220 likes | 449 Vues
SOAP. Simple Object Access Protocol by: Vivian Nguyen & Hoa Tang. What is SOAP.
E N D
SOAP Simple Object Access Protocol by: Vivian Nguyen & Hoa Tang
What is SOAP • SOAP is an XML-based object invocation protocol. SOAP was originally developed for distributed applications to communicate over HTTP and through corporate firewalls. SOAP to be used in a large variety of systems ranging from messaging systems to RPC ( remote procedure call ). • SOAP consists of three parts: • The SOAP envelope construct defines an overall framework for expressing what is in a message; who should deal with it, and whether it is optional or mandatory. • The SOAP encoding rules defines a serialization mechanism that can be used to exchange instances of application-defined datatypes. • The SOAP RPC representation defines a convention that can be used to represent remote procedurecalls and responses.
A Brief History of SOAP • In the Beginning: SOAP 98 • When SOAP started in early 1998, there was no schema language or type system for XML (in fact, XML 1.0 had just become a full Recommendation that quarter). If you look at earlier versions of the SOAP spec (including XML-RPC, which was subseted from the 1998 SOAP spec), most of the focus was on defining a type system.
A Brief History of SOAP – Cont. • SOAP Phase 2: 1999-2000 • By the time a SOAP specification finally shipped using the name "SOAP" (4Q1999), the W3C XML Schema language was by no means done, but it certainly had progressed to a point where it became obvious to most of the SOAP authors that we needed to leverage and integrate the work of the Schema Working Group as much as possible.
A Brief History of SOAP – Cont. • The Post-SOAP Era: 2001 and beyond • SOAP is what most people would consider a moderate success. The ideas of SOAP have been embraced by pretty much everyone at this point. The vendors are starting to support SOAP to one degree or another.
Horse race for market shares • Two major enterprises known as • Sun - Java 2 Enterprise Edition (J2EE) • Microsoft - Windows Enterprise platform ( .NET)
Define • Request/Response Messaging • Uses HTTP • Platform independent • Defines an XML Grammar For • Specifying method names • Defining parameters and return values • Describing types
Accessing Web Services Allows invoking operations over HTTP Defines an XML-based format for parameters Requests/responses can ride on: HTTP (the most common case today) SMTP or MSQL (for loosely-coupled interactions) Other protocols
What SOAP Provides • Industry Agreement • It is endorsed by Microsoft, IBM, Sun, Oracle, BEA, Iona, and others • Object Model Independence • SOAP is not tied to any operating system, programming language or object model • Support for diverse protocols • Synchronous and asynchronous
An Example of SOAP Request POST/AccountAccess HTTP/1.1 Host: www.qwickbank.com Content-Type: text/xml; charset=“utf-8” Content-Length: 305 SOAPAction: <SOAP-ENV:Envelope xmlns:SOAP-EVN = “http://schemas.xmlsoap.org/soap/envelope/” SOAP-ENV:encodingStyle = “http://shemas.xmlsoap.org/soap/encoding/”>
An Example of SOAP Request – Cont. <SOAP-ENV:Body> <m:GetBalance xmlns:m=“http://www.qwickbank.com/bank”> <Account>123-1456-78900</Account> </m:GetBalance> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
An Example of SOAP Response HTTP/1.1 200 OK Content-Type: text/xml; charset=“urf-8” Content-Length: 304 <SOAP-ENV:Envelope xmlns:SOAP-ENV = “http://schemas.xmlsoap.org/soap/envelope/” SOAP-ENV:encodingStyle = “http://shcemas.xmlsoap.org/soap/encoding/”>
An Example of SOAP Response – Cont. <SOAP-ENV:Body> <m:GetBalanceResponse xmlns:m=“http://www.qwickbank.com/bank”> <Balance>5.758.55</Balance> </m:GetBalanceResponse> <SOAP-ENV:Body> </SOAP-ENV:Envelope>
SOAP Current Status General XML Messaging Protocol OS, Object Model, Programming Language Neutral, Architecture Independent (Hardware) Protocol Independent Works Over Existing Internet Infrastructure Builds on Key Internet Standards Submitted to W3C
SOAP is Not Distributed Garbage Collection Type Safety and Versioning Bi-Directional HTTP Box-Carrying or Pipelining of Messages Objects-by-Reference
Security and Features Builds on HTTP Security HTTPS X.509 Certificates Developers/IT Choose which methods to expose explicitly Does not pass application code Firewall-friendly Type Safe
Security and Messages Authorize Computers or Businesses to access Web Service Two Techniques for securing access System-level Application-level
System-Level Techniques Internet Protocol Security(IPSec) port filtering policty to restrict access Authentication using Windows 2000 Server’s Internet Information Services(IIS)
Application-level Techniques Include client credentials in the SOAP body Use SSL instead of HTTP for SOAP messages Always generate separate contracts for SSL and non-SSL services to enforce better security architecture
Infrastructure Support Microsoft DevelopMentor Inc. Digital Creations IONA Technologies PLC Software Inc. SAP Compaq IBM Hewlett Packard Intel