Академический Документы
Профессиональный Документы
Культура Документы
NET
Airline
HTML
L
HT
T M
M
H
L
Presentation
tier
BusLogic
tier
OS/Data
tier
The Web Services protocol stack
Founded on industry standard protocols XML and HTTP
SOAP Requests
demo
Drilling into SOAP Messages
<s:Envelope xmlns:s=“http://www.w3.org/2001/09/soap-envelope”>
<s:Envelope xmlns:s=“http://www.w3.org/2001/09/soap-envelope”>
<s:Header>
<s:Header>
<c:alertcontrol xmlns:c=“http://example.org/alctl”>
<c:alertcontrol xmlns:c=“http://example.org/alctl”>
<c:priority>1</c:priority>
<c:priority>1</c:priority>
<c:expires>2001-10-25T14:00:00</c:expires>
<c:expires>2001-10-25T14:00:00</c:expires>
</c:alertcontrol>
</c:alertcontrol>
</s:Header>
</s:Header>
<s:Body>
<s:Body>
<m:alert xmlns:m=“http://example.org/alert”>
<m:alert xmlns:m=“http://example.org/alert”>
<m:msg>Pick up Mary at school at 2pm</m:msg>
<m:msg>Pick up Mary at school at 2pm</m:msg>
</m:alert>
</m:alert>
</s:Body>
</s:Body>
</s:Envelope>
</s:Envelope>
Demo – Use proxyTrace to watch
SOAP messages
demo
Adding meta-data to your service
• You can add useful information to your Web
Service’s browse page with attribute
parameters:
• This information also appears in the Web
Service’s WSDL description
[WebService(Description=“Foo Service”, NameSpace=“http…”)]
[WebService(Description=“Foo Service”, NameSpace=“http…”)]
Public Class Foo
Public Class Foo
{
{
[WebMethod(Description=“Hello method”)]
[WebMethod(Description=“Hello method”)]
public string Hello( string strName)
public string Hello( string strName)
{ … }
{ … }
…
…
}
}
Demo – Adding meta-data to your
Web Service
demo
Agenda
• Building the Programmable Web
• Web Services in .NET
• Furthering standards: GXA
• Summary
There are still some gaps to fill…
End-to-end security including
authentication, authorization, Security
message integrity and encryption
Reliable Messaging …
Description
GXA Design Principles
• General-purpose
• Agnostic to application domain
• Standards-based
• Multi-vendor interoperation critical
• Federated
• No central point of administration, control or
failure
• Modular
• Factored to stand alone or work together
General-Purpose
• Universal communications • Application category neutral
• Across machine • Enterprise application
• Across process integration
• Business-to-business
• Flexible communications • Business-to-consumer
• Extensible headers • Peer-to-peer
• Extensible body
• Extensible communication • Platform neutral
topology • Devices
• Transport protocol neutral
• Desktops
• Clusters
• Datacenters
Standards-Based
• We are committed to…
• Publishing GXA specifications
• Working with partners to refine specifications
• Working with partners, customers, and
standards bodies for broad adoption
• WS-Security submitted to OASIS
• WS-I likely to profile security and other functionality
Federated
• Fully distributed
• Builds upon DNS and IP
• Strong affinity towards hierarchical URI
• Crosses organization and trust domains
• Can be inspected by firewalls
• Can interoperate with Kerberos and PKI
• Does not require centralized servers
or administration
Modular
• GXA framework layered on SOAP/WSDL
extensibility hooks
• GXA surfaced as composable headers for SOAP
messages
• GXA specifications are highly factored
• Often coalesced as they evolve
• GXA specifications are combined to provide end-
to-end capabilities
• GXA protocols augment problem domain-specific
protocols (e.g., banking)
Modular: Example
<?xml version="1.0" encoding="utf-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
SOAP xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
Message <S:Header>
<m:path xmlns:m="http://schemas.xmlsoap.org/rp">
<m:action>http://tickers-r-us.org/getQuote</m:action>
<m:to>soap://tickers-r-us.org/stocks</m:to>
Routing <m:from>mailto:johnsmith@isps-r-us.com</m:from>
<m:id>uuid:84b9f5d0-33fb-4a81-b02b-5b760641c1d6</m:id>
</m:path>
<wssec:Security
xmlns:wssec="http://schemas.xmlsoap.org/ws/2002/04/secext">
<wssec:BinarySecurityToken
ValueType="wssec:X509v3"
Security EncodingType=“wssec:Base64Binary">
dWJzY3JpYmVyLVBlc…..eFw0wMTEwMTAwMD
</wssec:BinarySecurityToken>
</wssec:Security>
</S:Header>
<S:Body>
<app:TrafficStatus
xmlns:app="http://highwaymon.org/payloads">
<road>520W</road><speed>3MPH</speed>
</app:TrafficStatus>
</S:Body>
</S:Envelope>
WS-Security 1.0
• A specification for proposed SOAP
extensions to be used when building secure
Web services.
• Supercedes the following specifications
• SOAP-SEC
• Microsoft’s WS-Security, WS-License
• IBM’s security token and encryption
• Dependent upon XML DIGSIG, XML Encryption,
XML Schema, SOAP…
• Defined schema
WS-Security 1.0
• Protection
• Integrity = XML Signature + Security Tokens
• Confidentiality = XML Encryption + Security
Tokens
Non-Goals of WS-Security
• Establishing a security context that requires
multiple exchanges
• Key exchange and derived keys
• How trust is established
• Policy Enforcement
• Provisioning of certificates
• XKMS
WS-Security 1.0
WS-Secure
Conversation
WS-Federation WS-Authorization
Today WS-Security
SOAP