Who's Afraid of Web Services?


Web services can be confusing, maybe even scary. Sometimes it seems that every time you pick up a magazine, there's another Web services protocol to understand. Given the uncertainty in the standards space, perceived security issues, and the complexity of deploying high-reliability Web services, its no wonder that many enterprises are taking a wait and see attitude.

Doug Kaye, in his book Loosely Coupled, defines complex Web services projects as those that are based on asynchronous messaging, require high availability, or involve providing service to external partners. Web services projects that don‚t share these attributes are usually easy to get approved. But complex projects give seasoned managers pause.

One way to mitigate issues surrounding changing standards, security, and complex deployments is to hire one of the large service companies, like IBM or Accenture, to deliver and manage your company‚s Web services. But what if your budget doesn‚t have room for a top-drawer services company? Should you just give up on Web services until all the issues get sorted out?

Another route is to take advantage of a Web services intermediary such as Grand Central Communications or Confluent CORE. Web services intermediaries, offer configurable services such as logging, auditing, monitoring, alerting, authentication, and authorization. Grand Central and Confluent CORE differ significantly in how they‚re deployed: Grand Central is a value-added network that you subscribe to for a monthly fee and Confluent Core is a software server that you buy, install, and operate. Both, however, can be used to connect external partners and customers to your Web services flexibly, securely, and reliably.

Web Services Networks

Confluent CORE provides a scaffolding for building a reliable Web services-based application. Because CORE is software you buy and operate, it appeals to industries that want an increased level of control over the communications between them and their partners. CORE works through a set of active intermediaries called "gateways" or "agents" depending on how they are deployed.

Gateways are proxy servers that intercept requests, enforce policies, and then forward requests onto registered services. Clients must be directed at a gateway for it to serve as the proxy for a service. Agents, on the other hand, are policy enforcement plug-ins that are deployed inside a SOAP container. Consequently, the client of the service is unaware of the message interception that is necessary to enforce policies. Multiple distributed gateways and agents can be configured and managed by means of a single policy manager and monitoring engine which is made up of three integrated, but distinct tools: CORE Manager, CORE Monitor, and CORE Analyzer.

CORE is organized around the idea of policy pipelinesųcentralized repositories of policies that are used to control the behavior of managed Web services. CORE also provides tools for monitoring and managing your Web services network giving detailed information about the Web services under management. Pipelines are linear series of steps. Each step can be individually created and edited. As new services are added to gateways and agents, default pipelines are created that perform authentication, access control, and logging for the request and the response. These default pipelines can be modified from a catalog of steps. For example, the administrator might choose to change out basic HTTP authentication with LDAP authentication or add a completely new step that does message transformation based on XSLT.

Brain Dead Easy

CTO John McDowall of Grand Central Communications wants to make „"connecting brain dead easy." In much the same way that the Postal Service or Federal Express create value by providing a trustworthy, auditable, and convenient way to deliver paper messages to other parties around the world, Web Services networks like Grand Central provide a trustworthy, auditable, and convenient way to connect multiple in a Web Services network. Grand Central solves the problem of matching multiple permutations of technologies and procedures with a set of configurable policies that can be defined by each party.

Trust is one of the greatest values that networks like Grand Central provide to its customers. Trust that your connecting to the intended partners. Trust that messages will be delivered once and only once. Trust that messages are confidential. Trust that the network will be there when it is needed.

The end result, according to McDowall is that connecting to the outside world will become a commodity where linking up services with different implementations of standards or transport will be "point and click." In this kind of self-service environment, the role of consultants changes from supplying armies of programmers who lashing together and managing complex systems to providing business process expertise and showing how service-oriented architectures add business value.

Outsourcing your entire Web services development effort can be a costly way to gain a little comfort. Fortunately, there are other strategies you can pursue to get around these problems and move forward with complex Web services projects now.