Basic Concepts of Web Services
Web Service is also called XML Web Service Web Service is a lightweight independent communication technology that can receive requests from other systems on the Internet or Intranet. Yes: Software services provided on the Web via SOAP, described using WSDL files, and registered via UDDI.
XML: (Extensible Markup Language) Extensible Markup Language. For short-term temporary data processing, for the World Wide Web, it is the basis of Soap.
Soap: (Simple Object Access Protocol) Simple Object Access Protocol. Is the communication protocol for XML Web Services. When the user finds your WSDL description document through UDDI, he can call one or more operations in the Web service you create through SOAP. SOAP is a specification for calling methods in the form of XML documents, which can support different underlying interfaces like HTTP(S) or SMTP.
WSDL: (Web Services Description Language) A WSDL file is an XML document that describes a set of SOAP messages and how to exchange them. In most cases it is automatically generated and used by the software.
UDDI (Universal Description, Discovery, and Integration) is a new project aimed primarily at Web service providers and consumers. Before users can call Web services, they must determine which business methods are included in the service, find the interface definition to be called, and compile software on the server side. UDDI is a mechanism that guides the system to find corresponding services based on description documents. UDDI utilizes the SOAP message mechanism (standard XML/HTTP) to publish, edit, browse and find registration information. It uses XML format to encapsulate various types of data, and sends it to the registration center or returns the required data by the registration center.
Calling principle:
Web service has two meanings: 1. It refers to the functional aggregate encapsulated into a single entity and published on the network; 2. It refers to the service provided after the functional aggregate is invoked. Simply put,Webservice is aURLresource, and clients can request its services programmatically without knowing how the requested service is implemented, which is different from the traditional distributed component object model.
The architecture of Web service is constructed based on three roles of Web service provider, Web service requester and Web service mediator and three actions of publishing, discovering and binding. Simply put, the Web service provider is the owner of the Web service, and it waits patiently to provide its existing functions for other services and users; the Web service requester is the user of the Web service function, which uses SOAP messages to provide Web services. The role of the Web service intermediary is to link a Web service requester with the appropriate Web service provider, which acts as a manager, usually UDDI . These three roles are divided according to the logical relationship. In practical applications, the roles are likely to overlap: a Web service can be either a Web service provider, a Web service requester, or both. . Shows the relationship between web service roles : where "publish" is to let users or other services know about a certain webThe existence of a service and related information ; "finding (discovering)" is to find a suitable Web service ; "binding" is to establish some kind of connection between the provider and the requester.
Figure 2-1 Architecture of Web service
Implementing a complete web service includes the following steps:
◆ The web service provider designs and implements web services, publishes the correctly debugged web services through the web service intermediary, and registers them in the UDDI registry ; (publish)
◆ The web service requester requests a specific service from the web service intermediary, and the intermediary queries the UDDI registration center according to the request to find the service that meets the request for the requester; (discovery)
◆ The Web service intermediary returns the Web service description information that meets the conditions to the Web service requester . The description information is written in WSDL and can be read by various machines that support Web services; ( discovery)
◆ Use the description information returned from the Web service intermediary to generate the corresponding SOAP message and send it to the Web service provider to realize the invocation of the Web service; ( binding )
◆ The Web service provider executes the corresponding Web service according to the SOAP message , and returns the service result to the Web service requester. ( binding)
Call method:
1. A simple and flexible method to dynamically call WebService by GET/POST/SOAP under Net (C#)
There are 3 ways to call webservice
1). httpget
2). httppost
3). httpsoap
The advantage of soap is that it can pass structured data, while the first two cannot.
btw, soap finally uses HTTP to deliver XM too
Safety:
Webservice is used in a wide range of fields as a convenient service, and it has also become a delicacy for hackers. Here, this article will briefly introduce the improvements that can be made to Webservice security.
Security in Webservice is mainly divided into the following three aspects.
Transport SSL/HTTPS encrypts the connection, not the data
Message Data Encryption (XML Encryption) Digital Signature (XML-DSIG)
The underlying architecture The security
during transmission using the application service security mechanism is the easiest to add to your Webservice application. Using the existing SSL and HTTPS protocols, you can easily obtain the security during the connection process.
However, this security implementation has two weaknesses. One is that it can only ensure the security of data transmission, not the security of the data itself. Once the data reaches a certain place, it can be viewed by anyone. In Webservice, a piece of data may go to multiple places, and this data should not be viewed by all recipients. The second is that it provides all-or-nothing protection, you can't choose which part of the data to be protected, and this optionality is often used in Webservices.
The second layer of protection is the protection of the message itself. You can use the existing XML security extension standard to implement the function of digital signature, so as to ensure that your message is from a specific party and has not been modified. The encryption technology of XML files strengthens the security of Webservice to a greater extent. It can customize whether the data can be viewed by the recipient after it is transmitted, which further improves the security after transmission. The industry is also constantly formulating Webservice security standards , such as SAML and WS-Security.
The last layer of protection is to rely on the security of the underlying architecture, which is more derived from the protection of the operating system and some middleware. For example, in J2EE, the application server hosting the Webservice. Many current J2EE application servers support Java Authentication and Authorization Service (JAAS), which was recently added to J2SE 1.4. It is natural to implement some security mechanism with the server hosting the Webservice. Another security method that utilizes the underlying architecture is to be an independent server responsible for security, with which both users and creators of Webservices need to gain security trust.
