Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download XML Web Services
Document related concepts
no text concepts found
Transcript
XML Web-Services
Sergey Baidachni
MCT, MCSD, MCDBA
Overview
Introduction
How it work?
What about Java?
Performance
Security
Global Architecture
Introduction
Road №80
Unix, Windows or …
Formats war
XML Web Services
Road №80
Where in the wall can I make a hole?
Unix, Windows or …
Conveniences for the clients
Conveniences for the administrators
Who will think about programmers?
Formats War
DVD or VHS?
XML Web Services
What is this?
URL-addressable set of functionality exposed
over a network
Advantage
HTTP: Stateless and text
XML: Standard format
Any platform and language
How does it work?
Overview to XML Web Services
Simple Web Services
SOAP – a protocol or another document
XML?
WSDL – a method of service application
XSD – How do I look like?
DISCO, UDDI – How am I found?
Proxy Class
Overview to XML Web Services
Service Broker
Publish
Find
Bind
Service Provider
Service Consumer
Simple Web Services
What can be even simpler?
public class MyService : System.Web.Services.WebService
{
[WebMethod]
public string Hello(string Name)
{
return "Hello "+Name;
}
}
Testing in browser
Create simple .NET Client
SOAP – Is it a protocol or another
documents XML?
SOAP – Universal means of
communication
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchemainstance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<Hello xmlns="http://tempuri.org/">
<Name>string</Name>
</Hello>
</soap:Body>
</soap:Envelope>
SOAP – Where?
UDDI
SOAP
SOAP
IIS
SOAP
Web Service
Any Client
WSDL – A method of service usage
What’s the content of the service?
What parameters are to be transmitted?
WSDL Elements
types
message
portType
binding
service
Demonstration
XSD – What do I look like?
Schema Definition Language – description of
complex types
Demonstration
<xsd:complexType name="MyType">
<xsd:sequence>
<xsd:element minOccurs="0" maxOccurs="1" name="Name"
type="s:string" />
</xsd:sequence>
</xsd:complexType>
DISCO, UDDI – How am I found?
Static discovery
Dynamic discovery
Locating disco.exe [options] url
Programmatic discovery
System.Web.Services.Discovery
DiscoveryDocument
DiscoveryReferenceCollection
DiscoveryClientProtocol
DiscoveryClientResult
DISCO, UDDI – How am I found?
What is UDDI?
Benefits
Information provided by UDDI
Programming UDDI
(Microsoft.UDDI.dll)
Problem with UDDI
uddi.microsoft.com
Proxy Class
Proxies and WSDL
Generating Proxies Using Wsdl.exe
Add Web Reference
Explicit call
Configuring Proxies
Web Service
Web Service Consumer
What about Java?
How to install IIS on Unix?
Sun Java SDK, Tomcat, AXIS
Java и .NET – impossible?
It works for real!
Performance Testing
What is Application Center Test?
Record simple scenario
Custom scenario
CreateConnection
CreateRequest
Send
How generate SOAP in ACT?
Security
Threats definition– model STRIDE
Selection of techniques
Selection of technologies
Best Practices
STRIDE – Threats modulation
Spoofing identity
Tampering with data
Repudiation
Information disclosure
Denial of services
Elevation of privilege
Best Practices
Do not use an administrator’s accounting
record
Store secret data in a safe place
Do not use lines concatenation when making
queries
Global Architecture
It is always lacking, or maybe there are problems of
Web services?
WS-* Specifications
WS-Routing
WS-Referral
WS-Inspection
WS-Security
WS-Attachments
WS-Coordination
WS-Transaction
WS-Policy
WS-Trust
WS-SecureConversation
WS-SecurePolicy
Related documents