5 Νοε 2013 (πριν από 4 χρόνια και 5 μήνες)

103 εμφανίσεις


Surma Mukhopadhyay

BUS 665

Paper presented

An Introduction to Oracle Web Services

An Oracle White Paper

May 2005


WebServices Activity



Topic 1: An introduction to ORACLE

Webservice Manager

Topic 2: Webservices Activity

What Is Webservices?

The World Wide Web is more and more used for
application to application communication. The
programmatic interfaces made available are
referred to as
Web services

Positive & Negative Sides of

Positive side: Increase access to useful data

Cut time to market

Negative side: Increases compliance risk

Security holes

What Is ORACLE Web Service

Oracle Web Services Manager (WSM) is a Web
Services security and management solution that
provides the visibility and control required to deploy
Web Services into production

The advantage of using WSM:

With Oracle WSM, organizations can enjoy a

common security infrastructure for all Web

service applications

This allows best practice security policies and
monitoring to be deployed across existing or new

How WSM Works

With Oracle WSM, an administrator creates security
and management policies using a browser
based tool

A typical Web Service security policy might be:

1. Decrypt the incoming XML message

2. Extract the user’s credentials

3. Perform an authentication for this user

4. Perform an authorization check for this

user and this Web Service

5. Write a log record of the above information

6. If all steps are successful, pass the

message to the intended Web

7. If not, return an error and write an

exception record

How WSM Works

The WSM product would then intercept every
incoming request to a Web Service and apply the
policy above

As the policy is executed, the WSM collects statistics
about its operations and sends these to a monitoring

The monitor displays errors, service availability data,

As a result, each Web Service in an enterprise
network can automatically gain security and
management control

Key Features

Web Services access control and single sign

Centralized security policy management with

localized enforcement

Unified monitoring of cross
organization Web

Services application

Key benefits of WSM

Increased security

Lower development cost

Easier compliance reporting

Oracle WebServices Manager

The WSM Platform consists of four components: Policy
Manager, Gateways, Agents, and Monitor. Gateways
and Agents are two policy enforcement points

The Oracle WSM provides significant architectural
flexibility via the combination of Gateways and Agents

Webservice Policy Manager

The WSM Policy Manager is a browser
graphical tool for creating and versioning security and
management policies, using pre
built or custom policy


Examples of policy steps are: decrypt the XML
payload, perform an LDAP authentication, log an audit
record, perform an authorization, etc

Policy steps are linked together into a policy pipeline

This pipeline can be executed at a single Web
Service, a subset, or all Web Services

Webservice Management

The WSM Gateway operates independently of the Services it
protects, acting as a proxy to Service clients

The Gateway can virtualize an underlying Web Service, so that
clients do not learn the address details of the Service

Gateways can enforce most policy steps, but also have the
unique ability to route messages based on message or
attachment content

The Gateway can transform messages from one format or
protocol to another from XML

Gateways are often deployed in an organization’s DMZ, to route
messages to specific Services and obscure Service details from
external clients

The Policy Manager periodically sends updates of the policy
pipelines to the Gateway

WebService Management Agent

WSM Agent is installed into the same process space
as the underlying Service it is protecting

It can support encryption of messages all the way to
the endpoint

Since it resides at an endpoint, it cannot route or
transform messages

The Policy Manager periodically sends updates to its
policy pipelines to the Agent.

