1 / 19

Reliable Messaging in the Real World

OASIS Adoption Forum Ditton Manor, October 29 th -30 th 2007. Reliable Messaging in the Real World. Paul Fremantle Co-chair, OASIS WS-RX TC VP and Founder, WSO2 Inc. Introductions . Paul Fremantle Co-chair of WS-RX Technical Committee Co-founder and VP/Technical Sales, WSO2 WSO2

abby
Download Presentation

Reliable Messaging in the Real World

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OASIS Adoption Forum Ditton Manor, October 29th-30th 2007 Reliable Messaging in the Real World Paul Fremantle Co-chair, OASIS WS-RX TC VP and Founder, WSO2 Inc

  2. Introductions • Paul Fremantle • Co-chair of WS-RX Technical Committee • Co-founder and VP/Technical Sales, WSO2 • WSO2 • 60 employees in Colombo, London, Mountain View • Pure Open Source company • Enterprise Service Bus, Registry • Support for OASIS standards in J2EE, C, PHP • Funded by Intel Capital

  3. Strong Requirement for Reliability • Strongest demand – after Security • The requirement is not just for “SOAP services” • Customers are usually looking for a Secure Reliable Channel • Binary data (MTOM) is a key capability

  4. Too much or too little choice? WS-RM WS-Reliability ebMS AMQP JMS MQSeries ActiveMQ

  5. WS-R* at OASIS • February 2003 WSRM TC formed to standardize WS-Reliability • November 2004 – WS-Reliability standardized • May 2005 – WSRX TC formed to unify WS-ReliableMessaging and WS-Reliability • June 2007 – WSRM 1.1 approved as an OASIS Standard

  6. Aims of WS-ReliableMessaging 1.1 • Allow interoperable systems to exchange messages with assured delivery • In particular Exactly-Once In Order • Or both sides alerted to failure • Composable with other standards • WS-Addressing, WS-Security, WS-SecureConversation, SSL/TLS, WS-Policy • Support one-way and two-way exchanges • Optionally support two-way exchanges with NAT, firewalls, Internet configuration BUT NOT wire-level compatible between WSRM1.0/1.1

  7. WSRM core model and terminology

  8. How does it work? • The core concept is a Sequence • Sender requests a sequence with CreateSequence • Messages allocated to the sequence • Receiver Acknowledges • Sender resend of unacknowledged messages • Finally TerminateSequence • Effectively a Sequence is a contract to reliably deliver a set of messages

  9. Simple example

  10. Some aspects to take note of! • Each sequence is unidirectional • Need two sequences to support two-way • Creation can be optimized with Offer • Acknowledgements are for the whole sequence, not just individual messages • Can be composed with SSL/TLS or SecureConversation to prevent sequence hijacking • Durability is not part of the specification • But it IS an aspect of implementations

  11. Sequence Hijacking and Security • Concern that the sequence itself may be attacked • Famously happened to TCP/IP • Prevented by “binding” a sequence to a specific security context • Only the creator of the sequence can post messages, request acknowledgements, terminate the sequence • Explicit support for binding to: • SSL/TLS session • SecureConversation

  12. WS-RM Policy Example <wsp:Policy> <wsrmp:SequenceTransportSecurity/> <wsrmp:DeliveryAssurance> <wsp:Policy> <wsrmp:ExactlyOnce/> <wsrmp:InOrder/> </wsp:Policy> </wsrmp:DeliveryAssurance> </wsp:Policy>

  13. Anonymous clients • When the client is using HTTP Request/Response and has no “contactable” URI • For example when I’m sitting in Starbucks/Café Nero/etc using Wifi to connect • Works for one-way reliability but not two-way • One approach is to use another transport • SMTP, XMPP, YahooIM, SIP, etc

  14. WS-MakeConnection 1.0 client server CS+Offer(seq2) CSR(seq1)+Accept msg1(seq1) response1(seq2) +ack(seq1) msg2(seq1) + ack(seq2) msg3(seq1) + ack(seq2) response3(seq2) + ack(seq1) MakeConnection(seq2) response2(seq2) The other approach is to use a “replay” model

  15. Implementations • IBM WebSphere 6.1 – WSRM1.0 and 1.1 • Microsoft .NET 3.0 – WSRM1.0 • .NET 3.5 beta – WSRM 1.1 support • BEA WebLogic Server – WSRM1.0 • SAP Netweaver PI 7.1 – WSRM1.0 (1.1?) • Sun Project Tango – WSRM1.0 • Apache Sandesha2 – WSRM1.0 and 1.1 • WSO2 Web Services Application Server – WSRM1.0 and 1.1 • WSO2 WSF/PHP – WSRM 1.0 and 1.1

  16. Real-world interoperability • PRESTO • French government sponsored interop • WSRM 1.0 + WS-Security + MTOM • Danish Government OIO SOI • WSRM 1.0, Replay model • HTTP and SMTP • WS-Security • .NET 3.0 and Apache Axis2/Sandesha2

  17. Futures • I predict much greater uptake of WSRM 1.1 in 2008 • Based on more implementations and further “real-world” interop • WS-I RSP • The OASIS TC is still open • Minor updates and errata • Conformance with WS-Policy 1.5 • Likely to produce a 1.1.1/1.2

  18. WS-I Reliable Secure Profile • Creating a profile of: • OASIS WS-ReliableMessaging 1.1 • OASIS WS-SecureConversation 1.3 • WS-Addressing • MTOM (efficient binary) • Other Base profile aspects (SOAP, WSDL) http://www.ws-i.org/deliverables/workinggroup.aspx?wg=reliablesecure

  19. Resources • CoverPages overview on Reliability • http://xml.coverpages.org/reliableMessaging.html • Introduction to WS-RM • http://www.infoq.com/news/ws-rm-introduction • WS-RX website • http://www.oasis-open.org/committees/ws-rx • Apache Sandesha2 • http://ws.apache.org/sandesha/sandesha2/index.html • WSO2 Web Services Application Server 2.1 • http://wso2.com/products/wsas/ • Me! • http://pzf.fremantle.org • paul@wso2.com

More Related