© 2002. Deitel & Associates, Inc. All Rights Reserved.
|
| Illustrations | xvi |
| Preface | xxii |
1 | Introduction to Web Services | 1 |
1.1 | Introduction | 2 |
1.2 | Computing Advancements and Web Services | 3 |
1.2.1 | Structured Programming to Object Technology | 3 |
1.2.2 | Distributed Computing | 4 |
1.2.3 | World Wide Web | 5 |
1.2.4 | Electronic Data Interchange (EDI) | 5 |
1.3 | Emergence of Web Services | 6 |
1.4 | Web Services Advantages | 7 |
1.5 | Real Web Services | 9 |
1.6 | Web Services Challenges | 12 |
1.7 | Tour of the Book | 13 |
1.8 | Summary | 17 |
1.9 | Internet and Web Resources | 18 |
2 | Web Services: A New Computing Paradigm | 21 |
2.1 | Introduction | 22 |
2.2 | What Are Web Services? | 23 |
2.3 | Web Services: Additional Web Tool-or New Distributed Computing Environment? | 24 |
2.4 | Benefits of Web Services over Other Distributed Computing Technologies | 26 |
2.5 | Benefits of Web Services over Software Hosted by Application Service Providers (ASPs) | |
2.6 | ZipCode Resolver: A Simple Web Service | 28 |
2.7 | Key Web Services Technologies | 31 |
2.7.1 | XML (Extensible Markup Language) | 32 |
2.7.2 | SOAP (Simple Object Access Protocol) | 33 |
2.7.3 | WSDL (Web Services Description Language) | 34 |
2.7.4 | UDDI (Universal Description, Discovery and Integration) | 35 |
2.8 | Development of Web Services Standards | 36 |
2.8.1 | Standards Bodies | 36 |
2.8.2 | W3C and Web Services | 37 |
2.8.3 | OASIS and Web Services | 38 |
2.8.4 | Vendors and Standardization | 39 |
2.9 | Web Services Limitations | 40 |
2.10 | Summary | 42 |
2.11 | Internet and Web Resources | 43 |
3 | Web Services Business Models | 48 |
3.1 | Introduction | 49 |
3.2 | Frameworks for Delivering Web Services | 50 |
3.2.1 | Service-Oriented Architecture | 50 |
3.2.2 | Stages of Web Service Development and Deployment | 52 |
3.3 | Service-Level Agreements (SLAs) | 54 |
3.4 | Web Services Payment Models | 56 |
3.4.1 | Payment Mechanisms | 57 |
3.4.2 | Payment Tools and Solutions | 59 |
3.5 | Business of Publishing Web Services | 61 |
3.6 | Service-to-Consumer (S2C) Web Services | 61 |
3.7 | Service-to-Business (S2B) Web Services | 64 |
3.8 | Service-to-Employee (S2E) Web Services | 66 |
3.9 | Web Services Registries and Brokerages | 67 |
3.9.1 | UDDI Registries | 68 |
3.9.2 | Web Services Brokerages | 69 |
3.10 | Web Services Networks | 70 |
3.11 | Summary | 72 |
3.12 | Internet and Web Resources | 73 |
4 | Web Services and Enterprise Computing | 78 |
4.1 | Introduction | 79 |
4.2 | Web Services and Corporate Software Development | 79 |
4.3 | Web Services and Enterprise Application Integration (EAI) | 81 |
4.3.1 | Case Study: British Telecom | 83 |
4.3.2 | Case Study: Nordstrom.com | 84 |
4.4 | Corporate Portals and Knowledge Management | 84 |
4.5 | Web Services and Customer-Relationship Management | 87 |
4.5.1 | Case Study: Putnam Lovell Securities | 88 |
4.5.2 | Case Study: Microsoft Sales & Support IT Team (SSIT) | 89 |
4.6 | Web Services and B2B Collaboration | 90 |
4.7 | Summary | 93 |
4.8 | Internet and Web Resources | 94 |
5 | XML and Derivative Technologies | 99 |
