Web Services Overview

IT-Institute/ets1

A lecture in Cracow University of TechnologyFaculty of Physics, Mathematics and Computer Science

November 2007

Esa SalmikangasJyväskylä University of Applied SciencesSchool of Information Technology

Introduction

� Finland

� Jyväskylä University of Applied Sciences

� Senior Lecturer Mr Esa Salmikangas

IT-Institute/ets2

Finland Facts

Poland 312,679 km²

Poland 39 million

IT-Institute/ets3

Jyväskylä University of Applied Sciences

School of Information Technology

School of Information Technology

About 1000 studentsDegree Programmes:

AutomationElectronics

Data Network TechnologySoftware Engineering

IT-Institute/ets4

Software Engineering

Media Engineering

IT-Institute/ets5

"Things should be made as simple as possible, but no simpler."

Back to business…

IT-Institute/ets6

Albert Einstein

Objectives

� Background

� Microsoft® .NET Framework

� Microsoft ASP.NET

� Web Services Overview

Web Services and SOA

IT-Institute/ets7

� Web Services and SOA

� Concepts and Architecture

� Design and Create Web Services

� Consume Web Services

Contents

� Section 1: Overview

� Section 2: Architecture

� What is SOA Service Orientated Architecture

� Microsoft .NET framework and ASP.NET

� Section 3: Creating Web Services

IT-Institute/ets8

� Section 3: Creating Web Services

� Section 4: Using Web Services

� Invoking and consuming Web Services

� Section 5: Advanced Web Services

� State Management, Security, and Transactions

� Summary

Section 1: Overview

� “Looking Back ...“

� What are Web Services?

� Distributed Web applications

IT-Institute/ets9

Definitions

� The W3C defines a Web service as "a software system designed to support interoperable Machine to Machine interaction over a network."

� Web services are frequently just Web APIs that can be accessed over a network, such as the Internet, and executed on a remote system hosting the

IT-Institute/ets10

and executed on a remote system hosting the requested services.

Conceptualize Your Business� Remember! in business it is always the question of

money, so a new technology is only one tool among many other tools to be better in competition.

� SOA or Web Service is not THE answer for business how we “win”, it is AN answer how we will “survive”.

� So before your start to solve technology, you should

IT-Institute/ets11

� So before your start to solve technology, you should think

� How do you want to think about your own company and its capabilities?

� How do you want your trading partners to think about you?

� What is the view of your capabilities that you wish to publish and to whom ?

� Who owns these definitions ?

� Who owns the operation of these capabilities ?

Where are we coming from…

Workflow

Office

1980 1990 2000 2010

XMLWS

WebLANInternetSOA

IT-Institute/ets12

EDI

Mainframe

?Business

Integration

J2EE.NET

Client / Server

Web/Portal

EAI

B2B

BPM

WS

Looking Back ...

� Traditional distributed computing

� Client/server model

� Distributed object model

� Components: packaging and interoperability

� Remoting: remote method invocation

IT-Institute/ets13

� Remoting: remote method invocation

� COM, CORBA, Java RMI and EJB

� Microsoft Windows DNA

� Distributed interNet Application Architecture

� DHTML, COM, ASP, Message Queuing

� The interactive Web

What’s Wrong with That?

� Distributed object models don‘t scale to the Internet

� Tightly coupling service and consumer

� Need for homogeneous infrastructure

� Versioning problems

� Limited COM support on non-Windows platforms

IT-Institute/ets14

� Limited COM support on non-Windows platforms

� CORBA is a remoting architecture

� CORBA Component Model

� Server object implementation not portable

� EJB—Enterprise JavaBeans

� The purely interactive Web

Distributed Objects

� Distributed objects were attempted in the 90’s

� RPC hidden behind object facades (ORPC)

� Objects communicate via complex protocols

� Efficient binary message formats used

Interface descriptions specify message details

IT-Institute/ets15

� Interface descriptions specify message details

� Remote components discoverable

� Suffered from complexity, lack of interoperability

DCOM Example

Machine A

RPC (TCP)

Machine B

RPC

NDRIDL

proxyIDLstub

1

2

Communications protocol

Message format

Description language3

Discovery mechanism4

2

IDL

3

request

response

IT-Institute/ets16

RPC (TCP)Registry Registry

discovers machine B

14

RPC Remote procedure call, a protocol that allows a computer program running on one host to cause code to be executed on another host

IDL An interface description language, (alternatively interface definition language) (IDL), is a computer

language or simple syntax for describing the interface of a software component

NDR Network Data Representation (NDR) is an implementation of the presentation layer in the OSI model.

