Java Web Services Architecture ISBN:1558609008 by James McGovern, Sameer Tyagi, Michael Stevens and Sunil Matthew Morgan Kaufmann Publishers © 2003 (831 pages) This is a no-nonsense guide to web services technologies including SOAP, WSDL, UDDI and the JAX APIs; it provides an unbiased look at many of the practical considerations for implementing web services including authorization, encryption, and transactions Table of Contents Java Web Services Architecture Foreword Preface Part One - The Foundation Chapter 1 - Web Services Overview Service-Oriented Chapter 2 Architecture Component-Based Service Chapter 3 Development Chapter 4 Chapter 5 Chapter 6 Chapter 7 - SOAP - WSDL - UDDI - ebXML Part Two - The JAX APIs Java Web Service Developer Pack Chapter 9 - JAXP Chapter 10 - JAX-RPC Chapter 11 - JAXM Chapter 12 - JAXR Chapter 13 - JAXB Chapter 8 - Part Three - Advanced Topics Chapter 14 - Transaction Management Chapter 15 - Security Chapter 16 - Practical Considerations Chapter 17 - Future Standards Appendix A - XML Schema Appendix B - JSTL The Software Architect's Appendix C Role Index About the CD List of Figures List of Tables List of Listings List of Sidebars Back Cover Written by industry thought leaders, Java Web Services Architecture is a no-nonsense guide to web services technologies including SOAP, WSDL, UDDI and the JAX APIs This book is the trusted advisor to systems architects and provides an unbiased look at many of the practical considerations for implementing web services including authorization, encryption, transactions and the future of Web Services Java Web Services Architecture James McGovern Sameer Tyagi Michael E Stevens Sunil Mathew MORGAN KAUFMANN PUBLISHERS AN IMPRINT OF ELSEVIER SCIENCE SAN FRANCISCO SAN DIEGO NEW YORK BOSTON LONDON SYDNEY TOKYO Senior Editor Lothlórien Homet Editorial Assistant Corina Derman Publishing Services Manager Simon Crump Senior Project Manager Julio Esperas Production Services Graphic World Publishing Services Design Rebecca Evans and Associates Composition Rebecca Evans and Associates Illustration Technologies 'N Typography Cover Design Frances Baca Design Printer The Maple-Vail Book Manufacturing Group Cover Images Great Rotunda Stone, Solomon R Guggenheim Museum, New York; Paul Edmondson, Getty Images Designations used by companies to distinguish their products are often claimed as trademarks or registered trademarks In all instances in which Morgan Kaufmann Publishers is aware of a claim, the product names appear in initial capital or all capital letters Readers, however, should contact the appropriate companies for more complete information regarding trademarks and registration Morgan Kaufmann Publishers An imprint of Elsevier Science 340 Pine Street, Sixth Floor San Francisco, CA 94104-3205 www.mkp.com Copyright © 2003 by Elsevier Science (USA) All rights reserved Printed in the Unites States of America 07 06 05 04 03 5 4 3 2 1 No part of this publication may be reproduced, stored in retrieval system, or transmitted in any form or by any means-electronic, mechanical, photocopying, scanning or otherwise-without prior written permission of the Publisher Library of Congress Control Number: 2002117799 ISBN: 1-55860-900-8 This book is printed on acid-free paper About the Authors James McGovern is currently employed as an enterprise architect for The Hartford Financial Services Group, Inc and writes the "Ask Doctor Java" column for Java Developers Journal He is the lead author of XQuery: Rapid Working Knowledge (Sams Publishing) He is also the lead author of an upcoming book entitled The Practical Guide to Enterprise Architecture (Prentice Hall) James has sixteen years of experience in Information Technology James is member of the Java Community Process and is working on the Performance Metric Instrumentation (JSR 138) specification He holds industry certifications from Microsoft, Cisco, and Sun, and is a member of the Worldwide Institute of Software Architects He can be reached at Sameer Tyagi is coauthor of four recent books on Java technology: Professional JSP, Professional Java Server Programming J2EE Edition, and Core JDO He has written numerous magazine articles for Java World, Java Developers Journal, Java Pro, Java Report, and Programmez (France) He has eight years of experience in Information Technology He is employed as an enterprise Java architect for Sun Micro-systems and works at their Java Center in Burlington, Massachusetts He can be reached at Michael E Stevens is employed as an application architect for The Hartford Financial Services Group, Inc He received his B.S degree in computer science from Central Connecticut State University and is a candidate