Building Web Services in an SOA

Beskrivelse:
Dette kurset gir studenten alt han/hun trenger for å bygge alt fra enkle til avanserte Web services.

Målgruppe:
Java Developers and Architects

Forkunnskaper:
Students should have one year experience with Java/Servlets, and should be familiar with XML.

This comprehensive workshop explores the world of SOA and Web Services. It covers basics as well as a few important advanced topics (such as WS-Security). The course explains and uses standard java APIs such as SAAJ, JAX-WS, JAXB and JAXR.

The course starts by defining the role of Web Services in a Service Oriented Architecture (SOA). For this reason an overview of SOA and related concepts (e.g., Service Oriented Processes). Often people award Web Services for many characteristic, where it is in fact SOA that offers these characteristic.

After Web Services has been placed into the correct context, the course continues by giving an almost complete overview of Web Services technologies. This course focuses on the message, description, discovery and security. Other courses offer orchestration, transaction or give more detail and advanced features to for example Security.

This course explains WSDL as quickly as possible, so that the rest of the course can be as real-life as possible. After WSDL has been explained in depth (following a brief overview of core technologies such as SOAP, WSDL itself and UDDI), technologies are explained and practiced using WSDL as a base. Students will be able to invoke Web Services using tools such as AXIS after going through the WSDL session.

The course provides a thorough overview of SOAP. SOAP is explained with the WS-I Basic Profile in mind. The WS-I Basic Profile is an effort to enable interoperability (e.g. between .Net and J2EE). All aspects of the SOAP recommendation are covered. SAAJ is explained as well as other technologies. SAAJ is an Java API to read, write and send SOAP messages.

The third cornerstone in many SO Technical Architectures is discovery. UDDI is one of the technologies to enable this. UDDI is explained and put into real-world practice. The relation between UDDI and WSDL is explained and used by the students.

The course concludes with an introduction, though comprehensive, of Web Services Security.

Workshop overview

Session: Introduction to Web Services and SOA Techologies.

Lession: Introduction to Services Oriented Architecture (SOA)

• Describe the SOA
• Understand the business benefits
• Describe what a Service is 
• Understand the need for a Service Oriented Process
  SOP)
• Understand design by contract
• Understand the relationship between SOA and Web Services 

Lesson: Introduction to Web Services

• Define Web Services
• Look at Web Services from a Business Perspective
• List important organizations, companies and bodies involved with Web Services
• Discuss the maturity of Web Services
• List benefits of using Web Services for the SOA
• List different types of applications of Web Services 

Lesson: Web Services in your Software Architecture

• List criteria when to use Web Services
• Understand where to use Web Services in your architecture
• List high level Web Services Architectures
• Discuss the ESB (Enterprise Service Bus) and Web Services 

Session: Overview of Technologies

Lesson: Web Services Technologies

• Layout the Web Services technologies
• List technologies for meta data
• List technologies for messaging
• List technologies for Transactions and Process 
• List technologies for Presentation
• List technologies for Security
• List technologies for Management 

Lesson: Core Technology Overview: SOAP, WSDL and UDDI

• Describe SOAP
• Understand scope of the SOAP Recommendation
• Understand the structure of a SOAP message
• Understand the extensibility features of SOAP
• Appreciate the WS-I Basic Profile
• Understand the role of WSDL
• Understand the basics of the WSDL structure
• Understand the significance of the WSDL document
• Understand the role of UDDI
• Understand different ways of using UDDI is used 

Session: XML Schema

Lesson: XML Schema Overview and Fundamentals

• Introduce the concepts of schemas
• Introduce W3C XML Schema and understand the structure of the recommendation
• Understand the process of validity assessment Understand the concept and role of the Post schema Validation Infoset (PSVI)
• Understand the structure of an XML Document
• List and explain the 12 different Schema components
• Understand the difference in local and global definitions and declarations
• Discuss different schema styles (russian doll, salami slice etc)
• Understand the concept of names for definitions and declarations
• Introduce the concept of symbol spaces
• Understand the relation with XML Namespaces
• Be able to make basic element and attribute declarations
• Understand the difference between simple types and complex types
• List the predefined types
• Be able to define basic simple types using different derivations (automic/restriction,list and union)
• Be able to define basic complex types
• Understand the different content models of complex types
• Introduce complex type extension and restriction
• Introduce compositors (all, sequence and choice)
• Introduce particles
• Understand how to control namespace of local declarations (attributeFormDefault and elementFormDefault) 
• Understand how to refer to schema documents from XML documents (and the potential problems with that)
• Understand how to specify type information inside your XML Document using xsi:type
• Understand nil values 
• Understand how to include, redefine and import other schemas

Lesson: Simple Type Definitions

• Understand the difference between value space and lexical space
• Understand the details of the built-in datatypes
• Understand how to derive by restricting to create your own types
• Understand facets
• Explain the different string types
• Explain how to derive string types
• Explain the different number types
• Explain how to number string types
• Explain the different date, time and duration types
• Explain the how to derive from different date, time and duration types
• Understand the semantics of the constraining facets per type

