web services overview - jamkstudent.labranet.jamk.fi/~salesa/mat/soa.pdf · web applications are...
TRANSCRIPT
Web Services Overview
IT-Institute/ets1
A lecture in Cracow University of TechnologyFaculty of Physics, Mathematics and Computer Science
November 2007
Esa SalmikangasJyväskylä University of Applied SciencesSchool of Information Technology
Introduction
� Finland
� Jyväskylä University of Applied Sciences
� Senior Lecturer Mr Esa Salmikangas
IT-Institute/ets2
Finland Facts
Poland 312,679 km²
Poland 39 million
IT-Institute/ets3
Jyväskylä University of Applied Sciences
School of Information Technology
School of Information Technology
About 1000 studentsDegree Programmes:
AutomationElectronics
Data Network TechnologySoftware Engineering
IT-Institute/ets4
Software Engineering
Media Engineering
IT-Institute/ets5
"Things should be made as simple as possible, but no simpler."
Back to business…
IT-Institute/ets6
Albert Einstein
Objectives
� Background
� Microsoft® .NET Framework
� Microsoft ASP.NET
� Web Services Overview
Web Services and SOA
IT-Institute/ets7
� Web Services and SOA
� Concepts and Architecture
� Design and Create Web Services
� Consume Web Services
Contents
� Section 1: Overview
� Section 2: Architecture
� What is SOA Service Orientated Architecture
� Microsoft .NET framework and ASP.NET
� Section 3: Creating Web Services
IT-Institute/ets8
� Section 3: Creating Web Services
� Section 4: Using Web Services
� Invoking and consuming Web Services
� Section 5: Advanced Web Services
� State Management, Security, and Transactions
� Summary
Section 1: Overview
� “Looking Back ...“
� What are Web Services?
� Distributed Web applications
IT-Institute/ets9
Definitions
� The W3C defines a Web service as "a software system designed to support interoperable Machine to Machine interaction over a network."
� Web services are frequently just Web APIs that can be accessed over a network, such as the Internet, and executed on a remote system hosting the
IT-Institute/ets10
and executed on a remote system hosting the requested services.
Conceptualize Your Business� Remember! in business it is always the question of
money, so a new technology is only one tool among many other tools to be better in competition.
� SOA or Web Service is not THE answer for business how we “win”, it is AN answer how we will “survive”.
� So before your start to solve technology, you should
IT-Institute/ets11
� So before your start to solve technology, you should think
� How do you want to think about your own company and its capabilities?
� How do you want your trading partners to think about you?
� What is the view of your capabilities that you wish to publish and to whom ?
� Who owns these definitions ?
� Who owns the operation of these capabilities ?
Where are we coming from…
Workflow
Office
1980 1990 2000 2010
XMLWS
WebLANInternetSOA
IT-Institute/ets12
EDI
Mainframe
?Business
Integration
J2EE.NET
Client / Server
Web/Portal
EAI
B2B
BPM
WS
Looking Back ...
� Traditional distributed computing
� Client/server model
� Distributed object model
� Components: packaging and interoperability
� Remoting: remote method invocation
IT-Institute/ets13
� Remoting: remote method invocation
� COM, CORBA, Java RMI and EJB
� Microsoft Windows DNA
� Distributed interNet Application Architecture
� DHTML, COM, ASP, Message Queuing
� The interactive Web
What’s Wrong with That?
� Distributed object models don‘t scale to the Internet
� Tightly coupling service and consumer
� Need for homogeneous infrastructure
� Versioning problems
� Limited COM support on non-Windows platforms
IT-Institute/ets14
� Limited COM support on non-Windows platforms
� CORBA is a remoting architecture
� CORBA Component Model
� Server object implementation not portable
� EJB—Enterprise JavaBeans
� The purely interactive Web
Distributed Objects
� Distributed objects were attempted in the 90’s
� RPC hidden behind object facades (ORPC)
� Objects communicate via complex protocols
� Efficient binary message formats used
Interface descriptions specify message details
IT-Institute/ets15
� Interface descriptions specify message details
� Remote components discoverable
� Suffered from complexity, lack of interoperability
DCOM Example
Machine A
RPC (TCP)
Machine B
RPC
NDRIDL
proxyIDLstub
1
2
Communications protocol
Message format
Description language3
Discovery mechanism4
2
IDL
3
request
response
IT-Institute/ets16
RPC (TCP)Registry Registry
discovers machine B
14
RPC Remote procedure call, a protocol that allows a computer program running on one host to cause code to be executed on another host
IDL An interface description language, (alternatively interface definition language) (IDL), is a computer
language or simple syntax for describing the interface of a software component
NDR Network Data Representation (NDR) is an implementation of the presentation layer in the OSI model.
