1 / 21

Web Services Enhancements

Web Services Enhancements. GXA. Global XML Architecture variety of proposed new standards in the area of Web services interoperability A fair number of big corporate players are cooperating behind the curtain of GXA, including Microsoft and IBM. Advanced WS protocols.

adair
Download Presentation

Web Services Enhancements

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Web Services Enhancements

  2. GXA • Global XML Architecture • variety of proposed new standards in the area of Web services interoperability • A fair number of big corporate players are cooperating behind the curtain of GXA, including Microsoft and IBM

  3. Advanced WS protocols • Designed to add common infrastructure capabilities to basic WS stack • Built on existing foundation of XML, SOAP, XML Schema, and WSDL • Uses standard extensibility points • Protocols being standardized for interop

  4. Protocol domains Advanced Protocols Security Transactions ReliableMessaging Metadata Messaging SOAP, XML, WSDL Internet Transports

  5. WSE 1.0 • Simple framework layered on ASP.NET Web Services • Support for… • WS-Security • WS-Routing/Referral • WS-Attachments/DIME

  6. WSE 2.0 • Extended security support • WS-SecureConversation, WS-Trust • Improved token management • Protection from replay attacks • New WS-Policy support • Extended messaging support • WS-Addressing supplants WS-Routing

  7. ASP.NET and WSE • ASP.NET provides support for basic Web services • Only the base-line protocols • Only RPC programming model • Web Services Enhancements (WSE) add-on provides advanced features on top of ASP.NET • Latest protocols, like WS-Security • A messaging programming model

  8. How WSE works • Core WSE functionality implemented as input and output filters Client Server Output Filters Input Filters Input Filters Output Filters

  9. The Pipeline • Use of IO filters encapsulated by pipeline class • Pipeline can be extended with custom filters • Pipeline can be configured per-proxy or per-process

  10. Output Filter Input Filter Output Filter Input Filter Output Filter Input Filter Server integration HttpContext.Current Http- Context Web Service Http- Request Soap- Context Pipeline WebServicesExtension Http- Response Soap- Context ResponseSoapContext.Current RequestSoapContext.Current

  11. Server integration public class Service1 : WebService{ // WebServiceExtension runs gives pipeline a // chance to process messages [WebMethod] public String GetMessage() { SoapContext reqCtx = RequestSoapContext.Current; if (reqCtx == null) throw new ApplicationException("SOAP only!"); DateTime created = reqCtx.Timestamp.Created; return c.Envelope.InnerXml; } } <%@ WebService class="Service1, SampDll" %>

  12. Server configuration • WebServicesExtension must be configured to process messages(if not SoapContext == null) <configuration> <system.web> <webServices> <soapExtensionTypes> <add type="Microsoft.Web.Services.WebServicesExtension, Microsoft.Web.Services,Version=2.0.0.0, Culture=neutral,PublicKeyToken=31bf3856ad364e35" priority="1" group="0"/> </soapExtensionTypes> </webServices> </system.web> ...</configuration>

  13. Proxy integration • WebServicesClientProtocol is new proxy base class • Output filters process request messages • Input filters process response messages • RequestSoapContext property exposes protocol settings for next message sent • ResponseSoapContext property exposes protocol settings for last message received

  14. Output Filter Input Filter Output Filter Input Filter Output Filter Input Filter Proxy integration SoapContext RequestSoapContext ProxyClass SoapWeb- Request Pipeline WebServices- ClientProtocol SoapWeb- Response SoapContext ResponseSoapContext

  15. Proxy integration static void Main() { // create WebServicesClientProtocol-derived // proxy class Service1Wse proxy = new Service1Wse(); // WebServiceClientProtocol gives pipeline // a chance to filter messages Console.WriteLine(proxy.GetMessage()); }

  16. Filters(Sender)

  17. Filters(Receiver)

  18. WS-Security • Defines a framework for building security protocols using existing protocols • Propagation of security tokens • Integrity via XML Signature • Confidentiality via XML Encryption • Framework designed for end-to-end security of SOAP messages • From initial sender, through 0-n intermediaries to ultimate receiver

  19. Simple Example (Server) [WebMethod] public string HelloWorld() { string x=""; SoapContext c=RequestSoapContext.Current; foreach(SecurityToken s in c.Security.Tokens) if(s is UsernameToken) x=((UsernameToken)s).Password; if(x!="12345") throw new ApplicationException(“error"); return "Hello World "; }

  20. Client Service1Wse s=new Service1Wse(); s.RequestSoapContext.Security.Tokens.Add( new UsernameToken( "avi“ ,"12345“, PasswordOption.SendPlainText)); x=s.HelloWorld();

  21. WSE 2.0 Messaging • WSE 2.0 provides a flexible API for sending and receiving SOAP messages • in-process • TCP • HTTP • Basic functionality: • SoapSender • SoapReceiver • Higher-level API • SoapClient and SoapService classes

More Related