Chapter 5. Using SOAP for e-Business

IN THIS CHAPTER

• Web Services Security

• Enterprise Application Integration

• Quality of Service

In Chapter 3, "Simple Object Access Protocol (SOAP)," you saw how SOAP enables applications to interact with each other, and in Chapter 4, "Creating Web Services," you saw that Axis is an example SOAP infrastructure. With SOAP, applications can be coupled loosely—more importantly, in a decentralized manner. On the basis of such an advantage, in this chapter we review a collection of topics that are required for starting a serious e-Business with Web services.

First, we consider security, assuming that business-to-business (B2B) collaboration is performed in terms of SOAP messaging. We will begin by discussing familiar technologies such as HTTP Basic Authentication (BASIC-AUTH) and Secure Socket Layer (SSL) , then move to SOAP-specific security, such as SOAP Digital Signature and encryption. We'll also discuss Public Key Infrastructure(PKI) as a basis for many security technologies.

Then, we shift our focus to intranet applications that are configured to process incoming SOAP messages, which might potentially produce response messages. This approach is called Enterprise Application Integration (EAI) because typical enterprises have a portfolio of existing applications that should be integrated properly to achieve additional business goals. We will take Enterprise JavaBeans (EJBs) , Java Message Service (JMS) and Java 2 Platform Enterprise Edition (J2EE) as a basis for integrating applications.

Finally, we discuss technologies required for high-volume SOAP servers in terms of Quality of Service (QoS) . Performance, scalability, and availability are important issues whenever you're developing real applications. We will consider how existing technologies in that area are adopted for developing scalable SOAP servers.