Welcome!

Microservices Expo Authors: Ruxit Blog, Pat Romanski, Elizabeth White, Liz McMillan, Lori MacVittie

Related Topics: Microservices Expo

Microservices Expo: Article

WS-I Basic Profile - Not just another Web service specification

WS-I Basic Profile - Not just another Web service specification

On August 12, 2003, the Web Services Interoperability Organization (WS-I), released the Final Material version of the WS-I Basic Profile 1.0 specification. This publication represents an important milestone for WS-I and the Web services community as a whole. It specifies the standards and technologies required for interoperability between Web services implementations running on different software and operating system platforms.

The Promise of Interoperability
The promise of interoperability is possibly the most important aspect of Web services technologies. That promise stems from the fact that Web services has its foundations in XML, which itself is interoperable across all platforms and programming languages. However, because Web services leverages heavily on the extensible nature of XML, the interoperability aspect of Web services is significantly challenged.

While most, if not all, vendors provide support for the established Web services standards, they are still motivated to provide added value to their customers in the form of advanced feature support for things such as security, reliability, transactions, and business process orchestration. Because many of the advanced Web services features are still in the early stages of development and adoption, developers and IT managers need more than just a checklist of (emerging) standards when making project implementation or product purchasing decisions. They need help in being able to determine when they are "coloring outside the lines" so that they can weigh the merits of incorporating these advanced features against the importance of ensuring broad interoperability of the deployed solution.

WS-I was founded with a mission to provide users of Web services technology with the guidance and tools that help them better understand where the boundary lies between the interoperable and not-necessarily-interoperable solution spaces so that they can make well-informed decisions.

About WS-I
The Web Services Interoperability Organization is an open industry effort chartered to promote Web services interoperability across platforms, applications, and programming languages. The organization brings together a diverse community of Web services leaders to respond to customer needs by providing guidance, recommended practices, and supporting resources, such as testing tools and sample applications, that enable the development of interoperable Web services.

WS-I Deliverables
The Basic Profile 1.0 is the first of a set of deliverables being produced by WS-I related to the Basic Profile. When complete, the package of deliverables produced in conjunction with all WS-I Profiles will be as follows:

  • Use cases and usage scenarios: Use cases and usage scenarios capture (respectively) business and technical requirements for the use of Web services. These requirements reflect the classes of real-world requirements supporting Web services solutions, and provide a framework to demonstrate the guidelines described in WS-I Profiles.
  • Profiles: A set of named Web services specifications at specific revision levels, together with a set of implementation and interoperability guidelines recommending how the specifications may be used to develop interoperable Web services.
  • Sample applications: Demonstrate the implementation of applications that are built from Web services usage scenarios and use cases, and that conform to a given set of profiles. Implementations of the same sample application on multiple platforms, languages, and development tools demonstrate interoperability in action, and provide readily usable resources for the Web services practitioner.
  • Testing tools: Used to monitor and analyze interactions with a Web service to determine whether or not the Web service instance or its artifacts (such as messages, WSDL, and UDDI registration components) conform to WS-I Profile guidelines.
At the time of this writing, each of the WS-I deliverables related to the Basic Profile 1.0 has been either formally approved as Final Material, or has been made public in the form of a Working Group Approval Draft.

Philosophy of the Profile
The WS-I Basic Profile was developed by the Basic Profile Working Group with a set of guiding principles that have been outlined in the Profile. These guiding principles form the "philosophy of the Profile."

Possibly the most important of these guiding principles is that there can be no guarantee of interoperability. The best that we could hope to achieve would be to improve the potential for interoperability since we were only dealing with the very basics of Web services technologies and we did not intend to address application-level semantics. Another key guiding principle is that the Profile never relaxes requirements of an underlying specification. That is to say that the Profile never changes a MUST to a SHOULD. However, the Profile often seeks to improve interoperability by reducing the optional features of an underlying specification by changing SHOULDs and SHOULD NOTs to MUSTs and MUST NOTs.

The Profile also focuses on interoperability, not functionality. While the underlying specifications may contain design flaws and inconsistencies, the Profile focuses only on those that directly affect interoperability. WS-I leaves the work of addressing any inadequacies of a specification to the standards body that is assigned stewardship of the standard.