5.1 | Introduction | 100 |
5.2 | History of Extensible Markup Language (XML) | 101 |
5.3 | Web Services Technology Stack | 102 |
5.4 | XML Technologies that Enable Business-Processing Systems | 105 |
5.5 | ebXML | 105 |
5.5.1 | Trading Partners | 106 |
5.5.2 | Business Process and Information Modeling | 107 |
5.5.3 | Core Components | 107 |
5.5.4 | Registries | 108 |
5.5.5 | Messaging Service | 108 |
5.6 | Business Transaction Protocol (BTP) | 109 |
5.7 | Business Process Modeling Language (BPML) and Business Process Query Language (BPQL) | 109 |
5.8 | Web Services Flow Language (WSFL) | 110 |
5.9 | Universal Business Language (UBL) | 111 |
5.10 | Introduction to XML Markup | 111 |
5.10.1 | Document Type Definitions and Schemas | 112 |
5.10.2 | XML Namespaces | 112 |
5.11 | Summary | 113 |
5.12 | Internet and Web Resources | 114 |
6 | Understanding SOAP and WSDL | 118 |
6.1 | Introduction | 119 |
6.2 | History of Simple Object Access Protocol (SOAP) | 120 |
6.3 | SOAP Architecture | 121 |
6.3.1 | SOAP Message Exchange Model | 122 |
6.3.2 | SOAP Messages | 123 |
6.3.3 | Encoding | 124 |
6.3.4 | Remote Procedure Call (RPC) | 124 |
6.3.5 | Transport Protocols | 125 |
6.4 | Example of a Simple SOAP Message | 126 |
6.5 | SOAP Clients and Servers | 127 |
6.6 | SOAP Enhancements | 128 |
6.7 | Security | 129 |
6.8 | SOAP Alternatives | 130 |
6.9 | Web Service Description Language (WSDL) | 130 |
6.10 | History of WSDL | 131 |
6.11 | Role of WSDL in Web Services | 131 |
6.12 | SOAP Implementations | 136 |
6.12.1 | Apache Axis | 136 |
6.12.2 | Microsoft SOAP Toolkit | 137 |
6.12.3 | IBM Web Services ToolKit 3.0 | 138 |
6.13 | Summary | 138 |
6.14 | Internet and Web Resources | 140 |
7 | UDDI, Discovery and Web Services Registries | 143 |
7.1 | Introduction | 144 |
7.2 | Discovery | 145 |
7.3 | SOAP, UDDI and WSDL | 145 |
7.4 | Universal Description, Discovery and Integration (UDDI) | 146 |
7.4.1 | Operator Nodes and Registrars | 147 |
7.4.2 | Advantages of Registering | 147 |
7.5 | Role of UDDI in Web Services | 148 |
7.5.1 | Levels of UDDI | 148 |
7.5.2 | Information Models in UDDI | 148 |
7.5.3 | UDDI Publishing and Inquiry APIs | 153 |
7.6 | UDDI Registries | 154 |
7.6.1 | UDDI Business Registry | 154 |
7.6.2 | Private Registries | 159 |
7.7 | Limitations of UDDI | 159 |
7.8 | Other Discovery Technologies | 160 |
7.8.1 | ebXML | 160 |
7.8.2 | WS-Inspection | 161 |
7.9 | Summary | 162 |
7.10 | Internet and Web Resources | 163 |
8 | Web Services Platforms, Vendors and Strategies | 167 |
8.1 | Introduction | 168 |
8.2 | Major Vendors and Their Web Services Strategies | 169 |
8.2.1 | BEA Systems and WebLogic | 169 |
8.2.2 | Hewlett-Packard, e-Speak and the HP Web Services Platform | 171 |
8.2.3 | IBM Web Services: WebSphere, DB2, Lotus and Tivoli | 171 |
8.2.4 | Microsoft and the .NET Platform | 172 |
8.2.5 | Oracle and the Oracle 9i Developer Suite | 174 |
8.2.6 | Sun Microsystems, iPlanet and the Sun ONE Platform | 174 |
8.3 | Mid-Sized Vendors and Their Web Services Strategies | 177 |
8.3.1 | Borland | 177 |
8.3.2 | IONA and the Orbix E2A Platform | 177 |
