Wednesday May 02, 2007
- Open ESB Partner Ecosystem: Creating a Binding Component Deployment Plug-In for Netbeans
- Deliver Composite Applications with Java, WS-BPEL & SOA
- JBI/SOA Tips: For Asynchronous, Peer-to-Peer Collaborations Use Multiple MEPs
- Open ESB Partner Ecosystem: Videos on using SOAPUI with Open ESB, NetBeans, and GlassFish
- JBI/SOA Tips: Prefer Use of Document/Literal Rather than RPC
- My Article Nominated for JDJ Annual Readers' Choice 2007 Awards
- JBI/SOA Tips: Favor Contract First Development (a.k.a. Top-Down approach)
- JBI/SOA Tips: The Wire Always Goes Forward never Back
- JBI/SOA Tips: Use Separate MEPs for Business Responses
- JBI/SOA Tips: Message Exchange Patterns (MEPs) are the units of 'wire' collaboration
- JBI/SOA Tips: Use Correlation Values to Reference Shared State
- JBI/SOA Tips: Identify Shared Conversational State Upfront
- JBI/SOA Tips: What is a Conversation in a collaboration wire-design
- JBI/SOA Tips: Protocol Is Not Part of the Business Message
- JBI/SOA Tips: Evolving Global Collaborations - Version Number Message Wrappers
- JBI/SOA Tips: For Large Messages Use MTOM
- Sherry Barkodar's NetBeans 6.0 Preview Cookbooks
- JBI/SOA Tips: Use Unique Element to ‘Wrap’ Each Business Message
- JBI/SOA Tips: Collaboration Design for 'Wire' Centric Integration
- JavaOne 2007 - TS-8897 technical session Slides
- JavaOne 2007 - Friday May 11, Open ESB talks
- JavaOne 2007 - Thursday May 10, Open ESB talks
- JavaOne 2007 - Thursday May 10, Designing Service Collaborations:'Wire'-Centric Integration
- JavaOne 2007 - Wednesday May 9 is JBI Evening
- JavaOne 2007 - Tuesday May 8, Open ESB talks
- JavaOne 2007 - SOA/Open ESB Demos at the JavaOne Pavilion
- JavaOne 2007 - Monday May 7 is NetBeans and GlassFish Days
- JavaOne 2007 - Here I come
- Open ESB 2.0 Beta is out
- JBI/SOA Tips: Consider using a StaX-based parser to process huge XML datasets
- JBI/SOA Tips: Separation of Concerns
- JBI/SOA Tips: Cache wherever possible
- JBI/SOA Tips: Security/Performance Tradeoffs
- JBI/SOA Tips: Stateless vs Stateful
- JBI/SOA Tips: Do not use the SOAP action header for message routing purposes
- JBI/SOA Tips: Be aware of SOAP Verbosity (Message size overhead)
- JBI/SOA Tips: As much as possible, avoid using Base64 Encoded/Raw bytes in the message Body
- JBI/SOA Tips: Use strongly typed messages - Avoid use of xsd:any to represent the entire message Body
- JBI/SOA Tips: Use strongly typed messages - Avoid use of xsd:string to represent the entire message Body
- JavaOne 2007 - Attend the JBI Evening - JBI BOFs back-to-back
- JavaOne 2007 - JBI/SOA Technical Sessions
- New for JavaOne 2007 - A Services and Integration track
- New additions to JavaOne 2007 - JavaOne Camp, Business Day, and Java TV Day
- JBI/SOA Tips: Do not mix style/use in the same service
- JBI/SOA Tips: Expose Coarse-Grained Service Interfaces to external Clients
- JBI/SOA Tips: Expose Request/Response Message Exchange Patterns to external Clients
- JBI/SOA Blueprints: Beware of the issues when doing Implementation-First (Bottom-up) Development
- My JavaOne 2007 Schedule
- JavaOne 2007 - TS-8897 - Designing Service Collaborations: ‘Wire’-Centric Integration
- F3 (Form Follows Function) - a new declarative Java scripting language
- Sun Open-Sources Java SE, Java EE, and Java ME
- 99 second NetBeans 5.5 Enterprise Pack JBI/SOA Composite Application video demos
- GlassFish rules in WS-Stack Implementations
- Links to Tutorials, Guides, and articles for the NetBeans Enterprise Pack 5.5
- Java EE 5 SDK Update 1 has been released
- NetBeans Enterprise Pack 5.5 is out
- Java Business Integration 101 with Peter Walker on TSS
- NetBeans Enterprise Pack 5.5 Beta - Additional Tutorial Links
- Links to Tutorials, Guides, and articles for the NetBeans Enterprise Pack Beta 5.5
- NetBeans Enterprise Pack 5.5 Beta is out
- JBI/SOA Blueprints: Contract-First Development
- BPEL: Tutorials on creating simple Asynchronous & Synchronous Business Processes
- Sun Engineering Webcast on SOA using JBI
- Sun Engineering Webcast on SOA using OpenESB
- XML Schema: Analyzing XML Schemas
- WSDL & SOAP: Exploring the Service Description Model
- BPEL: Modeling Event-Handling in business processes
- BPEL: How do I introduce intentional delays in a business process?