DCOM Distributed Component Object Model is a Microsoft proprietary technology for software components distributed across several networked computers to communicate with each other. It extends Microsoft's COM, and provides the communication substrate under Microsoft's COM+ application server infrastructure. It has been deprecated in favor of Microsoft .NET.

deprecate ['deprɪkeɪt] v tr kirjak 1 tuomita, paheksua

No Standards = No Interoperability

� Today's distributed object technologies differ in every way

� Interoperability not feasible

� Locks other applications (clients) into same technology

IT-Institute/ets17

DCOM CORBA

RPC IIOP

NDR CDR

IDL OMG IDL

RPC Protocol

Message Format

Description

Windows Registry Naming ServiceDiscovery

Java RMI

IIOP or JRMP

Java Ser. Format

Java

RMI Registry or JNDI

Demand for Interoperability

� Heterogeneous environments are here now and in future

� Today's applications require high-levels of interoperability

� Most enterprises are very heterogeneous (EAI)

IT-Institute/ets18

� Most enterprises are very heterogeneous (EAI)

� Integration with other businesses more common (B2Bi)

� Organizations want applications to have broader reach

The Web, A ‘Quick Fix’ for Interoperability

� Distributed applications found interoperability on the Web

� Standard communications protocol: HTTP

� Simple Web server shims hook into existing system

� Much simpler to achieve widespread interoperability

IT-Institute/ets19

� Much simpler to achieve widespread interoperabilityUnix Machine

CORBAWeb Serverport 80

stub

Any client with access

to HTTP

Birth of the Web Application

� Web-enabling led to a whole new breed of applications

� Designed for browser-based clients

� Input format typically application/x-www-form-urlencoded

IT-Institute/ets20

� Output format typically text/html

� Not consumable by other applications, only humans

Browser Web Server

Name=Bob&Age=33...

<html>

<body>

...

Where Web Applications Fell Short

� Web applications not usable as distributed components

� No standard data representation format

� No standard description languages

� No standard discovery mechanism

IT-Institute/ets21

� No standard discovery mechanism (besides Google;-)

An XML-Based Revolution Begins

� Complete revolution of distributed technologies required

� Designed around interoperability from the ground up

� Standard communications protocols

IT-Institute/ets22

� Standard communications protocols

� Standard data representation format

� Standard description languages

� Standard discovery mechanism

� Wire-level message becomes first class citizen

� Wire-level message is true application interface

� Revolution coined "Web Services"

Briefly What are Web Services?

IT-Institute/ets23

What You Should Already Know

Before you continue you should have a basic understanding of the following:

* HTML* XML

Web Services—Basics

� Expose services to other processes

� Internet or intranet

� Black boxes

� Component-like, reusable

IT-Institute/ets24

� Based on the .NET Framework

� ASP.NET Web Services model

� Based on open standards

� HTTP, XML, and SOAP

Web Services—Basics

� Interconnect

� Applications

� Different clients

� (M)any device

Distribution and integration of application logic

IT-Institute/ets25

� Distribution and integration of application logic

� Web Services are loosely coupled

� Enable the programmable Web

� Not just the purely interactive Web

What are Web Services?

� Web services are application components

� Web services communicate using open protocols

� Web services are self-contained and self-describing

IT-Institute/ets26

� Web services can be discovered using UDDI

� Web services can be used by other applications

� XML is the basis for Web services

How Does it Work?

� The basic Web services platform is XML + HTTP.

� The HTTP protocol is the most used Internet protocol.

� XML provides a language which can be used between different platforms and programming languages and still express complex messages and

IT-Institute/ets27

between different platforms and programming languages and still express complex messages and functions.

� Web services platform elements:

� SOAP (Simple Object Access Protocol)

� UDDI (Universal Description, Discovery and Integration)

� WSDL (Web Services Description Language)

� I will explain these topics later in the presentation

The Future of Web services

� There are allready here, but Don't expect too much, too soon.

� The Web Services platform is a simple, interoperable, messaging framework. It still misses many important features like security and routing. But, these pieces will come once SOAP becomes

IT-Institute/ets28

But, these pieces will come once SOAP becomes more advanced.

� Hopefully, Web services can make it much easier for applications to communicate.

Why Web Services?� A few years ago Web services were not fast enough to be interesting.

� Thanks to the major IT development the last few years, most persons and companies have broadband connection and use the web more and more.

� Interoperability has highest priority.

� When all major platforms could access the Web using Web browsers, different platforms could interact. For these platforms to work together Web applications was developed.

� Web applications are simple applications run on the web. These are built around the Web browser standards and can mostly be used by any browser on any platform.

� Web services take Web applications to the next level.

Using Web services your application can publish its function or message to

IT-Institute/ets29

� Using Web services your application can publish its function or message to the rest of the world.

� Web services uses XML to code and decode your data and SOAP to transport it using open protocols.

� With Web services your accounting departments Win 2k servers billing system can connect with your IT suppliers UNIX server.

� Web services have two types of uses.

� Reusable application components� There are things different applications needs very often. So why make these over and over

again?

� Web services can offer application components like currency conversion, weather reports or even language translation as services.

� Ideally, there will only be one type of each application component, and anyone can use it in their application.

� Connect existing software� Web services help solve the interoperability problem by giving different applications a way

to link their data.

What is SOAP?

� The basic Web services platform is XML plus HTTP.

� SOAP stands for Simple Object Access Protocol

� SOAP is a communication protocol

� SOAP is for communication between applications

� SOAP is a format for sending messages

IT-Institute/ets30

� SOAP is designed to communicate via Internet

� SOAP is platform independent

� SOAP is language independent

� SOAP is based on XML

� SOAP is simple and extensible

� SOAP allows you to get around firewalls

� SOAP will be developed as a W3C standard

What is WSDL?

