Novas Arquitecturas baseadas

em Web Services
XATA 2004 – Fev 2004

José António Silva

Architect Evangelist
joseas@microsoft.com
http://canoas.com/blog/
vamos falar sobre…

Service-Orientation

XML, SOAP, WSDL, UDDI

Novos Protocolos WS-*

WS-* Workshop Process

Web Services Interoperability WS-I.ORG

Service-Orientation
porque é que construímos sistemas distribuídos?

 demasiado trabalho para uma só máquina

 dados pertencem a diferentes organizações

 dados pertencem a diferentes sistemas

 funcionalidades de determinados sistemas

 necessidades de execução diferentes

 necessidades de segurança diferentes

Protocolos na NET
XML Web Services
HTML
IP

browser composição de
e-mail serviços

Pessoas com
Pessoas
Pessoas com
Informação Aplicações com
Aplicações
Exemplo: Aplicação 3 camadas

boa arquitectura
DNA

Aplicação Central Compras

Data Layer Business Presentation

Layer Layer

Interface da aplicação
dá acesso aos dados
aplicacionais
 O utilizador é o elo
Aplicação Contabilidade de ligação dos
processos, o que é
lento, caro e
propício a erros

Processo de negócio
atravessa várias aplicações

Aplicação Central Compras

Aplicação RH
Service Oriented Architecture
Interface desacoplado
da lógica de
processamento dos
dados
troca de mensagens
boa arquitectura
3-tier service

Serviço Central Compras UI

Data Layer Business Service Presentation

Layer Façade Layer

Web Service Standards

Dados e Lógica Negócio permitem ligações
encapsulados por uma cross-platform
Web Service Façade
 Automação de Processos de Negócio
Serviços Contabilidade

integração com diferentes

plataformas

Serviço Central Compras UI Processo Compras

Business
Process
Automation

Serviço RH
Múltiplos serviços
combinados num único
processo de negócio
gerações
Paradigma Período Modelo Programação Motivação

Procedural
Mainframe 60s–80s Automated business
(COBOL)

Database (SQL)
Cliente/Servidor 80s-90s Desktop power
fat-client (VB)

Object-Oriented
n-Tier 90s-00s Internet/Browser
(Java, COM, ASP)

Service-oriented
SOA 2000s Business agility
(SOAP, WSDL, UDDI)
Serviços, Componentes, Objectos, …
 Evolução natural Service
 Function  Component  Service
 Serviços contem mensagens,
componentes e dados
 Dados privados e completamente Private
encapsulados pelo serviço Data
 Mensagens são a única forma de
entrada e saída num serviço

Components

Functions
Tightly Coupled

Programming
Language

Database
Agreements
Database
Object Model

Schema
Operating Operating
System System
Application
Server
Loosely Coupled

Programming Programming
Language Language

Database Agreements Database

Object Model Object Model

Operating
Operating Schema
System
System
Application
Application Server
Server
Basic Standards
SOAP Web Service
SOAP: Expansível

 Informação extra
 soap:Header vs
soap:Body

 Opcional
 soap:mustUnderstand

 Qualificável
 soap:role
(soap:actor in SOAP 1.1)
Exemplo: Composição
<S:Envelope … >
<S:Header>
<wsa:ReplyTo>
<wsa:Address>http://business456.com/User12</wsa:Address>
Addressing </wsa:ReplyTo>
<wsa:To>http://fabrikam123.com/Traffic</wsa:To>
<wsa:Action>http://fabrikam123.com/Traffic/Status</wsa:Action>
<wssec:Security>
<wssec:BinarySecurityToken
ValueType="wssec:X509v3"
Security EncodingType=“wssec:Base64Binary">
dWJzY3JpYmVyLVBlc…..eFw0wMTEwMTAwMD
</wssec:BinarySecurityToken>
</wssec:Security>
<wsrm:Sequence>zzz
Reliability <wsu:Identifier>http://fabrikam123.com/seq1234</wsu:Identifier>
<wsrm:MessageNumber>10</wsrm:MessageNumber>
</wsrm:Sequence>
</S:Header>
<S:Body>
<app:TrafficStatus
xmlns:app="http://highwaymon.org/payloads">
<road>520W</road><speed>3MPH</speed>
</app:TrafficStatus>
</S:Body>
</S:Envelope>
Web Services Basic Standards Stack

