Welcome!

Recurring Revenue Authors: Zakia Bouachraoui, Pat Romanski, Yeshim Deniz, Elizabeth White, Xenia von Wedel

Related Topics: Recurring Revenue, Microservices Expo

Recurring Revenue: Article

A Review Of Oracle Application Server 10g

For the enterprise, Oracle's Application Server 10g provides a robust option

A number of solutions exist for creating Java-based Web services from a variety of different providers. Options range from individual processing engines that plug into existing application servers to large enterprise-class platforms in which Web services is one of many components. Each option provides its own set of challenges and benefits while addressing different types of requirements. For the enterprise, Oracle's Application Server 10g provides a robust option.

The 10g version of the application server from Oracle provides a highly flexible and scalable Java-based Web services capability. The tools provided by the system allow for almost any Java object or PL/SQL function to be exposed as a Web service.

Web Services Support
The Oracle Application Server Web services architecture in 10g provides the infrastructure to expose a variety of objects as Web services, including:

  • Stateless Java classes
  • Stateful Java classes
  • Stateless session EJBs
  • Stateless PL/SQL functions or procedures
  • Java Message Service (JMS) objects
Figure 1, from the application server's documentation library, identifies the supporting components for each of the above sources. The boxes on the right side of the figure represent individual servlets that handle the documents sent to and from each type of source component. For Web services that are stateful, HTTP session objects manage state between service calls. Both RPC and document-style Web services are supported by this architecture. The key difference between the two styles within the application server is the set of parameters and data types allowed in the implementing class. In the RPC style, Oracle supports instances of basic Java primitives and object types as parameters, along with Element, Document, and DocumentFragment objects from the DOM (XML API). Document-style Web service implementation classes only support instances of the Element object from the DOM (XML API).

Tools for Exposing Services
If you're using Java classes to implement Web services, the development should follow the same sound principles as when developing any other classes that will be hosted in an application server, since there are no physical limitations beyond those described in the previous section. Once the implementation classes are built, the developer must create the configuration file to describe how the service is to be assembled by the application server. This is a basic XML document not unlike a J2EE or Web application deployment descriptor. It contains information about the service itself, including name, description, and path information, as well as the individual services and their implementation classes (or other objects, depending on the implementation type). For the purposes of this article, a simple Document-style Web service was created as a standard Java class to accept an incoming document and store it in a repository.

With the configuration file complete, Oracle Application Server provides a tool called the WebServicesAssembler that reads the file information and generates the appropriate class files and deployment descriptors, and optionally the WSDL file and proxy classes for the service. This is a command-line utility that can easily be incorporated into any Ant script as part of a standardized build process. Inspection of the generated EAR file shows a Web application module with a specialized servlet for handling document-style Web services.

JMS Web services are slightly different because two JMS destinations and possibly an MDB are required, depending on implementation. In this scenario, a SOAP call goes through the following progression:

  1. The Web service client sends a SOAP message to an HTTP servlet
  2. The Web service listener servlet drops the message to a JMS destination
  3. An MDB or alternate JMS client picks up the incoming message and processes the contents
  4. The result of the operation is placed on a second JMS destination
  5. The Web service listener servlet returns the service result to the Web service client via a SOAP message
The configuration file for JMS Web services also differs in that the connection factories and queues for sending and receiving the SOAP document from the Web services listener servlet are identified instead of the implementation classes

Similar changes are needed when developing Web services that are implemented by PL/SQL objects. In this scenario, the configuration file identifies the username and password of the host database, its JDBC URL, the JNDI name of the connection pool, and the package and procedure to execute.

In addition to the Web services architecture described above, Oracle Application Server 10g provides an alternative method for Web services implementations called OracleAS SOAP. This toolkit is based on the Apache SOAP implementation. It should be noted, however, that the Oracle Application Server documentation recommends that the Oracle Application Server Web services architecture be used to create and deploy new Web services applications.

Oracle UDDI Registry
Cataloging and publishing of available Web services is supported by the UDDI registry provided in Oracle Application Server 10g. This repository includes support for the SOAP API as defined in version 2 of the UDDI specification. Web services may also be published to the UDDI registry at deployment time from the Oracle Application Server Administrative Console.

Securing Web Services in Oracle
Oracle Application Server 10g allows administrators to secure Web services using the following techniques:

  • Web services over SSL
  • HTTP Basic Authentication
  • Authorization via Oracle's implementation of JAAS
When interacting with secure Web services hosted on an Oracle Application Server instance, the client application must have the relevant system properties set. If JAAS is implemented for authorization, the username and password provided by the calling client may be used to retrieve a Principal object from the User Manager to be passed along to any relevant processes.

Conclusion
Oracle Application Server 10g provides a powerful, flexible, and scalable Web services architecture for Java-based systems. The tools provided isolate the developers from the required code to manage the details of processing SOAP requests and allow them to focus on creating business logic. The UDDI server provides the cataloging and directory services to publish available services. Overall, the 10g version of Oracle's Application Server provides a complete and robust solution for delivering Web services in Java.

Company Info
Oracle Corporation
500 Oracle Parkway
Redwood Shores, CA 94065
www.oracle.com
Phone: 1.800.ORACLE1
http://www.oracle.com/technology/products/ias/index.html

At the time of this writing, it was indicated that an upgrade to the Oracle Application Server was forthcoming with support for J2EE 1.4 Web Services, SAAJ 1.2, Apache WSIF, SOAP 1.1/1.2 and WSDL 1.1. Adds support for the WS-Security standard and provide a reliable messaging framework that supports the WS-Reliability standard. This release includes a new management console for managing Web services, a full design time in Oracle JDeveloper and for non-Oracle-IDE environments, a command line tool, and a set of Ant tasks for creating Web services. The new version is now available.

More Stories By Brian Barbash

Brian R. Barbash is the product review editor for Web Services Journal. He is a senior consultant and technical architect for Envision Consulting, a unit of IMS Health, providing management consulting and systems integration that focuses on contracting, pricing, and account management in the pharmaceutical industry.

Comments (5)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in ...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secu...
Rafay enables developers to automate the distribution, operations, cross-region scaling and lifecycle management of containerized microservices across public and private clouds, and service provider networks. Rafay's platform is built around foundational elements that together deliver an optimal abstraction layer across disparate infrastructure, making it easy for developers to scale and operate applications across any number of locations or regions. Consumed as a service, Rafay's platform elimi...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
In today's enterprise, digital transformation represents organizational change even more so than technology change, as customer preferences and behavior drive end-to-end transformation across lines of business as well as IT. To capitalize on the ubiquitous disruption driving this transformation, companies must be able to innovate at an increasingly rapid pace.
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, Sandy Ca...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.