Scope of the Profile
Each Profile has a scope that is defined by the set of referenced specifications. A Profile attempts to improve interoperability within its own scope by placing constraints on optional features of the referenced specifications, clarifications of ambiguities in the referenced specifications, and guidelines for use of the referenced specifications. A Profile does not impose constraints on that which is out of the scope of the Profile.

A key aspect of Web services is the composable nature of the specifications. WS-I Profiles are also intended to exhibit this same composable nature. They do so by defining the set of extensibility points, the extension mechanisms and parameters defined in the underlying specifications that may require out-of-band negotiation and/or agreement explicitly outside the scope of a Profile. While their use may impair interoperability, it is not subject to claims of conformance.

A Profile may place constraints on the use of extensibility points without constraining their range, so that specific uses of extensibility points may be further constrained by other Profiles to improve their interoperability when used in conjunction with the Profile.

The WS-I Basic Profile specification defines conformance of a Web service instance and its artifacts such as the messages it sends, its WSDL description and UDDI registration. The profile consists of the following set of nonproprietary Web services specifications:

  • SOAP 1.1
  • WSDL 1.1
  • UDDI 2.0
  • XML 1.0 (Second Edition)
  • XML Schema Part 1: Structures
  • XML Schema Part 2: Datatypes
  • RFC2246: The Transport Layer Security Protocol version 1.0
  • RFC2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile
  • RFC2616: HyperText Transfer Protocol 1.1
  • RFC2818: HTTP over TLS
  • RFC2965: HTTP State Management Mechanism
  • The Secure Sockets Layer Protocol version 3.0
The Profile adds constraints and clarifications to those base specifications with the intent to promote interoperability. Where the Profile is silent (i.e., imposes no clarification or constraint), the base specifications are normative. If the Profile prescribes a requirement in the form of a clarification or constraint, the Profile supersedes the underlying base specification. Some of the constraints imposed by the Profile are intended to restrict, or require, optional behavior and functionality so as to reduce the potential for interoperability problems resulting from impedance mismatch between implementations that have made different choices with regard to implementation of the optional functionality. Other Profile requirements are intended to clarify language in the base specifications that have been the source of frequent misinterpretation, resulting in interoperability problems. Where possible, the Basic Profile WG has tried to ensure that the Profile clarifications are aligned with the thinking and direction of the Working Group responsible for the stewardship of the underlying specification to which the clarification applies. For example, clarifications to the SOAP1.1 specification were often aligned with issue resolutions made by the W3C XML Protocol WG responsible for the development of the SOAP1.2 specification.

Profile Highlights
The following list highlights some of the key constraints imposed by the Profile:

  • Precludes the use of SOAP encoding
  • Requires the use of HTTP binding for SOAP
  • Requires the use of HTTP 500 status response for SOAP Fault messages
  • Requires the use of HTTP POST method
  • Requires the use of WSDL1.1 to describe the interface of a Web service
  • Requires the use of RPC-literal or document-literal forms of WSDL
  • Precludes the use of RPC-encoded–style WSDL
  • Precludes the use of solicit-response and notification style operations
  • Requires the use of WSDL SOAP binding extension with HTTP as the required transport
  • Requires the use of WSDL1.1 descriptions for UDDI tModel elements representing a Web service
What's Relevant to the Developer?
The WS-I Basic Profile 1.0 specification is a rather complex document. A majority of the specification is targeted at the audience of runtime platform and development tool vendors working on vendor-specific implementations of SOAP processors, WSDL parsers, code generators, and the like. You could reasonably consider the Profile to be a concerted effort by those tools and platform vendors to ensure that their respective products will either generate or host interoperable Web services instances.

However, it isn't enough that each of the major vendors adopt the Profile for their product offerings since each will likely retain support for certain features that the Profile does not sanction (such as RPC-encoded Web services) and most will offer support for features that are outside the scope of the Profile. A Web services developer or IT manager should be familiar with all of the profile specification's contents. However, certain sections of the Profile are specifically relevant to the implementation of interoperable Web services.

The following lists each substantive section of the profile specification and its relevance to a Web service practitioner.

