Transcript .NET Web Services What’s Under the Hood?

.NET Web Services
What’s Under the Hood?
Michael B. Spring
Department of Information Science and Telecommunications
University of Pittsburgh
[email protected]
http://www.sis.pitt.edu/~spring
Prelude
When I try to explain the architecture now
[for the semantic web], I get the same
distant look in people’s eyes as I did in
1989, when I tried to explain how global
hypertext [the world wide web] would
work.
• Tim Berners-Lee, Weaving the Web, pp.194-195
May 22, 2016
Web NG
2
Overview
• Context
• Web technology
– Now
– In the future
• Digression on objects and components
• Digression on the eXtended Markup Language(XML)
• XML and web services
– Web Services Description Language (WSDL)
– Universal Description Discovery and Integration (UDDI)
– Simple Object Access Protocol (SOAP)
May 22, 2016
Web NG
3
Context: Dominant Technologies
• In some ways, the history of technology may be
viewed as a history of seized opportunities
• It has long been known that the dominant
keyboard used in typing if far from optimal.
– The goal of the QWERTY keyboard
– The failure of the Dvorak keyboard
• The Web as it exists today is in some cases sub
optimal technology for what we now want to do.
• Regardless, it is now the entrenched technology
May 22, 2016
Web NG
4
Context: Web Transformation
• Given the popularity of the Web, it has become the
dominant transport and interface tool.
• The Web is moving, inexorably, to include
services as well as static resources.
• The Web will be used extensively for information
exchange by business.
• Mechanisms for finding and integrating business
services are required.
May 22, 2016
Web NG
5
Web Technology: Today
• Web Technology is based directly on three things:
– http, the hypertext transfer protocol – a robust
idempotent protocol (single request & response)
– HTML, the hypertext markup language – a markup
language for documents
– URL, the Uniform Resource Locator – a protocol for
identifying the location of objects
• Web technology is indirectly based on:
– A finding service called the Domain Name Service or
DNS
– A transport protocol that provides reliable exchange of
messages called the Transport Control Protocol or TCP
May 22, 2016
Web NG
6
What the Web Provides
•
•
•
•
•
•
Millions of servers
Hundreds of millions of clients and users
A technology that is platform independent
A protocol that pierces most firewalls
An “understood” and accepted technology
A technology that is simple enough at the
first level to be used with ease
May 22, 2016
Web NG
7
Ok, so what do we want to do?
• We want to connect a “process” on machine A to
an “process” on machine B.
– Once the connection is made, we want the two
machines to exchange information.
– We would like this to happen without human
intervention.
• Ok, this is really pretty easy – the code on the
following page accomplishes this goal
– All of the error checking code and variable definitions
have been removed
May 22, 2016
Web NG
8
Client Server Pair in C (minimal)
Server
Client
// get a socket of a given type
m = socket(PF_INET, type, ppe->p_proto);
// bind it to a port and start listening
bind(m, (struct sockaddr *) &sin,
sizeof(sin))
listen(m, qlen)
// when connection is made, read and write
s = accept(m, (struct sockaddr *) & fsin,
&alen);
read(s, inbuf, MAX_STRING);
write(s, outbuf, strlen(outbuf));
close(ssock);
May 22, 2016
Web NG
//get socket of given type
s = socket(PF_INET, type,
ppe->p_proto);
//connect it to a remote machine
connect(s, (struct sockaddr *) & sin,
sizeof(sin))
// write some data
write(s, buf, strlen(buf));
//read some data
read(s, buf, MAX_STRING)
9
Ok, but…
• How do I find a machine, that has a particular service?
• How does the server know its ok for me to use the service?
• Assuming I have found and can use a service, what exactly
do I need to provide?
• Assuming the machines store data in different formats,
how does the data get translated?
• If data goes over the internet, how can it be protected?
• What happens if something goes wrong in the middle?
May 22, 2016
Web NG
10
Web Technology: Tomorrow
• To allow for an efficient transition to the
next generation web, several “new” pieces
are needed:
– A way of locating objects and processes by
characteristics
– A way of describing the nature of the
exchanges that are expected
– A mechanism for connecting processes
May 22, 2016
Web NG
11
Object Digression
• Things found on the Web are resources
• Resources can be normal documents, or with the
advent of CGI, documents created by programs.