UDDI (discovery)
WSDL (API description)
SOAP (messaging)

XML (lingua franca)

HTTP (transport)
Limitações actuais:
 Segurança?
 Garantias de Entrega?
 Transacções?
 Outros Transportes?
 Mensagens Assíncronas (One-Way)?
 Encaminhamento (Routing/Addressing)?
 Outros padrões (Ex: Pub/Sub)?
 Web Services Security Roadmap

SecureConversation Federation Authorization

Policy Trust Privacy

Hoje Security

SOAP Foundation

Security in a Web Services World – IBM/MSFT White Paper

http://msdn.microsoft.com/library/en-us/dnwssecur/html/securitywhitepaper.asp
Abril 2002

WS-Security Specification
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss
Novos Protocolos
Web Services Protocols (WS-*)
 Messaging Specifications
SOAP
WS-Addressing
Connected Business MTOM (Attachments)
Applications Management … WS-Eventing
Process
 Security Specifications
WS-Security
WS-SecureConversation
WS-Trust
WS-Federation
WS-Federation Active Requestor Profile
WS-Federation Passive Requestor Profile
Web Services Security Kerberos Binding

Metadata
Security Reliability Transactions  Reliable Messaging Specifications
WS-ReliableMessaging

 Transaction Specifications
WS-Coordination
WS-AtomicTransaction
Messaging WS-BusinessActivity

 Metadata Specifications
WSDL
XML UDDI
WS-Policy
WS-PolicyAssertions
WS-PolicyAttachment
WS-SecurityPolicy
HTTP TCP SMTP …
 XML Specifications
XML
Namespaces in XML
XML Information Set
XInclude
WS-* Objectivos
 Arquitectura
 Modular/Composable
 De Aplicabilidade Genérica (B2B, EAI, Devices)
 Baseado em Standards
 Modelo Federado

 Resultados tangíveis
 Qualidade no desenvolvimento
 Adopção generalizada por todos os intervenientes do mercado
 Rápido time-to-market
Novas especificações (1)
 WS-Security – protecção via integridade,
confidencialidade e autenticação directamente na
mensagem XML (XML-SIG, XML-ENC)
 WS-Security
 WS-SecureConversation
 WS-Trust
 WS-Federation

 WS-Policy – descrição e comunicação das políticas de

utilização de WS
 WS-SecurityPolicy
 WS-PolicyAssertions
 WS-PolicyAttachment
Novas especificações (2)
 WS-Addressing – Virtualização dos endpoints para cada
serviço
 WS-Addressing
 WS-Eventing

 Attachments - Message Transmission Optimization

Mechanism
 MTOM
Novas especificações (3)
 WS-Coordination
 coordenação das acções de sistemas distribuídos. Por exemplo o acordo
no resultado de uma transacção em vários sistemas

 WS-AtomicTransaction WS-BusinessActivity
 tipos de coordenação: Atomic Transaction (AT) and Business Activity (BA).

 WS-ReliableMessaging
 Garantia de entrega, uma e uma só vez

 BPEL4WS
 gestão de processos e protocolos de interacção (BPM)
WS-* Workshop Process

Processo de desenvolvimento de novas especificações

http://msdn.microsoft.com/webservices/community/workshops/
WS Architecture Evolution
July 2003
Secure, Reliable, Transacted WS-Federation
March 2003
WS-ReliableMessaging
WS-Addressing
RM Roadmap
April 2002 September 2003
WS-Security and WS-AtomicTransaction
Security Roadmap WS-Coordination
SRT WS Whitepaper
December 2002
UDDI WS-Policy
WS-Trust
SOAP
WS-I WS-SecureConversation
August 2002
WS-Transaction
2000 WSDL
WS-Coordination
Web Services Specifications Process