WebServices Monitor

As the Gateways and Agents enforce policies on
incoming and outgoing messages, they collect
statistics about response times, exceptions, etc

These statistics are sent in real
time to the WSM
Monitor, a Web
based dashboard for monitoring
service level agreements, service availability, and
service responsiveness

The Monitor can alert administrators when boundary
conditions are met

It can also automatically communicate with the Policy
Manager to activate new policies


WebService Activity

The goal of the Web Services Activity is to develop a
set of technologies in order to lead Web services to
their full potential

Here we are going to discuss the W3C's work on
this topic in more detail

The World Wide Web Consortium (W3C) develops
interoperable technologies (specifications, guidelines,
software, and tools) to lead the Web to its full potential. W3C
is a forum for information, commerce, communication, and
collective understanding


Activity Group

The Activity, coordinated by one coordination group
and one interest group

The coordination group works in six different
subroups as follows:

Semantic Annotations for Web Services Description Language
Working Group

Web Services Addressing Working Group

Web Services Choreography Working Group

Web Services Description Working Group

Web Services Policy Working Group

XML Protocol Working Group

XML Schema Patterns for Databinding Working Group

The interest group consists of Semantic Web Services
Interest Group

Semantic Annotations for Web
Services Description Language
Working Group

The objective of the Working Group is to develop a
mechanism to enable semantic annotation of Web

This mechanism will take advantage of the WSDL 2.0
extension mechanisms to build a simple and generic
support for adding semantic descriptions for Web

Semantic Annotations for WSDL and XML Schema
(SAWSDL) specification defines mechanisms using
which semantic annotations can be added to WSDL

The Key Design Points of SAWSDL

The specification enables semantic
annotations for Web services using and
building on the existing extensibility
framework of WSDL.

It is agnostic to semantic representation

It enables semantic annotations for Web
services not only for discovering Web
services but also for invoking them.

SAWSDL: Extensions in WSDL


This is to specify the association between
a WSDL component and a concept in some
semantic model.



They add to XML Schema
element declarations, complex type definitions and
simple type definitions for specifying mappings
between semantic data and XML.

Webservice Addressing

Web Services Addressing provides transport
mechanisms to address Web services and messages

Here are some useful links to know much about
webservice addressing:

Web Services Addressing



Web Services Addressing

SOAP Binding


Web Services Addressing Metadata


Web Services Addressing XML Schema


Web Services Addressing Metadata XML Schema


Web Services Choreography
Working Group

As the momentum around Web Services grows, the
need for effective mechanisms to co
ordinate the
interactions among Web Services and their users
becomes more pressing

The Web Services Choreography Working Group
has been tasked with the development of such a
mechanism in an interoperable way


Web Services Description
Working Group

One of the requirements for the development of Web services is
the ability to describe the interface, the boundary across which
applications (Web services user agents and Web services)

The Web Services Description Working Group is chartered to
design the following components of the interface:

The message
: a definition for the types and structures of the
data being exchanged

The message exchange patterns
: the descriptions of the
sequence of operations supported by a Web service

The protocol binding
: a mechanism for binding a protocol used
by a Web service, independently of its message exchange
patterns and its messages


Web Services Policy Working


of the Web Services Policy Working
Group is to produce W3C recommendations for Web
Services Policy

Web Services Policy defines a flexible policy data
model and an extensible grammar for expressing the
capabilities, requirements and general characteristics
of a Web service

It also presents the mechanisms for associating
policies with Web service constructs


XML protocol working group

The Working Group is responsible for updating errata
documents and publishing new editions incorporating
published errata

In addition to the maintenance effort, the XML
Protocol Working Group is chartered to work on
SOAP Version 1.2 extensions


XML Schema Patterns for
Databinding Working Group

The mission of this Working Group is to define a set of
XML Schema patterns that will be efficiently
implementable by the broad community who use XML

Agreeing on a set of XML Schema patterns for which
databinding optimizations can be made will facilitate
the ability of Web services and other toolkits to
expose a more comprehensible data model to the


Semantic Web Services Interest

The Semantic Web Services Interest Group is part of the
Web Services Activity. The purpose of the Semantic
Web Services Interest Group is to provide an open forum
for W3C Members and non
Members to discuss Web
Services topics essentially oriented towards integration
of Semantic Web technology into the ongoing Web
Services work at W3C.

[link: http://www.w3.org/2002/ws/swsig/]


In this way, an organization can
construct “best practice” security policies
and ensure that these are enforced no
matter how the Service is implemented
or designed