• Increasingly, programming is object oriented:
– This involves classses which are instantiated as objects.
– Objects, also called components, are simply programs
• Thus, a web resource may be:
– a document
– a program sometimes called an object or component
that consumes and produces data – in “dcoument” form
May 22, 2016
Web NG
12
XML Digression
SGML, HTML, and XML
• The eXtened Markup Language (XML) is the glue
that makes much of next generation web
technology possible.
• HTML is one type of document defined in terms
of a standard called Standard Generalized Markup
Language (SGML)
• XML is an extension of SGML and it, like SGML,
defines the rules for describing classes of
hierarchically structured documents or more
generally, hierarchically structured data
May 22, 2016
Web NG
13
XML Digression
Schema, Namespaces, and XSLT
• Schema
– A schema is an XML definition of a class of documents
– Schema are themselves XML documents that conform to the
schema schema (love recursion)
– The schema schema includes mechanism for precisely defining
data types
• Namespaces
– An XML document can be defined by combining multiple schema
– each one of which is a “namespace”
• XML Style Language Transformation (XSLT)
– XML includes tools that allow very very flexible transformation of
documents algorithmically
May 22, 2016
Web NG
14
XML Documents
• Accept for a minute that we know that an XML
schema exists that defines “student” documents.
– The schema defines five required parts – name, ID,
birthdate, sex, and major.
– XML rules defines begin (< >) and end (</ >) “tags”
– Here is a document compliant with the schema:
<student>
<name>Joe Smith</name><ID>123</ID>
<birthdate>5/3/1960</birthdate><sex>F</sex>
<major>Computer Science</major>
</student>
May 22, 2016
Web NG
15
Schema and Documents
• The document on the previous slide is “well formed” – that
is, it follows the XML tagging rules, but we don’t know if
it follows the schema.
• Again, assuming a schema exists, we could reference it as
the xml namespace – “xmlns” as follows:
<student xmlns="http://www.pitt.edu/stud.xsd">
<name>Joe Smith</name><ID>123</ID>
<birthdate>5/3/1960</birthdate><sex>F</sex>
<major>Computer Science</major>
</student>
• Knowing the schema, the document can be “validated”.
May 22, 2016
Web NG
16
Namespaces
• Lets say we wanted to define a store of a student
and their courses called a registration.
– Given the student schema, and a course schema that
defines a course as dept, num, title, and cred.
– Imagine a registration schema that has two parts student
and courses.
• Now we can define a more complex document
where the multiple schema form “namespaces”
– The “:” after “xmlns” allows us to define which
namespace each tag comes from
May 22, 2016
Web NG
17
Document with Namespaces
<r:registration
xmlns:r="http://www.pitt.edu/reg.xsd"
xmlns:s="http://www.pitt.edu/std.xsd"
xmlns:c="http://www.pitt.edu/crs.xsd">
<r:student>
<s:student> <s:name>Joe</s:name>
<s:ID>123</s:ID>
<s:birthdate>5/3/1960</s:birthdate>
<s:sex>F</s:sex>
<s:major>Computer Science</s:major>
</s:student>
</r:student><r:courses>
<c:dept>Inf Sci<c:dept><c:num>2770</c:num>
<c:title>Doc Processing </c:title>
<c:cred>3</c:cred>
</r:courses>
</r:registartion>
May 22, 2016
Web NG
18
XML for Web Services
• XML is used to define messages to be exchanged
– Note that XML not only controls the structure but has
mechanisms to define legitimate content as well.
• XML is also used to define several protocols:
– The protocol for describing services -- WSDL
– The protocol for locating services – UDDI
– The protocol used to connect to services -- SOAP
• Reading these protocols can be confusing at first
because they rely on multiple namespaces
May 22, 2016
Web NG
19
Web Services Description
Language – WSDL
• WSDL is used to define services and bindings.