� WSDL is an XML-based language for describing Web services and how to access them.

� WSDL stands for Web Services Description Language

IT-Institute/ets31

� WSDL is written in XML

� WSDL is an XML document

� WSDL is used to describe Web services

� WSDL is also used to locate Web services

� WSDL is not yet a W3C standard

� more about WSDL later

What is UDDI?

� UDDI is a directory service where businesses can register and search for Web services.

� UDDI stands for Universal Description, Discovery and Integration

� UDDI is a directory for storing information about

IT-Institute/ets32

� UDDI is a directory for storing information about web services

� UDDI is a directory of web service interfaces described by WSDL

� UDDI communicates via SOAP

� UDDI is built into the Microsoft .NET platform

Web Services Base Profile (WS-I)

XSD

SOAP

WSDL

UDDI

Portable type system

Endpoint description

Registry of endpoints

IT-Institute/ets33

XML 1.0 + Namespaces

SOAP

Serialized messages

Framing, protocol binding

Wire protocols

Description languages

Discovery mechanisms

See ws-i.org for

more details

Distributed Web Applications

InternetApplication

Devices,

Browsers

Vertical andportal service

App-specific

Access

ApplicationCall Services

IT-Institute/ets34

InternetApplication

OS and

local services

App-specific

Web Service

Building blockWeb Service

Web Services

Contract

Section 2: Architecture

� SOA

� The .NET Framework Architecture

� Programming Model

� Configuration

IT-Institute/ets35

Some little words about Service Orientation and about Service Oriented Architecture

IT-Institute/ets36

Is it a product? Can I buy it?

Mo 10th of April

What is Service Orientation (SO)?

� SO is a paradigm, an approach, NOT a technology or product

� An approach to building Systems using Services which adhere to:

� The 4 Tenets of Service Orientation:

1. Boundaries are Explicit

2. Services are Autonomous

3. Services share Schema and Contract, not Class

IT-Institute/ets37

3. Services share Schema and Contract, not Class

4. Service compatibility is determined based on Policy

http://msdn.microsoft.com/msdnmag/issues/04/01/Indigo/default.aspx

Services and Systems

� A System is a set of deployed Services cooperating in a given task

� Systems are built to change

� Adapt to new services after deployment

� A Service is an entity you interact with via message

IT-Institute/ets38

� A Service is an entity you interact with via message exchanges

� Services are built to last

� Availability and stability are critical

The Microsoft Bet: Services Everywhere

Business

Networks

Personal

Networks

Social

Networks

Customer

Relationship

Networks

Government

Networks

PurchasingPurchasing

HRHR

IT-Institute/ets39

Networks

Value Chain

Networks

Networks

Scientific

Networks

PurchasingPurchasing

FulfillmentFulfillment

Source: Matt Tavis Matt Tavis –– Program ManagerProgram ManagerDistributed Systems Group, MicrosoftDistributed Systems Group, Microsoft

PurchasingPurchasing

HRHR

The Microsoft Bet: Services Everywhere

New YorkNew YorkOperationsOperationsPurchasingPurchasing

HRHR

IT-Institute/ets40

FulfillmentFulfillment

SQL ClusterSQL Cluster

Mobile Mobile Web Web

FrontendFrontend

PurchasingPurchasing

FulfillmentFulfillmentSource: Matt Tavis Matt Tavis –– Program ManagerProgram ManagerDistributed Systems Group, MicrosoftDistributed Systems Group, Microsoft

Why is SO important?

� Provides us an opportunity to formalize how we design and architect systems

� Minimizing hard interdependencies

� Enhancing independence

� Easing delivery of composable business apps

� Enables a high level of interoperability

IT-Institute/ets41

� Enables a high level of interoperability

� Makes explicit some of the core assumptions that compromise today’s systems

� Particularly around boundaries and locality …

SOA definitions

� In March 2006 the OASIS group SOA Reference Modelreleased its first public review draft. This defines the basic principles of SOA that apply at all levels of a service architecture, from business vision through to technical and infrastructure implementation.

Term: Service Oriented Architecture

IT-Institute/ets42

� Term: Service Oriented Architecture

� Term Definition : Service Oriented Architecture is a paradigm for organizing and utilizing distributed capabilities that may be under the control of different ownership domains. It provides a uniform means to offer, discover, interact with and use capabilities to produce desired effects consistent with measurable preconditions and expectations.

SOA is

� a perspective of software architecture that defines the use of services to support the requirements of software users.

� In a SOA environment, nodes on a network make resources available to other participants in the network as independent services that the participants access in a standardized way.

IT-Institute/ets43

SOA vs traditional architectures

� Unlike traditional point-to-point architectures, SOAs comprise loosely coupled, highly interoperable services.

� These services interoperate based on a formal definition(or contract) which is independent from the underlying platform and programming language (e.g., WSDL).

IT-Institute/ets44

� The interface definition encapsulates (hides) the vendor and language-specific implementation.

� A SOA is independent of development technology (such as Java and .NET).

