What's New in Java Web Services Developer Pack (Java WSDP) 1.2

   
   

Articles Index


The Java Web Services Developer Pack (Java WSDP) has evolved into an integrated toolkit for developing, building, testing, and deploying web Services, as well as web and XML-based applications. The current version of Java WSDP, 1.2, contains the latest versions of Java and XML technologies for building reliable and secure web services. It has added new features, fixed bugs from earlier releases, and made developing and deploying web services easier. More importantly, Java WSDP 1.2 is implementing cutting-edge industrial technologies such as the XML Web Services Security (XML Signature) and Web Services Interoperability (WS-I) Basic Profile.

This article provides a quick overview, highlights the new features, and provides a description of the technologies that are now part of Java WSDP 1.2.

Overview of Java Web Services Developer Pack (Java WSDP)

The Java Web Services Developer Pack (Java WSDP) is an integrated toolkit that allows Java developers to develop, test, and deploy web Services quickly and easily. The Java WSDP 1.2 is an all-in-one download containing key technologies, tools, and APIs that simplify web services development using the Java 2 Platform.

The Java WSDP provides implementations of web services standards including the web services Description Markup Language (WSDL), the Simple Object Access Protocol (SOAP), and the Universal Description, Discovery and Integration (UDDI). In addition, it provides implementations for web application development such as JavaServer Pages (JSP Pages), the JSP Standard Tag Library (JSTL), and JavaServer Faces (JSF). It is worth noting that despite the fact that the Java WSDP emphasizes web services, the Pack is an integrated toolkit that allows Java developers to develop and deploy not only web services, but also web and XML-based applications. All these applications use technologies that are common to all of them, and so are bundled together.

Java WSDP Technologies and Tools

The Java WSDP 1.2 incorporates the following technologies and tools:

  • Java Architecture for XML Binding (JAXB) v1.0.1: The JAXB API:
    • Provides Java developers with an efficient and standard way of mapping between XML and Java code
    • Increases the productivity of Java developers because they can write less code themselves and do not have to be experts in XML
    • Allows developers to easily extend their applications with XML and web services technologies.

     

  • Java API for XML Processing (JAXP) v1.2.3: The JAXP API supports processing of XML documents using DOM, SAX, and XSLT. It enables applications to parse and transform XML documents independent of a particular XML processing implementation. It provides developers with the flexibility to swap between XML processors without making application code change.

     

  • Java API for XML Registries (JAXR) v1.0.4: The JAXR API is an abstract uniform Java API for accessing different kinds of XML registries. It provides you with a single set of APIs to access a variety of XML registries, including UDDI and the ebXML Registry. You don't need to worry about the nitty-gritty details of each registry's information model. This abstraction is consistent with the Java philosophy of "Write Once, Run Anywhere". It enables value-added capabilities beyond what the underlying registries can do. As an example, a non-JAXR UDDI client can't do taxonomy browsing and taxonomy-aware smart queries -- which are available to a JAXR client for UDDI. The JAXR information model is based on the ebXML Registry Information Model (RIM), with enhancements to support UDDI. The ebXML RIM is more generic and extensible than the UDDI XML data structures, so the ebXML RIM can be extended to satisfy the needs of UDDI. The JAXR Reference Implementation, which is part of the Java Web Services Developer Pack (Java WSDP) implements the level 0 capability profile defined by the JAXR specification ( JSR-93), which allows access to both UDDI and ebXML registries at a basic level.

     

  • Java API for XML-based RPC (JAX-RPC) v1.1 (EA) : This API enables Java developers to develop SOAP-based portable web services. It is worth noting that JAX-RPC web services can be deployed on J2EE 1.4.

     

  • SOAP with Attachments API for Java (SAAJ) v1.2 (EA): This API enables developers to produce and consume messages conforming to the SOAP 1.1 specification and SOAP with Attachments note.
    Note: JAXR-RPC and SAAJ have new version numbers (1.1 and 1.2, respectively) because they have been revised to include support for the Web Services Interoperability (WS-I) and the Web Services Interoperability Basic Profile (WSI-BP). Please see below for more information on the WS-I and WS-I BP.

     

  • Java Servlets: Servlets are Java classes that are capable of generating dynamic HTML content using print statements. What is important about Servlets, however, is that they run in a container and the APIs provide session and object life cycle management. Consequently, using Servlets you gain all the benefits from the Java platform which include the sandbox (security), database access API via JDBC, and cross platform portability of servlets.

     

  • JavaServer Pages: JSP Pages abstract servlets to a higher level allowing web developers and designers to rapidly develop and maintain information-rich dynamic web page. The JSP technology promotes separation between business logic and presentation.

