Transcript Reliable Messaging in the Real World
OASIS Adoption Forum Ditton Manor, October 29 th -30 th 2007
Reliable Messaging in the Real World
Paul Fremantle Co-chair, OASIS WS-RX TC VP and Founder, WSO2 Inc
Introductions
Paul Fremantle Co-chair of WS-RX Technical Committee Co-founder and VP/Technical Sales, WSO2 WSO2 60 employees in Colombo, London, Mountain View Pure Open Source company Enterprise Service Bus, Registry Support for OASIS standards in J2EE, C, PHP Funded by Intel Capital
Strong Requirement for Reliability
Strongest demand – after Security The requirement is not just for “SOAP services” Customers are usually looking for a
Secure Reliable Channel
Binary data (MTOM) is a key capability
Too much or too little choice?
WS-RM WS-Reliability ebMS AMQP JMS MQSeries ActiveMQ
WS-R* at OASIS
February 2003 WSRM TC formed to standardize WS-Reliability November 2004 – standardized WS-Reliability May 2005 – WSRX TC formed to unify WS ReliableMessaging and WS-Reliability June 2007 – WSRM 1.1 approved as an OASIS Standard
Aims of WS-ReliableMessaging 1.1
Allow interoperable systems to exchange messages with assured delivery In particular Exactly-Once In Order Or both sides alerted to failure Composable with other standards WS-Addressing, WS-Security, WS-SecureConversation, SSL/TLS, WS-Policy Support one-way and two-way exchanges Optionally support two-way exchanges with NAT, firewalls, Internet configuration BUT NOT wire-level compatible between WSRM1.0/1.1
WSRM core model and terminology
How does it work?
The core concept is a Sequence Sender requests a sequence with CreateSequence Messages allocated to the sequence Receiver Acknowledges Sender resend of unacknowledged messages Finally TerminateSequence Effectively a Sequence is a contract to reliably deliver a set of messages
Simple example
Some aspects to take note of!
Each sequence is unidirectional Need two sequences to support two-way Creation can be optimized with Offer Acknowledgements are for the whole sequence , not just individual messages Can be composed with SSL/TLS or SecureConversation to prevent
sequence hijacking
Durability is not part of the specification But it
IS
an aspect of implementations
Sequence Hijacking and Security
Concern that the sequence itself may be attacked Famously happened to TCP/IP Prevented by “binding” a sequence to a specific security context Only the creator of the sequence can post messages, request acknowledgements, terminate the sequence Explicit support for binding to: SSL/TLS session SecureConversation
WS-RM Policy Example
Anonymous clients
When the client is using HTTP Request/Response and has no “contactable” URI For example when I’m sitting in Starbucks/Café Nero/etc using Wifi to connect Works for one-way reliability but not two way One approach is to use another transport SMTP, XMPP, YahooIM, SIP, etc
WS-MakeConnection 1.0
CS+Offer(seq2) CSR(seq1)+Accept msg1(seq1) response1(seq2) +ack(seq1) msg2(seq1) + ack(seq2) msg3(seq1) + ack(seq2) response3(seq2) + ack(seq1)
MakeConnection(seq2
) response2(seq2) The other approach is to use a “replay” model
Implementations
IBM WebSphere 6.1 – WSRM1.0 and 1.1
Microsoft .NET 3.0 – WSRM1.0
.NET 3.5 beta – WSRM 1.1 support BEA WebLogic Server – WSRM1.0
SAP Netweaver PI 7.1 – WSRM1.0 (1.1?) Sun Project Tango – WSRM1.0
Apache Sandesha2 – WSRM1.0 and 1.1
WSO2 Web Services Application Server – WSRM1.0 and 1.1
WSO2 WSF/PHP – WSRM 1.0 and 1.1
Real-world interoperability
PRESTO French government sponsored interop WSRM 1.0 + WS-Security + MTOM Danish Government OIO SOI WSRM 1.0, Replay model HTTP and SMTP WS-Security .NET 3.0 and Apache Axis2/Sandesha2
Futures
I predict much greater uptake of WSRM 1.1 in 2008 Based on more implementations and further “real-world” interop WS-I RSP The OASIS TC is still open Minor updates and errata Conformance with WS-Policy 1.5
Likely to produce a 1.1.1/1.2
WS-I Reliable Secure Profile
Creating a profile of: OASIS WS-ReliableMessaging 1.1
OASIS WS-SecureConversation 1.3
WS-Addressing MTOM (efficient binary) Other Base profile aspects (SOAP, WSDL) http://www.ws-i.org/deliverables/workinggroup.aspx?wg=reliablesecure
Resources
CoverPages overview on Reliability http://xml.coverpages.org/reliableMessaging.html
Introduction to WS-RM http://www.infoq.com/news/ws-rm-introduction WS-RX website http://www.oasis-open.org/committees/ws-rx Apache Sandesha2 http://ws.apache.org/sandesha/sandesha2/index.html
WSO2 Web Services Application Server 2.1
http://wso2.com/products/wsas/ Me!
http://pzf.fremantle.org