NET Web Services Whats Under the Hood Michael
. NET Web Services What’s Under the Hood? Michael B. Spring Department of Information Science and Telecommunications University of Pittsburgh spring@imap. pitt. edu http: //www. sis. pitt. edu/~spring Web NG
Prelude When I try to explain the architecture now [for the semantic web], I get the same distant look in people’s eyes as I did in 1989, when I tried to explain how global hypertext [the world wide web] would work. • Tim Berners-Lee, Weaving the Web, pp. 194 -195 1/20/2022 Web NG 2
Overview • Context • Web technology – Now – In the future • Digression on objects and components • Digression on the e. Xtended Markup Language(XML) • XML and web services – Web Services Description Language (WSDL) – Universal Description Discovery and Integration (UDDI) – Simple Object Access Protocol (SOAP) 1/20/2022 Web NG 3
Context: Dominant Technologies • In some ways, the history of technology may be viewed as a history of seized opportunities • It has long been known that the dominant keyboard used in typing if far from optimal. – The goal of the QWERTY keyboard – The failure of the Dvorak keyboard • The Web as it exists today is in some cases sub optimal technology for what we now want to do. • Regardless, it is now the entrenched technology 1/20/2022 Web NG 4
Context: Web Transformation • Given the popularity of the Web, it has become the dominant transport and interface tool. • The Web is moving, inexorably, to include services as well as static resources. • The Web will be used extensively for information exchange by business. • Mechanisms for finding and integrating business services are required. 1/20/2022 Web NG 5
Web Technology: Today • Web Technology is based directly on three things: – http, the hypertext transfer protocol – a robust idempotent protocol (single request & response) – HTML, the hypertext markup language – a markup language for documents – URL, the Uniform Resource Locator – a protocol for identifying the location of objects • Web technology is indirectly based on: – A finding service called the Domain Name Service or DNS – A transport protocol that provides reliable exchange of messages called the Transport Control Protocol or TCP 1/20/2022 Web NG 6
What the Web Provides • • • Millions of servers Hundreds of millions of clients and users A technology that is platform independent A protocol that pierces most firewalls An “understood” and accepted technology A technology that is simple enough at the first level to be used with ease 1/20/2022 Web NG 7
Ok, so what do we want to do? • We want to connect a “process” on machine A to an “process” on machine B. – Once the connection is made, we want the two machines to exchange information. – We would like this to happen without human intervention. • Ok, this is really pretty easy – the code on the following page accomplishes this goal – All of the error checking code and variable definitions have been removed 1/20/2022 Web NG 8
Client Server Pair in C (minimal) Server Client // get a socket of a given type m = socket(PF_INET, type, ppe>p_proto); // bind it to a port and start listening bind(m, (struct sockaddr *) &sin, sizeof(sin)) listen(m, qlen) // when connection is made, read and write s = accept(m, (struct sockaddr *) & fsin, &alen); read(s, inbuf, MAX_STRING); write(s, outbuf, strlen(outbuf)); close(ssock); 1/20/2022 Web NG //get socket of given type s = socket(PF_INET, type, ppe->p_proto); //connect it to a remote machine connect(s, (struct sockaddr *) & sin, sizeof(sin)) // write some data write(s, buf, strlen(buf)); //read some data read(s, buf, MAX_STRING) 9
Ok, but… • How do I find a machine, that has a particular service? • How does the server know its ok for me to use the service? • Assuming I have found and can use a service, what exactly do I need to provide? • Assuming the machines store data in different formats, how does the data get translated? • If data goes over the internet, how can it be protected? • What happens if something goes wrong in the middle? 1/20/2022 Web NG 10
