Welcome!

Microservices Expo Authors: Liz McMillan, Jyoti Bansal, Yeshim Deniz, Dan Blacharski, Elizabeth White

Related Topics: Microservices Expo

Microservices Expo: Article

Portals and Web Services - When business issues are technical

Portals and Web Services - When business issues are technical

We've all heard the terms: portals, gadgets, portlets, dashboarding. But what does it all mean? And what role do Web services play in this exciting new world of componentized content?

I would define "portalization" as the creation of an environment that gives the end user one-stop shopping for actionable content and collaboration. Portals don't create anything new; they merely give us comprehensive, personalized access to content that may reside in any number of repositories (see Figure 1). Moreover, portal environments benefit developers and implementers by providing a robust set of "out of the box" tools and features to ease application development and deployment. These tools include single sign-on (SSO) access to virtually any authentication data source, centralized authorization, logging and reporting, document versioning, and so on.

 

Content and Web services
In the vast expanse of where content may come from, Web services is just one of the vast sources that provide content. The difference, however, between Web services and other content-providing mechanisms is that Web services are a natural and synergic fit with portal environments. From the dawn of Web services time, the goal has been to deliver content in a standard, XML-based format that allows the consumers of that data to render or use it as they choose. Since personalization, localization, and customization are all standard fare in a portal environment, the presentation layer can be left to the developer of the portlet consuming the data. Sounds like the perfect job for good ol' Web services, doesn't it? It's also no secret that the great benefits to using Web services are their reuse and client-agnostic and protocol-independent properties. Given all this, the use of Web services in a portal environment is a no-brainer.

When to 'Portalize'
Does portalizing the weather along with a link to your company's homepage give you a good ROI on your portal software? I would guess probably not. But many other applications may make sense. Let's say we are a Web-engineering firm and at any given time our CEO wants to get:

  • Information on sales leads that are in the pipeline
  • Updates on development efforts that are in progress and status of client deliverables
  • Meeting information for the day
  • Access to the latest proposals with impending deadlines
  • And maybe even an employee vacation schedule

    Access to this content in a centralized, concise, easy-to-use format is a powerful thing. It eliminates the need to open and swap among multiple applications. It lets him log in to one SSO system and have access to all authorized resources rather than needing to log in to multiple systems. Furthermore, it eliminates the hassle of crawling through a document server's directory structure to find a specific proposal document. Finally, it allows him to collaborate with other team members on documents, meetings, etc. With its ability to improve project management and accelerate proposal and development efforts, the ROI for this type of portal application is very valuable, indeed.

    The portal above can be described as a "dashboard" specific to our CEO's needs. It gives a personalized set of relevant information to the current end user. The information is a collection of data subsets from larger repositories. Those repositories in this case are a sales system, a project system, a scheduling system, a file structure, and an HR system. To create a portlet on top of an entire repository that exposes the complete functionality of that system may seem great, but in reality the end user wants only a slice of that data customized for them. For example, at first glance exposing the entire sales system sounds like it could be meaningful for many employees. However, the sales team is only interested in lead-flow information and not billing information, while the admin department only needs to see billing information so they can generate invoices. In an ideal portal application, each of these data slices remain separate as part of a specific user's personalized dashboard.

    How Is It Done?
    So how do we go about building a dashboard that is relevant and useful to each end user? This is done by leveraging a combination of built-in portal environment functionality and custom development. The portal environment gives the developer a nice framework for doing common tasks such as authentication, authorization, content formatting, and portlet behavior. Custom development helps to provide exposure and access to application content and functionality and makes the portal "consumable" by existing and future applications. The former development effort is very specific to the business need. If the business need allows, the content access exposure is best developed using Web services. By using Web services to expose key business functionality you are "future proofing" your application. This service may be consumed by a portlet today but may need to be consumed by a third-party application tomorrow. Once the necessary content and/or functionality are exposed, it must be consumed. This is the job of a portlet.

    Today developers are somewhat limited when building consuming portlets. They must adhere to the APIs defined by the portal environment. The portability of these portlets is not quite there yet as standards like JSR 168 are still being worked out. If you do expose your content through Web services, the development effort to consume that data can be quite trivial in most portal environments. Most have simple wizard interfaces that allow a developer to point at a Web service and have the portlet nearly build itself. Due to the reusability, ease of deployment, and "future proofing" of your applications, using Web services to expose functionality and content is a smart move.