- BPEL: Specifying Dates, Times, and duration
- Learn to use SOA Tools
- JBI/SOA Blueprints: Travel Reservation Scenario
- Showcasing seamless Java EE-JBI integration
- WSDL & SOAP: Binding Style to use - Document or RPC?
- BPEL: Lifecycle of Business Process Instances
- BPEL: What is Correlation, message Property, Property Alias, and Correlation Set
- The simplicity and the power of JBI
- BPEL: What are partnerLinkTypes, roles, and partnerLinks.
- BEA's Mike Rowley promises to fix SCA
- Ron on what plagues SCA and how to fix it
- Practical SOA: Boosting productivity with Sun's Integration Platform
- JBI's "Invisible Plumbing" comes to the rescue of the SOA Developer
- JBI/SOA Blueprints: Insurance Claim Scenario
- Implementing Service-Oriented Architectures (SOA) with the Java EE 5 SDK
- The JBI/SOA Composite Application Unit Test Driver Framework
- The WS-BPEL Debugger
- The WS-BPEL XPath Assignment Editor (a.k.a., The BPEL Mapper)
- The WS-BPEL JBI Service Engine
- The HTTP/SOAP JBI Binding Component
- The JBI Composite Application Project System
- The BPEL Module JBI Project System
- The JBI Manager
- TS-3175: Building a Service With BPEL and the Java™ EE Platform: How Composite Applications and JBI Simplify SOA Development
- JBI/SOA Blueprints: Loan Application: Orchestration using BPEL SE, Java EE SE, and HTTP/SOAP BC
- The Alaska Project
- About Me
-
- Sun Java CAPS 5.1 Primer
- www.java.com
- www.java.net
- www.opensolaris.org
-
Alan's Blog
-
Andreas Egloff's Blog
-
Binod's Blog
-
Chris Oliver's blog
- Comp. Sci. Classics
-
Daniel Fuchs
-
David Lee Todd
-
Eamonn McManus
-
Frank Kieviet's Blog
-
GlassFish Wiki
-
Jean-Francois's blog
-
Jonathan Schwartz
-
Kedar's Blog
-
Kevin Schmidt
-
Mark White
-
Phillip Verghese
-
Ron Ten-Hove
-
Sandip Chitale's Blog
- Sun Docs-Java CAPS v5.1.1
- Sun Forums - JBI
- Sun Forums - Java CAPS
- Sun Forums - OpenESB
- Sun Project - Open JBI Components
- Sun Project - OpenESB
-
Sun Wiki - OpenESB/JBI/JBI Components
-
Sundar's Blog
-
- Web Cornucopia
-
Sun Bloggers
Today's Page Hits: 209
Wednesday May 02, 2007
May
2
If multiple short messages are being exchanged between the client and the service, TLS (i.e., HTTPS) which uses X.509 digital certificates to provide message confidentiality, may not be the optimal protocol because of the handshake overhead involved in setting it up. The same goes for WS-Security which utilizes XML Digital Signatures for authentication and message integrity, and XML encryption using X.509 digital certificates for message confidentiality.
While TLS (i.e., HTTPS) can be used for network node level message confidentiality, WS-Security is typically used for end-to-end security up through your application stack, and is independent of the networking protocol. WS-Security is twice as expensive as TLS (i.e., HTTPS).
This is one of the many reasons why you have to expose Coarse-Grained Service Interfaces to external Clients and exchange reasonable sized messages. Consider setting up a secure conversation with partners who communicate with you frequently. You just have to be aware of the trade-offs when designing your service.
Like this write-up? Subscribe to receive more like it.
Posted at 12:36AM May 02, 2007
by Gopalan Raj in A Tip a Day |
Listen to this entry |
Comments[1]
Listen to this entry |
Comments[1]
Tags:
bpel
choreography
ejb
esb
http
integration
javacaps
javaee
jax-ws
jbi
management
orchestration
process-oriented
sca
service-oriented
soa
soap
wsdl
xml
xsd
Share This Post:
|
|
|
|
|
Share This Post:
|
|
|
|
|
Disclaimer: The contents of this Weblog represent my personal opinion which may differ from the official views of my employer, Sun Microsystems, Inc. or any past employers.
View blog top tags
![[Valid RSS]](valid-rss.png "Validate my RSS feed")
Posted by Tom Hawtin on May 02, 2007 at 03:59 PM PDT #