Lesson: Using Regular expressions

• Explain regular expressions in XML Schema
• List some important difference with other Perl like regular expression languages
• Understand the exact syntax of a regular expression (branches, pieces, quantifiers)
• Explain the different atom types (characters, escape classes, expression classes etc)
• Explain the different quantifiers to control atom occurrence
• List the different character classes and understand the difference between them
• List the escape character classes
• List the multi-character escape classes (Perl groups)
• Understand the wildcard multi-character escape class
• Understand the category escape 
• Explain Unicode categories and blocks
• Explain how to define you own classes using character class expressions
• Understand how these relate to set-theory
• Explain positive classes, negative classes and character class subtraction
• Understand how to combine these to create other models

Lesson: Complex type Definitions

• Understand the details of creating complex types
• Understand the possible derivations per content type model
• Understand the details of extending simple content models
• Understand the details of restricting simple content models and the rules
• Understand the details of extending complex content models
• Understand the details of restricting complex content models 
• Understand the consistent particle rule Understand the unique particle attribution (UPA)
• Understand the semantics and differences of the different compositors (all, choice etc)
• Understand different compositor combinations
• Understand particles
• Understand element and attribute group definitions
• Understand how to redefine them in a different schema
• Understand substitution groups
• Understand how to block the use of substitution groups
• Understand element and attribute wildcards (xs:any and xs:anyAttribute)
• Understand uniqueness, keys and references 
• Introduce the basics of XPath 1.0 needed for identity constraints

Session: WSDL

Lesson: Comprehensive overview of WSDL

• Understand the structure of a WSDL document
• Understand the relationships
• Understand how to define Services compliant with the WS-I Basic Profile
• Understand the SOAP Binding
• Understand different transport bindings (HTTP, SMTP)
• Understand how to define RPC style web services
• Understand how to define Documented oriented web services
• Using the Import element to split the WSDL into contract and implementation
• Understand the role of WSDL in the SOA and a SOP (Service Oriented Process)
• List the different transmission primitives (aka message exchange patterns)
• List different WSDL Extensions
• First look at a recommendation for using WSDL in UDDI
• List changes made for WSDL2.0 

Lesson: Tools and WSDL

• Understand how Tool support can help
• List modeling tools and WSDL 
• Dedicated WSDL Editing tools
• Use WSDL to generate stubs and skeletons 

Session: JAX-WS

Lesson: JAX-WS Overview

• Understand what JAX-WS is
• Understand the JAX-WS Architecture in detail
• Understand the JAX-WS 2.1 Specification
• Understand the role of WSDL
• Discuss bottom-up versus top-down service realization
• Overview of the WSDL and Java Mapping and vice versa
• Introduce the two APIs (client/service side)

Lesson: Building a JAX_WS Client

• Understand the static service use
• Understand how to build a JAX-WS client using a given WSDL
• Understand the internal sequence of service invocation (OSD)
• Understand dynamic service use 

Lesson: Service realization using JAX-WS

• Recap the two models: bottom-up and top-down 
• Understand the developments steps for bottom-up
• Understand the developments steps for top-down
• Customize Java to WSDL mapping using JAX-WS and Web Services Metadata (JSR 181) annotations
• Appreciate the use of JAXB 2.1 annotations (JSR 222)
• Configure the SOAP Binding
• Understand JAX-WS exception handling
• Add Service Endpoint exception and map these to SOAP faults
• Con SOAP 1.1 HTTP Binding

Lesson: Advanced JAX-WS

• Customize WSDL to Java binding using the JAX-WS Binding Language
• Use JAXB binding declarations
• Understand the Handler Framework
• Add support for MTOM
• Enable transport layer authentication (HTTP basic authentication)
• Stateful sessions using different HTTP mechanisms (cookies, URL an the SSL ID)

Session: SOAP and SAAJ

Lesson: Overview of the SOAP Rrecommendation

• Understand the structure of the SOAP1.2 specification
• Understand the SOAP1.2 termonology
• Understand the different parts that make up the specification 

Lesson: SOAP Messaging Framework

• Explain the SOAP Messaging Framework
• The anatomy of a SOAP message
• Explain the tho techniques for extensibility (vertical and horizontal)
• Explain the use of headers in vertical extensibility 
• Explain the use of the mustUnderstand flag
• Explain the use of Intermediaries for horizontal extensibility
• Understand a SOAP Module
• Understand the use of the header for horizontal extensibility (role attribute)
• Explain SOAP in compliance with WS-I Basic Profile 
• Understand differences between SOAP1.2 and SOAP1.1
• Understand the The SOAP Pocessing Model
• Understand SOAP Faults
• Understand the structure of a SOAP Faults
• Understand the the use of headers with SOAP Faults

Lesson: SAAJ Basics

• Understand the core of SAAJ
• Understand the core classes that make up SAAJ
• Understand the relationship between SOAP message elements and SAAJ classes
• For each class understand its use