8.3.3 | SilverStream Software and the eXtend Product Line | 178 |
8.4 | Start-Up Web Services Platform Vendors | 179 |
8.4.1 | Cape Clear Software: CapeConnect and CapeStudio | 179 |
8.4.2 | Systinet | 180 |
8.4.3 | The Mind Electric | 181 |
8.5 | Web Services Management Vendors | 182 |
8.6 | Web Services Workflow Vendors | 183 |
8.7 | Enterprise Application Integration (EAI) Vendors | 184 |
8.7.1 | SeeBeyond | 185 |
8.7.2 | Tibco | 185 |
8.7.3 | Vitria | 185 |
8.7.4 | webMethods | 186 |
8.8 | Small and Niche Vendors | 186 |
8.9 | Summary | 187 |
8.10 | Internet and Web Resources | 188 |
9 | .NET Web Services: A Conceptual Overview | 195 |
9.1 | Introduction | 196 |
9.2 | .NET Overview | 197 |
9.2.1 | .NET Framework | 197 |
9.2.2 | Visual Studio .NET | 198 |
9.2.3 | ASP (Active Server Pages) .NET | 200 |
9.3 | .NET Web Services Basics | 200 |
9.4 | Global XML Web Services Architecture (GXA) | 206 |
9.4.1 | WS-Inspection | 208 |
9.4.2 | WS-Routing | 209 |
9.4.3 | WS-Referral | 210 |
9.4.4 | WS-Security | 211 |
9.5 | Mobile Internet Toolkit and .NET Compact Framework | 213 |
9.6 | .NET Web Services Examples | 214 |
9.6.1 | .NET My Services | 214 |
9.6.2 | MapPoint .NET | 215 |
9.7 | Microsoft BizTalk , XLANG and .NET Web Services | 216 |
9.8 | Web Services and .NET Enterprise Servers | 218 |
9.9 | Summary | 218 |
9.10 | Internet and Web Resources | 220 |
10 | Java Web Services: A Conceptual Overview | 224 |
10.1 | Introduction | 225 |
10.2 | SOAP-Based Web Services Platforms | 226 |
10.2.1 | Axis | 227 |
10.2.2 | CapeConnect 3.1 | 228 |
10.2.3 | GLUE Standard 2.1 | 229 |
10.2.4 | IONA Orbix E2A XMLBus 5.1 | 230 |
10.2.5 | WASP Lite | 230 |
10.3 | Java API for XML Registries (JAXR) | 231 |
10.3.1 | Java API for XML Registries (JAXR) Architecture | 233 |
10.3.2 | Capabilities and Capability Profiles | 233 |
10.4 | JAX-RPC-Based Java Web Services | 234 |
10.4.1 | JAX-RPC Overview | 235 |
10.4.2 | JAX-RPC Features | 236 |
10.5 | Introduction to Java API for XML Messaging (JAXM) | 237 |
10.5.1 | Java Messaging APIs | 237 |
10.5.2 | JAXM and SAAJ | 238 |
10.5.3 | Standalone JAXM Clients and JAXM Web Services | 239 |
10.5.4 | JAXM Application with Message Provider | 239 |
10.6 | Introduction to Java 2 Micro Edition | 241 |
10.6.1 | CLDC and MIDP | 241 |
10.6.2 | MIDlets | 243 |
10.7 | Using J2ME to Access Web Services | 244 |
10.7.1 | Accessing Web Services via a Separate Component | 245 |
10.7.2 | Accessing Web Services via Proprietary Software | 245 |
10.8 | Summary | 247 |
10.9 | Internet and Web Resources | 248 |
11 | Computer and Internet Security | 249 |
11.1 | Introduction | 250 |
11.2 | Ancient Ciphers to Modern Cryptosystems | 251 |
11.3 | Secret-Key Cryptography | 252 |
11.4 | Public-Key Cryptography | 254 |
11.5 | Cryptanalysis | 257 |
11.6 | Key Agreement Protocols | 257 |
11.7 | Key Management | 258 |
11.8 | Digital Signatures | 259 |
11.9 | Public-Key Infrastructure, Certificates and Certificate Authorities | 260 |
11.9.1 | Smart Cards | 263 |
11.10 | Security Protocols | 264 |
11.10.1 | Secure Sockets Layer (SSL) | 264 |
11.10.2 | IPSec and Virtual Private Networks (VPN) | 265 |
