Welcome!

Microservices Expo Authors: Elizabeth White, Liz McMillan, Todd Matters, Stackify Blog, Stefana Muller

Related Topics: Microservices Expo

Microservices Expo: Article

WS-I Basic Profile - Not just another Web service specification

WS-I Basic Profile - Not just another Web service specification

On August 12, 2003, the Web Services Interoperability Organization (WS-I), released the Final Material version of the WS-I Basic Profile 1.0 specification. This publication represents an important milestone for WS-I and the Web services community as a whole. It specifies the standards and technologies required for interoperability between Web services implementations running on different software and operating system platforms.

The Promise of Interoperability
The promise of interoperability is possibly the most important aspect of Web services technologies. That promise stems from the fact that Web services has its foundations in XML, which itself is interoperable across all platforms and programming languages. However, because Web services leverages heavily on the extensible nature of XML, the interoperability aspect of Web services is significantly challenged.

While most, if not all, vendors provide support for the established Web services standards, they are still motivated to provide added value to their customers in the form of advanced feature support for things such as security, reliability, transactions, and business process orchestration. Because many of the advanced Web services features are still in the early stages of development and adoption, developers and IT managers need more than just a checklist of (emerging) standards when making project implementation or product purchasing decisions. They need help in being able to determine when they are "coloring outside the lines" so that they can weigh the merits of incorporating these advanced features against the importance of ensuring broad interoperability of the deployed solution.

WS-I was founded with a mission to provide users of Web services technology with the guidance and tools that help them better understand where the boundary lies between the interoperable and not-necessarily-interoperable solution spaces so that they can make well-informed decisions.

About WS-I
The Web Services Interoperability Organization is an open industry effort chartered to promote Web services interoperability across platforms, applications, and programming languages. The organization brings together a diverse community of Web services leaders to respond to customer needs by providing guidance, recommended practices, and supporting resources, such as testing tools and sample applications, that enable the development of interoperable Web services.

WS-I Deliverables
The Basic Profile 1.0 is the first of a set of deliverables being produced by WS-I related to the Basic Profile. When complete, the package of deliverables produced in conjunction with all WS-I Profiles will be as follows:

  • Use cases and usage scenarios: Use cases and usage scenarios capture (respectively) business and technical requirements for the use of Web services. These requirements reflect the classes of real-world requirements supporting Web services solutions, and provide a framework to demonstrate the guidelines described in WS-I Profiles.
  • Profiles: A set of named Web services specifications at specific revision levels, together with a set of implementation and interoperability guidelines recommending how the specifications may be used to develop interoperable Web services.
  • Sample applications: Demonstrate the implementation of applications that are built from Web services usage scenarios and use cases, and that conform to a given set of profiles. Implementations of the same sample application on multiple platforms, languages, and development tools demonstrate interoperability in action, and provide readily usable resources for the Web services practitioner.
  • Testing tools: Used to monitor and analyze interactions with a Web service to determine whether or not the Web service instance or its artifacts (such as messages, WSDL, and UDDI registration components) conform to WS-I Profile guidelines.
At the time of this writing, each of the WS-I deliverables related to the Basic Profile 1.0 has been either formally approved as Final Material, or has been made public in the form of a Working Group Approval Draft.

Philosophy of the Profile
The WS-I Basic Profile was developed by the Basic Profile Working Group with a set of guiding principles that have been outlined in the Profile. These guiding principles form the "philosophy of the Profile."

Possibly the most important of these guiding principles is that there can be no guarantee of interoperability. The best that we could hope to achieve would be to improve the potential for interoperability since we were only dealing with the very basics of Web services technologies and we did not intend to address application-level semantics. Another key guiding principle is that the Profile never relaxes requirements of an underlying specification. That is to say that the Profile never changes a MUST to a SHOULD. However, the Profile often seeks to improve interoperability by reducing the optional features of an underlying specification by changing SHOULDs and SHOULD NOTs to MUSTs and MUST NOTs.

The Profile also focuses on interoperability, not functionality. While the underlying specifications may contain design flaws and inconsistencies, the Profile focuses only on those that directly affect interoperability. WS-I leaves the work of addressing any inadequacies of a specification to the standards body that is assigned stewardship of the standard.