DCOM Distributed Component Object Model is a Microsoft proprietary technology for software components distributed across several networked computers to communicate with each other. It extends Microsoft's COM, and provides the communication substrate under Microsoft's COM+ application server infrastructure. It has been deprecated in favor of Microsoft .NET.
deprecate ['deprɪkeɪt] v tr kirjak 1 tuomita, paheksua
No Standards = No Interoperability
� Today's distributed object technologies differ in every way
� Interoperability not feasible
� Locks other applications (clients) into same technology
IT-Institute/ets17
DCOM CORBA
RPC IIOP
NDR CDR
IDL OMG IDL
RPC Protocol
Message Format
Description
Windows Registry Naming ServiceDiscovery
Java RMI
IIOP or JRMP
Java Ser. Format
Java
RMI Registry or JNDI
Demand for Interoperability
� Heterogeneous environments are here now and in future
� Today's applications require high-levels of interoperability
� Most enterprises are very heterogeneous (EAI)
IT-Institute/ets18
� Most enterprises are very heterogeneous (EAI)
� Integration with other businesses more common (B2Bi)
� Organizations want applications to have broader reach
The Web, A ‘Quick Fix’ for Interoperability
� Distributed applications found interoperability on the Web
� Standard communications protocol: HTTP
� Simple Web server shims hook into existing system
� Much simpler to achieve widespread interoperability
IT-Institute/ets19
� Much simpler to achieve widespread interoperabilityUnix Machine
CORBAWeb Serverport 80
stub
Any client with access
to HTTP
Birth of the Web Application
� Web-enabling led to a whole new breed of applications
� Designed for browser-based clients
� Input format typically application/x-www-form-urlencoded
IT-Institute/ets20
� Output format typically text/html
� Not consumable by other applications, only humans
Browser Web Server
Name=Bob&Age=33...
<html>
<body>
...
Where Web Applications Fell Short
� Web applications not usable as distributed components
� No standard data representation format
� No standard description languages
� No standard discovery mechanism
IT-Institute/ets21
� No standard discovery mechanism (besides Google;-)
An XML-Based Revolution Begins
� Complete revolution of distributed technologies required
� Designed around interoperability from the ground up
� Standard communications protocols
IT-Institute/ets22
� Standard communications protocols
� Standard data representation format
� Standard description languages
� Standard discovery mechanism
� Wire-level message becomes first class citizen
� Wire-level message is true application interface
� Revolution coined "Web Services"
Briefly What are Web Services?
IT-Institute/ets23
What You Should Already Know
Before you continue you should have a basic understanding of the following:
* HTML* XML
Web Services—Basics
� Expose services to other processes
� Internet or intranet
� Black boxes
� Component-like, reusable
IT-Institute/ets24
� Based on the .NET Framework
� ASP.NET Web Services model
� Based on open standards
� HTTP, XML, and SOAP
Web Services—Basics
� Interconnect
� Applications
� Different clients
� (M)any device
Distribution and integration of application logic
IT-Institute/ets25
� Distribution and integration of application logic
� Web Services are loosely coupled
� Enable the programmable Web
� Not just the purely interactive Web
What are Web Services?
� Web services are application components
� Web services communicate using open protocols
� Web services are self-contained and self-describing
IT-Institute/ets26
� Web services can be discovered using UDDI
� Web services can be used by other applications
� XML is the basis for Web services
How Does it Work?
� The basic Web services platform is XML + HTTP.
� The HTTP protocol is the most used Internet protocol.
� XML provides a language which can be used between different platforms and programming languages and still express complex messages and
IT-Institute/ets27
between different platforms and programming languages and still express complex messages and functions.
� Web services platform elements:
� SOAP (Simple Object Access Protocol)
� UDDI (Universal Description, Discovery and Integration)
� WSDL (Web Services Description Language)
� I will explain these topics later in the presentation
The Future of Web services
� There are allready here, but Don't expect too much, too soon.
� The Web Services platform is a simple, interoperable, messaging framework. It still misses many important features like security and routing. But, these pieces will come once SOAP becomes
IT-Institute/ets28
But, these pieces will come once SOAP becomes more advanced.
� Hopefully, Web services can make it much easier for applications to communicate.
Why Web Services?� A few years ago Web services were not fast enough to be interesting.
� Thanks to the major IT development the last few years, most persons and companies have broadband connection and use the web more and more.
� Interoperability has highest priority.
� When all major platforms could access the Web using Web browsers, different platforms could interact. For these platforms to work together Web applications was developed.
� Web applications are simple applications run on the web. These are built around the Web browser standards and can mostly be used by any browser on any platform.
� Web services take Web applications to the next level.
Using Web services your application can publish its function or message to
IT-Institute/ets29
� Using Web services your application can publish its function or message to the rest of the world.
� Web services uses XML to code and decode your data and SOAP to transport it using open protocols.
� With Web services your accounting departments Win 2k servers billing system can connect with your IT suppliers UNIX server.
� Web services have two types of uses.
� Reusable application components� There are things different applications needs very often. So why make these over and over
again?
� Web services can offer application components like currency conversion, weather reports or even language translation as services.
� Ideally, there will only be one type of each application component, and anyone can use it in their application.
� Connect existing software� Web services help solve the interoperability problem by giving different applications a way
to link their data.
What is SOAP?
� The basic Web services platform is XML plus HTTP.