Specification Feedback and Revise spec Standards Org WS-I

Published Interop
Workshops

Participation
WS-Security demonstrou sucesso do processo

Specification Customer and Publish OASIS WS-I

Published Industry Addendum, Standardization Interoperability
Feedback Deliver Dev Profile
Gathered Product

April April - August August September April

2002 2002 2002 2002 2003

Three Over 30 Over 100

Partners Partners Partners
 Interoperability Events Nov 2003
WS-Trust
& Workshops WS-SecureConversation
(workshop)
September 2003
Bill Gates (Microsoft)
Steve Mills (IBM)
TBD 2004
SOAP December 2002
WS-Federation
Builders CDBi - EMEA
(workshop)
2002 October 2003
WS-ReliableMessaging
(workshop)

July 2003
September 2003
Catalyst
OASIS
(Burton conference)
WS-Security
August 2002
XML Web Services
One (East)
 TBD 2004
WS-Transaction
Feedback Workshops
July 2003
WS-ReliableMessaging

February 2003 TBD 2004

WS-Policy and WS-Policy
WS-Trust
November 2003
WS-Federation
2002
March 2003
WS-Policy and
WS-Trust
 WS-* Specifications Timeline
Trust Federation

Security Active
Routing Coordination Policy Profile
Infoset Addendum to
Secure SOAP Messages w/ Passive Business
Referral Security Transaction Conversation Attachments (MTOM) Profile Activity

Oct Nov April June August December March April June July Sept
2001 2001 2002 2002 2002 2002 2003 2003 2003 2003 2003
WS- Attachments Policy Reliable Policy Coordination
Inspection Messaging v1.1

Security Policy Policy Atomic

Addendum Attachment Addressing Attachment v1.1 Transactions

Security Profile
For Tokens Policy Policy
Assertions Assertions v1.1

Security Reliable Federation of

Roadmap Message Identities
Roadmap in a WS World

http://msdn.microsoft.com/webservices/understanding/specs
Boas Práticas

WS-I.ORG
 www.ws-i.org

 170+ fabricantes software envolvidos

 Interoperabilidade entre plataformas, aplicações e
linguagens
 Maior evidência de que a indústria está alinhada com os
web services
Um slide do Patrocinador 
Framework (Microsoft)

ASP.NET Web Services

Web Service Enhancements

Indigo
Web Service Enhancements 2.0
Lista de funcionalidades
 Modelo programação orientado a Mensagens
 Suporte para variados hosts
 WS-Addressing
 WS-Policy
 WS-Security
 WS-SecurityPolicy
 WS-SecureConversation
 WS-Trust
 Download, Documentação e Anúncios:
http://msdn.microsoft.com/webservices/
sumário

Service-Orientation
Desacoplados
Bem limitados/Autónomos
Partilhar apenas Contratos/Politica

Composição de protocolos WS-*

Processo Ágil de desenvolvimento de novas specs

Interoperabilidade aplicando as
recomendações do WS-I.ORG
Referências
 Microsoft
 MSDN Portugal
 http://www.microsoft.com/portugal/msdn/

 Microsoft Patterns & Practices

 http://msdn.microsoft.com/practices/

 WS-* specs
 http://msdn.microsoft.com/webservices/understanding/specs/

 Weblogs
 Don Box (Microsoft)
 http://www.gotdotnet.com/team/dbox/

 Clemens Vasters (Newtelligence AG)

 http://staff.newtelligence.net/clemensv/

 LooselyCoupled.com
 http://www.looselycoupled.com/blog/

 Canoas’blog (o meu !)

 http://canoas.com/blog/
Obrigado 

joseas@microsoft.com
http://canoas.com/blog/

© 2003-2004 Microsoft Corporation. All rights reserved.

This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.