11.11 | Authentication and Authorization | 266 |
11.11.1 | Kerberos | 266 |
11.11.2 | Biometrics | 267 |
11.11.3 | Single Sign-On | 268 |
11.12 | Security Attacks | 268 |
11.12.1 | Denial-of-Service (DoS) Attacks | 269 |
11.12.2 | Viruses and Worms | 270 |
11.12.3 | Software Exploitation, Web Defacing and Cybercrime | 271 |
11.13 | Network Security | 273 |
11.13.1 | Firewalls | 274 |
11.13.2 | Intrusion Detection Systems | 275 |
11.14 | Steganography | 276 |
11.15 | Summary | 278 |
11.16 | Internet and Web Resources | 279 |
12 | Web Services Security | 287 |
12.1 | Introduction | 288 |
12.2 | Basic Security for Transmissions over HTTP | 289 |
12.3 | Web Services and Secure Sockets Layer (SSL) | 290 |
12.4 | XML Signature and XML Encryption | 291 |
12.5 | XML Key Management Specification (XKMS) | 297 |
12.6 | Security Assertion Markup Language (SAML) | 301 |
12.7 | Extensible Access Control Markup Language (XACML) | 305 |
12.8 | Authentication and Authorization for Web Services | 309 |
12.9 | Web Services and Network Security | 310 |
12.10 | Summary | 311 |
12.11 | Internet and Web Resources | 312 |
A | Introduction to XML Markup | 318 |
A.1 | Introduction | 319 |
A.2 | Introduction to XML Markup | 319 |
A.3 | Parsers and Well-Formed XML Documents | 322 |
A.4 | Characters | 323 |
A.4.1 | Characters vs. Markup | 323 |
A.4.2 | Whitespace, Entity References and Built-In Entities | 323 |
A.5 | CDATA Sections and Processing Instructions | 325 |
A.6 | XML Namespaces | 327 |
A.7 | XML Schema | 330 |
A.8 | Summary | 333 |
A.9 | Internet and Web Resources | 333 |
B | Implementing Web Services in Visual Basic .NET | 335 |
B.1 | Introduction | 336 |
B.2 | Publishing and Consuming Web Services | 336 |
B.3 | Session Tracking in Web Services | 351 |
B.4 | Using Web Forms and Web Services | 365 |
B.5 | Programmer-Defined Types in Web Services | 371 |
B.6 | Summary | 381 |
B.7 | Internet and Web Resources | 382 |
C | Implementing Web Services in Java | 383 |
C.1 | Introduction | 384 |
C.2 | Software Installation | 385 |
C.2.1 | JWSDP Download and Installation | 385 |
C.2.2 | Setting Up the Apache Tomcat Server | 385 |
C.2.3 | Deploying a Web Application | 386 |
C.2.4 | Cloudscape Database Download and Installation | 387 |
C.3 | JAX-RPC Vote Service | 388 |
C.3.1 | JAX-RPC-Supported Java Types | 388 |
C.3.2 | Defining Vote Service Interface | 390 |
C.3.3 | Defining Vote Service Implementation | 390 |
C.3.4 | Service Deployment | 395 |
C.3.5 | Client Invocation | 399 |
C.4 | JAXM BookBuyer and BookSeller Applications | 403 |
C.4.1 | JAXM Application Overviews | 404 |
C.4.2 | Message Provider Setup | 404 |
C.4.3 | JAXM Applications: Code Walkthrough | 412 |
C.5 | Building a Java Client that Invokes a Web Service | 435 |
C.6 | Summary | 447 |
C.7 | Internet and Web Resources | 447 |
D | Best Web Services Web Sites | 449 |
D.1 | www.webservices.org | 450 |
D.2 | www.webservicesarchitect.com | 450 |
D.3 | www.w3.org | 451 |
D.4 | www.oasis-open.org | 452 |
D.5 |
www.uddi.org | 452 |
D.6 | www.microsoft.com | 453 |
D.7 | www.sun.com | 454 |
D.8 | www.ibm.com | 454 |
| Glossary | 456 |
| Index | 477 |