Web Technology: Tomorrow • To allow for an efficient transition to the next generation web, several “new” pieces are needed: – A way of locating objects and processes by characteristics – A way of describing the nature of the exchanges that are expected – A mechanism for connecting processes 1/20/2022 Web NG 11
Object Digression • Things found on the Web are resources • Resources can be normal documents, or with the advent of CGI, documents created by programs. • Increasingly, programming is object oriented: – This involves classses which are instantiated as objects. – Objects, also called components, are simply programs • Thus, a web resource may be: – a document – a program sometimes called an object or component that consumes and produces data – in “dcoument” form 1/20/2022 Web NG 12
XML Digression SGML, HTML, and XML • The e. Xtened Markup Language (XML) is the glue that makes much of next generation web technology possible. • HTML is one type of document defined in terms of a standard called Standard Generalized Markup Language (SGML) • XML is an extension of SGML and it, like SGML, defines the rules for describing classes of hierarchically structured documents or more generally, hierarchically structured data 1/20/2022 Web NG 13
XML Digression Schema, Namespaces, and XSLT • Schema – A schema is an XML definition of a class of documents – Schema are themselves XML documents that conform to the schema (love recursion) – The schema includes mechanism for precisely defining data types • Namespaces – An XML document can be defined by combining multiple schema – each one of which is a “namespace” • XML Style Language Transformation (XSLT) – XML includes tools that allow very flexible transformation of documents algorithmically 1/20/2022 Web NG 14
XML Documents • Accept for a minute that we know that an XML schema exists that defines “student” documents. – The schema defines five required parts – name, ID, birthdate, sex, and major. – XML rules defines begin (< >) and end (</ >) “tags” – Here is a document compliant with the schema: <student> <name>Joe Smith</name><ID>123</ID> <birthdate>5/3/1960</birthdate><sex>F</sex> <major>Computer Science</major> </student> 1/20/2022 Web NG 15
Schema and Documents • The document on the previous slide is “well formed” – that is, it follows the XML tagging rules, but we don’t know if it follows the schema. • Again, assuming a schema exists, we could reference it as the xml namespace – “xmlns” as follows: <student xmlns="http: //www. pitt. edu/stud. xsd"> <name>Joe Smith</name><ID>123</ID> <birthdate>5/3/1960</birthdate><sex>F</sex> <major>Computer Science</major> </student> • Knowing the schema, the document can be “validated”. 1/20/2022 Web NG 16
Namespaces • Lets say we wanted to define a store of a student and their courses called a registration. – Given the student schema, and a course schema that defines a course as dept, num, title, and cred. – Imagine a registration schema that has two parts student and courses. • Now we can define a more complex document where the multiple schema form “namespaces” – The “: ” after “xmlns” allows us to define which namespace each tag comes from 1/20/2022 Web NG 17
Document with Namespaces <r: registration xmlns: r="http: //www. pitt. edu/reg. xsd" xmlns: s="http: //www. pitt. edu/std. xsd" xmlns: c="http: //www. pitt. edu/crs. xsd"> <r: student> <s: name>Joe</s: name> <s: ID>123</s: ID> <s: birthdate>5/3/1960</s: birthdate> <s: sex>F</s: sex> <s: major>Computer Science</s: major> </s: student> </r: student><r: courses> <c: dept>Inf Sci<c: dept><c: num>2770</c: num> <c: title>Doc Processing </c: title> <c: cred>3</c: cred> </r: courses> </r: registartion> 1/20/2022 Web NG 18
XML for Web Services • XML is used to define messages to be exchanged – Note that XML not only controls the structure but has mechanisms to define legitimate content as well. • XML is also used to define several protocols: – The protocol for describing services -- WSDL – The protocol for locating services – UDDI – The protocol used to connect to services -- SOAP • Reading these protocols can be confusing at first because they rely on multiple namespaces 1/20/2022 Web NG 19
