Web Services Architecture and Its Specifications [Electronic resources] : Essentials for Understanding WS-* نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Web Services Architecture and Its Specifications [Electronic resources] : Essentials for Understanding WS-* - نسخه متنی

Luis Felipe Cabrera, Chris Kurt

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Copyright

Foreword

Acknowledgments

Introduction

Why We Wrote This Book

Who This Book Is For

How This Book Is Organized

System Requirements

Microsoft Learning Technical Support

Part I: The Web Services Architecture

Chapter 1. Introduction to the Web Services Architecture

Message Orientation

Protocol Composability

Autonomous Services

Managed Transparency

Protocol-Based Integration

The Web Services Architecture

Chapter 2. Core Messaging

XML and the Infoset

SOAP

Message Exchange Patterns

Transport Independence

Addressing

Chapter 3. Metadata

Chapter 4. Security

Message Integrity and Confidentiality

Trust Based on Security Tokens

Secure Sessions

Security Policies

System Federations

Chapter 5. Discovery

Directories

Dynamic Discovery

Chapter 6. CoordinationReliable Messaging and Transactions

Reliable Messaging

Coordinating Web Services

Designated Coordinators

Atomic Transactions

Queued Systems

Long Duration Activities

Chapter 7. Enumeration, Transfer, and Eventing

Enumeration

Transfer

Eventing

Chapter 8. Management

Part II: Example Scenarios

Chapter 9. Introduction to the Example Scenarios

Chapter 10. Core Messaging Example

XML and the Infoset

SOAP

Transport Independence

Addressing: Using Endpoint References

Addressing: Replies

Addressing: Reference Parameters and Reference Properties

Addressing: Message Identification and Correlation

Addressing: Processing Semantics

Chapter 11. Metadata Example

WSDL

WS-Policy: Custom Policies

Policies

Policy Attachment

Metadata Exchange

Chapter 12. Security Example

Message Integrity and Confidentiality

Trust Based on Security Tokens

Chapter 13. Directory-Based Discovery Example

UDDI

Chapter 14. Designated Coordinators Example

Atomic Transactions

Chapter 15. Dynamic Discovery Example

Probe and Probe Match

Hello and Bye

Chapter 16. Enumeration, Transfer, and Eventing Example

Enumeration

Transfer

Eventing

Chapter 17. Management Example

Addressing Resources

General Messaging

Resource Information

Events and Message Delivery

Chapter 18. Concluding Remarks

Part III: Appendixes

Appendix A. Glossary

Appendix B. XML Infoset Information Items

Appendix C. Common Security Attacks

Appendix D. Sample Namespace Reference

Appendix E. WS-Addressing Action URI Reference

WS-Discovery

WS-Enumeration

WS-Eventing

WS-Management

WS-MetadataExchange

WS-SecureConversation

WS-Transfer

WS-Trust

Appendix F. References

Core Specifications

Web Services Specifications

Interoperability Profiles

Other Resources

Luis Felipe Cabrera

Chris Kurt

Index
توضیحات
افزودن یادداشت جدید





Autonomous Services


Web services are autonomous software entities whose development, deployment, operation, management, and security all vary independently from those of the service's consumer. This "forced independence" has several important ramifications that permeate the architecture.

Service autonomy has deep implications on how versioning is implemented. As a service's implementation evolves, the universe of compatible consuming applications changes. Appropriate management of these changes is critical to the correct operation of Web servicebased systems. At the most basic level, SOAP provides a protocol evolution model based on SOAP headers. SOAP headers are expected to be added or removed to a given message format over the lifetime of a given protocol. As new headers are introduced, the upgrade policy is carried in the header itself. Headers that can be safely ignored are simply inserted into the message. Headers that cannot be safely ignored are annotated with a mustUnderstand attribute, indicating that their insertion is an important change and that only recipients that recognize the header can process the message. This basic model for extensibility is most visible in SOAP itself; however, it is mirrored in various other Web service protocols, including WSDL. More importantly, this principle is used by Web services to add new protocol functionality (e.g., security) to a single messaging format (SOAP). Ultimately, the primary feature of SOAP is extensibilitynew versions of SOAP are not needed for each new protocol requirement.

The autonomous nature of Web services also requires a greater emphasis on security, including the explicit management of trust between applications, request authentication and authorization, and input validation. Because services can be arbitrarily combined into systems, a greater degree of care is needed to ensure that malicious agents cannot compromise the integrity of a service. Particular care is needed for those services that are accessible from the public Internet. Part of this care takes the form of stronger input validation, which often can be automated using various schema languages. A more interesting aspect of this increased focus on system integrity is the use of explicit trust models. WS-Security can be used to secure messages with multiple security tokens. Some of these tokens may correspond to user identities or principals, while other tokens may correspond to rights that are granted to a particular user or application and can be cryptographically validated as part of a broader authorization scheme.

Systems composed of long-lived, autonomous services need mechanisms to allow them to return to a steady state. In particular, services need to recycle resources created by requests of services that will not communicate again. In fact, resource reclamation policies are needed for all kinds of resources. A popular scheme is the use of leases as exemplified by subscriptions for event notification latter in this book. As asynchronous messaging allows services to have complete local control over the scheduling of message processing, resource reclamation policies can be triggered at any time. Services also have flexibility regarding maximum allowed message size, message transmissions, and connectivity management. Last but not least, services have independent failure modes. Systems should be able to recover from the failure of an underlying service.

Finally, the autonomous nature of Web services invariably requires processes or systems that were at one time centralized to move to a federated model. This is true not only of security identities, but also of service directories and systems management. These new systems have to operate in the presence of unbounded message latencies, independent failure modes, and when services are intermittently connected to the network. Later in this book, examples showing the use of brokered trust and dynamic service discovery are presented to demonstrate federated identity and system management capabilities, respectively.

/ 130