– A service abstractly defines messages (interface)
– The binding describes a particular form it might take –
e.g. SOAP is a common binding (implementation)
• To define a web service in XML, we use at least
four namespaces:
–
–
–
–
The namespace for the service being created
The namespace WSDL
The namespace for Schema
The namespace for any bindings
May 22, 2016
Web NG
20
WSDL Framework
• Skipping many details, and ignoring the fact that
different parts come from different namespaces,
WSDL specifies “definitions” which include:
<types> xsd based definition of some data</types>
<message name = “x”> including <part>s which have a “type”
<portType name = “y”> including:
<operation>s and as a part of operations
<input message>
<output message>
<binding name = “z”> including:
<operation>s and as part of operations
<input>
<output>
May 22, 2016
Web NG
21
A Real WSDL Definition
(Interface)
<definitions name="StockQuoteService-interface"
targetNamespace=http://www.getquote.com/StockQuoteService-interface
xmlns:tns=http://www.getquote.com/StockQuoteService-interface
xmlns:xsd=" http://www.w3.org/2001/XMLSchema”
xmlns:soap=http://schemas.xmlsoap.org/wsdl/soap/
xmlns="http://schemas.xmlsoap.org/wsdl/">
<message name="SingleSymbolRequest">
<part name="symbol" type="xsd:string"/>
</message>
<message name="SingleSymbolQuoteResponse">
<part name="quote" type="xsd:string"/>
</message>
<portType name="SingleSymbolStockQuoteService">
<operation name="getQuote">
<input message="tns:SingleSymbolRequest"/>
<output message="tns:SingleSymbolQuoteResponse"/>
</operation>
</portType>
May 22, 2016
Web NG
22
A Real WSDL Definition
(Binding)
<binding name="SingleSymbolBinding“ type="tns:SingleSymbolStockQuoteService">
<soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="getQuote">
<soap:operation soapAction="http://www.getquote.com/GetQuote"/>
<input>
<soap:body use="encoded" namespace="urn:single-symbol-stock-quotes"
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
</input>
<output>
<soap:body use="encoded" namespace="urn:single-symbol-stock-quotes“
encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
</output>
</operation>
</binding>
</definitions>
May 22, 2016
Web NG
23
Universal Description, Discovery
and Integration – UDDI
• Given the ability to define interfaces – WSDL, a
mechanism is needed to locate implementations.
• UDDI is this mechanism. It is:
– A “registry” where information about business and the
services they offer can be maintained
– The structure of the kinds of information maintained
– The mechanisms for storing and retrieving information
from the registry.
• UDDI registries are federated rather than
hierarchically distributed.
May 22, 2016
Web NG
24
Registries
• Registries are well understood entities.
• The Windows registry is what makes Windows
easy to use:
– When a user double clicks on a file of type “.doc”, it is
opened by Word because the registry says so.
– When a VB programmer includes a component in a
program, the registry knows its properties
• The Common Object Request Broker Architecture
(CORBA) defines how a registry (or ORB) could
be implemented across a network.
May 22, 2016
Web NG
25
UDDI and WSDL
• WSDL interfaces map to UDDI tModels and
WSDL bindings map to UDDI business services
– Many businesses can offer services conforming to a
given interface
• UDDI conceptually offers three kinds of
information:
– White pages – general information about a business
– Yellow pages –information about business classification
– Green pages – technical information about services
May 22, 2016
Web NG
26
Simplified UDDI DBMS Schema
BusinessEntity
Key, Name, Description
tModel
0-n
BusinessService
Key, Name, Description
0-n
CategoryBag
0-n
0-n
BindingTemplate
Key, Description
May 22, 2016
KeyedReference
Keyname, KeyValue
Web NG
27
UDDI API
• The UDDI API specifies mechanisms for:
– Adding and modifying information about
businesses, services, interfaces, and bindings
– Searching for, locating, and using services
• The dozens of operations are invoked via
SOAP messages
• The messages themselves are written in
XML
May 22, 2016
Web NG
28
An Example of a UDDI tModel
<tModel tModelKey="">
<name>http://www.getquote.com/StockQuoteService-interface</name>
<description xml:lang="en">Service interface def for a stock quote service.</description>
<overviewDoc>
<description xml:lang="en">WSDL Service Interface Document</description>
<overviewURL>http://www.gtqte.com/ser/ SQSinter.wsdl#SSB</overviewURL>
</overviewDoc>
<categoryBag>
<keyedReference tModelKey="UUID:C1ACF26D-9672-4404-9D70-39B756E62AB4“
keyName="uddi-org:types" keyValue="wsdlSpec"/>
<keyedReference tModelKey="UUID:DB77450D-9FA8-45D4-A7BC-04411D14E384"
keyName="Stock market trading services" keyValue="84121801"/>
</categoryBag>
</tModel>
May 22, 2016
Web NG
29
Accessing a Remote Program
• Earlier, we viewed the guts of a socket connection.