� The software components become very reusable because the interface is standards-compliant and is independent from the underlying implementation of the service logic.

� So, for example, a C# (C Sharp) service could be used by a Java application.

Why SOA?

� Enterprise architects believe that SOAs help businesses respond more quickly and cost-effectively to the changing market conditions they may face by promoting reuse and interconnection of existing IT assets rather than more time consuming and costly reinvention (read! money, money)

� In some respects, SOA can be considered an evolution in architecture, not a revolution.

IT-Institute/ets45

� It captures many of best practices or actual use of the architectures that came before it. To talk in terms of a service-oriented architecture provides a good framework from which to build the dynamic solutions required today.

� In communications systems, for example, there has been little deployment in recent years of solutions that use truly static bindings to talk to other equipment in the network, but by formally embracing a SOA approach, solutions are better positioned to stress the importance of well-defined, highly interoperable interfaces. This should greatly decrease integration costs and allow for much more dynamic solutions to be deployed.

Moving To A Service-Oriented Architecture

� Function oriented

� Build to last

� Prolonged development cycles

FromFrom ToTo

� Coordination oriented

� Build to change

� Incrementally built and deployed

IT-Institute/ets46

� Application silos

� Tightly coupled

� Object oriented

� Known implementation

� Enterprise solutions

� Loosely coupled

� Message oriented

� Abstraction

Source: Microsoft (Modified)

SOA and Web Services

� Most definitions of SOA identify the use of Web Services (i.e. using SOAP or REST) in its implementation.

� Web Services are mainstream now

� However, one can implement SOA using any service-

IT-Institute/ets47

� However, one can implement SOA using any service-based technology.

Era of SOA?

� Today, the value is not defined as much by functionality anymore but by connectivity

� However, we need a new programming model

� Why SOA today?

� We are reaching a new threshold of connectivity and

IT-Institute/ets48

� We are reaching a new threshold of connectivity and computing power

Mainframe Client Server Web SOA

Is somebody already using SOA?

� Here are some ”little” examples:

IT-Institute/ets49

.NET Framework

IT-Institute/ets50

Constructing software in the web era (J2EE, .Net, …)

Client

requestresponse

b2b

Interne

t

Controller

View

IT-Institute/ets51

App Server

DB

CCI CCI CCI

ERP CRM

Model

ERPEAI

CCI: Client Communication Interface

Controller

The .NET Framework Architecture

Microsoft .NET Framework

ASP.NET

Web Forms Web ServicesWindows Forms

Common Language Specification

C++ C# VB.NET etc …

Vis

ual S

tudio

.NE

T

IT-Institute/ets52

System Services

Common Language Runtime

Web Forms Web Services

Services Framework

Base Data Debug ... Vis

ual S

tudio

.NE

T

Introduction.NET Framework Class Library

� One-stop, well-organized class framework

� O/S-independent subset submitted to ECMA

� Standardization backed by Microsoft, HP, Intel

� Subset includes most things covered here

� http://msdn.microsoft.com/net/ecma/

IT-Institute/ets53

� http://msdn.microsoft.com/net/ecma/

� Integrates all current Windows technologies

� Everything in one place – for all languages

� Windows Forms, GDI+, printing for Windows development

� Web Forms, Web Services, networking for web development

� Supports Active Directory, WMI, MSMQ, Services

Benefits

� Cross-language interoperability

� Simplifies multi-language development, effectively providing a common language API

� Supplies a standard set of classes, interfaces, and structures for any language targeting .NET CLR

IT-Institute/ets54

� Consistent and unified programming model

� Replaces many existing COM libraries

� Object-oriented and extensible class library

� Inheritance, polymorphism and method overloading

� Abstract base classes, Interfaces

.NET Framework

Programming model in .NET Framework

Common Language Runtime Execution Engine

MSIL &

MetadataCompiler

Class

LibClass Loader

SourceCode

IT-Institute/ets55

Operating System OS Security

Security checkings

Execution

Managed

native

Code

JIT Compiler

Configuration 1/2

� Concepts and architecture

� Web.Config file

� Hierarchical configuration architecture

� Influence on the actual directory and all subdirectories

IT-Institute/ets56

Root

DirSubDir1

Sub

Dir2

Web.Config

Configuration 2/2

� Web.Config file

� XML based

� File is kept within the application directory

� Default and custom configuration

� Customized Web.Config file

IT-Institute/ets57

� Customized Web.Config file

� Customized configuration section handler

� WebServicesConfiguration class

� Contains configuration information

� <webServices><webServices><webServices><webServices> section in Web.Config

Section 3: Creating Web Services

� Basics of Creating Web Services

� Web Services Infrastructure

� Code and Syntax

� Web Services Namespace

IT-Institute/ets58

� Web Services Namespace

� Publishing

� Discovery

Creating Web Services—Basics

� .asmx file

� Virtual path of ASP.NET Web application

� Stand-alone or part of an existing solution

� Web Services infrastructure

Discovery, description, and wire format

IT-Institute/ets59

� Discovery, description, and wire format

� Microsoft Visual Studio.NET

� Microsoft Visual Basic.NET, C#, and Managed C++

Web Services Infrastructure

Web ServiceWeb Service

Discovery

Request .vsdisco

Return disco (XML)