Web Services Description Language – WSDL • WSDL is used to define services and bindings. – A service abstractly defines messages (interface) – The binding describes a particular form it might take – e. g. SOAP is a common binding (implementation) • To define a web service in XML, we use at least four namespaces: – – The namespace for the service being created The namespace WSDL The namespace for Schema The namespace for any bindings 1/20/2022 Web NG 20
WSDL Framework • Skipping many details, and ignoring the fact that different parts come from different namespaces, WSDL specifies “definitions” which include: 1/20/2022 <types> xsd based definition of some data</types> <message name = “x”> including <part>s which have a “type” <port. Type name = “y”> including: <operation>s and as a part of operations <input message> <output message> <binding name = “z”> including: <operation>s and as part of operations <input> <output> Web NG 21
A Real WSDL Definition (Interface) <definitions name="Stock. Quote. Service-interface" target. Namespace=http: //www. getquote. com/Stock. Quote. Service-interface xmlns: tns=http: //www. getquote. com/Stock. Quote. Service-interface xmlns: xsd=" http: //www. w 3. org/2001/XMLSchema” xmlns: soap=http: //schemas. xmlsoap. org/wsdl/soap/ xmlns="http: //schemas. xmlsoap. org/wsdl/"> <message name="Single. Symbol. Request"> <part name="symbol" type="xsd: string"/> </message> <message name="Single. Symbol. Quote. Response"> <part name="quote" type="xsd: string"/> </message> <port. Type name="Single. Symbol. Stock. Quote. Service"> <operation name="get. Quote"> <input message="tns: Single. Symbol. Request"/> <output message="tns: Single. Symbol. Quote. Response"/> </operation> </port. Type> 1/20/2022 Web NG 22
A Real WSDL Definition (Binding) <binding name="Single. Symbol. Binding“ type="tns: Single. Symbol. Stock. Quote. Service"> <soap: binding style="rpc" transport="http: //schemas. xmlsoap. org/soap/http"/> <operation name="get. Quote"> <soap: operation soap. Action="http: //www. getquote. com/Get. Quote"/> <input> <soap: body use="encoded" namespace="urn: single-symbolstock-quotes" encoding. Style="http: //schemas. xmlsoap. org/soap/encoding/" /> </input> <output> <soap: body use="encoded" namespace="urn: single-symbolstock-quotes“ encoding. Style="http: //schemas. xmlsoap. org/soap/encoding/" /> </output> 1/20/2022 Web NG 23 </operation>
Universal Description, Discovery and Integration – UDDI • Given the ability to define interfaces – WSDL, a mechanism is needed to locate implementations. • UDDI is this mechanism. It is: – A “registry” where information about business and the services they offer can be maintained – The structure of the kinds of information maintained – The mechanisms for storing and retrieving information from the registry. • UDDI registries are federated rather than hierarchically distributed. 1/20/2022 Web NG 24
Registries • Registries are well understood entities. • The Windows registry is what makes Windows easy to use: – When a user double clicks on a file of type “. doc”, it is opened by Word because the registry says so. – When a VB programmer includes a component in a program, the registry knows its properties • The Common Object Request Broker Architecture (CORBA) defines how a registry (or ORB) could be implemented across a network. 1/20/2022 Web NG 25
UDDI and WSDL • WSDL interfaces map to UDDI t. Models and WSDL bindings map to UDDI business services – Many businesses can offer services conforming to a given interface • UDDI conceptually offers three kinds of information: – White pages – general information about a business – Yellow pages –information about business classification – Green pages – technical information about services 1/20/2022 Web NG 26
Simplified UDDI DBMS Schema Business. Entity Key, Name, Description t. Model 0 -n Business. Service Key, Name, Description 0 -n Category. Bag 0 -n Binding. Template Key, Description 1/20/2022 Keyed. Reference Keyname, Key. Value Web NG 27
UDDI API • The UDDI API specifies mechanisms for: – Adding and modifying information about businesses, services, interfaces, and bindings – Searching for, locating, and using services • The dozens of operations are invoked via SOAP messages • The messages themselves are written in XML 1/20/2022 Web NG 28
