..."> <S11:Header> ... <wsse:Security> <wsse:UsernameToken> <wsse:Username>va2199</wsse:Username> <wsse:Password Type="...#PasswordDigest">zwgIY4jvDd5ksWgkThjFE3fHhf3gHLw==99</wsse:Password> <wsse:Nonce>WSRbwjfbDWHg3nWMOt3SHB==</wsse:Nonce> <wsu:Created>2008-04-06T05:-6:23Z</wsu:Created> </wsse:UsernameToken> </wsse:Security> ... </S11:Header> ... </S11:Envelope>