Description

Request WSDL

IT-Institute/ets60

Web ServiceWeb Service

ClientDescription

Return WSDL (XML)

Protocol

Request .asmx

Return response (XML)

Code and Syntax

� WebService Directive

� Settings for ASP.NET compilers

<%@ WebService Language=<%@ WebService Language=<%@ WebService Language=<%@ WebService Language=valuevaluevaluevalue Class=Class=Class=Class=valuevaluevaluevalue %>%>%>%>

� WebMethod Attribute

� Code Declaration Syntax

IT-Institute/ets61

� Code Declaration Syntax

� Outline

� Inline (in C#)<%@ WebService Language=“C#“ <%@ WebService Language=“C#“ <%@ WebService Language=“C#“ <%@ WebService Language=“C#“

Class=“MathService“ %>Class=“MathService“ %>Class=“MathService“ %>Class=“MathService“ %>using System.Web.Services;using System.Web.Services;using System.Web.Services;using System.Web.Services;public class MathService : WebService {public class MathService : WebService {public class MathService : WebService {public class MathService : WebService {

[ WebMethod ][ WebMethod ][ WebMethod ][ WebMethod ]............

<%@ WebService Class=“MyClass.MyWebService“ %><%@ WebService Class=“MyClass.MyWebService“ %><%@ WebService Class=“MyClass.MyWebService“ %><%@ WebService Class=“MyClass.MyWebService“ %>

Sample .asmx file

<%@ WebService Language=<%@ WebService Language=<%@ WebService Language=<%@ WebService Language=““““C#C#C#C#““““Class=Class=Class=Class=““““MathServiceMathServiceMathServiceMathService““““ %>%>%>%>

using System;using System;using System;using System;using System.Web.Services;using System.Web.Services;using System.Web.Services;using System.Web.Services;

public class MathServicepublic class MathServicepublic class MathServicepublic class MathService{{{{

[WebMethod][WebMethod][WebMethod][WebMethod]

IT-Institute/ets62

[WebMethod][WebMethod][WebMethod][WebMethod]public int Subtract(int a, int b)public int Subtract(int a, int b)public int Subtract(int a, int b)public int Subtract(int a, int b){{{{

return a return a return a return a ---- b;b;b;b;}}}}

public int Subtract_vs(int a, int b)public int Subtract_vs(int a, int b)public int Subtract_vs(int a, int b)public int Subtract_vs(int a, int b){{{{

return b return b return b return b ---- a;a;a;a;}}}}

}}}}

System.Web.Services Namespace 1/2

� WebService

� Base class for Web Services

� Provides base functionality

� For example, WebService.Session

� WebServiceAttribute

IT-Institute/ets63

� WebServiceAttribute

� Optional class to add additional information

� WebMethodAttribute

� [ WebMethod ][ WebMethod ][ WebMethod ][ WebMethod ]

� Makes a method a Web Service method

System.Web.Services Namespace 2/2

� WebServiceBindingAttribute

� Interface in WSDL

� Set of operations

� WebServicesConfiguration

Contains configuration information

IT-Institute/ets64

� Contains configuration information

� <webservices> section in config.web

� WebServicesConfigurationSectionHandler

Demo: Creating A Web Service The Top Scorers in NHL

IT-Institute/ets65

PART I

Publishing a Web Service

� Expose Web Service and Web Service methods

� Create a Web Service proxy and an assembly

� Generate proxy with WSDL tool

� Create an assembly

Enables developers to program against Web Services

IT-Institute/ets66

� Enables developers to program against Web Services

� Publish WSDL contract and HTML description

� Web Service clients

� Can be Web applications or browsers

Discovery of Web Services

� .vsdisco file

� XML-based file

� containing links to resources for retrieving WSDL

� Stored in the server‘s root directory

� Access via URL and dynamic discovery document

IT-Institute/ets67

� Access via URL and dynamic discovery document

� Start discovering with the Disco tool

� Automatically created by Visual Studio.NET

� Global directory of Web Services through UDDI

� Universal Discovery, Description, and Integration (http://www.uddi.org)

Disco.exe

� Discovering Web Services

� Command-line example:

disco /out:disco /out:disco /out:disco /out:locationlocationlocationlocation /domain:/domain:/domain:/domain:domaindomaindomaindomain/username:username /password:/username:username /password:/username:username /password:/username:username /password:passwordpasswordpasswordpasswordhttp://localhost/WebService1/http://localhost/WebService1/http://localhost/WebService1/http://localhost/WebService1/

WebService1.vsdiscoWebService1.vsdiscoWebService1.vsdiscoWebService1.vsdisco

IT-Institute/ets68

WebService1.vsdiscoWebService1.vsdiscoWebService1.vsdiscoWebService1.vsdisco

WSDL.exe

� Web Services Description Tool

� Create client proxy class

� Input:

� URL of a WSDL file, Proxy language, and protocol

Username and password

IT-Institute/ets69

� Username and password

� Output:

� Single source file in specified language, containing:

� Proxy class

� Code for network invocation and marshalling

wsdl /l:C# /protocol:wsdl /l:C# /protocol:wsdl /l:C# /protocol:wsdl /l:C# /protocol:protocol protocol protocol protocol /out:/out:/out:/out:filenamefilenamefilenamefilename/namespace:MathServiceSpace MathService.sdl/namespace:MathServiceSpace MathService.sdl/namespace:MathServiceSpace MathService.sdl/namespace:MathServiceSpace MathService.sdl

Section 4: Using Web Services

� Application Model

� Invoking Web Services

� Consuming Web Services

� Web Services Description Language (WSDL)

IT-Institute/ets70

� Web Services Description Language (WSDL)

Application Model

Web Service

Developer

Web Server 1

Service Appasmx

createWeb Application

Developer

.aspx

create

IT-Institute/ets71

Web Server 2

Service App

Web Form

My application

Proxy

uses

Invoking Web Services

� Web Services are URL addressable

� HTTP request

� Protocols

� HTTP-GET

Method name and arguments in URL

IT-Institute/ets72

� Method name and arguments in URL

� HTTP-POST

� Method name and arguments in POST body

� HTTP-SOAP

� XML grammar for

� Addressing the Web Service

� Returning results

Invoking: HTTP-GET and HTTP-POST

http://http://http://http://serverserverserverserver////applapplapplappl////serviceserviceserviceservice.asmx/.asmx/.asmx/.asmx/methodmethodmethodmethod????paramparamparamparam====valuevaluevaluevalue

� Standard HTTP-GET

� Method name = PATHINFO

� Method arguments = URL query string

� Query string key = parameter name

IT-Institute/ets73

� Multiple parameters

� Only primitive .NET runtime data types

� Result is an XML document

� Any .NET data type

� HTTP-POST

� Similar to GET, but with arguments in the form body

Invoking: HTTP-SOAP

� XML grammar for

� Web Service method, method parameters, results

� Supports all standard .NET data types and value classes

� Additionally: classes, structs, datasets

IT-Institute/ets74

� Class and struct marshalling

� Serialization in XML format

Demo: Using A Web Service The Top Scorers in NHL

IT-Institute/ets75

PART II

Consuming Web Services

� Request without method name and parameters

� HTML description of Web Service

� Service capabilities, methods, protocols

� Web Service can return WSDL

HTTP-GET, HTTP-POST, and HTTP-SOAP

IT-Institute/ets76

� HTTP-GET, HTTP-POST, and HTTP-SOAP

� Request with parameter “?WSDL”

� Formal WSDL description of Web Service

� XML-based grammar

� Can be used as input for WebServiceUtil.exe

WSDL 1/2

� XML grammar, defining:

� Services and ports that communicate via messages

� Binding

� Specify a protocol or a data format for a message or a port

� Extensions for SOAP 1.1, HTTP GET/POST, and MIME

IT-Institute/ets77

� Extensions for SOAP 1.1, HTTP GET/POST, and MIME

� Public description of a Web Service and its content

� WSDL contract

� Core Elements of WSDL

� service, port, and portType

� operations and messages

WSDL 2/2

� An abstract illustration of WSDL elements

service_2

service_1

port_Cport_B

IT-Institute/ets78

service_2

message

port_Aport_D

port

type

message

Sample WSDL file

<definitions name=“<definitions name=“<definitions name=“<definitions name=“serviceNameserviceNameserviceNameserviceName“>“>“>“><import namespace=“http://<import namespace=“http://<import namespace=“http://<import namespace=“http://namespacePathnamespacePathnamespacePathnamespacePath““““

location=“http://location=“http://location=“http://location=“http://pathpathpathpath////fileName.wsdlfileName.wsdlfileName.wsdlfileName.wsdl“>“>“>“>

<portType name=“serviceNamePortType“><portType name=“serviceNamePortType“><portType name=“serviceNamePortType“><portType name=“serviceNamePortType“><operation name=“opName“><operation name=“opName“><operation name=“opName“><operation name=“opName“>

<input message=“msgNameInput“ /><input message=“msgNameInput“ /><input message=“msgNameInput“ /><input message=“msgNameInput“ /><output message=“msgNameOutput“ /><output message=“msgNameOutput“ /><output message=“msgNameOutput“ /><output message=“msgNameOutput“ />

</operation></operation></operation></operation></portType></portType></portType></portType>

IT-Institute/ets79

</portType></portType></portType></portType>

<binding name=“serviceNameSoapBinding“><binding name=“serviceNameSoapBinding“><binding name=“serviceNameSoapBinding“><binding name=“serviceNameSoapBinding“><soap:operation soapAction=“http://...“ /><soap:operation soapAction=“http://...“ /><soap:operation soapAction=“http://...“ /><soap:operation soapAction=“http://...“ />

</binding></binding></binding></binding>

<service name=“<service name=“<service name=“<service name=“serviceNameserviceNameserviceNameserviceName“>“>“>“><port name=“<port name=“<port name=“<port name=“serviceNamePortserviceNamePortserviceNamePortserviceNamePort“ binding=“bindingName“>“ binding=“bindingName“>“ binding=“bindingName“>“ binding=“bindingName“>

<soap:address location="http://..." /><soap:address location="http://..." /><soap:address location="http://..." /><soap:address location="http://..." /></port></port></port></port>

</service></service></service></service>

</definitions></definitions></definitions></definitions>

Section 5: Advanced Web Services

� State Management

� Security

� Transactions

� Execution Model

IT-Institute/ets80

� Execution Model

� Distributed Web Applications

State Management

� Web Services are stateless

� Use, for example, ASP.NET session state

� What is a session?