� SOAP stands for Simple Object Access Protocol
� SOAP is a communication protocol
� SOAP is for communication between applications
� SOAP is a format for sending messages
IT-Institute/ets30
� SOAP is designed to communicate via Internet
� SOAP is platform independent
� SOAP is language independent
� SOAP is based on XML
� SOAP is simple and extensible
� SOAP allows you to get around firewalls
� SOAP will be developed as a W3C standard
What is WSDL?
� WSDL is an XML-based language for describing Web services and how to access them.
� WSDL stands for Web Services Description Language
IT-Institute/ets31
� WSDL is written in XML
� WSDL is an XML document
� WSDL is used to describe Web services
� WSDL is also used to locate Web services
� WSDL is not yet a W3C standard
� more about WSDL later
What is UDDI?
� UDDI is a directory service where businesses can register and search for Web services.
� UDDI stands for Universal Description, Discovery and Integration
� UDDI is a directory for storing information about
IT-Institute/ets32
� UDDI is a directory for storing information about web services
� UDDI is a directory of web service interfaces described by WSDL
� UDDI communicates via SOAP
� UDDI is built into the Microsoft .NET platform
Web Services Base Profile (WS-I)
XSD
SOAP
WSDL
UDDI
Portable type system
Endpoint description
Registry of endpoints
IT-Institute/ets33
XML 1.0 + Namespaces
SOAP
Serialized messages
Framing, protocol binding
Wire protocols
Description languages
Discovery mechanisms
See ws-i.org for
more details
Distributed Web Applications
InternetApplication
Devices,
Browsers
Vertical andportal service
App-specific
Access
ApplicationCall Services
IT-Institute/ets34
InternetApplication
OS and
local services
App-specific
Web Service
Building blockWeb Service
Web Services
Contract
Section 2: Architecture
� SOA
� The .NET Framework Architecture
� Programming Model
� Configuration
IT-Institute/ets35
Some little words about Service Orientation and about Service Oriented Architecture
IT-Institute/ets36
Is it a product? Can I buy it?
Mo 10th of April
What is Service Orientation (SO)?
� SO is a paradigm, an approach, NOT a technology or product
� An approach to building Systems using Services which adhere to:
� The 4 Tenets of Service Orientation:
1. Boundaries are Explicit
2. Services are Autonomous
3. Services share Schema and Contract, not Class
IT-Institute/ets37
3. Services share Schema and Contract, not Class
4. Service compatibility is determined based on Policy
http://msdn.microsoft.com/msdnmag/issues/04/01/Indigo/default.aspx
Services and Systems
� A System is a set of deployed Services cooperating in a given task
� Systems are built to change
� Adapt to new services after deployment
� A Service is an entity you interact with via message
IT-Institute/ets38
� A Service is an entity you interact with via message exchanges
� Services are built to last
� Availability and stability are critical
The Microsoft Bet: Services Everywhere
Business
Networks
Personal
Networks
Social
Networks
Customer
Relationship
Networks
Government
Networks
PurchasingPurchasing
HRHR
IT-Institute/ets39
Networks
Value Chain
Networks
Networks
Scientific
Networks
PurchasingPurchasing
FulfillmentFulfillment
Source: Matt Tavis Matt Tavis –– Program ManagerProgram ManagerDistributed Systems Group, MicrosoftDistributed Systems Group, Microsoft
PurchasingPurchasing
HRHR
The Microsoft Bet: Services Everywhere
New YorkNew YorkOperationsOperationsPurchasingPurchasing
HRHR
IT-Institute/ets40
FulfillmentFulfillment
SQL ClusterSQL Cluster
Mobile Mobile Web Web
FrontendFrontend
PurchasingPurchasing
FulfillmentFulfillmentSource: Matt Tavis Matt Tavis –– Program ManagerProgram ManagerDistributed Systems Group, MicrosoftDistributed Systems Group, Microsoft
Why is SO important?
� Provides us an opportunity to formalize how we design and architect systems
� Minimizing hard interdependencies
� Enhancing independence
� Easing delivery of composable business apps
� Enables a high level of interoperability
IT-Institute/ets41
� Enables a high level of interoperability
� Makes explicit some of the core assumptions that compromise today’s systems
� Particularly around boundaries and locality …
SOA definitions
� In March 2006 the OASIS group SOA Reference Modelreleased its first public review draft. This defines the basic principles of SOA that apply at all levels of a service architecture, from business vision through to technical and infrastructure implementation.
Term: Service Oriented Architecture
IT-Institute/ets42
� Term: Service Oriented Architecture
� Term Definition : Service Oriented Architecture is a paradigm for organizing and utilizing distributed capabilities that may be under the control of different ownership domains. It provides a uniform means to offer, discover, interact with and use capabilities to produce desired effects consistent with measurable preconditions and expectations.
SOA is
� a perspective of software architecture that defines the use of services to support the requirements of software users.
� In a SOA environment, nodes on a network make resources available to other participants in the network as independent services that the participants access in a standardized way.
IT-Institute/ets43
SOA vs traditional architectures
� Unlike traditional point-to-point architectures, SOAs comprise loosely coupled, highly interoperable services.
� These services interoperate based on a formal definition(or contract) which is independent from the underlying platform and programming language (e.g., WSDL).
IT-Institute/ets44
� The interface definition encapsulates (hides) the vendor and language-specific implementation.