Features:
The main goal of Web Services is cross-platform interoperability. In order to achieve this goal, Web Service is completely based on XML (Extensible Markup Language), XSD (XML Schema) and other platform-independent and software-vendor-independent standards, and is a new platform for creating interoperable and distributed applications . So using Web Services has many advantages:
1. Communication across firewalls
If the application has thousands of users and is distributed all over the world, the communication between client and server will be a tricky problem. Because there is usually a firewall or proxy server between the client and the server. The traditional approach is to choose to use the browser as the client, write a bunch of ASP pages, and expose the middle tier of the application to the end user. The result of this is that the development is difficult and the program is difficult to maintain. Client-side programming would be much simpler if client-side code were no longer so dependent on HTML forms. If the middle-tier components are replaced by Web Services, the middle-tier components can be called directly from the user interface, thereby saving the step of building an ASP page. To call the Web Service, you can directly use a SOAP client such as Microsoft SOAP Toolkit or .net, or you can use a SOAP client developed by yourself, and then connect it with the application. Not only shortens the development cycle, but also reduces the code complexity, and can enhance the maintainability of the application. At the same time, the application no longer needs to jump to the corresponding "result page" every time the middle-tier component is called.
2. Application integration
Enterprise-level application developers know that it is often necessary to integrate various programs written in different languages and running on different platforms in the enterprise, and this integration will cost a lot of development effort. Applications often need to obtain data from programs running on a host; or send data to host or other platform applications. Even on the same platform, various software from different software vendors often need to be integrated. Through Web Services, applications can use standard methods to "exposed" functions and data for use by other applications.
XML Web services provide the ability to exchange messages using standard protocols (HTTP, XML, SOAP, and WSDL) in a loosely coupled environment. Messages can be structured, typed, or loosely defined.
3. B2B integration
B2B refers to Business to Business, as in businesses doing business with other businesses, business (generally refers to business) to business e-commerce, that is, the exchange of products, services and information between businesses through the Internet. In layman's terms, it means that both the supply and demand sides of e-commerce transactions are merchants (or enterprises, companies), and they use Internet technology or various business network platforms to complete the process of business transactions.
Web Service is the key to successful B2B integration. Through Web Service, the company can only "expose" key business applications to designated suppliers and customers. Web Service runs on the Internet and can be easily implemented anywhere in the world, and its operating cost is relatively low. Low. Web Service is only a key part of B2B integration, and many other parts are needed to achieve integration. The biggest advantage of using Web Services to achieve B2B integration is that it can easily achieve interoperability. As long as the business logic is "exposed" as a Web Service, any designated partner can call these business logics, no matter what platform their system runs on and what development language they use. This greatly reduces the time and cost spent on B2B integration.
4. Software and data reuse
Web Services can reuse the data behind the code while allowing code reuse. Using Web Service, it is no longer necessary to purchase and install software components from a third party, and then call these components from the application as before; it is only necessary to directly call the remote Web Service. Another case of software reuse is when the functionality of several applications is integrated and "exposed" through a Web Service, all of which can be easily integrated into your portal site to provide users with a unified , friendly interface. You can use the functions provided by a third-party Web Service in your application, or you can provide your own application functions to others through a Web Service. In both cases, the code and the data behind the code can be reused.
As can be seen from the above discussion, Web Service is most useful when interoperating or calling remotely through the Web. However, there are also some cases where the Web Service does not bring any benefits at all, and the Web Service has the following disadvantages:
1. Stand-alone application
Today, businesses and individuals also use many desktop applications. Some of them only need to communicate with other programs on the machine. In this case, it is better not to use Web Service, just use the local API. COM is great for working in this situation because it's small and fast. The same goes for server software running on the same server. Of course Web Services can also be used in these situations, but that would not only be too expensive, but would not bring any benefit.
2. Some applications of local area network
In many applications, all programs use COM under the Windows platform and run on the same local area network. In these programs, using DCOM can be much more efficient than SOAP/HTTP. Similarly, if a .net program wants to connect to another .net program on the local area network, .net Remoting should be used. In fact, in .net Remoting, you can also specify the use of SOAP/HTTP to make Web Service calls. However, it is better to make RPC calls directly over TCP, which is much more efficient.
1.3. Application of XML Web Service
1. The original XML Web Service is usually a source of information that can be easily incorporated into an application, such as stock prices, weather forecasts, sports scores, and so on.
2. By providing existing applications as XML Web Services, new and more powerful applications can be built using XML Web Services as building blocks.
For example, a user could develop a purchasing application to automatically obtain price information from different suppliers, allowing the user to select a supplier, submit an order, and then track the shipment of goods until they are received. In addition to providing services on the Web, the supplier's application can also use the XML Web Service to check the customer's credit, collect payment, and handle shipping procedures with the shipping company.
SOAP message format:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
<?xml version=
"1.0"
?>
<soap:Envelope
xmlns:soap=
"http://www.w3.org/2001/12/soap-envelope"
soap:encodingStyle=
"http://www.w3.org/2001/12/soap-encoding"
>
<soap:Header>
<m:Trans xmlns:m=
"http://www.w3schools.com/transaction/"
soap:mustUnderstand=
"1"
>234
</m:Trans>
</soap:Header>
<soap:Body>
<m:GetPrice xmlns:m=
"http://www.w3schools.com/prices"
>
<m:Item>Apples</m:Item>
</m:GetPrice>
</soap:Body>
</soap:Envelope>
|
-
Data Addition Using WebService
-
Data Deletion Using WebService
-
stand-alone application ;
-
Homogeneous applications on a local area network