The Web Services Container

Main Responsibilities of WSC

Routing messages to appropriate call handlers for execution

Configuring execution steps based on app config data

Control of execution context

SOAP Processing Engine

SOAPEngine

LegacyAdaptors

Web ServicesContainer

CustomLegacyAdaptors

CORBA

EJB

CustomCustomTransports

Cus

tom

Secu

rity

/Se

ssio

nC

ontr

ol

Cus

tom

Mes

sage

Inte

rcep

tors

Javaclass

Web Service Container

Driving question for WSC features:

“What type of configuration details should a user be able to change?”

Web Services Container – Plugin points

Web ServicesContainer

DeploymentAPI

ExecutionAPI (Java)

CallHandler

Usa

geC

ontr

olle

r

Met

adat

aC

atal

ogSe

ssio

nM

anag

emen

t

Act

ivat

ion

Poli

cy

SessionDataStorage

Javaclass

SecurityProviders

Invocation API

Receives a SOAP message, and handles the dispatch of the call to a suitable handler.Based around the current Message Dispatcher / Call Dispatcher interfaces in CapeConnect 3.0The details of how to handler a particular call are delegated to an appropriate call handler.Call handlers can be written by partners and plugged in to the WSC.Invocation pipeline is completely stateless, for maximum throughput.

Deployment Control Interface

Web Service application deployment API

Deploy appUndeploy appReload appPublish app [to UDDI/WSDL]

Deployment API is exposed as a SOAP web serviceRemote deployment by sending a jar as a MIME attachment.

Web Service Container Internals

Web Service Container

ExecutionController

Authentication

Authorization

Activation Control

Session Management

Interceptor Control

Call Handler

Provider

Provider

Storage Provider

Provider

Interceptor(s)

ApplicationMetaData

Instantiation Policy Control

Singleton instance

Instance per user

Instance per session

Instance per call [completely stateless]

Resource Usage Controls

Limit number of service instances.

Concurrency limits.

Possibly billing data collection.

Session management

Session state storagepossibly accessible across server farm for failover

Session timeout policy

Web Service accessible session dataE.g. “cookie”-like context data

Application config

All configuration is set on a per-application basisApp configuration defined in an XML descriptor file (like EJB DD)Typical configuration items:

Serializers and type mappingsActivation policySecurity policyWSDL generation propertiesUDDI publishing properties

Some potential to intercept JSR-109

Web Service Metadata catalog

Service Definition – at several levels

Abstract interfaceE.g. data type definitions, abstract operation types

Protocol specific interface E.g. SOAPAction values for each operationAKA “Concrete” interface definition

Bound interfaceE.g. port definitions with endpoint URL(s)

Published interfaceE.g. UDDI service key / UUID, Published name

Standard default implementations

Provide a standard implementation able to wrap a standard Java class for ease of use.

More sophisticated users can access full details of the call environment.

Partners can provide a custom call handler plugin for specific legacy integration

Advanced partners can provide operation plugins (e.g. session management) to customize behaviour.

Security credential propagation

CapeConnectServer

Import / map credentials from transport (e.g. IIS)

Export / map credentials for call (e.g. WLS)

Cus

tom

auth

enti

cato

rpl

ugin

Cus

tom

auth

oriz

atio

npl

ugin

Inbound Security Propagation

Web Server

Servlet Engine

CapeConnect SOAP Engine

CCSOAP Servlet

Trustrelationship

Transport

HTTP Basic or Digest Authentication,SSL Client-side Certificate, etc.

MessagingProtocol /

Re-authentication

Credentialimport

through:

SOAP Basic or Digest Authentication,SAML SOAP Headers, etc.

Backend Security Propagation

CapeConnect SOAP Engine

SOAPCall Handler

CORBACall Handler

EJBCall Handler

CORBAServer

EJBServer

SOAPServer

EJBCall Handler

EJB Server

ProxyBean

SOAPCredentials

CSIv2Credentials

EJB Native Credentials

UserBean

Re-establish Credentials