     

  • JavaServer Pages Standard Tag Library (JSTL) v1.0.3: The JavaServer Pages Standard Tag Library (JSTL) is a standard tag library that provides support for common, structural tasks, such as: iteration and conditionals, processing XML documents, internationalization, and database access using the Structured Query Language (SQL). It provides four separate tag libraries, each containing custom actions that target a specific functional area:
    1. Core action
    2. XML processing
    3. Internationalization
    4. Database access
    In addition, the JSTL introduces the concept of an expression language (EL) to simplify page development.

     

  • JavaServer Face (JSF) v1.0 (EA4): JavaServer Faces is a server-side technology for developing web applications with rich user interfaces. It is a user interface framework for building web applications that run on the server side and render the user interface back to the client. It lets you develop tools that simplify coding web-based Java applications. Users of your JavaServer Faces-based web applications will appreciate the wide range of user actions made available by JavaServer Faces controls. You can offer more features, more conveniently than you can with a standard HTML front end with just a little more effort than an ordinary JSP configuration -- but with many more benefits. If you would like to learn how to get started with JavaServer Faces, please look at this article: Developing Web Applications with JavaServer Faces.

     

  • WS-I Basic Profile: WS-I is an organization that aims at developing guidelines and tools to help developers in building interoperable web services. The Java API for XML RPC (JAX-RPC) version 1.1 and the SOAP w/Attachments API for Java (SAAJ) version 1.2, have added early access support for the Web Services Interoperability (WS-I) Basic profile 1.0 draft. This will enable interoperability for your web services.

     

  • WS-I Sample Application (Supply Chain Management EA): The Java WSDP 1.2 pack includes a WS-I sample application (Supply Chain Management) that uses web services endpoints for retailers, manufacturers, warehouses, and a logging facility. The application allows you to mix and match web services from various vendors in various transactions.

     

  • XML and Web Services Security: Java WSDP 1.2 provides an early access (EA) framework for JAX-RPC application developers that can enable them to sign/verify SOAP messages. This framework is based on the World Wide Web Consortium (W3C) Specifications for XML Signature.

     

  • OASIS Universal Business Language (UBL) JAXB Sample: The UBL is an OASIS initiative that aims at compiling a standard library of XML business documents (for purchase order, invoice, dispatch advice, receipt advice, and cancellation) that are defined with XML Schema definitions. JAXB 1.0.1 includes a sample application that demonstrates how to process a UBL order using JAXB-generated classes.

     

  • Java WSDP Registry Server v1.0_05: The Java WSDP Registry Server implements Version 2 of the Universal Description, Discovery and Integration (UDDI) specification to provide a UDDI registry for web services in a private environment. Use it as a test registry for web services application development to test applications that you develop that use the Java API for XML Registries (JAXR). A Registry Browser is also provided to perform queries and updates on registry data.

     

  • Ant Build Tool 1.5.1: Ant is a XML-based Java build tool.

     

  • Apache Tomcat 5 Container: Tomcat is the servlet and JSP container.
Note: The Java API for Messaging (JAXM 1.1.2) is not bundled as part of the Java WSDP 1.2. It is available as a separate package and can be downloaded from here.

Web Services Interoperability

The Web Services Interoperability Organization (WS-I) is an open, industry organization committed to promoting interoperability among web services based on common, industry-accepted definitions and related XML standards support. Membership in WS-I is open to all organizations interested in promoting interoperability among web services and contributing to the development of WS-I.org. Members, however, are required to pay annual membership fees and sign membership agreements.

WS-I is producing a set of deliverables to help developers build and deploy interoperable web services. In addition, it aims to provide implementation guidance and education to help customers with web services adoption. More importantly, it promotes consistent and reliable interoperability among web services across platforms, applications, and programming languages. This is because without industry-accepted guidelines, interoperability between web services will be reduced and this would limit the growth and promise of web services.

One way to achieve this is through testing implementations and guidelines that can help developers in checking whether their web services satisfy the interoperability requirements. In addition, web services profiles can help by grouping key web services standards to simplify implementation and promote interoperability. The aim is really to ensure that web services implementations conform to a commonly accepted set of basic standards.

The first thing that may come to your mind now might be: why isn't an effort like this coming from OASIS or W3C? Well, these organizations are engaged in developing specifications around web services. A third party is needed for industry alignment and agreements on groupings of specifications to provide interoperability and direction. This third party is the WS-I organization, which brings the work of multiple standards together for the purpose of providing conformance around web services.

One of the deliverables of WS-I is profiles. A profile contains a list of named and versioned web services specifications at specific levels together with a set of implementation and interoperability guidelines recommending how the specifications should be used to develop interoperable web services.

Why WS-I Profiles Are Needed?