    Portal Environment: Build or Buy?
    While today's portal software is impressive, it comes at a price. Portal software with implementation can run a company anywhere from the mid–five figures to well into the high six figures and beyond, depending on the number of users, servers, etc. Is it worth the investment to get into a portal environment? The answer really depends on your business need. Giving your staff access to their vacation day reports and links to HR policies within a branded intranet site may not be worthy of the sexy and expensive features of a full-blown portal environment. In this case, your efforts would be better spent handing this project to a junior developer and giving him or her a month to bang it out, giving you far greater ROI than deploying a real portal. If, however, you truly intend to portalize your business functions as described in our CEO dashboard example, there is no doubt you'll want to buy versus building your own. The time and investment needed to match the features and functionality of a portal environment are not time and money well spent. In this instance, a good portal environment is worth the investment.

    While all portal environments differ in the goodies they offer, most will include some flavor of SSO authentication and authorization; the ability to define groups of users into communities with common interests and the associated content and applications; monitoring, management and reporting; content aggregation, indexing and searching; document check in, check out, and versioning; collaboration; portlet development APIs or SDKs; and much more. Since portal environments have been around for some time now, and most offer easy ways to develop portlets to their environment, giant libraries of portlets have been developed. Plumtree, for example, has hundreds of portlets in its library, from integrating with Lotus Notes, SAP, Siebel, PeopleSoft, and others, to using AOL Instant Messenger. Portal environment libraries provide a huge advantage to building all these components as many of them are open source or relatively inexpensive.

    What About Integration?
    How well a portal environment integrates with Web services is also very dependent on the portal company you choose. While there are certainly some environments that make the integration process less painful than others, this should not be the developers' main consideration. Developers should be more concerned about how well a portal vendor interoperates with other vendors and portlets. In other words, how good is this vendor's support for emerging portal and Web service standards? At the beginning of the portal revolution, it was acceptable for each vendor to operate in its own box. Each portlet developed was proprietary to the environment in which it lived, as standards specific to portlets did not yet exist. Enter OASIS and the Java Community Process (JCP). With the recent approval of the Web Services for Remote Portlets (WSRP) standard by OASIS and the development of the JSR 168 Portlet Specification by the JCP, vendors now have the choice of whether they want to play nice together or not. Happily, several vendors have actually integrated these standards into their products already. This is a big step in the right direction and great news for those wishing to implement Web services as portlets.

    Web Services Standards and Portals
    The WSRP is an interesting standard and somewhat of a paradigm shift from what we are used to in the Web services world. Until now everything was very datacentric. It's the nature of Web services to not worry about specific protocols or client displays. Web service calls either performed a function or they accessed some data. Presentation was left in the hands of the consumer. The WSRP standard has changed this for portlets. The idea is that no longer are portlet Web services "data-oriented," as OASIS calls it. They are now "presentation-oriented" (see Figure 2).

     

    WSRP defines a Web service interface that allows a much richer interaction with Web services than straight Web service calls. The producer of the WSRP-compliant service can expose description information and capabilities of the service, presentation markup that is now part of the service, an optional registration interface for creating a relationship between the consumer and producer, and optional management interfaces. By creating WSRP-compliant portlets, producers are able to publish portlets that have been developed in their familiar environments and be assured that consumers will receive the service as it was intended from the application logic up to the presentation. It lets them reuse portlets, make them WSRP compliant, and expose them to other consumers. From the consumer side, no additional development is required to integrate a WSRP portlet, as there would be if a straight Web service were being consumed. So long as the consumer is also WSRP compliant, the inclusion of this portlet is virtually development free.

    The adoption of the WSRP standard will ultimately make portlet interoperability issues between portal vendors a problem of the past, opening up new opportunities for businesses to expose and market their developed portlets while maintaining full control over application and presentation logic. It will also benefit businesses looking to consume existing WSRP portlets by offering them a complete packaged portlet application, presentation and all, requiring virtually no development effort.

