Web service

Using local ressources in JSP pages

For an internally (no internet access) used webservice based on JSP pages all CSS and JS files had to be included locally. Solution: to achieve this JSTL can be used (<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>) which allows to refernce and load the locally included files, like for example: <link href="<c:url value="/resources/static/css/bootstrap.min.css"/>" rel="stylesheet">

Camunda framework provides possibility to configure service call from model directly, what reduces amount of code.

1. Create service task in BPMN modeler
2. Open Properties Panel
3. Configure Connector: Connector Id, Input and Output parameters (of your service), add Script as Output parameter in case it‘s necessary
4. Use process model in your application with BPMN engine as usually.

Configure service call from BPMN model (Camunda framework)

BPMN uses graphical representation of business processes. Some parts of business process can use web-services. In this case it is necessary to configure web service call.

Password delivery problem

When handling sensible information in the internet it has become common to verify users by a combination of password and username. More often than not the first communication between a web service and a new user is the registration. Therefore this point of exchange is quite vulnerable for many kind of attacks (man-in-the-middle, spoofing, knock-back,..), mostly with the goal to fetch the registration data for a third party. The first step towards countering such methods is to establish a somewhat secure channel before requesting any detailed data from the user, but passwords must be verified and for that they have to be transmitted. Besides https and ssh there are many other protocols that increase the overall security, but still submitting passwords in plain is not an option for various reasons. What is the best way to establish a secure handshake between webservices and users? or how can they both agree on one password without the need to sent it?

Spring/CXF WS controller

A web service is typically an application programming interface (API) or Web API that is accessed via Hypertext Transfer Protocol (HTTP) and executed on a remote system, hosting the requested service. The Spring Framework is an open source application framework for the Java platform. Apache CXF is an open-source, fully featured, easy to use Web Services framework. The goal is to correctly configure an MVC controller to communicate with a web service using Spring and Apache CXF.

Spring/CXF WS service

A web service is typically an application programming interface (API) or Web API that is accessed via Hypertext Transfer Protocol (HTTP) and executed on a remote system, hosting the requested service. The Spring Framework is an open source application framework for the Java platform. Apache CXF is an open-source, fully featured, easy to use Web Services framework. The goal is to correctly configure a service to be run as a web service using Spring and Apache CXF.

Spring/CXF WS client config

A web service is typically an application programming interface (API) or Web API that is accessed via Hypertext Transfer Protocol (HTTP) and executed on a remote system, hosting the requested service. The Spring Framework is an open source application framework for the Java platform. Apache CXF is an open-source, fully featured, easy to use Web Services framework. The goal is to correctly configure a web service client using Spring and Apache CXF.

Spring/CXF WS server config

A web service is typically an application programming interface (API) or Web API that is accessed via Hypertext Transfer Protocol (HTTP) and executed on a remote system, hosting the requested service. The Spring Framework is an open source application framework for the Java platform. Apache CXF is an open-source, fully featured, easy to use Web Services framework. The goal is to correctly configure a web service server using Spring and Apache CXF.

Securing a service using WS-Security

<p>We have an existing Web-Service accessible to everyone who knows the address of the endpoint. The software used on the server:</p><ul><li>Java 6</li><li>Apache CXF 2.2.3</li><li>SOAP Webservice</li></ul><p>Because of massive abuse in the past the access should be limited to authorized people only. The login credentials are stored in a database and should be checked with every request made on the service. The login data should be transmitted in the SOAP-Envelope header and an interceptor should&nbsp; verify the data before the actual invocation of a webservice method. The solution should be based on an open standard which is well defined.</p>

How can the creation of WCF or ASMX Web Services be simplified at high quality level?

<p>&nbsp;</p><p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949;">Is there a way to increase the speed of overall web service development using .NET and preferrable WCF. This overall procedure should include the implementation, the testing, the support for documentation and the maintenance and feature extending in the future.</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949; min-height: 15.0px;">&nbsp;</p> <p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949;">Automatic code generation (server &amp; client) using patterns or strict conventions is preferred due to an easier communicatable result, because we use web services in way that they the user easily recognizes which parameters are requested and which are returned without searching through structures and procedures. The generation of tests should be possible at least on "Test shell" basis that can be completed. The generation should never remove own written code.</p><p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949;">&nbsp;</p><p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949;">Additonally, the code generation should be possible for WCF and classical (ASMX) Web Services using the same input values.&nbsp;</p><p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949;">&nbsp;</p><p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949;">Naturally, we do not want to use the configurability of web services. It must be able to create unsecured / open web services without authtentication, but it should also be possible to secure them. Several different binding variants are used in our system at the moment and we typically publish our services several times on different machines addressing different users. This should be easier to configure and use in the future.&nbsp;</p><p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949;">&nbsp;</p><p style="margin: 0.0px 0.0px 0.0px 0.0px; line-height: 20.0px; font: 12.0px Verdana; color: #494949;">&nbsp;</p><p>&nbsp;</p>

Pages

Subscribe to Web service