The core set of specifications that are used to describe, publish, enable discovery, and invoke web services are the Simple Object Access Protocol (SOAP), Web Services Description Language (WSDL), and Universal Description Discovery and Integration (UDDI). All of these specifications are based on XML and XML schema. If you have been keeping up with these core specifications, you would know that it is difficult to determine which products support which levels (or versions) of the specifications. This task becomes harder when you want to ensure that your web services are interoperable. WS-I addresses this need through Profiles.

The first profile is the WS-I Basic Profile 1.0, which includes XML Schema 1.0, SOAP 1.1, WSDL 1.1, and UDDI 2.0. This profile attempts to improve interoperability within its scope which is bounded by the specification referenced by it.

It is worth noting that WS-I makes available some testing tools that are designed to help developers determine whether their web services conform to the Basic Profile. The current version ( Beta Release 3 Version 0.96) tests for version 1.0 of the Basic Profile.

JAX-RPC and WS-I in Java WSDP 1.2

JAX-RPC 1.1 provides support for the WS-I Basic Profile 1.0 (approved DRAFT version) by including the following features:

  • The wscompile has the option " f:wsi", which can be used to verify that a WSDL is WS-I compliant and/or generates classes needed by JAX-RPC services and clients that are WS-I compliant.
  • The JAX-RPC runtime supports doc/literal and rpc/literal for services, static stubs, dynamic proxies, and DII.

For code examples of WS-I compliant clients and services, see <PathToYourInstallation>/jwstutorial12/examples/jaxrpc/advanced of your Java WSDL tutorial installation.

XML and Web Services Security

Security can be provided at two levels:

  1. Transport-level security: This can be done using JAX-RPC for either basic authentication or client-certification authentication over HTTP/SSL
  2. Message-level security: The security information is contained within the SOAP message. In other words, the security information travels along with the message. This has the benefit of allowing message parts to be transported without intermediate nodes seeing or modifying the message.

Both of these security solutions are needed. For example, the XML Digital Signature enables you to verify the identity of the message but anyone who picks up the XML document can see its contents. The transport-level security (using SSL for example) can be used to encrypt the actual contents of the document.

Java WSDP 1.2 provides a framework with a JAX-RPC application developer is able to sign and verify SOAP messages. This framework implements portions of the OASIS Web Services Security Working DRAFT.

Note that the message-level security solution provided in Java WSDP 1.2 is based on non-standard Java APIs, which may change with new revisions. The Java standard for XML Digital Signatures is now part of the Java Community Process (JCP) under JSR-105, XML Digital Signature APIs.

For code sample, examples are provided to illustrate how a JAX-RPC developer can use the XML and Web Services Security framework. The examples can be found at <PathToyourJWSDP1.2Installation>/xws-security/samples/ directory. Note that in Java WSDP 1.2, the default trust-store which is bundled with the pack is the only certificate that will be accepted for signing and verifying requests and responses. The trust-store contains the certificates for both, the client and server.

Note: If you have tried using the JAX-RPC JARs in Applets or WebStart applications, they won't work. They will need to be signed to be usable. You can sign the JARs yourself for now.

Beyond Java WSDP 1.2

At JavaOne 2003, Sun announced Fast Web Services as a way to investigate methods for improving performance using encoding mechanisms other than XML. Also, Sun Microsystems is participating in the StAX expert group ( JSR 173). This parser will be used when it is ready and this will lead to some gain in performance.

The source for Java technology collaboration website, or java.net, has a number of interesting projects going on, some of which are related to web services and XML (WS and XML), and you should get involved. For example, the WS and XML Community (at java.net) has created a new JAXB, SAAJ, and JAX-RPC projects that aim to provide Implementations for these technologies. Sun Microsystems will contribute the source code for the Reference Implementations. You are encouraged to participate in such projects.

It is worth noting that technologies, such JAX-RPC 1.1, SAAJ 1.2, and others are being folded into J2EE 1.4 and Sun ONE Application Server 8 (S1AS 8).

Conclusion

The Java Web Services Developer Pack 1.1 (Java WSDP 1.1) is an integrated toolkit that enables Java developers to easily develop, test, and deploy Web Services as well as Web and XML-based applications. If you wish to learn more about Java Web Services and get a flavor for the effort involved in developing them, I'd recommend you turn to the Java Web Services Tutorial. And, if you like to meet and listen to the experts, JavaOne 2003 has a complete track on Web Services featuring exciting technical sessions for novice, intermediate and advanced developers as well as managers.

For more information

- Web Services and Java Technology

- Download Java WSDP 1.2

- Web Services BluePrints

- The Java Web Services Tutorial

- WS-I

- java.net

Acknowledgments

Special thanks to Anita Jindal and Rajiv Mordani of Sun Microsystems, whose feedback helped me improve this article.

Have a question about programming? Use Java Online Support.