Year: 2004

Generic Web Service Interfaces – The Right Choice?

Sometimes I hear the question “Why not decouple the service from the caller by using generic interfaces?”

To better understand this question let’s have a look at the following pseudo code example:

BookingService
{
Flight[] getAvailableFlights(date flightDate, string destination);
bool bookFlight(int flightId);
}

The Web Service BookingService has two methods, which can be called by the clients and is described in an BookingService.wsdl file.
If we would like to add a new method for instance cancelFlight(int flightId) we have to change the caller of the service. In most cases this means rebuilding the client side proxy.

Why not using a generic interface like one of the following:

Generic parameter approach:

BookingService
{
Map getAvailableFlights(Map params);
Map bookFlight(Map params);
}

This approach uses only generic parameters but no generic service operations.

Generic service approach:

GenericService
{
Map execute(int commandId,Map params);
}

This approcach uses the common command pattern. It means the client sends a command id toghether with the required parameters to the service.
Dependent of the command id the service dispatches the call to the service implementation.
In order to add the service method cancelFlight we simply have to add a new command. The contract remains unchanged and the proxy hasn’t to be rebuild.
And even better the parameters can be processed in a generic way. That’s cool, isn’t it?

At first glance this approach looks promising. But at what price?

A common misunderstanding is that the Web Service Signature described in the WSDL file forms the service contract. This is only one option.
More precisely said the name of the service operation (or command id) in conjunction with the required in and out parameters form the contract.
It doesn’t matter where this information is stored.

What really happens when using generic interfaces is that the contract is shifted from a standarized to a custom layer.
That means the contract is not described in the BookingService.wsdl file anymore. Now the service and the caller need a proprietary way to describe and exchange the contract.
Moreover the type safety is lost because only generic types are used.
The command dispatching must be implemented. This is usually handled by the Web Service infrastructure for instance by using the SoapAction in the HTTP-Header.
Generic parameter processing is not a reason to use generic interfaces. If necessary reflection can be used to process typed parameters in a generic way, but without loosing type safety.

I think the drawbacks of generic interfaces outweight the benefits.
What do you think?

What have Open Source Software and Cars in Common?

During the recent months I had to deal with several open source implementations like Log4J, Jacorb or Tomcat. While I was happy that it is free in terms of licence cost I was unhappy about some other issues that campe up when using it in an productive environment.

To make things clearer it sometimes helps to use an analogy.
In many aspects the use of software is similar to using like for instance a car or a hifi-system.

So what would you expect when buying a car? (at least I’m expecting that)
A .It should bring you from A to B in a secure and fast way.
B. It should be reliable and error free.
C. If an error comes up the garage should fix it as fast as possible.
D. The price/quality ratio should be reasonable.

Does it really matter, how the car works under the hood or that you can fix it on your own?
I think for 99% of drivers the answer is no.

The same applies to open source software. The fact that a software is open, semi open or closed source is not really a feature of a software (except of rare mainly academic cases).
The important thing is that the price/quality ratio is good so that it’s worth using it.
In brief the advantage of the features must be higher than the disadvantage of the cost.
I think this it true of all kinds of software.

My advice is as follows:

Use open source software when:
A. You can replace it easily without a lot of effort
B. The price/quality ratio is good in terms of total cost of ownership (TCO – be honest)
C. You are a geek and love it to do everything on your own
D. There is no other solution around

Don’t use open source software when:
A. You need a solution for infrastructure or mission critical applications except you can replace it easily
B. You need professional and guaranteed support
C. The open source software module can break the entire application
D. You have no choice due to your corporate policies

I know that this issue is very controversial – so what do you think?

Weblogic Server Supports WS-Security 1.0

BEA Weblogic Platform now supports the OASIS Web Services Security Specification.

Quote:
Implementation of the Final 1.0 OASIS Web Services Security Specification
WebLogic Web Services now implement the following OASIS Standard 1.0 Web Services Security specifications, dated April 6, 2004:

Web Services Security: SOAP Message Security
Web Services Security: Username Token Profile
Web Services Security: X.509 Token Profile

Although it’s great that Web Service Security ist standarized within a platform, the interesting question is whether it’s possible to connect distinct platforms in a secure manner.
Currently I’m setting up a new study in order to show whether WS-Security is mature enough to connect for instance BEA Weblogic Server 8.1 SP3 and Microsoft WSE2.0. If you would like to get involved in the study please let me know. I’ll keep you informed.

New Technology is Raising New Questions

Today I attended a panel discussion about Web Service architecture.
Beside all the new technologies which are shown at TechEd I mostly like these smaller sessions where interesting discussions can happen.
During the session a lot of interesting topics were adressed although not answered. What you can see are the new issues which arise when trying to set up a Service Oriented Architecture (SOA).
Every new technology solves some problems but at the same time raises new questions.
That’s the great thing about information technology, isn’t it?

Let me give you a short summray of the most interesting topics:

– Generic service interfaces
– Dealing with referenced and replicated data
– Different service levels, service categorisation
– Service versioning
– Service contract lifetime
– Distributing service semantics
– Universal entity modeling

I would be happy to hear your ideas about these topics.
Feel free to contact me if your are at TechEd or anywhere else.

The Second Day at TechEd

On the second day I attended some interesting sessions.
One was about Microsoft and Open Source. Very interesting what Microsoft says about Linux, Application server, Standards and other open source products.
Althought it’s not an easy subject to speak about the atmosphere was very calm, open and polite.
I like this kind of constructive communication. Some of the comments were very enlighting.
I attended a Don Box session about several hosting containers as well. No comments.

At the end of the day I attended a session about mobile development with the Compact Framework 2.0. Very interesting.
In general the main topic in terms of development is the upcoming product release of Visual Studio.NET 2005.
It’s great to see new visual modeling support inside the development environment.
Whitehorse will inprove the way operations people, developers and architects will work together. And there will be a class designer for roundtrip engineering as well. It’s not an MDA approach, but a pragmatic modelling approach to enable developers to do round trip engineering. I’m glad to see that.
The new features of ASP.NET are very exiting as well. You will have personalization, authentication, and portal support with low effort. The languages have been improved as well. We’ll have generics and new (and easier) C++ language extensions.
On the whole a lot of improvements which will ease the development.
And the best thing is WSE2.0 now fully supports the OASIS WS-Security specification from 6.April 2004. This is the first toolkit available which can be used to create standards compliant secure Web Services.
What was first – the specification or the product? This question has not been answered yet.

TechEd Amsterdam is Starting

TechEd 2004 Amsterdam is starting today with the preconference sessions.
By now my first impression are about Amsterdam itself. It’s an interesting location. I think the conference will surely contiune after the end of the sessions.
The event preparation seems to be as perfect as always. It’s amazing to see all the technical infrastructure. But the best is to meet all the people from around the world.
Today we had some presentations from the MCT program manager. The bar will raise again for the upcoming MCT program year in order to continue the best possible customer satisfaction hiring a Microsoft Certified Trainer. Sorry, a little bit of marketing should be allowed 😉