� Restricted to a logical application

Context in which a user communicates to a server

IT-Institute/ets81

� Context in which a user communicates to a server

� Functionality

� Request identification and classification

� Store data across multiple requests

� Session events

� Release of session data

� .NET State Server

� Reasons for Security

� Prevent access to areas of your Web server

� Record and store secure relevant user data

� Security Configuration

� Authentication, Authorization, Impersonation

Security Model

IT-Institute/ets82

� Authentication, Authorization, Impersonation

� Code Access Security

� Walks the call stack to check authorization

Web

ClientOS

ASP.NET

AppIIS.NET

Web Service Security Today

� Most web services today are not secure

� Most web services published at xmethods.com, for example

� run over http, not https

� don’t bother with authentication at all, or

IT-Institute/ets83

� don’t bother with authentication at all, or

� require user name and password be sent in the clear

� email passwords to clients

� Most secure web services are private

� not published in web service directories

� used by a cooperating group of business partners

� security almost always based on SSL

Using SSL to Secure a Web Service

� Benefits

� most HTTP stacks already support SSL

� SSL provides authentication, integrity, and confidentiality

� XML carried over secure transports doesn’t have to conform to any particular security standard

IT-Institute/ets84

� Drawbacks

� SSL is expensive

� SSL is very session oriented, making load balancing hard

� intermediaries break end-to-end security

� SSL is only widely supported over HTTP, while web services can run over other protocols such as SMTP

The Future: WS-Security

� WS-Security written by Microsoft, IBM, VeriSign

� transferred to Oasis for standardization

� see http://www.oasis-open.org/committees/wss/

� Hoists security up from transport

� allows for end-to-end security in the face of intermediaries

IT-Institute/ets85

� opens the door for alternatives to SSL

� WS-Security focuses on three main security mechanisms

� packaging security tokens in XML

� message integrity

� message confidentiality

WSE Web Services Enhancements

� WSE 1.0 included a sample implementation, Microsoft has now WSE3.0

Web Services Enhancements (WSE) 3.0 is an add-on to

Visual Studio® 2005 and the Microsoft® .NET Framework 2.0.

IT-Institute/ets86

Visual Studio® 2005 and the Microsoft® .NET Framework 2.0.

It provides advanced Web services capabilities, helping to

keep pace with the evolving Web services protocol

specifications.

� Like ASP.NET Web Forms

� COM+ Services

� COM+ automatic transactions

� Atomic, consistent, isolated, durable (ACID)

Transactions 1/2

IT-Institute/ets87

Message

Queuing

Server

SQL Server

Application

COM+transaction context

Web Service

Transactions 2/2

� TransactionOption Property on WebMethod Attribute:

[WebMethod(TransactionOption=[WebMethod(TransactionOption=[WebMethod(TransactionOption=[WebMethod(TransactionOption=TransactionOption.Required)]TransactionOption.Required)]TransactionOption.Required)]TransactionOption.Required)]

� Transaction Modes

� Disabled

IT-Institute/ets88

� Disabled

� Supported

� NotSupported

� Required

� RequiresNew

Execution Model

� Synchronous

� Like any other call to class methods

� Asynchronous

� .NET Framework design pattern

Split the method into two code blocks

IT-Institute/ets89

� Split the method into two code blocks

� BeginMethodName

� EndMethodName

� Client has to call Begin and End

� Pass a callback function or

� WaitHandle class

Using Web Services from UI

� Completely separate layout and processing logic

� Two (or more) files: .aspx and .aspx.cs or .aspx.vb

.aspx.aspx.cs

IT-Institute/ets90

� Files for designers and files for programmers

� Easy maintainability of your application

Sample

<%@ Import Namespace=“MathServiceSpace“ %><%@ Import Namespace=“MathServiceSpace“ %><%@ Import Namespace=“MathServiceSpace“ %><%@ Import Namespace=“MathServiceSpace“ %>

<script language=“C#“ runat="server"><script language=“C#“ runat="server"><script language=“C#“ runat="server"><script language=“C#“ runat="server">public void Submit_Click(Object S, EventArgs E) {public void Submit_Click(Object S, EventArgs E) {public void Submit_Click(Object S, EventArgs E) {public void Submit_Click(Object S, EventArgs E) {

service.Add(operand1, operand2);service.Add(operand1, operand2);service.Add(operand1, operand2);service.Add(operand1, operand2);............

</script></script></script></script>

� .aspx

IT-Institute/ets91

</script></script></script></script>

............

