MANNING Jos Dirksen IN ACTION REST and Web Service architectures www.it-ebooks.info SOA Governance in Action www.it-ebooks.info www.it-ebooks.info SOA Governance in Action REST AND WS-* ARCHITECTURES JOS DIRKSEN MANNING SHELTER ISLAND www.it-ebooks.info For online information and ordering of this and other Manning books, please visit www.manning.com. The publisher offers discounts on this book when ordered in quantity. For more information, please contact Special Sales Department Manning Publications Co. 20 Baldwin Road PO Box 261 Shelter Island, NY 11964 Email: orders@manning.com ©2013 by Manning Publications Co. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps. Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without elemental chlorine. Development editor: Scott Meyers Manning Publications Co. Technical pr oo frea der: Niek Palm 20 Baldwin Road Copyeditor: Linda Recktenwald PO Box 261 Proofreader: Melody Dolab Shelter Island, NY 11964 Typesetter: Marija Tudor Cover designer: Marija Tudor ISBN: 9781617290275 Printed in the United States of America 1 2 3 4 5 6 7 8 9 10 – MAL – 18 17 16 15 14 13 12 www.it-ebooks.info To my wife Brigitte, my daughter Sophie, and my parents www.it-ebooks.info www.it-ebooks.info vii brief contents PART 1 INTRODUCTION 1 1 ■ Introducing SOA governance 3 2 ■ Setting up the SOA governance environment 27 3 ■ Using a case study to understand SOA governance 60 PART 2 DESIGN-TIME POLICIES 79 4 ■ Service design and documentation policies 81 5 ■ Security policies 116 6 ■ Testing, performance, and the cloud 156 PART 3 RUNTIME POLICIES 187 7 ■ Using tools for runtime governance 189 8 ■ Lifecycle support and discovering resources 212 9 ■ Integrating SOA governance tools with existing tools and technologies 235 www.it-ebooks.info BRIEF CONTENTS viii www.it-ebooks.info ix contents preface xv acknowledgments xvii about this book xix about the cover illustration xxiii PART 1 INTRODUCTION 1 1 Introducing SOA governance 3 1.1 What is SOA governance? 4 Definition of service-oriented architecture 4 ■ Introducing governance 7 ■ Defining SOA governance 10 1.2 How using SOA governance can help 13 Keeping track of how services are used 13 ■ Keeping uniformity among services 14 1.3 Common pitfalls when introducing SOA governance 14 1.4 Requirements of an SOA governance solution 15 Creating and maintaining policies 16 ■ Applying policies at design time 17 ■ Applying policies at runtime 18 1.5 Getting started with SOA governance 18 www.it-ebooks.info [...]... succeeds in cheering me up when I’m down www.it-ebooks.info about this book Welcome to SOA Governance in Action The main goal of this book is to introduce you to SOA governance and provide you with a set of guidelines and policies you can use to get started introducing SOA governance to your organization The book is divided into three parts In the first part you’ll be introduced to the theory behind SOA governance. .. organization In this first chapter we’ll dive directly into the details of SOA governance I’ll explain why SOA governance is important and what the benefits are when you have SOA governance in place, and I’ll give an overview of how you can deal with SOA governance in a practical and pragmatic manner In the following chapters I’ll show you how to start using it 1.1 What is SOA governance? To understand what SOA. .. see in this book, applying SOA governance 3 www.it-ebooks.info 4 CHAPTER 1 Introducing SOA governance principles is easy and not so different from the normal way you design or monitor the services you’ve created Governance isn’t something exclusive to IT, as you’ll see in this chapter It’s applied throughout the industry Let me give you an example of what happens in the aviation industry In this industry... ■ 4.2 Following existing standards and definitions 95 Including an existing XML schema in a WSDL 95 Using an existing XML schema in a REST resource 98 Using a REST-based search definition 99 ■ ■ 4.3 Creating a reusable service 103 Define the correct level of granularity 103 Decoupling the transport layer from the logical layer 104 Service discovery 104 Versioning, documentation, and using standards... are involved with the critical decision making That’s the main reason why scandals such as Enron happen and why so many IT projects go wrong 1.1.3 Defining SOA governance The goal of applying governance to SOA is to get the most out of your SOA You do this by listening to the stakeholders and, based on that information, defining a number of policies This requires taking the following steps: 1 2 3 Define... this organization In the rest of the book I’ll show you how you can use various tools and techniques to implement services that comply with these policies www.it-ebooks.info www.it-ebooks.info Introducing SOA governance This chapter covers ■ The core concepts of SOA governance ■ Why SOA governance is important ■ What roles tooling and open source play in SOA governance ■ How SOA governance can be applied... explained in this book I’ll explain what SOA governance is by looking at the following subjects: ■ ■ ■ What is SOA and what is governance? What are the advantages and disadvantages of SOA governance? How can tools and open source help in applying SOA governance? After this introduction we’ll take a look at how you can set up an environment that you can use to experiment with This environment contains... reusing existing services you don’t have to reinvent the wheel every time, assuming the service you’re reusing is being well maintained Better interoperability—Whether you’re building a REST-based service or a WS-* based service, in both cases you have a well-defined contract, based on standards to help you in the interoperability area Now that we’ve looked a bit at what SOA is, let’s look at the governance. .. the WS-* layer 47 Testing the WS-* remoting layer 48 ■ ■ 2.7 Setting up the SOA registry 49 Running the SOA registry for the first time 49 Registering a service manually in the registry 50 Accessing the WSO2 Governance Registry 51 ■ ■ 2.8 Setting up the BAM application 53 Installing BAM tools and checking out the code from SVN 53 Attaching an event sender to the service 54 Setting up the widget to visualize... of principles that determines how your client interacts with your service In other words, it is good to have a set of policies that help you define the contract of your service And what happens after a service is in production? I know from experience that measuring who is using a service and garnering insight into the business processes using your service can give you valuable information This information . MANNING Jos Dirksen IN ACTION REST and Web Service architectures www.it-ebooks.info SOA Governance in Action www.it-ebooks.info www.it-ebooks.info SOA Governance in. xxiii PART 1 INTRODUCTION 1 1 Introducing SOA governance 3 1.1 What is SOA governance? 4 Definition of service-oriented architecture 4 ■ Introducing governance