Transcript GXA Overview

Web Services
Enhancements
GXA



Global XML Architecture
variety of proposed new standards in
the area of Web services interoperability
A fair number of big corporate players
are cooperating behind the curtain of
GXA, including Microsoft and IBM
2
Advanced WS protocols


Designed to add common infrastructure
capabilities to basic WS stack
Built on existing foundation of XML,
SOAP, XML Schema, and WSDL


Uses standard extensibility points
Protocols being standardized for interop
3
Metadata
Reliable
Messaging
Transactions
Advanced
Protocols
Security
Protocol domains
Messaging
SOAP, XML, WSDL
Internet Transports
4
WSE 1.0


Simple framework layered on ASP.NET
Web Services
Support for…



WS-Security
WS-Routing/Referral
WS-Attachments/DIME
5
WSE 2.0

Extended security support





WS-SecureConversation, WS-Trust
Improved token management
Protection from replay attacks
New WS-Policy support
Extended messaging support

WS-Addressing supplants WS-Routing
6
ASP.NET and WSE

ASP.NET provides support for basic
Web services



Only the base-line protocols
Only RPC programming model
Web Services Enhancements (WSE)
add-on provides advanced features on
top of ASP.NET


Latest protocols, like WS-Security
A messaging programming model
7
How WSE works

Core WSE functionality implemented as
input and output filters
Output
Filters
Client
Input
Filters
Server
Input
Filters
Output
Filters
8
The Pipeline



Use of IO filters encapsulated by
pipeline class
Pipeline can be extended with custom
filters
Pipeline can be configured per-proxy or
per-process
9
Server integration
HttpContext.Current
Input Filter
Input Filter
Input Filter
HttpRequest
SoapContext
Output Filter
Output Filter
Web Service
Output Filter
WebServicesExtension
HttpContext
Pipeline
HttpResponse
SoapContext
ResponseSoapContext.Current
RequestSoapContext.Current
10
Server integration
public class Service1 : WebService
{
// WebServiceExtension runs gives pipeline a
// chance to process messages
[WebMethod]
public String GetMessage()
{
SoapContext reqCtx = RequestSoapContext.Current;
if (reqCtx == null)
throw new ApplicationException("SOAP only!");
DateTime created = reqCtx.Timestamp.Created;
return c.Envelope.InnerXml;
}
}
<%@ WebService class="Service1, SampDll" %>
11
Server configuration

WebServicesExtension must be
configured to process messages
(if not SoapContext == null)
<configuration>
<system.web>
<webServices>
<soapExtensionTypes>
<add type="Microsoft.Web.Services.WebServicesExtension,
Microsoft.Web.Services,Version=2.0.0.0,
Culture=neutral,PublicKeyToken=31bf3856ad364e35"
priority="1" group="0"/>
</soapExtensionTypes>
</webServices>
</system.web>
...
</configuration>
12
Proxy integration

WebServicesClientProtocol is new
proxy base class




Output filters process request messages
Input filters process response messages
RequestSoapContext property exposes
protocol settings for next message sent
ResponseSoapContext property
exposes protocol settings for last
message received
13
Proxy integration
RequestSoapContext
Output Filter
Input Filter
SoapWebResponse
Output Filter
ProxyClass
Input Filter
WebServicesClientProtocol
Output Filter
SoapWebRequest
Input Filter
SoapContext
Pipeline
SoapContext
ResponseSoapContext
14
Proxy integration
static void Main()
{
// create WebServicesClientProtocol-derived
// proxy class
Service1Wse proxy = new Service1Wse();
// WebServiceClientProtocol gives pipeline
// a chance to filter messages
Console.WriteLine(proxy.GetMessage());
}
15
Filters
(Sender)
16
Filters
(Receiver)
17
WS-Security

Defines a framework for building
security protocols using existing
protocols




Propagation of security tokens
Integrity via XML Signature
Confidentiality via XML Encryption
Framework designed for end-to-end
security of SOAP messages

From initial sender, through 0-n
intermediaries to ultimate receiver
18
Simple Example (Server)
[WebMethod]
public string HelloWorld()
{
string x="";
SoapContext c=RequestSoapContext.Current;
foreach(SecurityToken s in c.Security.Tokens)
if(s is UsernameToken)
x=((UsernameToken)s).Password;
if(x!="12345")
throw new ApplicationException(“error");
return "Hello World ";
}
19
Client
Service1Wse s=new Service1Wse();
s.RequestSoapContext.Security.Tokens.Add(
new UsernameToken( "avi“ ,"12345“,
PasswordOption.SendPlainText));
x=s.HelloWorld();
20
WSE 2.0 Messaging

WSE 2.0 provides a flexible API for
sending and receiving SOAP messages




Basic functionality:



in-process
TCP
HTTP
SoapSender
SoapReceiver
Higher-level API

SoapClient and SoapService classes
21