for a master's degree in computer science from Rensselaer Polytechnic Institute He has over fourteen years' experience in information technology and architecting and developing software systems, most recently focusing on J2EE solutions In addition to having founded a software company that developed solutions for the mailing industry, Michael is a columnist for Developer.com and coauthor of The Practical Guide to Enterprise Architecture (Prentice Hall) He is a certified Java programmer and a member of the IEEE Computer Society and the ACM He can be reached at Sunil Mathew has fourteen years of experience in Information Technology and now manages the Java consulting practice for Sun Microsystems in the northeast He has extensive experience working with senior-level management in defining technical strategy and architecture and in conducting technology evaluations He can be reached at Acknowledgments This book is the result of many people's efforts We would first like to thank our acquisitions editor, Lothlórien Homet, for proving insight into the publishing industry in general and allowing us to focus on writing a good book instead of simply following a publishing formula For a book to be successful requires the input and feedback of many people We would like to acknowledge the reviewers who read our early work: the EBC team at Hartford Financial Services, Madhu Siddalingaiah, Casey Kochmer, Jason Bloomberg, Mitchell Smith, Brian Kernighan, and Anne Thomas Manes We also gratefully acknowledge the reviewers: Dave Hollander, Jim Webber, Peter Herzum, Sang Shin, and Jeff Ryan Special acknowledgement goes to SOAP specialist Benjamin Navarez, who participated in the planning stages of the book but was unable to join the writing team James McGovern I would like to thank my wife, Sherry; my mom and dad, Mattie and James; my mother-in-law, Soogia; and my late father-in-law, Sylvester, for their love, encouragement, and everlasting support I would also like to thank my coworkers at Hartford Financial Services for providing the right balance of challenge and support I would like to acknowledge past coworkers at Enherent and Command Systems for providing motivation, suggestions, and constructive criticism throughout my career Finally, I would like to praise God for his blessings and mercy I, James Jr., dedicate this book to my perfect son, Little James (a.k.a James III) Sameer Tyagi I would like to dedicate this book to the people who taught me the things I like to do; to Steve Ahlfield and Caroline Goldman, for helping me make my first skydives; everyone at Executive Fliers and John Hannah, for helping me with my first flying lessons; Steve Burrows, who taught me my first note on the guitar; Bob Patz, who taught me to drive on the right side of the road; and Richard Bach, for his writings that made me think when I needed to; and Nadine Pelletier, for reminding me what a jerk I can be at times Michael E Stevens My life has been touched by many souls I owe my life and my happiness to my wife, Rhonda, and my daughter, Katie, without whom I could not exist To my father, Ed, and my mother, Doris, I would not be the person I am today without your love and support To my sisters, Lori and Lisa, thank you for lifelong bonds that I cherish To my niece and nephew, Cody and Jessica, you bring me joy To my little angel, Christine, you are with me always Sunil Mathew I am indebted to Stu Stern, whose inspiration, guidance, and advice shaped my career My contributions to this book are, to a large extent, a direct result of knowledge gained while working at Sun A special thanks to my friends Chris Steel and Shaun Terry for reviewing the initial drafts of my chapters I acknowledge the help and support received from my colleagues at the Sun Java center in Boston and Somerset Of course, this endeavor would not have been possible without the support and encouragement from my parents, Verghis and Sally Mathew, and from Sajan, Sheila, Sumith, and Amita Foreword An Agile Foreword I wish I had written this book You really need to read it if you're building or using Web services with Java Chapter 10: JAX-RPC Listing 10.1: A multidimensional array of application-defined PaymentDetail objects mapped on the wire using SOAP encoding Listing 10.2: Implementation for Flute Bank's BillPay service Listing 10.3: xrpcc configuration in the reference implementation Listing 10.4: Source file for BillPay.java Listing 10.5: WSDL billservice.java corresponding to Listing 10.4 Listing 10.6: Client using stubs Listing 10.7: Client using DII directly, where all parameters are known (WSDL is not passed) Listing 10.8: Client using DII indirectly, where all parameters are