SOA + Web 2.0 Symbiose oder Kollision im Unternehmen? Tony Fricko, SOA Competence Center anton_fricko@at.ibm.com Agenda What we get from Web 2.0 Technologies: AJAX, JSON, REST RESTful SOA Relevance of Mashups / controlpoints Mashup examples Mashup considerations for the enterprise Security / Standards (OpenAjax Alliance Metadata specs) IBM Activities and products in SOA / Web 2.0 Mashups RESTful SOA enablement WebSphere, DataPower, Registry (WSRR), WebSphere Business Monitor, etc.. 2 1
What is Web 2.0*? Simple to use Simple to access AJAX Highly Interactive Browser invoked services JSON / XML / ATOM Information exchange JavaScript Friendly * A term coined by Tim O Reilly (http://www.oreillynet.com/pub/a/oreilly/tim/news/2005/09/30/what-is-web-20.html ) REST Easily invoked HTTP-Centric Patterns 3 Importance of APIs and open standards Application APIs Network File access Graphics Security.. Desktop scope Operating System 4 2
Importance of APIs and open standards Application APIs Network File access Graphics Security.. Desktop scope Internet 5 Importance of APIs and open standards GUI Browser Desktop scope APIs W3C Google Amazon OpenAjax.. Internet 6 3
Intuitive User Experience using AJAX Service In the typical web application, each request causes a complete refresh of the browser page An Ajax application begins the same way. After the initial page loads, Javascript code retrieves additional data in the background and updates only specific sections of the page AJAX is the acronym for Asynchronous JavaScript and XML AJAX forces you to think about discrete services Gives you a bottoms-up approach to defining services that can reveal new things about your enterprise 7 XML, JSON and ATOM XML is the standard representation for message format in RESTful services The key difference from SOAP is that the XML represents only the body of a message Thus a RESTful service will carry as its content only a simple, human-readable document that represents the noun of the service JSON is an alternate standard format for succinct communication with AJAX clients The vast majority of the clients of a RESTful service will be written in JavaScript In recognition of that, JSON (JavaScript Object Notation) allows for rapid exchange of JavaScript objects, but also in a simple, human-readable format JSON is built up from a collection of name-value pairs and ordered lists of values ATOM is a key XML specification for content syndication ATOM allows for better support for podcasting, updating, and extension than RSS provided ATOM is also human readable and is easy to understand and parse 8 4
REST - Accessibility for Developers Simply A RESTful exposing Web service is services formed like a from sentence the it enterprise simplifies how as developers URLs access and Feeds services Verb = HTTP Action (GET, POST, PUT, DELETE) Noun = the URI of the Service (the document) Adjective = MIME type of the resulting document 9 RESTful SOA A RESTful SOA is an instance of SOA that uses concepts from the Web as the primary service architecture Limiting choices to make it easier to implement a SOA Primarily uses REST to represent and access services Data is encoded as JSON or XML (including XML schemas like ATOM) May use alternate approaches like JSON-RPC when appropriate Supports Rich User Interfaces built using AJAX Key aspects of building an effective RESTful SOA Take advantage of your existing infrastructure wherever possible Use well-established, ubiquitous technologies for scalability, performance and security Build rich UI s that run in any commodity browser Make content simple and human readable WOA 10 5
Where can a RESTful SOA apply? When building Widgets for use in Mashups or RIA s, or building feeds (ATOM or RSS) for use in a browser or by an aggregator When you want to make assets available to the web In a form that it can be parsed by the widest range of technologies available Where it may be consumed on either the client or server side When the asset you are exposing is naturally resource-oriented 11 Merging Enterprise SOA and RESTful SOA If you take the route of developing for both Enterprise SOA and RESTful SOA then you can take advantage of two separate content pools Services generated inside your enterprise Services generated outside the enterprise This gives you the best of both worlds and allows you to take advantage of all the communities served by your business Services from Inside the Enterprise Services from outside the Enterprise New Content and New ways to reach Your communities 12 6
Extending the Reach of your SOA From the IBM Web Page on the definition of SOA:... a business-centric IT architectural approach that supports integrating your business as linked, repeatable business tasks, or services. SOA helps users build composite applications, which are applications that draw upon functionality from multiple sources within and beyond the enterprise to support horizontal business processes SOA in general is about providing access to the reusable business tasks (services) of your enterprise RESTful SOA is just a constrained subset of SOA dedicated to making those services easily available to end-users There are three things you can do to take advantage of RESTful SOA Embrace your business communities Unleash your Assets Extend your business processes to your business communities 13 Emerging Web 2.0 Ecosystem High volume, varying granularity offerings of content and services User seamlessly interfaces with multiple offerings within the context of a single application REMIXING Content and services mashed with other offerings personalization, situational needs 14 7
