1 / 11

Web Services

Web Services. Software Implementation. VINAY AHUJA Columbia University E6125: Web Enhanced Info Mgmt Spring 2008 va2199@columbia.edu. About Web Services. Another client / server technology … but different Platform Independent Heavily XML based

grace-guy
Download Presentation

Web Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Web Services Software Implementation VINAY AHUJA Columbia University E6125: Web Enhanced Info Mgmt Spring 2008 va2199@columbia.edu

  2. About Web Services • Another client / server technology … but different • Platform Independent • Heavily XML based • Overrides client / server paradigm mismatch • Different Programming Languages • Different Operating Systems • HTTP Communication • Promotes internet scale applications • Aligns well with Internet proxies

  3. Server Side APPLICATION SERVER (Apache Tomcat) SOAP ENGINE (Apache Axis) Web Services Web Services

  4. Intermediate Processes • Deploy with a descriptor • Generate the WSDL • Java2WSDL • Generate the Server / Client Stubs • WSDL2Java • Modify stubs to match business logic • Redeploy • Use stubs to invoke web services

  5. Client & Server INTERNET CLIENT SERVER PROGRAMS WEB SERVICES STUBS STUBS HTTP Request <?xml version… <soapenv:Envelope … <soapenv:Body> … … … </soapenv:Body> </soapenv:Envelope … HTTP Response

  6. Complex Types • string, int, long vs. ‘Student’ object • WSDL includes what ‘Student’ represents - <wsdl:types> - <schema targetNamespace="urn:StudentService" xmlns="http://www.w3.org/2001/XMLSchema"> <import namespace="http://schemas.xmlsoap.org/soap/encoding/" /> - <complexType name="Student"> - <sequence> <element name="active" nillable="true" type="xsd:string" /> <element name="city" nillable="true" type="xsd:string" /> <element name="department" nillable="true" type="xsd:string" /> <element name="email" nillable="true" type="xsd:string" /> <element name="firstName" nillable="true" type="xsd:string" /> <element name="lastName" nillable="true" type="xsd:string" /> <element name="middleName" nillable="true" type="xsd:string" /> <element name="phone" nillable="true" type="xsd:string" /> <element name="state" nillable="true" type="xsd:string" /> <element name="streetAddress" nillable="true" type="xsd:string" /> <element name="studentId" type="xsd:long" /> <element name="zip" nillable="true" type="xsd:string" /> </sequence> </complexType> </schema> </wsdl:types>

  7. Student Services Modules Student Mgmt Course Mgmt Bank Account Schedule Bursars

  8. Student ‘Web’ Services Architecture Apache Tomcat H I BERNATE SERVLETS Apache Axis DB PostgreSQL BROWSER Student WS Course WS Bursars WS* Bank Account WS* * WS-Security

  9. SOAP Envelope (Unsecure) <?xml version="1.0" encoding="utf-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <soapenv:Body> <ns1:addStudentsoapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns1="http://ws.student.columbia.edu"> </ns1:addStudent> <multiRef id="id0" soapenc:root="0" soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xsi:type="ns2:Student" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns2="urn:StudentService"> <email xsi:type="xsd:string">va2199@columbia.edu</email> <firstNamexsi:type="xsd:string">Vinay</firstName> <lastNamexsi:type="xsd:string">Ahuja</lastName> </multiRef> </soapenv:Body> </soapenv:Envelope>

  10. Security – WS Specification • WS Security • OASIS Standard Specification • UsernameToken Extensions <wsse:UsernameToken> <wsse:Password> • PasswordText and PasswordDigest • Replay Attacks: • Nonce • Created • WSS4J API (Apache)

  11. SOAP Envelope (Secure) • Secure Financial Transactions • PasswordDigest must be known by both client and server • Implement javax.security.auth.callback.CallbackHandler <S11:Envelope xmlns:S11="..." xmlns:wsse="..." xmlns:wsu= "..."> <S11:Header> ... <wsse:Security> <wsse:UsernameToken> <wsse:Username>va2199</wsse:Username> <wsse:Password Type="...#PasswordDigest">zwgIY4jvDd5ksWgkThjFE3fHhf3gHLw==99</wsse:Password> <wsse:Nonce>WSRbwjfbDWHg3nWMOt3SHB==</wsse:Nonce> <wsu:Created>2008-04-06T05:-6:23Z</wsu:Created> </wsse:UsernameToken> </wsse:Security> ... </S11:Header> ... </S11:Envelope>

More Related