There is an old saying among standards wonks: "The most wonderful thing about
standards is that there are so many of them." And this truism is more
applicable today than ever before. There are so many WS-* specifications,
I've started referring to them as WS-Vertigo.
But there is a reason that there are so many of them. The Web Services
Framework (WSF) relies on a composable architecture. One of the primary
tenets of the WSF is to keep things as simple as possible. Therefore, if an
application doesn't require security, reliability, or transactions, you
shouldn't clutter up the infrastructure with these capabilities. But at the
same time, if the application does require security, reliability, and/or
transactions, then you should be able to add support for the specific set of
capabilities you need.
Refactoring SpecificationsIn order to enable a pick-and-choose, plug-a... (more)
I was quite amused by a series of articles talking about the battle between
Java and .NET that appeared in mid-January. One article said that Java has a
two-to-one lead over .NET based on an informal online poll. Meanwhile, in an
article entitled "Outlook: Java tech trends through 2004," Mark Driver at
Gartner claimed, "Microsoft's emerging NET platform will continue to garner
most of the vision and mind share for Web-services-based development
efforts." And in an article entitled, "Enterprise Java Bulks Up," Thomas
Murphy of META Group said, "The lack of standards support will n... (more)
IBM and Microsoft recently launched another Web services-related effort - the
Web Services Interoperability Organization (www.ws-i.org), or WS-I for short.
Its charter is to promote Web services interoperability across platforms,
operating systems, and programming languages. I, for one, view
interoperability as absolutely critical to the success of Web services
technology. I don't think I'm alone in the view, since more than 60 companies
joined the consortium within the first week. Obviously the formation of this
group is a "good thing."
So I was a bit amused by the immediate de... (more)
Based on the number of questions I get on the subject, quite a few people
think that SOAP isn't secure. It's a bit hard to answer these questions
because SOAP is neither secure nor insecure. It's not within the scope of
SOAP to implement security. SOAP is simply a mechanism to package information
to send between two applications. Even so, it's easy to secure SOAP messages,
and SOAP provides an extensible mechanism that allows you to convey security
information in your messages.
Security is a complicated topic, so let me start by explaining the basic
goals of security when dealin... (more)
How do you define a Web service? If you ask five people to give you a
definition, you'll probably get at least six answers. Is a Web service any
application that can be accessed over the Web, or is it limited to
applications that expose a programmatic interface? Is it the code that
implements the service or the interface to the code? Do you have to use SOAP?
What about XML-RPC? Or RosettaNet? Or FIXML? Or some other XML protocol? And
do you have to use XML? Does SWIFT qualify as a Web service?
I know that many people will disagree with me, but my basic definition is as
follows: ... (more)