What is a Widget A widget is a small program or piece of dynamic content that can be easily placed into a web site. Widgets are called different names by different vendors: gadgets, blocks, flakes. Widgets can be written in any language (Java,.NET, PHP, etc.) and can be as simple as an HTML fragment. Widgets can be non-visual. Widgets often encapsulate an API. Mashable widgets pass events, so that they can be wired together to create something new. There are no standards around widgets yet, but IBM is moving towards a common definition called iwidget. 15 What is a Mashup A mashup is a lightweight web application that combines data from more than one source into an integrated and new, useful experience. Zillow.com igoogle Competitive Mashup What typically characterizes a mashup? Widgets and feeds that are mashed together often come from independent sources and do not change when mashed New applications deliver new insights and capabilities (1+1 = 4) Built on a web-oriented architecture (REST, HTTP) and leveraging lightweight, simple integration techniques (AJAX, RSS, JSON) The result is fast creation of rich, desktop-like web applications Simple applications that solve niche problems (i.e., satisfies the long tail) 16 8
Mashups Mean Faster, Cheaper Delivery of Applications Save time and money through reuse and lightweight integration techniques Sharing and discovery of internal content and data a key enabler Increase productivity Lower skill sets needed to assemble new applications Leverage the palette of widgets and APIs from across the web Google Gadgets programmableweb.com New mashup IBM Catalog/Mashup Hub 17 Extend Reach and Value of SOA Mashups can help to: Mashups are the last mile of SOA Illuminate the value of SOA to business users by making it more visible Simple to use Simple to access Drive the creation of well designed services Increase service reuse Make SOA simple to use 18 9
Key Mashup Challenges 1. No industry-wide agreement on a widget standard yet There are no standards around widgets yet and many vendors have created their own names: gadgets, blocks, flakes, etc. IBM has created a lightweight widget model which is well aligned with existing standards such as JSR168/286 and WSRP as well as other widget models such as Google and NetVibes You can use this model to develop and use widgets with IBM products IBM s goal is to define a standard for widgets. As part of this effort, IBM is leading a new widget specification workgroup in OpenAJAX. Leveraging the experience from the Google Gadget integration, our IBM widget model, and the JSR 168/286 + WSRP standards to create a well integrated OpenAJAX widget spec. Check out http://www.openajax.org 19 Key Mashup Challenges 2. Security Concerns around mashing internal data with external (non trusted API) Potential for malicious, malformed code (rogue widgets) Need to provide isolation between widgets Industry looking to establish standard cross-domain secure communication mechanism (OpenAjax Alliance Hub 1.1) How to easily handle security deployments for mashups? Authentication, credentials, authorization To learn more, read the OpenAjax Alliance Security Taskforce whitepaper: http://www.openajax.org/member/wiki/wp3_-_ajax_and_mashup_security 3. Creating mashable data Before mashing can be done, content must be exposed in a mashable format First step is making enterprise data (both structured and unstructured sources) available as feeds 20 10
Running different widgets on a single canvas OpenAjax Metadata Specification http://www.openajax.org/member/wiki/openajax_metadata_spe cification Widget Metadata API Metadata Library Metadata Properties and Datatypes Localization 21 Introducing Lotus Mashups Lotus Mashups provides the simplest and fastest way to assemble enterprise and Web content into simple, flexible, and dynamic applications. With Lotus Mashups, web-savvy business users can easily create and share new applications that address their immediate business needs. Lotus Mashups includes: A graphical, browser-based tool that supports easy, on-the-glass assembly of new Web applications by business users. A mashup catalog which facilitates sharing and discovery of mashup assets, with built-in community features like ratings, tagging, commenting. Use Create Reuse Speed Flexibility Insight Innovation A very lightweight mashup server, which can be hosted on a variety of platforms for added IT management and governance capabilities. Assemble & Share Discover A rich set of out-of-the-box, business-ready widgets. Manage 22 11
Mashable Content Can Come From Diverse Feeds Mashups Web Discover & Share Departmental & Personal Web Google Gadgets Office XML Custom Adaptors MySQL DB2, Oracle, MSSQL CRM ECM JDBC, IDS, IMS, etcecm Systems Enterprise BI Legacy / BPM & Data Information Server Warehouses ERP/CRM Desktop MQSeries MQ <WSDL> ERP & WISD Web services 23 IBM Mashup Center Key Components Lotus Mashups: Quickly and easily assemble mashups on-theglass. Create dynamic widgets. Catalog: Sharing & discovery of mashable assets. InfoSphere MashupHub: unlock and share web, departmental, personal and enterprise information for use in Web2.0 applications. Transform and re-mix Web 2.0-style feeds. 24 12
