We are building a web application where we are following SAAS model using RESTful services for internal communication between modules.
There is a scenario where we want to resolve the host name of the server for RESTful service through one of the parameter value passed in the URL of service. In our architecture, each server instance wants to provide it's service for a set of values of a particular parameter in the URL.
In a dynamic environment, such responsibility can change from server to server. How can the client resolve dynamically which IP address it should contact to get a particular request served? Is there some sort of URL service registration and resolution facility similar to DNS, which can take into consideration some metadata like parameter's value in the resolution procedure? Any links to some existing solution or ideas for implementing such thing are welcome.
You can use a reverse-proxy as front-end of your service (all worker servers). It must be capable of directing request to appropriate back-end server based on some knowledge about application-level semantics in URLs, including parameters.
Here is the list of the most commonly used reverse-proxies:
Nginx (specifically about reverse-proxying)
Squid
Apache with mod_proxy
The main thing to note is that these general purpose products may not meet your needs well, in the sense of how flexible they can be congifured. This is why I wrote a custom reverse-proxy for a similar web-service myself (the project was implemented in Delphi, and I can provide some further details on this if needed).
Related
How are you doing!
I have a scenario where I need to create an OSB service(which is a mere pass-through service) that will be based on a WSDL that contains 2 ports, each pointing to a different URL. In this case, How do I create the proxy and business services. As I see, when I create the proxy service based on a Port, only one port can be selected at a time, so I'll need 2 OSB Services/proxies. If I select the binding, then the port informaiton won't come from the wsdl into the generated effective proxy wsdl, and it will have only one port, so even in this case, I'll have to generate 2 wsdl's for those 2 ports. Am I right? or Am I missing anything?
Another question on the same scenario
We are storing all the wsdl's in MDS, so need they are abstract(atleast not service/port information). So, in this case, if I make the wsdl as abstract, it will lose the port information, so how do I do? 2 business services, each pointing to a different URL? So even in this case, what about the proxy service? How can a proxy service that exposes one port cater to 2 different services?
Is there anyway that I can achieve this with a single OSB Service? I would prefer the 2nd approach of storing abstract wsdl's in MDS.
Regards
RaviKiran
When you create a Proxy service, you have full control over how that proxy service calls out to business services. In your case, something simple like an Operational Branch would suffice, but really, OSB allows you to control calling out to multiple services. You don't need to provide multiple ports for your proxy service, as you can make all the calls and control from inside.
Regarding your second question, it wouldn't matter if you're using abstract or concrete WSDLs in your OSB configuration for either the Proxy or the Business Services. You define the endpoint you're connecting to. In Business Services, OSB will take your WSDL and call whatever endpoint you tell it to. For a proxy service, the server OSB runs on will dictate what port address it's going to use, outside of the Endpoint URI that you've defined for it.
I would read Oracle's documentation on the Concepts and Architecture for OSB. It covers alot of this background information on implementing proxy and business services, and might point you to the more specific question you want answered. In particular, section 2.2 covers the Proxy and business service abstraction concept pretty well:
Oracle® Fusion Middleware Concepts and Architecture for Oracle Service Bus
11g Release 1 (11.1.1.7)
I have Glassfish 3.1.1 (Metro JAX-WS stack) installation with several http listeners in my domain's virtual server.
When I deploy my EAR, web application and soap services are all bound to all available http listeners whereas I want them to be held by different listeners, each having it's own performance and connection pool setup.
I believed that sun-web.xml should be responsible for that sort of binding but I haven't found any options of binding service to specific port or virtual server.
Any ideas?
One option is to use the deploy command with an accordingly set virtualservers commandline parameter... for reference see http://download.oracle.com/docs/cd/E18930_01/html/821-2433/deploy-1.html or page 262 etc. at http://download.oracle.com/docs/cd/E18930_01/pdf/821-2433.pdf
Another option:
Several config files have new names (for example glassfish-web.xml is the new name for sun-web.xml).
To bind your EAR to specific URI see esp. the web element and its sub-element like web-uri - for details and samples see
http://download.oracle.com/docs/cd/E18930_01/html/821-2417/beaqk.html#scrolltoc
http://download.oracle.com/docs/cd/E18930_01/html/821-2417/beaql.html
http://javahowto.blogspot.com/2010/10/glassfish-webxml-and-sun-webxml.html
I have different Spring Web Services, which are included into the context by the
Endpoint Annotation, so there are no dependencies despite the Annotation (no interface etc.). Therefore, no "context" information is present.
Now I want to chain a web service request, ie. an Endpoint is called which itself should call a web service on the same server. I can use Spring's WebServiceTemplate, however, I need the current server url for this request.
Is there any way how this url can be injected during application startup into the Endpoints? Since the Endpoints do not extend some class, there is no way to get this information anywhere inside the Endpoints, also the request parameters do not have this information (these are simple JAXB-classes, which are marshalled on request).
I believe the best option is to send the URL as part of the request.
This also enables you to dynamically change the URL to a third server later.
I'd like to restrict access to my web service to registered clients. The first thing I thought of was to mimic that of AWS which, in a nutshell, issues clients a non-secret and secret key pair, and requires clients to prove knowledge of the secret key by using a cryptographic function of some of the HTTP request data and the secret key, then specifying the output of the crypto function in a request header. AWS does the same and checks that the expected signature matches what the client has specified. The secret is not transmitted, blah blah. This is pretty typical and not that interesting albeit useful.
http://mws.amazon.com/docs/devGuide/Signatures.html
http://chrisroos.co.uk/blog/2009-01-31-implementing-version-2-of-the-amazon-aws-http-request-signature-in-ruby
My preferred web server for web services is nginx. I'd like to start requiring similar request signatures in certain services. It makes sense to me to create an nginx module that handles request signature validation before ever sending the request to an upstream process (my web service instance(s)).
Do you know of such a nginx module? Do you know of a different one that I can base my work off of?
There's a decent nginx module writing guide here:
http://www.evanmiller.org/nginx-modules-guide.html
Please note that I'm not asking "how do I write a nginx module?" I'm simply trying to avoid reinventing the wheel.
Thanks!
If I'm understanding correctly, you could simply check for custom headers with an if($http_{yourheader}){} and validate that against a backend such as memcached, or proxy to a fastcgi script, or even use an embedded perl script (although this will be slow and could block).
AFAIK there aren't any specific standard or third-party modules that do this, but a combination of them could provide a suitable solution (eg; $http_{header} + redis backend, for instance).
Is there a particular reason you're not looking to use custom SSL certs? They would seem an adequate solution for restricting access with added security.
We have a web service that is deployed on 2 separate machines in different locations. Is it possible to monitor the url that a person used to call our webservice using java code? We have a 3DNS url set up and we want all clients to use this url as oppossed hitting the boxes directly with the correct port numbers in the url.
Thanks
Damien
Have you taken a look at:
#Resource
WebServiceContext wsContext;
This will return the context of the current message sent to your webservice. I've been able to get the IP address of the user from that.
This is assuming that you are using Java.
You might look into something like OWSM (Oracle Web Services Manager)... there may be open source alternatives.
OWSM creates a virtual endpoint that it handles and routes to the actual service hosts. This way, your service hosts can be hidden behind the firewall, with only the OWSM host visible to the world. When a user hits the virtual endpoint, OWSM can authenticate and pass them along to the balanced service host.
An alternative might be to use servlet filters on the real endpoints. The filter could do a couple of different things. It could simply log the requested URL from the HttpServletRequest, or it could even redirect to the correct URL for you (I'm not sure what the implications of that are for a web service, though).
All you would have to do is have the filter mapped to the same context path as the web service (axis uses /services/* for example).