    Though it is clear that there are many benefits to using Web services in a portal environment, there are still some drawbacks. Until the portal standards have been fully adopted, developers will need to continue to produce and consume Web services the "old fashioned" way. Consuming this way will require a good deal of additional development to create presentation and logic around the data you get back. Another problem with standard Web services is that you are constrained by the APIs you build. Let's say, for example, that you decide your fancy sales lead Web service should now return fax numbers, which it didn't do before. You will need to first produce an updated Web service containing this new field. Then this definition WSDL needs to be republished into a UDDI service so new consumers of the service may develop to the new API. This is okay for new consumers, but your existing consumers are now out of sync.

    Each existing consumer will need to develop against this new API to handle the fax data. You can see how this has the potential to very quickly become a maintenance nightmare. If controlling presentation, data, and other service attributes from a central location is a requirement due to varied consumers and ease of deployment, you may want to choose a vendor who is on board with these new portal standards.

    Implementing Web Services
    So, let's say you're willing to take the good with the bad and want in on using data-oriented Web services in a portal, how do you go about doing that? Like everything else, this is dependent on the environment you are in. But here are the basics you will need to follow: first you must develop the business logic that needs to be exposed. Since we are in the Web services world you can do this with any language and on any platform you like. Next, you need to expose this business logic as a Web service. At this stage of the game just about every IDE has some support for generating the files you need for Web service exposure. These files may include your Web service wrapper code, WSDL definition file, deployment descriptors, etc. Deploy this service and publish its description to a UDDI server and you have successfully produced a Web service.

    Now you must consume this service in your portal. The development kits that come with your portal software will determine how easily you integrate your newly deployed service. If you're lucky, you'll have a wizardstyle interface that will ask you where the service is defined. From the WSDL, the wizard will create all the necessary client proxy files to access this service. This is still only one piece of the client work. In the Java world this is just the M of the MVC (Model-View- Controller). You will still need to build the presentation layer and any logic that is necessary to interact with the service. In building the client code, you will have access to all the goodies your portal environment offers, such as session information, portlet-to-portlet communication, authorization information, and so on. Implementing portlets as Web services will take some work. How smoothly your implementation goes will depend on what development platform you use, what portal vendor you choose, and what in-house talents you can leverage to handle this development.

    Conclusion
    Individually Web services and portals are very powerful technologies. One would think then that together they would be unstoppable. In theory that's correct, but in reality there are still some limitations to seamless, portable, simple Web service portlet integration. The good news is that these are known problems and are being addressed by both standards bodies and the portal vendors themselves. If your business needs dictate it, a portal can be a wise investment. Your ROI will not take that long to be seen if your portal is used properly. And when all the portlet libraries have been searched with no luck for that special application you require, take a stab at creating your portlet with a Web service. For all the current and future standards, platform and protocol independence, reusability, interoperability, and "future proofing" benefits you get, you'll be glad you did.

  • More Stories By Alec Graziano

    Director of Web engineering at Miller Systems, Alec Graziano is responsible for all of Miller Systems’ Internet-based software development engagements and process methodology, including design, architecture, and programming. Alec has significant and broad experience in designing and managing the delivery of industry-standard, Web-based software, particularly in the Web services arena, in both J2EE and .NET frameworks.

    Comments (0)

