| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Webservice or sub-flow - SOA |
« View previous topic :: View next topic » |
| Author |
Message
|
| andrewdearing |
 Posted: Fri Sep 18, 2009 5:14 am Post subject: Webservice or sub-flow - SOA |
 |
|
Newbie
Joined: 18 Sep 2009
Posts: 1
|
We have recently taken delivery of an IBM GC SOA solution which uses separation to achieve a technical layer of services that sits on top of a business layer of services (process/task etc). The business services are accessed using SOAP and a WSDL is published defining all accessable services. Whilst the business services are services in their own right the technical services are defined as sub-flows and pulled into the business service at build time. I am facing requests to webservicefy the technical services so they can be deployed independantly of the business services to give us more dynamic runtime mediation. I am a little nervous in agreeing to this as we already have about 30 technical services with about 100 service operations in total which will double in the next 4-5 months. My concerns are around the parsing of messages and the hit on the http listener as all calls would go through it rather than being included in the business service at build/deployment time. Has anyone used the advanced message broker (ESB) in this way and has any experience of webservices being used to expose technical services ? I am also aware of the potential security threat and how we stop people from directly calling technical services when they should be calling a business service.
-Andrew |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Fri Sep 18, 2009 5:52 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
You seem to have a fair grasp on the issues and the questions you need to answer within your own organization.
In general, there is a balance between runtime granularity and system complexity and maintainability. This balance is usually handled through Governance - and most of the issues you are talking about are issues of Governance rather than specific technical challenges.
On the subject of HTTP/SOAP performance and scalability, the Proxy Servlet that used to ship in SupportPac IE01 has been integrated in the Message Broker as of 6.1.0.3, and there is extensive discussion on how to configure it in the InfoCenter, starting at http://publib.boulder.ibm.com/infocenter/wmbhelp/v6r1m0/index.jsp?topic=/com.ibm.etools.mft.doc/ac69300_.htm
Among other things, this would allow you to put WebSphere Application Server, or some other JEE server, in front of all calls to Broker hosted web services that could then provide additional security mechanisms. |
|
| Back to top |
|
|
| LazyBoy |
| Posted: Fri Sep 18, 2009 8:41 am Post subject: |
|
|
Voyager
Joined: 04 May 2006
Posts: 78
|
I have a question in this context. In our project we have a scenario where the architecture team proposed to use WMB for all the webservices exposed to outside word. I am little sceptical on this decision because we have Webpshere Application Server(WAS) and even Process server(WPS). I agree with "mqjeff" using WAS for securing webservice.
Since WAS provides good way to administer things, I believe we should use WAS to secure webservices. Can anyone suggest what would be better approach. |
|
| Back to top |
|
|
| smdavies99 |
| Posted: Fri Sep 18, 2009 9:06 am Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
| Quote: |
| Since WAS provides good way to administer things, I believe we should use WAS to secure webservices. Can anyone suggest what would be better approach. |
I think you are spot on with using WAS as the front end. There are many, many places where this is in production use.
Obviously, any other App Server (eg Jboss, SunAppServer, WebLogic etc) could be used as well.
If you are smart then the WAS processes will communicate with WBI using WMQ. There has been some posts here recently about people wanting to use HTTP or SOAP but IMHO, WMQ is much simpler to implement.
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Fri Sep 18, 2009 9:10 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
Broker 6.1 provides support for a reasonable number of WS-Security standards, so no need for WAS in many cases - assuming you are using SOAP and WS-Security in the first place.
But using the Proxy Servlet provides a good way to use WAS for scalability, and also use WAS's support for a wider array of WS-Security standards, as well as plain HTTP security. |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