� A SOA is independent of development technology (such as Java and .NET).
� The software components become very reusable because the interface is standards-compliant and is independent from the underlying implementation of the service logic.
� So, for example, a C# (C Sharp) service could be used by a Java application.
Why SOA?
� Enterprise architects believe that SOAs help businesses respond more quickly and cost-effectively to the changing market conditions they may face by promoting reuse and interconnection of existing IT assets rather than more time consuming and costly reinvention (read! money, money)
� In some respects, SOA can be considered an evolution in architecture, not a revolution.
IT-Institute/ets45
� It captures many of best practices or actual use of the architectures that came before it. To talk in terms of a service-oriented architecture provides a good framework from which to build the dynamic solutions required today.
� In communications systems, for example, there has been little deployment in recent years of solutions that use truly static bindings to talk to other equipment in the network, but by formally embracing a SOA approach, solutions are better positioned to stress the importance of well-defined, highly interoperable interfaces. This should greatly decrease integration costs and allow for much more dynamic solutions to be deployed.
Moving To A Service-Oriented Architecture
� Function oriented
� Build to last
� Prolonged development cycles
FromFrom ToTo
� Coordination oriented
� Build to change
� Incrementally built and deployed
IT-Institute/ets46
� Application silos
� Tightly coupled
� Object oriented
� Known implementation
� Enterprise solutions
� Loosely coupled
� Message oriented
� Abstraction
Source: Microsoft (Modified)
SOA and Web Services
� Most definitions of SOA identify the use of Web Services (i.e. using SOAP or REST) in its implementation.
� Web Services are mainstream now
� However, one can implement SOA using any service-
IT-Institute/ets47
� However, one can implement SOA using any service-based technology.
Era of SOA?
� Today, the value is not defined as much by functionality anymore but by connectivity
� However, we need a new programming model
� Why SOA today?
� We are reaching a new threshold of connectivity and
IT-Institute/ets48
� We are reaching a new threshold of connectivity and computing power
Mainframe Client Server Web SOA
Is somebody already using SOA?
� Here are some ”little” examples:
IT-Institute/ets49
.NET Framework
IT-Institute/ets50
Constructing software in the web era (J2EE, .Net, …)
Client
requestresponse
b2b
Interne
t
Controller
View
IT-Institute/ets51
App Server
DB
CCI CCI CCI
ERP CRM
Model
ERPEAI
CCI: Client Communication Interface
Controller
The .NET Framework Architecture
Microsoft .NET Framework
ASP.NET
Web Forms Web ServicesWindows Forms
Common Language Specification
C++ C# VB.NET etc …
Vis
ual S
tudio
.NE
T
IT-Institute/ets52
System Services
Common Language Runtime
Web Forms Web Services
Services Framework
Base Data Debug ... Vis
ual S
tudio
.NE
T
Introduction.NET Framework Class Library
� One-stop, well-organized class framework
� O/S-independent subset submitted to ECMA
� Standardization backed by Microsoft, HP, Intel
� Subset includes most things covered here
� http://msdn.microsoft.com/net/ecma/
IT-Institute/ets53
� http://msdn.microsoft.com/net/ecma/
� Integrates all current Windows technologies
� Everything in one place – for all languages
� Windows Forms, GDI+, printing for Windows development
� Web Forms, Web Services, networking for web development
� Supports Active Directory, WMI, MSMQ, Services
Benefits
� Cross-language interoperability
� Simplifies multi-language development, effectively providing a common language API
� Supplies a standard set of classes, interfaces, and structures for any language targeting .NET CLR
IT-Institute/ets54
� Consistent and unified programming model
� Replaces many existing COM libraries
� Object-oriented and extensible class library
� Inheritance, polymorphism and method overloading
� Abstract base classes, Interfaces
.NET Framework
Programming model in .NET Framework
Common Language Runtime Execution Engine
MSIL &
MetadataCompiler
Class
LibClass Loader
SourceCode
IT-Institute/ets55
Operating System OS Security
Security checkings
Execution
Managed
native
Code
JIT Compiler
Configuration 1/2
� Concepts and architecture
� Web.Config file
� Hierarchical configuration architecture
� Influence on the actual directory and all subdirectories
IT-Institute/ets56
Root
DirSubDir1
Sub
Dir2
Web.Config
Configuration 2/2
� Web.Config file
� XML based
� File is kept within the application directory
� Default and custom configuration
� Customized Web.Config file
IT-Institute/ets57
� Customized Web.Config file
� Customized configuration section handler
� WebServicesConfiguration class
� Contains configuration information
� <webServices><webServices><webServices><webServices> section in Web.Config
Section 3: Creating Web Services
� Basics of Creating Web Services
� Web Services Infrastructure
� Code and Syntax
� Web Services Namespace
IT-Institute/ets58
� Web Services Namespace
� Publishing
� Discovery
Creating Web Services—Basics
� .asmx file
� Virtual path of ASP.NET Web application
� Stand-alone or part of an existing solution
� Web Services infrastructure
Discovery, description, and wire format
IT-Institute/ets59
� Discovery, description, and wire format
� Microsoft Visual Studio.NET
� Microsoft Visual Basic.NET, C#, and Managed C++
Web Services Infrastructure
Web ServiceWeb Service
Discovery
Request .vsdisco
Return disco (XML)
Description
Request WSDL
IT-Institute/ets60
Web ServiceWeb Service
ClientDescription
Return WSDL (XML)
Protocol
Request .asmx
Return response (XML)
Code and Syntax
� WebService Directive
� Settings for ASP.NET compilers
<%@ WebService Language=<%@ WebService Language=<%@ WebService Language=<%@ WebService Language=valuevaluevaluevalue Class=Class=Class=Class=valuevaluevaluevalue %>%>%>%>
� WebMethod Attribute
� Code Declaration Syntax
IT-Institute/ets61
� Code Declaration Syntax
� Outline
� Inline (in C#)<%@ WebService Language=“C#“ <%@ WebService Language=“C#“ <%@ WebService Language=“C#“ <%@ WebService Language=“C#“
Class=“MathService“ %>Class=“MathService“ %>Class=“MathService“ %>Class=“MathService“ %>using System.Web.Services;using System.Web.Services;using System.Web.Services;using System.Web.Services;public class MathService : WebService {public class MathService : WebService {public class MathService : WebService {public class MathService : WebService {
[ WebMethod ][ WebMethod ][ WebMethod ][ WebMethod ]............