Scope of the Profile
Each Profile has a scope that is defined by the set of referenced specifications. A Profile attempts to improve interoperability within its own scope by placing constraints on optional features of the referenced specifications, clarifications of ambiguities in the referenced specifications, and guidelines for use of the referenced specifications. A Profile does not impose constraints on that which is out of the scope of the Profile.

A key aspect of Web services is the composable nature of the specifications. WS-I Profiles are also intended to exhibit this same composable nature. They do so by defining the set of extensibility points, the extension mechanisms and parameters defined in the underlying specifications that may require out-of-band negotiation and/or agreement explicitly outside the scope of a Profile. While their use may impair interoperability, it is not subject to claims of conformance.

A Profile may place constraints on the use of extensibility points without constraining their range, so that specific uses of extensibility points may be further constrained by other Profiles to improve their interoperability when used in conjunction with the Profile.

The WS-I Basic Profile specification defines conformance of a Web service instance and its artifacts such as the messages it sends, its WSDL description and UDDI registration. The profile consists of the following set of nonproprietary Web services specifications:

  • SOAP 1.1
  • WSDL 1.1
  • UDDI 2.0
  • XML 1.0 (Second Edition)
  • XML Schema Part 1: Structures
  • XML Schema Part 2: Datatypes
  • RFC2246: The Transport Layer Security Protocol version 1.0
  • RFC2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile
  • RFC2616: HyperText Transfer Protocol 1.1
  • RFC2818: HTTP over TLS
  • RFC2965: HTTP State Management Mechanism
  • The Secure Sockets Layer Protocol version 3.0
The Profile adds constraints and clarifications to those base specifications with the intent to promote interoperability. Where the Profile is silent (i.e., imposes no clarification or constraint), the base specifications are normative. If the Profile prescribes a requirement in the form of a clarification or constraint, the Profile supersedes the underlying base specification. Some of the constraints imposed by the Profile are intended to restrict, or require, optional behavior and functionality so as to reduce the potential for interoperability problems resulting from impedance mismatch between implementations that have made different choices with regard to implementation of the optional functionality. Other Profile requirements are intended to clarify language in the base specifications that have been the source of frequent misinterpretation, resulting in interoperability problems. Where possible, the Basic Profile WG has tried to ensure that the Profile clarifications are aligned with the thinking and direction of the Working Group responsible for the stewardship of the underlying specification to which the clarification applies. For example, clarifications to the SOAP1.1 specification were often aligned with issue resolutions made by the W3C XML Protocol WG responsible for the development of the SOAP1.2 specification.

Profile Highlights
The following list highlights some of the key constraints imposed by the Profile:

  • Precludes the use of SOAP encoding
  • Requires the use of HTTP binding for SOAP
  • Requires the use of HTTP 500 status response for SOAP Fault messages
  • Requires the use of HTTP POST method
  • Requires the use of WSDL1.1 to describe the interface of a Web service
  • Requires the use of RPC-literal or document-literal forms of WSDL
  • Precludes the use of RPC-encoded–style WSDL
  • Precludes the use of solicit-response and notification style operations
  • Requires the use of WSDL SOAP binding extension with HTTP as the required transport
  • Requires the use of WSDL1.1 descriptions for UDDI tModel elements representing a Web service
What's Relevant to the Developer?
The WS-I Basic Profile 1.0 specification is a rather complex document. A majority of the specification is targeted at the audience of runtime platform and development tool vendors working on vendor-specific implementations of SOAP processors, WSDL parsers, code generators, and the like. You could reasonably consider the Profile to be a concerted effort by those tools and platform vendors to ensure that their respective products will either generate or host interoperable Web services instances.

However, it isn't enough that each of the major vendors adopt the Profile for their product offerings since each will likely retain support for certain features that the Profile does not sanction (such as RPC-encoded Web services) and most will offer support for features that are outside the scope of the Profile. A Web services developer or IT manager should be familiar with all of the profile specification's contents. However, certain sections of the Profile are specifically relevant to the implementation of interoperable Web services.

The following lists each substantive section of the profile specification and its relevance to a Web service practitioner.