  • Section 4: Relates to SOAP and the use of HTTP binding for SOAP. As such, it is mostly of interest to those developers writing SOAP processor implementations rather than Web services developers.
  • Section 5: Pertains to conformant use of WSDL, and as such should be of interest to Web services practitioners, especially those who handcraft their WSDL descriptions.
  • Section 6: Pertains to Web service discovery using UDDI. This, too, should be of interest to Web services practitioners. It describes conformant approaches to registration and categorization of a Web service in a UDDI registry.
  • Section 7: Relates to security of Web services using HTTP/S and should also be of interest to Web services practitioners who require security for the Web services they develop.
Many of the Profile requirements are often accompanied by examples of SOAP messages or WSDL descriptions that demonstrate both conformant and nonconformant adherence to the constraints and clarifications provided. The requirements associated with examples are likely to be of specific interest to Web services practitioners. However, the other WS-I deliverables related to the Profile may be more appropriate and relevant to the IT manager and Web service developer.

Scenarios, Sample Applications, and Testing Tools
The WS-I Sample Applications Working Group has developed deliverables based on the Basic Profile that a Web services practitioner will find useful.

  • A mock supply-chain sample application that demonstrates most of the key features of the WS-I Basic Profile
  • A Usage Scenarios specification that defines the most common design patterns for Web services and maps those scenarios to the Profile requirements that apply
The sample application serves a dual purpose. For vendors, it provides a means by which they can demonstrate and test their product's support for the requirements set forth by the Profile. To date, 10 vendors have produced independently developed implementations of the sample application, typically based on their respective runtime platform and/or development tooling. Each vendor has provided the source of their implementation so that Web services developers can better understand what they need to do to develop their own interoperable Web services.

The Testing Tools Working Group has delivered approval drafts of their reference testing tools for each of the major runtime platforms (Java and C#). They have also translated the constraints and requirements defined in WS-I Basic Profile 1.0 into formal test assertions that are used to configure the WS-I Testing Tools.

Web services practitioners can use the published reference testing tools to test their Web service instances, WSDL descriptions, and UDDI registrations for conformance to the Profile's requirements. IT managers can use the reports produced by the WS-I Testing Tools as a means of determining whether the Web services their developers have developed conform to the requirements of the Profile.

Future versions of the WS-I Testing Tools reports will be augmented to identify the extensibility points that are used in a Web service instance so that IT managers (and developers) can make informed decisions as to whether the solutions they develop and deploy meet the specific interoperability requirements of a given situation. If a Web service requires broad interoperability, such as might be the case with an Internet deployment of a service, they might wish to constrain the use of extensibility points to those covered by a WS-I Profile(s). Conversely, if a Web service is being deployed for use within an intranet, interoperability may not be considered as high a priority as the advanced features provided through the use of an extensibility point. IT managers can leverage the information provided by the testing tools to make an appropriate, well-informed decision based on the requirements of the given situation.

Looking Beyond WS-I Basic Profile 1.0
The WS-I Basic Profile 1.0 is, of course, just the tip of the iceberg. WS-I has already begun work on a number of follow-on profiles for Web services, including Attachments and Basic Security. Work will begin on future profiles, tackling some of the more advanced Web services features as the various specifications upon which they are based mature and stabilize and as the interoperability requirements associated with these advanced features are better understood by the community.

As WS-I releases these future profiles and their associated testing tools and sample applications deliverables, the Web services community benefits by reducing the tension induced by having to choose between the need for broad interoperability and the need for advanced functionality that is not yet broadly adopted.

References

  • WS-I: http://ws-i.org
  • WS-I Basic Profile 1.0: http://ws-i.org/Profiles/Basic/2003-08/BasicProfile-1.0a.htm
  • WS-I Testing Tools: http://ws-i.org/implementation.aspx
  • More Stories By Christopher Ferris

    Chris Ferris is an IBM Distinguished Engineer and CTO of Industry Standards in the Software Group Standards Strategy organization. He has been actively engaged in open standards development for XML and Web services since 1999. Ferris is former chair of the WS-I Basic Profile Working Group. He co-chairs the W3C Web Services Policy Working Group and serves as chair of the W3C XML Protocols Working Group. He represents IBM on the OASIS WS-RX Technical Committee. He is a former elected member of the OASIS Technical Advisory Board (TAB).

