netzooid

I feel the need to repost my latest posting from The Server Side here…

James Watson writes:

Personally I would like to see a good open source framework for REST based web services. I’m not sure if it’s the way to go but WSDL 2.0 spec should theoretically support REST. I’m unaware of any tools that help with creating these types of WSDLs.

Don’t use WSDL 2.0 for REST. It’s an ugly way of doing RESTful services IMNSHO. There are plenty of great toolkits out there for helping you build RESTful web services. The ones I have my eye on are:

• Restlets
• JAX-RS RI - aka Jersey allows you to build services easily with annotations. CXF has support in the works too.
• Apache Abdera - Build AtomPub services with Abdera. These are quite powerful…

Please keep in mind that REST and SOAP programming models don’t mix well. There is this complete fallacy going around (I succumbed to it too at one point) that you can use the same service class or description to build a RESTful and a SOAP based service. However, the interactions and mappings should end up being completely different from one to the other! One is message based and one is resource based. You’re going to have to design your service differently as they’re two completely different beasts.

Use the best tool for the job. You’ll save yourself time and a lot of hassle.

If you are producing an Atom feed, make sure your IDs are properly unique! I recommend reading this if you haven’t already.

Thank you Mark.

Governance is one of those terms, like ESB or SOA, that is super fun in it’s ability to be morphed into whatever you want it to be. Luckily for us (and unluckily for marketing teams everywhere), it is a bit more definable.

David Linthinicum has a good post which attempts to define what governance really is. He divides it into design time and runtime governance. Under design time he includes:

• A registry and/or repository for the tracking of service design, management, policy, security, and testing artifacts.
• Design tools, including service modeling, dependency tracking, policy creation and management, and other tools that assist in the design of services.
• Deployment tools, including service deployment, typically through binding with external development environments.
• Links to testing tools and services, providing the developer/designer the ability to create a test plan and testing scenarios, and then leverage service testing technology.

Under runtime governance he includes:

• Service discovery
• Service delivery
• Security
• Setting and maintaining appropriate service levels
• Managing errors and exceptions
• Enabling online upgrades and versioning
• Service validation
• Auditing and logging

Miko Matsumura chimes in with an interesting comment as well:

This is helpful for sure, but one of the things that’s worth pointing out is the fine research by Gartner which suggests that making an artificial distinction between design time and run time governance is potentially dangerous.

This is very true. I can think of a number of things which span both design time and run time:

• WS-I Compliance
• Security Policies - i.e. requiring SSL for all endpoints. Or requiring WS-Security.
• Dependency tracking - Cluster node X depends on Service Y which depends on artifact Z.

I think its also important to keep in mind that governance != software products. Governance can potentially span a lot more as it includes a lot processes and oversight which can’t be directly enforced by software (i.e. ensuring that your services comply with local laws). I’m assuming by the inclusion of “SOA” inside the title of David’s post is an attempt to narrow this down a bit to SOA related tools. Although this begs the question - what is SOA?