  • Section 4: Relates to SOAP and the use of HTTP binding for SOAP. As such, it is mostly of interest to those developers writing SOAP processor implementations rather than Web services developers.
  • Section 5: Pertains to conformant use of WSDL, and as such should be of interest to Web services practitioners, especially those who handcraft their WSDL descriptions.
  • Section 6: Pertains to Web service discovery using UDDI. This, too, should be of interest to Web services practitioners. It describes conformant approaches to registration and categorization of a Web service in a UDDI registry.
  • Section 7: Relates to security of Web services using HTTP/S and should also be of interest to Web services practitioners who require security for the Web services they develop.
Many of the Profile requirements are often accompanied by examples of SOAP messages or WSDL descriptions that demonstrate both conformant and nonconformant adherence to the constraints and clarifications provided. The requirements associated with examples are likely to be of specific interest to Web services practitioners. However, the other WS-I deliverables related to the Profile may be more appropriate and relevant to the IT manager and Web service developer.

Scenarios, Sample Applications, and Testing Tools
The WS-I Sample Applications Working Group has developed deliverables based on the Basic Profile that a Web services practitioner will find useful.

  • A mock supply-chain sample application that demonstrates most of the key features of the WS-I Basic Profile
  • A Usage Scenarios specification that defines the most common design patterns for Web services and maps those scenarios to the Profile requirements that apply
The sample application serves a dual purpose. For vendors, it provides a means by which they can demonstrate and test their product's support for the requirements set forth by the Profile. To date, 10 vendors have produced independently developed implementations of the sample application, typically based on their respective runtime platform and/or development tooling. Each vendor has provided the source of their implementation so that Web services developers can better understand what they need to do to develop their own interoperable Web services.

The Testing Tools Working Group has delivered approval drafts of their reference testing tools for each of the major runtime platforms (Java and C#). They have also translated the constraints and requirements defined in WS-I Basic Profile 1.0 into formal test assertions that are used to configure the WS-I Testing Tools.

Web services practitioners can use the published reference testing tools to test their Web service instances, WSDL descriptions, and UDDI registrations for conformance to the Profile's requirements. IT managers can use the reports produced by the WS-I Testing Tools as a means of determining whether the Web services their developers have developed conform to the requirements of the Profile.

Future versions of the WS-I Testing Tools reports will be augmented to identify the extensibility points that are used in a Web service instance so that IT managers (and developers) can make informed decisions as to whether the solutions they develop and deploy meet the specific interoperability requirements of a given situation. If a Web service requires broad interoperability, such as might be the case with an Internet deployment of a service, they might wish to constrain the use of extensibility points to those covered by a WS-I Profile(s). Conversely, if a Web service is being deployed for use within an intranet, interoperability may not be considered as high a priority as the advanced features provided through the use of an extensibility point. IT managers can leverage the information provided by the testing tools to make an appropriate, well-informed decision based on the requirements of the given situation.

Looking Beyond WS-I Basic Profile 1.0
The WS-I Basic Profile 1.0 is, of course, just the tip of the iceberg. WS-I has already begun work on a number of follow-on profiles for Web services, including Attachments and Basic Security. Work will begin on future profiles, tackling some of the more advanced Web services features as the various specifications upon which they are based mature and stabilize and as the interoperability requirements associated with these advanced features are better understood by the community.

As WS-I releases these future profiles and their associated testing tools and sample applications deliverables, the Web services community benefits by reducing the tension induced by having to choose between the need for broad interoperability and the need for advanced functionality that is not yet broadly adopted.

References

  • WS-I: http://ws-i.org
  • WS-I Basic Profile 1.0: http://ws-i.org/Profiles/Basic/2003-08/BasicProfile-1.0a.htm
  • WS-I Testing Tools: http://ws-i.org/implementation.aspx
  • More Stories By Christopher Ferris

    Chris Ferris is an IBM Distinguished Engineer and CTO of Industry Standards in the Software Group Standards Strategy organization. He has been actively engaged in open standards development for XML and Web services since 1999. Ferris is former chair of the WS-I Basic Profile Working Group. He co-chairs the W3C Web Services Policy Working Group and serves as chair of the W3C XML Protocols Working Group. He represents IBM on the OASIS WS-RX Technical Committee. He is a former elected member of the OASIS Technical Advisory Board (TAB).