<%@ WebService Class=“MyClass.MyWebService“ %><%@ WebService Class=“MyClass.MyWebService“ %><%@ WebService Class=“MyClass.MyWebService“ %><%@ WebService Class=“MyClass.MyWebService“ %>
Sample .asmx file
<%@ WebService Language=<%@ WebService Language=<%@ WebService Language=<%@ WebService Language=““““C#C#C#C#““““Class=Class=Class=Class=““““MathServiceMathServiceMathServiceMathService““““ %>%>%>%>
using System;using System;using System;using System;using System.Web.Services;using System.Web.Services;using System.Web.Services;using System.Web.Services;
public class MathServicepublic class MathServicepublic class MathServicepublic class MathService{{{{
[WebMethod][WebMethod][WebMethod][WebMethod]
IT-Institute/ets62
[WebMethod][WebMethod][WebMethod][WebMethod]public int Subtract(int a, int b)public int Subtract(int a, int b)public int Subtract(int a, int b)public int Subtract(int a, int b){{{{
return a return a return a return a ---- b;b;b;b;}}}}
public int Subtract_vs(int a, int b)public int Subtract_vs(int a, int b)public int Subtract_vs(int a, int b)public int Subtract_vs(int a, int b){{{{
return b return b return b return b ---- a;a;a;a;}}}}
}}}}
System.Web.Services Namespace 1/2
� WebService
� Base class for Web Services
� Provides base functionality
� For example, WebService.Session
� WebServiceAttribute
IT-Institute/ets63
� WebServiceAttribute
� Optional class to add additional information
� WebMethodAttribute
� [ WebMethod ][ WebMethod ][ WebMethod ][ WebMethod ]
� Makes a method a Web Service method
System.Web.Services Namespace 2/2
� WebServiceBindingAttribute
� Interface in WSDL
� Set of operations
� WebServicesConfiguration
Contains configuration information
IT-Institute/ets64
� Contains configuration information
� <webservices> section in config.web
� WebServicesConfigurationSectionHandler
Demo: Creating A Web Service The Top Scorers in NHL
IT-Institute/ets65
PART I
Publishing a Web Service
� Expose Web Service and Web Service methods
� Create a Web Service proxy and an assembly
� Generate proxy with WSDL tool
� Create an assembly
Enables developers to program against Web Services
IT-Institute/ets66
� Enables developers to program against Web Services
� Publish WSDL contract and HTML description
� Web Service clients
� Can be Web applications or browsers
Discovery of Web Services
� .vsdisco file
� XML-based file
� containing links to resources for retrieving WSDL
� Stored in the server‘s root directory
� Access via URL and dynamic discovery document
IT-Institute/ets67
� Access via URL and dynamic discovery document
� Start discovering with the Disco tool
� Automatically created by Visual Studio.NET
� Global directory of Web Services through UDDI
� Universal Discovery, Description, and Integration (http://www.uddi.org)
Disco.exe
� Discovering Web Services
� Command-line example:
disco /out:disco /out:disco /out:disco /out:locationlocationlocationlocation /domain:/domain:/domain:/domain:domaindomaindomaindomain/username:username /password:/username:username /password:/username:username /password:/username:username /password:passwordpasswordpasswordpasswordhttp://localhost/WebService1/http://localhost/WebService1/http://localhost/WebService1/http://localhost/WebService1/
WebService1.vsdiscoWebService1.vsdiscoWebService1.vsdiscoWebService1.vsdisco
IT-Institute/ets68
WebService1.vsdiscoWebService1.vsdiscoWebService1.vsdiscoWebService1.vsdisco
WSDL.exe
� Web Services Description Tool
� Create client proxy class
� Input:
� URL of a WSDL file, Proxy language, and protocol
Username and password
IT-Institute/ets69
� Username and password
� Output:
� Single source file in specified language, containing:
� Proxy class
� Code for network invocation and marshalling
wsdl /l:C# /protocol:wsdl /l:C# /protocol:wsdl /l:C# /protocol:wsdl /l:C# /protocol:protocol protocol protocol protocol /out:/out:/out:/out:filenamefilenamefilenamefilename/namespace:MathServiceSpace MathService.sdl/namespace:MathServiceSpace MathService.sdl/namespace:MathServiceSpace MathService.sdl/namespace:MathServiceSpace MathService.sdl
Section 4: Using Web Services
� Application Model
� Invoking Web Services
� Consuming Web Services
� Web Services Description Language (WSDL)
IT-Institute/ets70
� Web Services Description Language (WSDL)
Application Model
Web Service
Developer
Web Server 1
Service Appasmx
createWeb Application
Developer
.aspx
create
IT-Institute/ets71
Web Server 2
Service App
Web Form
My application
Proxy
uses
Invoking Web Services
� Web Services are URL addressable