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


    @MicroservicesExpo Stories
    Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
    Is your application too difficult to manage? Do changes take dozens of developers hundreds of hours to execute, and frequently result in downtime across all your site’s functions? It sounds like you have a monolith! A monolith is one of the three main software architectures that define most applications. Whether you’ve intentionally set out to create a monolith or not, it’s worth at least weighing the pros and cons of the different architectural approaches and deciding which one makes the most s...
    Developers want to create better apps faster. Static clouds are giving way to scalable systems, with dynamic resource allocation and application monitoring. You won't hear that chant from users on any picket line, but helping developers to create better apps faster is the mission of Lee Atchison, principal cloud architect and advocate at New Relic Inc., based in San Francisco. His singular job is to understand and drive the industry in the areas of cloud architecture, microservices, scalability ...
    When you decide to launch a startup company, business advisors, counselors, bankers and armchair know-it-alls will tell you that the first thing you need to do is get funding. While there is some validity to that boilerplate piece of wisdom, the availability of and need for startup funding has gone through a dramatic transformation over the past decade, and the next few years will see even more of a shift. A perfect storm of events is causing this seismic shift. On the macroeconomic side this ...
    Cloud promises the agility required by today’s digital businesses. As organizations adopt cloud based infrastructures and services, their IT resources become increasingly dynamic and hybrid in nature. Managing these require modern IT operations and tools. In his session at 20th Cloud Expo, Raj Sundaram, Senior Principal Product Manager at CA Technologies, will discuss how to modernize your IT operations in order to proactively manage your hybrid cloud and IT environments. He will be sharing be...
    Cloud Expo, Inc. has announced today that Aruna Ravichandran, vice president of DevOps Product and Solutions Marketing at CA Technologies, has been named co-conference chair of DevOps at Cloud Expo 2017. The @DevOpsSummit at Cloud Expo New York will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and @DevOpsSummit at Cloud Expo Silicon Valley will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
    A Man in the Middle attack, or MITM, is a situation wherein a malicious entity can read/write data that is being transmitted between two or more systems (in most cases, between you and the website that you are surfing). MITMs are common in China, thanks to the “Great Cannon.” The “Great Cannon” is slightly different from the “The Great Firewall.” The firewall monitors web traffic moving in and out of China and blocks prohibited content. The Great Cannon, on the other hand, acts as a man in the...
    To more closely examine the variety of ways in which IT departments around the world are integrating cloud services, and the effect hybrid IT has had on their organizations and IT job roles, SolarWinds recently released the SolarWinds IT Trends Report 2017: Portrait of a Hybrid Organization. This annual study consists of survey-based research that explores significant trends, developments, and movements related to and directly affecting IT and IT professionals.
    NHK, Japan Broadcasting, will feature the upcoming @ThingsExpo Silicon Valley in a special 'Internet of Things' and smart technology documentary that will be filmed on the expo floor between November 3 to 5, 2015, in Santa Clara. NHK is the sole public TV network in Japan equivalent to the BBC in the UK and the largest in Asia with many award-winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology and will be covering @ThingsExpo Silicon Val...
    In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
    Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
    Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
    This recent research on cloud computing from the Register delves a little deeper than many of the "We're all adopting cloud!" surveys we've seen. They found that meaningful cloud adoption and the idea of the cloud-first enterprise are still not reality for many businesses. The Register's stats also show a more gradual cloud deployment trend over the past five years, not any sort of explosion. One important takeaway is that coherence across internal and external clouds is essential for IT right n...
    Back in February of 2017, Andrew Clay Schafer of Pivotal tweeted the following: “seriously tho, the whole software industry is stuck on deployment when we desperately need architecture and telemetry.” Intrigue in a 140 characters. For me, I hear Andrew saying, “we’re jumping to step 5 before we’ve successfully completed steps 1-4.”
    In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, will discuss how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He will discuss how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
    In large enterprises, environment provisioning and server provisioning account for a significant portion of the operations team's time. This often leaves users frustrated while they wait for these services. For instance, server provisioning can take several days and sometimes even weeks. At the same time, digital transformation means the need for server and environment provisioning is constantly growing. Organizations are adopting agile methodologies and software teams are increasing the speed ...
    Software as a service (SaaS), one of the earliest and most successful cloud services, has reached mainstream status. According to Cisco, by 2019 more than four-fifths (83 percent) of all data center traffic will be based in the cloud, up from 65 percent today. The majority of this traffic will be applications. Businesses of all sizes are adopting a variety of SaaS-based services – everything from collaboration tools to mission-critical commerce-oriented applications. The rise in SaaS usage has m...
    The proper isolation of resources is essential for multi-tenant environments. The traditional approach to isolate resources is, however, rather heavyweight. In his session at 18th Cloud Expo, Igor Drobiazko, co-founder of elastic.io, drew upon his own experience with operating a Docker container-based infrastructure on a large scale and present a lightweight solution for resource isolation using microservices. He also discussed the implementation of microservices in data and application integrat...
    We'd all like to fulfill that "find a job you love and you'll never work a day in your life" cliché. But in reality, every job (even if it's our dream job) comes with its downsides. For you, the constant fight against shadow IT might get on your last nerves. For your developer coworkers, infrastructure management is the roadblock that stands in the way of focusing on coding. As you watch more and more applications and processes move to the cloud, technology is coming to developers' rescue-most r...
    2016 has been an amazing year for Docker and the container industry. We had 3 major releases of Docker engine this year , and tremendous increase in usage. The community has been following along and contributing amazing Docker resources to help you learn and get hands-on experience. Here’s some of the top read and viewed content for the year. Of course releases are always really popular, particularly when they fit requests we had from the community.