    Comments (0)

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


    @MicroservicesExpo Stories
    @DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
    New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...
    Microservices are increasingly used in the development world as developers work to create larger, more complex applications that are better developed and managed as a combination of smaller services that work cohesively together for larger, application-wide functionality. Tools such as Service Fabric are rising to meet the need to think about and build apps using a piece-by-piece methodology that is, frankly, less mind-boggling than considering the whole of the application at once. Today, we'll ...
    For most organizations, the move to hybrid cloud is now a question of when, not if. Fully 82% of enterprises plan to have a hybrid cloud strategy this year, according to Infoholic Research. The worldwide hybrid cloud computing market is expected to grow about 34% annually over the next five years, reaching $241.13 billion by 2022. Companies are embracing hybrid cloud because of the many advantages it offers compared to relying on a single provider for all of their cloud needs. Hybrid offers bala...
    In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, Doug Vanderweide, an instructor at Linux Academy, discussed why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers wit...
    Containers, microservices and DevOps are all the rage lately. You can read about how great they are and how they’ll change your life and the industry everywhere. So naturally when we started a new company and were deciding how to architect our app, we went with microservices, containers and DevOps. About now you’re expecting a story of how everything went so smoothly, we’re now pushing out code ten times a day, but the reality is quite different.
    What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
    SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
    For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
    21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
    Companies have always been concerned that traditional enterprise software is slow and complex to install, often disrupting critical and time-sensitive operations during roll-out. With the growing need to integrate new digital technologies into the enterprise to transform business processes, this concern has become even more pressing. A 2016 Panorama Consulting Solutions study revealed that enterprise resource planning (ERP) projects took an average of 21 months to install, with 57 percent of th...
    "We are a monitoring company. We work with Salesforce, BBC, and quite a few other big logos. We basically provide monitoring for them, structure for their cloud services and we fit into the DevOps world" explained David Gildeh, Co-founder and CEO of Outlyer, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
    Cloud Expo, Inc. has announced today that Andi Mann and Aruna Ravichandran have been named Co-Chairs of @DevOpsSummit at Cloud Expo Silicon Valley which will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. "DevOps is at the intersection of technology and business-optimizing tools, organizations and processes to bring measurable improvements in productivity and profitability," said Aruna Ravichandran, vice president, DevOps product and solutions marketing...
    In his session at Cloud Expo, Alan Winters, an entertainment executive/TV producer turned serial entrepreneur, presented a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to ma...
    "When we talk about cloud without compromise what we're talking about is that when people think about 'I need the flexibility of the cloud' - it's the ability to create applications and run them in a cloud environment that's far more flexible,” explained Matthew Finnie, CTO of Interoute, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
    A common misconception about the cloud is that one size fits all. Companies expecting to run all of their operations using one cloud solution or service must realize that doing so is akin to forcing the totality of their business functionality into a straightjacket. Unlocking the full potential of the cloud means embracing the multi-cloud future where businesses use their own cloud, and/or clouds from different vendors, to support separate functions or product groups. There is no single cloud so...
    Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
    The taxi industry never saw Uber coming. Startups are a threat to incumbents like never before, and a major enabler for startups is that they are instantly “cloud ready.” If innovation moves at the pace of IT, then your company is in trouble. Why? Because your data center will not keep up with frenetic pace AWS, Microsoft and Google are rolling out new capabilities. In his session at 20th Cloud Expo, Don Browning, VP of Cloud Architecture at Turner, posited that disruption is inevitable for comp...
    Hybrid IT is today’s reality, and while its implementation may seem daunting at times, more and more organizations are migrating to the cloud. In fact, according to SolarWinds 2017 IT Trends Index: Portrait of a Hybrid IT Organization 95 percent of organizations have migrated crucial applications to the cloud in the past year. As such, it’s in every IT professional’s best interest to know what to expect.
    If you cannot explicitly articulate how investing in a new technology, changing the approach or re-engineering the business process will help you achieve your customer-centric vision of the future in direct and measurable ways, you probably shouldn’t be doing it. At Intellyx, we spend a lot of time talking to technology vendors. In our conversations, we explore emerging new technologies that are either disrupting the way enterprise organizations work or that help enable those organizations to ...