    Comments (0)

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


    @MicroservicesExpo Stories
    This digest provides an overview of good resources that are well worth reading. We’ll be updating this page as new content becomes available, so I suggest you bookmark it. Also, expect more digests to come on different topics that make all of our IT-hearts go boom!
    Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
    SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
    Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
    In his session at @DevOpsSummit at 19th Cloud Expo, Yoseph Reuveni, Director of Software Engineering at Jet.com, will discuss Jet.com's journey into containerizing Microsoft-based technologies like C# and F# into Docker. He will talk about lessons learned and challenges faced, the Mono framework tryout and how they deployed everything into Azure cloud. Yoseph Reuveni is a technology leader with unique experience developing and running high throughput (over 1M tps) distributed systems with extre...
    Sharding has become a popular means of achieving scalability in application architectures in which read/write data separation is not only possible, but desirable to achieve new heights of concurrency. The premise is that by splitting up read and write duties, it is possible to get better overall performance at the cost of a slight delay in consistency. That is, it takes a bit of time to replicate changes initiated by a "write" to the read-only master database. It's eventually consistent, and it'...
    There's a lot of things we do to improve the performance of web and mobile applications. We use caching. We use compression. We offload security (SSL and TLS) to a proxy with greater compute capacity. We apply image optimization and minification to content. We do all that because performance is king. Failure to perform can be, for many businesses, equivalent to an outage with increased abandonment rates and angry customers taking to the Internet to express their extreme displeasure.
    Right off the bat, Newman advises that we should "think of microservices as a specific approach for SOA in the same way that XP or Scrum are specific approaches for Agile Software development". These analogies are very interesting because my expectation was that microservices is a pattern. So I might infer that microservices is a set of process techniques as opposed to an architectural approach. Yet in the book, Newman clearly includes some elements of concept model and architecture as well as p...
    No matter how well-built your applications are, countless issues can cause performance problems, putting the platforms they are running on under scrutiny. If you've moved to Node.js to power your applications, you may be at risk of these issues calling your choice into question. How do you identify vulnerabilities and mitigate risk to take the focus off troubleshooting the technology and back where it belongs, on innovation? There is no doubt that Node.js is one of today's leading platforms of ...
    SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
    Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
    Ovum, a leading technology analyst firm, has published an in-depth report, Ovum Decision Matrix: Selecting a DevOps Release Management Solution, 2016–17. The report focuses on the automation aspects of DevOps, Release Management and compares solutions from the leading vendors.
    SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...

    Let's just nip the conflation of these terms in the bud, shall we?

    "MIcro" is big these days. Both microservices and microsegmentation are having and will continue to have an impact on data center architecture, but not necessarily for the same reasons. There's a growing trend in which folks - particularly those with a network background - conflate the two and use them to mean the same thing.

    They are not.

    One is about the application. The other, the network. T...

    This is a no-hype, pragmatic post about why I think you should consider architecting your next project the way SOA and/or microservices suggest. No matter if it’s a greenfield approach or if you’re in dire need of refactoring. Please note: considering still keeps open the option of not taking that approach. After reading this, you will have a better idea about whether building multiple small components instead of a single, large component makes sense for your project. This post assumes that you...
    DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
    The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
    If you are within a stones throw of the DevOps marketplace you have undoubtably noticed the growing trend in Microservices. Whether you have been staying up to date with the latest articles and blogs or you just read the definition for the first time, these 5 Microservices Resources You Need In Your Life will guide you through the ins and outs of Microservices in today’s world.
    Before becoming a developer, I was in the high school band. I played several brass instruments - including French horn and cornet - as well as keyboards in the jazz stage band. A musician and a nerd, what can I say? I even dabbled in writing music for the band. Okay, mostly I wrote arrangements of pop music, so the band could keep the crowd entertained during Friday night football games. What struck me then was that, to write parts for all the instruments - brass, woodwind, percussion, even k...
    Node.js and io.js are increasingly being used to run JavaScript on the server side for many types of applications, such as websites, real-time messaging and controllers for small devices with limited resources. For DevOps it is crucial to monitor the whole application stack and Node.js is rapidly becoming an important part of the stack in many organizations. Sematext has historically had a strong support for monitoring big data applications such as Elastic (aka Elasticsearch), Cassandra, Solr, S...