<input OnServerClick=“Submit_Click“ runat="server" <input OnServerClick=“Submit_Click“ runat="server" <input OnServerClick=“Submit_Click“ runat="server" <input OnServerClick=“Submit_Click“ runat="server" ...>...>...>...>

� .asmx file implements method “Add”

� WSDL file, returned by the ASP.NET runtime

Sample� C# proxy class, generated by WSDL.exe

[System.Web.Services.Protocols.[System.Web.Services.Protocols.[System.Web.Services.Protocols.[System.Web.Services.Protocols.SoapDocumentMethodAttribute(“http://tempuri.org/Add“)]SoapDocumentMethodAttribute(“http://tempuri.org/Add“)]SoapDocumentMethodAttribute(“http://tempuri.org/Add“)]SoapDocumentMethodAttribute(“http://tempuri.org/Add“)]

public int Add(int a, int b) public int Add(int a, int b) public int Add(int a, int b) public int Add(int a, int b)

{{{{object[] results =object[] results =object[] results =object[] results =

this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});

IT-Institute/ets92

this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});this.Invoke(“Add“, new object[] {a, b});

return (int)(results[0]);return (int)(results[0]);return (int)(results[0]);return (int)(results[0]);}}}}

............

public System.IAsyncResult BeginAdd(...public System.IAsyncResult BeginAdd(...public System.IAsyncResult BeginAdd(...public System.IAsyncResult BeginAdd(...

public int EndAdd(...public int EndAdd(...public int EndAdd(...public int EndAdd(...

Summary

� .NET Architecture Overview

� Web Services and ASP.NET

� Create and Publish Web Services

� Invoke and Consume Web Services

IT-Institute/ets93

� Invoke and Consume Web Services

� WSDL and Proxy Classes

� Program Against Web Services

If you want to learn more…

� SOA

� http://en.wikipedia.org/wiki/Service-oriented_architecture

� http://msdn.microsoft.com/architecture/

� http://msdn.microsoft.com/architecture/soa/

� http://www.devx.com/ibm/Article/29318

IT-Institute/ets94

� http://www.devx.com/ibm/Article/29318

� Web Services

� http://msdn.microsoft.com/webservices/

� http://www.w3schools.com/webservices

� http://en.wikipedia.org/wiki/Web_services

� Security

� http://msdn.microsoft.com/security/default.aspx

Questions

IT-Institute/ets95

Lecturer’s notes

IT-Institute/ets96

Technical University of Ostrava

� Source: From Wikipedia, the free encyclopedia

� The Technical University of Ostrava (or Vysoká škola báňská –Technická univerzita Ostrava (TUO) in Czech), is universitylocated in the city of Ostrava, Moravian-Silesian Region, Czech Republic.

� The university was founded on 23rd January 1849 in Příbram, but the history dates back to 1716. In 1945 the university was moved to Ostrava. Today the University has a total of about 20.000

IT-Institute/ets97

to Ostrava. Today the University has a total of about 20.000 students and consists of these seven faculties:

� Faculty of Economics

� Faculty of Civil Engineering

� Faculty of Mechanical Engineering

� Faculty of Electrical Engineering and Informatics

� Faculty of Mining and Geology

� Faculty of Metallurgy and Material Engineering

� Faculty of Safety Engineering

� Tomáš Čermák is rector of the university (since 2003).

Faculty of Electrical Engineering and Informatics

� Departments and workplaces FEECS

� 400 - Dean and faculty officers448 - Department of power electronics and electric drives449 - Department of theoretical electrical engineering450 - Department of electrical measurements451 - Department of electrical power engineering452 - Department of general electrical engineering

IT-Institute/ets98

452 - Department of general electrical engineering453 - Department of electrical machines and apparatus454 - Department of electronics and telecommunications455 - Department of measurement and control456 - Department of computer science457 - Department of applied mathematics

Institute of physics

� Department of education on FEECSDepartment of mathematics and descriptive geometry -Department of education on FEECS

Department of Computer Science

� Dr Eduard Sojka, Head of the Department

IT-Institute/ets99

A Simple Web Service

IT-Institute/ets100

ASP.NET QuickStart Tutorial

ASP.NET QuickStart

� What Is It?

� Tutorial, ASP.NET samples

� Syntax, architecture, features

� Installation

Install Microsoft .NET Framework SDK

IT-Institute/ets101

� Install Microsoft .NET Framework SDK

� Visual Studio.NET installation and Components Update

� Installation of Visual Studio.NET is not mandatory

� .NET Framework Samples

� ASP.NET QuickStart� ASP.NET Web Services

� Writing a Simple Web Service

Building a Simple Web Service

� Create your own MathService

� .asmx

� Implement class MathService and Web methods

� Create WSDL file (MathService.wsdl)

� Request to MathService.asmx

IT-Institute/ets102

� Request to MathService.asmx

� Generate C# proxy class (MathService.cs)

� WebServiceUtil.exe

� Generate Assembly (MathService.dll)

� C# compiler “csc”

Consuming a Simple Web Service

� Implement MathService client (MathServiceClient.aspx)

� ASP.NET UI

� Operands � Text box

� Methods � Buttons

IT-Institute/ets103

� Methods � Buttons

� Result � Label

� Event Handler

� OnServerClick

IBM

IT-Institute/ets104

Microsoft

IT-Institute/ets105