Lesson: SOAP Adjuncts

• Introduce the SOAP Data Model and SOAP Encoding
• Introduce the SOAP RPC Representation
• Understand the role of SOAP Features
• Understand the concept of Properties
• Understand how SOAP Features are realized
• Understand the SOAP Bindings
• Explain in more detail the SOAP HTTP Binding
• Understand standard Message Exchange Patterns
• Describe the Request-Response Message Exchange Pattern
• Describe the SOAP Response Message Exchange Pattern
• Describe the SOAP Web Method Feature
• Describe the SOAP Action Feature

Lesson: SOAP and Binary Information

• Understand different ways of sending binary data as part of a SOAP message
• Introduce SOAP with Attachments (SwA)
• Use SAAJ to Manage attachments
• Discuss other initiatives (DIME, PASWA, SOAP MTOM)

Session: UDDI and JAXR

Lesson: Comprehensive overview of UDDI

• Understand the role of UDDI
• Understand applications of UDDI
• Understand the metamodel of UDDI
• Understand the tModel
• Discuss different Classification Schemes (NAICS, ISO3166 etc)
• Understand the two best-practices for using WSDL in UDDI
• List differences between UDDI2.0 and 3.0
• Explain the security enhancements in UDDI 3.0

Lesson: JAXR

• Understand the JAXR Architecture
• Be able to query a registry based on names
• Be able the query a registry based on classifications 
• Be able to bind to a JAX-RPC service, using JAXR

Session: Security

Lesson: Overview of Web Services Security

• Describe the need for security
• List the four main aspects of (web) security
• Introduce the different algorithms used in encryption technologies
• Understand symmetric encryption and what to use it for
• Understand asymmetric encryption and what it used for
• Understand the role and concept of Message Digests
• Understand the role and concept of Digital signatures
• Understand the role and concept of Message Authentication Code (MAC)
• Understand the role and concept of Certificates
• Understand the role and concept of key agreement technologies 
• Introduce PKI architectures

Lesson: Web Services Security Technologies

• Understand that transport layer security (e.g. SSL and HTTPS) is not always an option.
• Describe the seven specification in the IBM/Microsoft Security Road map
• Understand the scope of WS-Security
• Introduce XML Digital Signatures 
• Introduce XML Digital Encryption
• Understand the concept of and the need for Canonicalization
• Introduce security tokens
• Understand the relationship with the WS-Trust specification
• Understand the role of XML Key Management Specification (XKMS) and PKIs
• Describe other security specifications (WS-SecurityPolicy ,WS-SecureConversation, WS-Federation)

Lesson: Transport layer security (optional)

• Introduce SSL and Certificates
• Introduce JSSE
• How to use the J2EE security mechanism to restrict access
• How to setup a connection using SSL 
• Understand how certificates are used in this.
• Be able to implement a secure (Transport Layer) web service using a JAX-RPC Servlet

Appendix: Introduction to XML

Lesson: XML Introduciton

• Introduce XML
• Understand what XML is and what it is used for
• List other data formats
• Understand the concepts of markup language and meta language
• Understand the what "extensible" means
• See how XML is applied in industry standards
• Understand XML "verbs" (parsing, processing, serializing, sending, transforming. authoring)

Lesson: Writing XML: Documents and Namespaces

• Define what an "XML Document" is
• Understand "correctness" of an XML Document
• Understand what markup makes up a an XML Document
• Understand the logical structure of an XML Document
• Understand the XML Prolog and its syntax
• Explain XML character encoding
• Understand the Document Type Definition and its syntax
• Understand the restrictions on character data
• Understand white space, where it may be used and its possible significance
• Explain how to add comments to XML Documents
• Explain CDATA sections and its syntax
• Explain Processing instructions and its syntax
• Explain entities (general, internal external and unparsed entities)
• Explain entity references and its syntax
• Explain character references and its syntax
• Understand the structure and syntax of Elements
• Understand attributes
• List standard XML attributes
• Understand XML namespaces 
• Understand how to declare namespaces
• Introduce URIs (and URNs and URLs)
• Understand qualified names
• Understand the default namespace

Appendix: XML Parsing (DOM3, SAX2 and JAXP)

Lesson: DOM

• Understand the scope of DOM (different levels and modules)
• Understand DOM parsing
• Understand the DOM tree and its Nodes
• List the different Node types and their structure
• Explain the API in great depth of all DOM interfaces
• Understand text processing (ignorable white space, whole text)
• Understand how to configure the DOM parser using the DOMConfiguration
• Understand the process of normalization
• Understand how to create new XML document
• Understand how to bootstrap the pluggable DOM API
• Understand DOM Features
• Cover the DOM Level 3 Load and Save Specification
• Understand loading and serializing XML document
• Understand the different interfaces that make up this specification
• Understand how to bootstrap
• Understand how to load XML data using different sources
• Understand how to serialize (save) XML data using different sinks
• Understand load and save configuration
• Understand DOM Filters

Lesson: SAX2

• Understand SAX Parsing
• Understand when SAX parsing is beneficial over other techniques
• Understand SAX Events
• Provide an overview of the SAX2 Architecture 
• Understand the SAX2 API in great depth
• Understand how to bootstrap SAX using the XMLReaderFactory
• Understand how to initiate the parsing process using different sources
• Understand how to consume events and discuss best practice techniques
• Understand SAX features and properties
• Introduce SAX2 Extensions