OASIS Adoption Forum Ditton Manor, October 29 th -30 th 2007

Reliable Messaging in the Real World

Paul Fremantle Co-chair, OASIS WS-RX TC VP and Founder, WSO2 Inc

Introductions

  Paul Fremantle  Co-chair of WS-RX Technical Committee  Co-founder and VP/Technical Sales, WSO2 WSO2  60 employees in Colombo, London, Mountain View  Pure Open Source company  Enterprise Service Bus, Registry  Support for OASIS standards in J2EE, C, PHP  Funded by Intel Capital

Strong Requirement for Reliability

 Strongest demand – after Security  The requirement is not just for “SOAP services”  Customers are usually looking for a

Secure Reliable Channel

 Binary data (MTOM) is a key capability

Too much or too little choice?

WS-RM WS-Reliability ebMS AMQP JMS MQSeries ActiveMQ

WS-R* at OASIS

 February 2003 WSRM TC formed to standardize WS-Reliability  November 2004 – standardized WS-Reliability  May 2005 – WSRX TC formed to unify WS ReliableMessaging and WS-Reliability  June 2007 – WSRM 1.1 approved as an OASIS Standard

Aims of WS-ReliableMessaging 1.1

     Allow interoperable systems to exchange messages with assured delivery  In particular Exactly-Once In Order Or both sides alerted to failure Composable with other standards  WS-Addressing, WS-Security, WS-SecureConversation, SSL/TLS, WS-Policy Support one-way and two-way exchanges Optionally support two-way exchanges with NAT, firewalls, Internet configuration BUT NOT wire-level compatible between WSRM1.0/1.1

WSRM core model and terminology

How does it work?

 The core concept is a Sequence  Sender requests a sequence with CreateSequence  Messages allocated to the sequence  Receiver Acknowledges  Sender resend of unacknowledged messages  Finally TerminateSequence  Effectively a Sequence is a contract to reliably deliver a set of messages

Simple example

Some aspects to take note of!

    Each sequence is unidirectional  Need two sequences to support two-way  Creation can be optimized with Offer Acknowledgements are for the whole sequence , not just individual messages Can be composed with SSL/TLS or SecureConversation to prevent

sequence hijacking

Durability is not part of the specification  But it

IS

an aspect of implementations

Sequence Hijacking and Security

   Concern that the sequence itself may be attacked  Famously happened to TCP/IP Prevented by “binding” a sequence to a specific security context  Only the creator of the sequence can post messages, request acknowledgements, terminate the sequence Explicit support for binding to:  SSL/TLS session  SecureConversation

WS-RM Policy Example

< wsrmp:SequenceTransportSecurity /> < wsrmp:ExactlyOnce /> < wsrmp:InOrder />

Anonymous clients

    When the client is using HTTP Request/Response and has no “contactable” URI For example when I’m sitting in Starbucks/Café Nero/etc using Wifi to connect Works for one-way reliability but not two way One approach is to use another transport  SMTP, XMPP, YahooIM, SIP, etc

WS-MakeConnection 1.0

CS+Offer(seq2) CSR(seq1)+Accept msg1(seq1) response1(seq2) +ack(seq1) msg2(seq1) + ack(seq2) msg3(seq1) + ack(seq2) response3(seq2) + ack(seq1)

MakeConnection(seq2

) response2(seq2) The other approach is to use a “replay” model

Implementations

      IBM WebSphere 6.1 – WSRM1.0 and 1.1

Microsoft .NET 3.0 – WSRM1.0

 .NET 3.5 beta – WSRM 1.1 support BEA WebLogic Server – WSRM1.0

SAP Netweaver PI 7.1 – WSRM1.0 (1.1?) Sun Project Tango – WSRM1.0

Apache Sandesha2 – WSRM1.0 and 1.1

  WSO2 Web Services Application Server – WSRM1.0 and 1.1

WSO2 WSF/PHP – WSRM 1.0 and 1.1

Real-world interoperability

 PRESTO  French government sponsored interop  WSRM 1.0 + WS-Security + MTOM  Danish Government OIO SOI  WSRM 1.0, Replay model  HTTP and SMTP  WS-Security  .NET 3.0 and Apache Axis2/Sandesha2

Futures

  I predict much greater uptake of WSRM 1.1 in 2008  Based on more implementations and further “real-world” interop  WS-I RSP The OASIS TC is still open  Minor updates and errata  Conformance with WS-Policy 1.5

 Likely to produce a 1.1.1/1.2

WS-I Reliable Secure Profile

 Creating a profile of:  OASIS WS-ReliableMessaging 1.1

 OASIS WS-SecureConversation 1.3

 WS-Addressing  MTOM (efficient binary)  Other Base profile aspects (SOAP, WSDL) http://www.ws-i.org/deliverables/workinggroup.aspx?wg=reliablesecure

Resources

      CoverPages overview on Reliability  http://xml.coverpages.org/reliableMessaging.html

Introduction to WS-RM  http://www.infoq.com/news/ws-rm-introduction WS-RX website  http://www.oasis-open.org/committees/ws-rx Apache Sandesha2  http://ws.apache.org/sandesha/sandesha2/index.html

WSO2 Web Services Application Server 2.1

 http://wso2.com/products/wsas/ Me!

  http://pzf.fremantle.org

[email protected]