not known (WSDL is dynamically inspected) Listing 10.9: Client using dynamic proxies Listing 10.10a: SOAP request Listing 10.10b: SOAP response Listing 10.11: A compound message with a MIME attachment Listing 10.12a: Service implementation for processing attachments Listing 10.12b: xrpcc configuration for stub and tie generation Listing 10.13: Client-side handler Listing 10.14: Server-side handler Listing 10.15: Service implementation Listing 10.16: xrpcc configuration for handlers Listing 10.17: C# client for JAX-RPC Listing 10.18: EJB client and deployment descriptor code extract Chapter 11: JAXM Listing 11.1: Application A: Sending the message Listing 11.2: Application B: Receiving the message Listing 11.3: The SoapMailSender application Listing 11.4: The SoapMailReceiver application Listing 11.5: The SOAP request sent synchronously Listing 11.6: Client-side output Listing 11.7: The synchronous PurchaseOrderService Listing 11.8: The response returned by the synchronous PurchaseOrderService Listing 11.9: An asynchronous message sender Listing 11.10: The PurchaseOrderService handles asynchronous messages and also acts as a client Listing 11.11: The CallbackProcessor service on flutebank.com Listing 11.12: The ebXML message sent from Flute Bank to OfficeMin Listing 11.13: The ebXML message sent from OfficeMin to Flute Bank Chapter 12: JAXR Listing 12.1: Publishing organization information Listing 12.2a: Service interface separated into billpayinterface.wsdl Listing 12.2b: The schema definition referenced by billpayservice.wsdl Listing 12.2c: The billpayservice.wsdl implemented by Flute Bank Listing 12.3: JAXR application to publish the WSDL Listing 12.4a: Querying organization information from UDDI Listing 12.4b: Output of UDDIQuery Listing 12.5a: Querying the registry for service information Listing 12.5b: Client side output of a service query Listing 12.6a: Service discovery based on namespace Listing 12.6b: The client side output Listing 12.7: SOAP request to the registry with the X.509 certificate Listing 12.8: Using the open source JAXR provider to include the X.509 certificate Listing 12.9: Publishing with the JAXR provider Chapter 13: JAXB Listing 13.1: The purchaseorder.xsd schema from Chapter 9 Listing 13.2: Simple JAXB code to read an XML document Listing 13.3: The XML marshalled out by application code in Listing 13.2 Listing 13.4a: A schema with enumerations Listing 13.4b: The generated interface for an enumeration in Listing 13.4a Listing 13.5a: A complex element Listing 13.5b: Generated binding interface for a complex element Listing 13.6: Bindings affected by class and javadoc declarations Listing 13.7: A typesafe-enumeration-generated binding Chapter 15: Security Listing 15.1: Signed check order Listing 15.2: Apache Axis signer Listing 15.3: Apache Axis verifier Listing 15.4: Unencrypted XML document Listing 15.5: Encrypted XML document Listing 15.6: Completely encrypted XML document Listing 15.7: Authentication assertion Listing 15.8: Authentication assertion response Listing 15.9: Attribute assertion request Listing 15.10: Authorization assertion Listing 15.11: Authorization assertion response Listing 15.12: WS-Security example Listing 15.13: Coordination context Chapter 16: Practical Considerations Listing 16.1: WSDL for timer service Listing 16.2: Timer service proxy Chapter 17: Future Standards Listing 17.1: WSDL fragment showing the functional interface for Flute Bank's loan service Listing 17.2: WSDL elements that combine WSDL operations properly Appendix A: XML Schema Listing A.1: employeeList XML Listing A.2 Appendix B: JSTL Listing B.1: An example JSP using JSTL XML tags List of Sidebars Chapter 12: JAXR X.509 Chapter 14: Transaction Management Isolation Levels and Locking Transaction Manager versus TP Monitor HP Web Services Transactions (HP-WST) Chapter 17: Future Standards The soap URI Appendix A: XML Schema Validating Parsers Why the schemaLocation Attribute Value Is Only a Hint ... What are the technologies involved in Web services? How does Java support Web services? What kinds of Web services are there? What kind of benefits can be realized by implementing Web services? What Are Web Services? "A Web service is a software application identified by a URI, whose... The first source of additional information on Web services and Java is the J2EE Web site, http:/ /java. sun.com/j2ee The following are related to Web services and the Java J2EE platform and are of particular interest:... many of the practical considerations for implementing web services including authorization, encryption, transactions and the future of Web Services Java Web Services Architecture James McGovern Sameer Tyagi