• The difficulty of programming these connections
led to programming simplifications
– Remote Procedure Calls (RPC) provided programmers
with tools that allowed them to access a remote
procedure and send the correct data
– Remote Method Invocation (RMI) provided the
equivalent functionality for object oriented coding
• The Simple Object Access Protocol (SOAP) is an
extension of RPC and RMI using XML and http.
May 22, 2016
Web NG
30
Simple Object Access Protocol –
SOAP
• Just as a http message can contain an HTML
document, it can also contain a SOAP envelope
• The SOAP envelop header identifies the remote
process to be invoked
– The request envelop contains the data to be provided to
the process
– The return envelop contains the data provided by the
process
• The data is encoded using the XML data encoding
rules
May 22, 2016
Web NG
31
A SOAP Request
POST /Vendors HTTP/1.1
Host: www.mobilephoneservice.com
Content-Type:"text/xml";Charset="utf-8"
Content-Length: nnnn
SOAPAction:""
<?xml version="1.0"?>
<SOAP-ENV:Envelope xmlns:SOAPENV="http://schemas.xmlsoap.org/soap/envelope/" >
<SOAP-ENV:Body>
<m:getListOfModels xmlns:m="urn:MobilePhoneservice" >
</m:getListOfModels>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
May 22, 2016
Web NG
32
A SOAP Response
HTTP/1.1 Content-Type:"text/xml"; Charset="utf-8"
Content-Length: nnnn
<SOAP-ENV:Envelope xmlns:SOAP-ENV =
"http://schemas.xmlsoap.org/soap/envelope/" >
<SOAP-ENV:Body>
<m:getListOfModelsResponse xmlns:m = "URI-Reference">
<model>m1</model>
<model>m2</model>
</m:getListOfModels>
</SOAP-ENV:Body>
May 22, 2016
Web NG
33
Next Steps
• Additional functionality will be added to the part
of the operating system that provides the Object
Request Broker function.
• Sometimes called a Component Transaction
Monitor (CTM) this function will provide services
beyond the naming and finding such as:
–
–
–
–
Security
Authentication
Transaction management
Payment
May 22, 2016
Web NG
34
Security and Authentication
• Security
– Encrypting data can take a lot of work
– Secure pipes between CTMs will allow transactions
that begin and end behind firewalls to move across the
unprotected internet.
• Authentication
– Determining who can access services will need to be
more automated
– Certificates can be used as the basis for a “web of trust”
that will allow both authentication and non-repudiation
for a variety of tasks.
May 22, 2016
Web NG
35
Other Services
• Transaction management
– It may be necessary to engage processes that involve
multiple steps with processes on different platforms.
– The CTM can assume responsibility for having actions
undone if one or more of the steps fails
• Payment
– There is likely to be some kind of micropayment
scheme that develops. Responsibility for these may be
allocated to the CTM
May 22, 2016
Web NG
36
Summary
• XML is the language or abstract syntax for
protocols in .NET
– WSDL is the set of protocols used to define web
services. It is written in XML.
– UDDI is the set of protocols to used to advertise, find,
and combine services. It is written in XML.
– SOAP is the envelop which will be used to transmit the
messages within an existing transport mechanisms such
as http or smtp.
• Operating systems will be enhanced to be net
aware and supportive of web services.
May 22, 2016
Web NG
37
The Next Generation Web
Certificate
Authority
Certificate
Authority
Needs
Certificate
Authority
Services
CTMServices
ORB
Needs
Registry
May 22, 2016
Registry
Web NG
Registry
38