� HTTP request
� Protocols
� HTTP-GET
Method name and arguments in URL
IT-Institute/ets72
� Method name and arguments in URL
� HTTP-POST
� Method name and arguments in POST body
� HTTP-SOAP
� XML grammar for
� Addressing the Web Service
� Returning results
Invoking: HTTP-GET and HTTP-POST
http://http://http://http://serverserverserverserver////applapplapplappl////serviceserviceserviceservice.asmx/.asmx/.asmx/.asmx/methodmethodmethodmethod????paramparamparamparam====valuevaluevaluevalue
� Standard HTTP-GET
� Method name = PATHINFO
� Method arguments = URL query string
� Query string key = parameter name
IT-Institute/ets73
� Multiple parameters
� Only primitive .NET runtime data types
� Result is an XML document
� Any .NET data type
� HTTP-POST
� Similar to GET, but with arguments in the form body
Invoking: HTTP-SOAP
� XML grammar for
� Web Service method, method parameters, results
� Supports all standard .NET data types and value classes
� Additionally: classes, structs, datasets
IT-Institute/ets74
� Class and struct marshalling
� Serialization in XML format
Demo: Using A Web Service The Top Scorers in NHL
IT-Institute/ets75
PART II
Consuming Web Services
� Request without method name and parameters
� HTML description of Web Service
� Service capabilities, methods, protocols
� Web Service can return WSDL
HTTP-GET, HTTP-POST, and HTTP-SOAP
IT-Institute/ets76
� HTTP-GET, HTTP-POST, and HTTP-SOAP
� Request with parameter “?WSDL”
� Formal WSDL description of Web Service
� XML-based grammar
� Can be used as input for WebServiceUtil.exe
WSDL 1/2
� XML grammar, defining:
� Services and ports that communicate via messages
� Binding
� Specify a protocol or a data format for a message or a port
� Extensions for SOAP 1.1, HTTP GET/POST, and MIME
IT-Institute/ets77
� Extensions for SOAP 1.1, HTTP GET/POST, and MIME
� Public description of a Web Service and its content
� WSDL contract
� Core Elements of WSDL
� service, port, and portType
� operations and messages
WSDL 2/2
� An abstract illustration of WSDL elements
service_2
service_1
port_Cport_B
IT-Institute/ets78
service_2
message
port_Aport_D
port
type
message
Sample WSDL file
<definitions name=“<definitions name=“<definitions name=“<definitions name=“serviceNameserviceNameserviceNameserviceName“>“>“>“><import namespace=“http://<import namespace=“http://<import namespace=“http://<import namespace=“http://namespacePathnamespacePathnamespacePathnamespacePath““““
location=“http://location=“http://location=“http://location=“http://pathpathpathpath////fileName.wsdlfileName.wsdlfileName.wsdlfileName.wsdl“>“>“>“>
<portType name=“serviceNamePortType“><portType name=“serviceNamePortType“><portType name=“serviceNamePortType“><portType name=“serviceNamePortType“><operation name=“opName“><operation name=“opName“><operation name=“opName“><operation name=“opName“>
<input message=“msgNameInput“ /><input message=“msgNameInput“ /><input message=“msgNameInput“ /><input message=“msgNameInput“ /><output message=“msgNameOutput“ /><output message=“msgNameOutput“ /><output message=“msgNameOutput“ /><output message=“msgNameOutput“ />
</operation></operation></operation></operation></portType></portType></portType></portType>
IT-Institute/ets79
</portType></portType></portType></portType>
<binding name=“serviceNameSoapBinding“><binding name=“serviceNameSoapBinding“><binding name=“serviceNameSoapBinding“><binding name=“serviceNameSoapBinding“><soap:operation soapAction=“http://...“ /><soap:operation soapAction=“http://...“ /><soap:operation soapAction=“http://...“ /><soap:operation soapAction=“http://...“ />
</binding></binding></binding></binding>
<service name=“<service name=“<service name=“<service name=“serviceNameserviceNameserviceNameserviceName“>“>“>“><port name=“<port name=“<port name=“<port name=“serviceNamePortserviceNamePortserviceNamePortserviceNamePort“ binding=“bindingName“>“ binding=“bindingName“>“ binding=“bindingName“>“ binding=“bindingName“>
<soap:address location="http://..." /><soap:address location="http://..." /><soap:address location="http://..." /><soap:address location="http://..." /></port></port></port></port>
</service></service></service></service>
</definitions></definitions></definitions></definitions>
Section 5: Advanced Web Services
� State Management
� Security
� Transactions
� Execution Model
IT-Institute/ets80
� Execution Model
� Distributed Web Applications
State Management
� Web Services are stateless
� Use, for example, ASP.NET session state
� What is a session?