An Example of a UDDI t. Model <t. Model. Key=""> <name>http: //www. getquote. com/Stock. Quote. Service-interface</name> <description xml: lang="en">Service interface def for a stock quote service. </description> <overview. Doc> <description xml: lang="en">WSDL Service Interface Document</description> <overview. URL>http: //www. gtqte. com/ser/ SQSinter. wsdl#SSB</overview. URL> </overview. Doc> <category. Bag> <keyed. Reference t. Model. Key="UUID: C 1 ACF 26 D-9672 -4404 -9 D 7039 B 756 E 62 AB 4“ key. Name="uddi-org: types" key. Value="wsdl. Spec"/> <keyed. Reference t. Model. Key="UUID: DB 77450 D-9 FA 8 -45 D 4 -A 7 BC 04411 D 14 E 384" 1/20/2022 Web NGtrading services" 29 key. Name="Stock market
Accessing a Remote Program • Earlier, we viewed the guts of a socket connection. • The difficulty of programming these connections led to programming simplifications – Remote Procedure Calls (RPC) provided programmers with tools that allowed them to access a remote procedure and send the correct data – Remote Method Invocation (RMI) provided the equivalent functionality for object oriented coding • The Simple Object Access Protocol (SOAP) is an extension of RPC and RMI using XML and http. 1/20/2022 Web NG 30
Simple Object Access Protocol – SOAP • Just as a http message can contain an HTML document, it can also contain a SOAP envelope • The SOAP envelop header identifies the remote process to be invoked – The request envelop contains the data to be provided to the process – The return envelop contains the data provided by the process • The data is encoded using the XML data encoding rules 1/20/2022 Web NG 31
A SOAP Request POST /Vendors HTTP/1. 1 Host: www. mobilephoneservice. com Content-Type: "text/xml"; Charset="utf-8" Content-Length: nnnn SOAPAction: "" <? xml version="1. 0"? > <SOAP-ENV: Envelope xmlns: SOAPENV="http: //schemas. xmlsoap. org/soap/envelope/" > <SOAP-ENV: Body> <m: get. List. Of. Models xmlns: m="urn: Mobile. Phoneservice" > </m: get. List. Of. Models> </SOAP-ENV: Body> </SOAP-ENV: Envelope> 1/20/2022 Web NG 32
A SOAP Response HTTP/1. 1 Content-Type: "text/xml"; Charset="utf-8" Content-Length: nnnn <SOAP-ENV: Envelope xmlns: SOAP-ENV = "http: //schemas. xmlsoap. org/soap/envelope/" > <SOAP-ENV: Body> <m: get. List. Of. Models. Response xmlns: m = "URI-Reference"> <model>m 1</model> <model>m 2</model> </m: get. List. Of. Models> </SOAP-ENV: Body> 1/20/2022 Web NG 33
Next Steps • Additional functionality will be added to the part of the operating system that provides the Object Request Broker function. • Sometimes called a Component Transaction Monitor (CTM) this function will provide services beyond the naming and finding such as: – – Security Authentication Transaction management Payment 1/20/2022 Web NG 34
Security and Authentication • Security – Encrypting data can take a lot of work – Secure pipes between CTMs will allow transactions that begin and end behind firewalls to move across the unprotected internet. • Authentication – Determining who can access services will need to be more automated – Certificates can be used as the basis for a “web of trust” that will allow both authentication and non-repudiation for a variety of tasks. 1/20/2022 Web NG 35
Other Services • Transaction management – It may be necessary to engage processes that involve multiple steps with processes on different platforms. – The CTM can assume responsibility for having actions undone if one or more of the steps fails • Payment – There is likely to be some kind of micropayment scheme that develops. Responsibility for these may be allocated to the CTM 1/20/2022 Web NG 36
Summary • XML is the language or abstract syntax for protocols in. NET – WSDL is the set of protocols used to define web services. It is written in XML. – UDDI is the set of protocols to used to advertise, find, and combine services. It is written in XML. – SOAP is the envelop which will be used to transmit the messages within an existing transport mechanisms such as http or smtp. • Operating systems will be enhanced to be net aware and supportive of web services. 1/20/2022 Web NG 37
The Next Generation Web Certificate Authority Needs Certificate Authority Services CTMServices ORB Needs Registry 1/20/2022 Registry Web NG Registry 38
- Slides: 38