Carrefour mashup Search for ETA Map with overlay of piracy reports and weather info Result of vessels Vessel details (revealed by clicking on icon ) 25 IBM activities and offerings Web 2.0 + SOA Taking Web 2.0 into the enterprise Standardization activities OpenAjax alliance Metadata specifications AJAX accessibility work JavaScript compliance via open source Dojo toolkit Lotus Mashups / InfoSphere (announced product, can be downloaded from IBM alphaworks) Mashub Hub (research tool, included in Lotus Mashups) WebSphere smash (announced product, GA 2H 2008 ProjectZero ) Web 2.0 support pack for WebSphere V6.1 DataPower JSON support WebSphere Business Process Monitor WebSphere Registry and Repository WebSphere Commerce Server WebSphere Process Server WebSphere Portal 26 13
WebSphere smash for quickly and simply delivering dynamic Web 2.0 based applications, and enabling mashups. WebSphere smash Improves developer productivity and efficiency through the support of dynamic scripting languages (Groovy and PHP) Leverages Web 2.0 technologies for service invocation, service composition and data interchange Visual tools for developers to build Widgets for use in Lotus Mashups 27 Applications: Extending Reach of SOA with Web 2.0 Enhancing the Industry's Broadest SOA Portfolio in the Changing World Enable agile creation of customizable solutions with the flexibility and personalization of SOA Bridge" web and SOA: Use Web 2.0 -style approaches to access reliable SOA services Widget /Application Creation Developers Widget Assembly Business Users Widget Factory Mashup Engine Lotus Mashups WebSphere smash Output used as Widgets Consumed by Mashups Output used as Standalone Application 28 14
WAS Feature Pack for Web 2.0 Publish and Subscribe Event Handling Enables dynamic scenarios such as streaming stock updates and real time collaborative web applications WebSphere Application Server JMS Proxy Ajax Proxy Provides safe, reliable access to Internet based services and mashups from browser based Ajax applications EJBs Services POJOs IBM $125.25 +$2.50 MSFT $43.75 -$1.50 JSON and HTTP Enablement Simplifies Ajax and web 2.0 based access to traditional web services, Java objects and EJBs in the application server Ajax Client Runtime Eases development of client side Ajax code; based on Dojo, an open source Javascript library RESTful SOA Enabler 29 WebSphere DataPower JSON-RPC Bridging {"Task": "Dry cleaning: shirt, pants, and 20% discount coupon } AJAX Clients JSON GetHandle AddTask ShutDown SOAP GetHandle AddTask ShutDown Perform format translation from JSON to SOAP (and vice versa) Web Service (SOAP) Provider 30 15
WebSphere Business Process Monitor Defines a set of URIs exposing REST services that open access to monitor data http://monitor_server:monitor_server_port/rest/bpm/monitor/rest_uri Services include Model services (metadata about deployed monitor models) Diagram services (SVG diagrams about deployed monitor models) KPI services (retrieval/management of Key Performance indicators) Instance data services (monitored data collected by business monitor) Alert services (support retrieval/management of alert subscriptions) Security services 31 WebSphere Service Registry and Repository Exposing REST APIs to perform actions on content and metadata Actions Create, Retrieve, Update, Delete Services accessed through ROOT URL - http://host:port/wsrr/6.1 E.g. Creating Content (WSDL, XSD, Policy, XML, Generic ) Response (may be XML or JSON) 32 16
Bridging RESTful SOA and Enterprise SOA Web REST JSON ATOM XML RSS REST MOM WS-* JMS SOAP WPS, ESB, Portal App Server WAS, CE, Tomcat J2EE DB2 Enterprise Legacy CICS IMS 33 Web 2.0 and new SOA tooling better align business and IT Unparalleled accessibility to content Exponential reductions in cycle time Weeks to Days, Days to hours Users build their own applications http://www-306.ibm.com/software/lotus/products/mashups/ 34 17
Thank you Contact info: anton_fricko@at.ibm.com Copyright IBM Corporation 2008. All rights reserved. Zeddy Warf in SecondLife The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, the e-business logo and other IBM products and services are trademarks or registered trademarks of the International Business Machines Corporation, in the United States, other countries or both. All other trademarks, company, products or service names may be trademarks, registered trademarks or service marks of others Disclaimer: NOTICE BUSINESS VALUE INFORMATION IS PROVIDED TO YOU 'AS IS' WITH THE UNDERSTANDING THAT THERE ARE NO REPRESENTATIONS OR WARRANTIES OF ANY KIND EITHER EXPRESS OR IMPLIED. IBM DISCLAIMS ALL WARRANTIES INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. IBM DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE, VALIDITY, ACCURACY OR RELIABILITY OF THE BUSINESS BENEFITS SHOWN.. IN NO EVENT SHALL IBM BE LIABLE FOR ANY DAMAGES, INCLUDING THOSE ARISING AS A RESULT OF IBM'S NEGLIGENCE.WHETHER THOSE DAMAGES ARE DIRECT, CONSEQUENTIAL, INCIDENTAL, OR SPECIAL, FLOWING FROM YOUR USE OF OR INABILITY TO USE THE INFORMATION PROVIDED HEREWITH OR RESULTS EVEN IF IBM HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE ULTIMATE RESPONSIBILITY FOR ACHIEVING THE CALCULATED RESULTS REMAINS WITH YOU. 36 18