� Restricted to a logical application
Context in which a user communicates to a server
IT-Institute/ets81
� Context in which a user communicates to a server
� Functionality
� Request identification and classification
� Store data across multiple requests
� Session events
� Release of session data
� .NET State Server
� Reasons for Security
� Prevent access to areas of your Web server
� Record and store secure relevant user data
� Security Configuration
� Authentication, Authorization, Impersonation
Security Model
IT-Institute/ets82
� Authentication, Authorization, Impersonation
� Code Access Security
� Walks the call stack to check authorization
Web
ClientOS
ASP.NET
AppIIS.NET
Web Service Security Today
� Most web services today are not secure
� Most web services published at xmethods.com, for example
� run over http, not https
� don’t bother with authentication at all, or
IT-Institute/ets83
� don’t bother with authentication at all, or
� require user name and password be sent in the clear
� email passwords to clients
� Most secure web services are private
� not published in web service directories
� used by a cooperating group of business partners
� security almost always based on SSL
Using SSL to Secure a Web Service
� Benefits
� most HTTP stacks already support SSL
� SSL provides authentication, integrity, and confidentiality
� XML carried over secure transports doesn’t have to conform to any particular security standard
IT-Institute/ets84
� Drawbacks
� SSL is expensive
� SSL is very session oriented, making load balancing hard
� intermediaries break end-to-end security
� SSL is only widely supported over HTTP, while web services can run over other protocols such as SMTP
The Future: WS-Security
� WS-Security written by Microsoft, IBM, VeriSign
� transferred to Oasis for standardization
� see http://www.oasis-open.org/committees/wss/
� Hoists security up from transport
� allows for end-to-end security in the face of intermediaries
IT-Institute/ets85
� opens the door for alternatives to SSL
� WS-Security focuses on three main security mechanisms
� packaging security tokens in XML
� message integrity
� message confidentiality
WSE Web Services Enhancements
� WSE 1.0 included a sample implementation, Microsoft has now WSE3.0
Web Services Enhancements (WSE) 3.0 is an add-on to
Visual Studio® 2005 and the Microsoft® .NET Framework 2.0.
IT-Institute/ets86
Visual Studio® 2005 and the Microsoft® .NET Framework 2.0.
It provides advanced Web services capabilities, helping to
keep pace with the evolving Web services protocol
specifications.
� Like ASP.NET Web Forms
� COM+ Services
� COM+ automatic transactions
� Atomic, consistent, isolated, durable (ACID)
Transactions 1/2
IT-Institute/ets87
Message
Queuing
Server
SQL Server
Application
COM+transaction context
Web Service
Transactions 2/2
� TransactionOption Property on WebMethod Attribute:
[WebMethod(TransactionOption=[WebMethod(TransactionOption=[WebMethod(TransactionOption=[WebMethod(TransactionOption=TransactionOption.Required)]TransactionOption.Required)]TransactionOption.Required)]TransactionOption.Required)]
� Transaction Modes
� Disabled
IT-Institute/ets88
� Disabled
� Supported
� NotSupported
� Required
� RequiresNew
Execution Model
� Synchronous
� Like any other call to class methods
� Asynchronous
� .NET Framework design pattern
Split the method into two code blocks
IT-Institute/ets89
� Split the method into two code blocks
� BeginMethodName
� EndMethodName
� Client has to call Begin and End
� Pass a callback function or
� WaitHandle class
Using Web Services from UI
� Completely separate layout and processing logic
� Two (or more) files: .aspx and .aspx.cs or .aspx.vb
.aspx.aspx.cs
IT-Institute/ets90
� Files for designers and files for programmers
� Easy maintainability of your application
Sample
<%@ Import Namespace=“MathServiceSpace“ %><%@ Import Namespace=“MathServiceSpace“ %><%@ Import Namespace=“MathServiceSpace“ %><%@ Import Namespace=“MathServiceSpace“ %>
<script language=“C#“ runat="server"><script language=“C#“ runat="server"><script language=“C#“ runat="server"><script language=“C#“ runat="server">public void Submit_Click(Object S, EventArgs E) {public void Submit_Click(Object S, EventArgs E) {public void Submit_Click(Object S, EventArgs E) {public void Submit_Click(Object S, EventArgs E) {
service.Add(operand1, operand2);service.Add(operand1, operand2);service.Add(operand1, operand2);service.Add(operand1, operand2);............
</script></script></script></script>
� .aspx
IT-Institute/ets91
</script></script></script></script>
............
<input OnServerClick=“Submit_Click“ runat="server" <input OnServerClick=“Submit_Click“ runat="server" <input OnServerClick=“Submit_Click“ runat="server" <input OnServerClick=“Submit_Click“ runat="server" ...>...>...>...>
� .asmx file implements method “Add”
� WSDL file, returned by the ASP.NET runtime
Sample� C# proxy class, generated by WSDL.exe
[System.Web.Services.Protocols.[System.Web.Services.Protocols.[System.Web.Services.Protocols.[System.Web.Services.Protocols.SoapDocumentMethodAttribute(“http://tempuri.org/Add“)]SoapDocumentMethodAttribute(“http://tempuri.org/Add“)]SoapDocumentMethodAttribute(“http://tempuri.org/Add“)]SoapDocumentMethodAttribute(“http://tempuri.org/Add“)]
public int Add(int a, int b) public int Add(int a, int b) public int Add(int a, int b) public int Add(int a, int b)
{{{{object[] results =object[] results =object[] results =object[] results =
this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});
IT-Institute/ets92
this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});
return (int)(results[0]);return (int)(results[0]);return (int)(results[0]);return (int)(results[0]);}}}}
............
public System.IAsyncResult BeginAdd(...public System.IAsyncResult BeginAdd(...public System.IAsyncResult BeginAdd(...public System.IAsyncResult BeginAdd(...
public int EndAdd(...public int EndAdd(...public int EndAdd(...public int EndAdd(...
Summary
� .NET Architecture Overview
� Web Services and ASP.NET
� Create and Publish Web Services
� Invoke and Consume Web Services
IT-Institute/ets93
� Invoke and Consume Web Services
� WSDL and Proxy Classes
� Program Against Web Services
If you want to learn more…
� SOA
� http://en.wikipedia.org/wiki/Service-oriented_architecture
� http://msdn.microsoft.com/architecture/
� http://msdn.microsoft.com/architecture/soa/
� http://www.devx.com/ibm/Article/29318
IT-Institute/ets94
� http://www.devx.com/ibm/Article/29318
� Web Services
� http://msdn.microsoft.com/webservices/
� http://www.w3schools.com/webservices
� http://en.wikipedia.org/wiki/Web_services
� Security
� http://msdn.microsoft.com/security/default.aspx
Questions
IT-Institute/ets95
Lecturer’s notes
IT-Institute/ets96
Technical University of Ostrava
� Source: From Wikipedia, the free encyclopedia
� The Technical University of Ostrava (or Vysoká škola báňská –Technická univerzita Ostrava (TUO) in Czech), is universitylocated in the city of Ostrava, Moravian-Silesian Region, Czech Republic.
� The university was founded on 23rd January 1849 in Příbram, but the history dates back to 1716. In 1945 the university was moved to Ostrava. Today the University has a total of about 20.000
IT-Institute/ets97
to Ostrava. Today the University has a total of about 20.000 students and consists of these seven faculties:
� Faculty of Economics
� Faculty of Civil Engineering
� Faculty of Mechanical Engineering
� Faculty of Electrical Engineering and Informatics
� Faculty of Mining and Geology
� Faculty of Metallurgy and Material Engineering
� Faculty of Safety Engineering
� Tomáš Čermák is rector of the university (since 2003).
Faculty of Electrical Engineering and Informatics
� Departments and workplaces FEECS
� 400 - Dean and faculty officers448 - Department of power electronics and electric drives449 - Department of theoretical electrical engineering450 - Department of electrical measurements451 - Department of electrical power engineering452 - Department of general electrical engineering
IT-Institute/ets98
452 - Department of general electrical engineering453 - Department of electrical machines and apparatus454 - Department of electronics and telecommunications455 - Department of measurement and control456 - Department of computer science457 - Department of applied mathematics
Institute of physics
� Department of education on FEECSDepartment of mathematics and descriptive geometry -Department of education on FEECS
Department of Computer Science
� Dr Eduard Sojka, Head of the Department
IT-Institute/ets99
A Simple Web Service
IT-Institute/ets100
ASP.NET QuickStart Tutorial
ASP.NET QuickStart
� What Is It?
� Tutorial, ASP.NET samples
� Syntax, architecture, features
� Installation
Install Microsoft .NET Framework SDK
IT-Institute/ets101
� Install Microsoft .NET Framework SDK
� Visual Studio.NET installation and Components Update
� Installation of Visual Studio.NET is not mandatory
� .NET Framework Samples
� ASP.NET QuickStart� ASP.NET Web Services
� Writing a Simple Web Service
Building a Simple Web Service
� Create your own MathService
� .asmx
� Implement class MathService and Web methods
� Create WSDL file (MathService.wsdl)
� Request to MathService.asmx
IT-Institute/ets102
� Request to MathService.asmx
� Generate C# proxy class (MathService.cs)
� WebServiceUtil.exe
� Generate Assembly (MathService.dll)
� C# compiler “csc”
Consuming a Simple Web Service
� Implement MathService client (MathServiceClient.aspx)
� ASP.NET UI
� Operands � Text box
� Methods � Buttons
IT-Institute/ets103
� Methods � Buttons
� Result � Label
� Event Handler
� OnServerClick
IBM
IT-Institute/ets104
Microsoft
IT-Institute/ets105