1.3. Challenges of Web Service Development

There are numerous challenges faced by Web service developers. Web services are a new paradigm, and, as such, they are far from mature. Because they are in their initial stages, Web services technologies are evolving rapidly and sometimes in unexpected directions. No matter what platform a developer chooses to use, there are some specific challenges to developing Web services. For one, technologies and standards are evolving. As a result, developers can expect that these technologies may change as they are extended to provide enhanced Web services support. While such changes may cause some difficulties early on, as time goes on developers should find that using technologies such as those offered with the J2EE 1.4 platform will actually lessen the challenges to Web services development.

It is important to keep these factors in mind when developing Web services.

1.3.1. Evolving Technologies and Products

A key challenge in creating Web services-based solutions today is that Web services are still in their infancy. Web services, because of their emphasis on interoperability across platforms, operating systems, and programming languages, rely on a collection of technologies and various standards and specifications, many of which are still being defined and refined. Additional new standards are currently being defined to enable Web services to realize their full potential.

The emerging Web services technologies and products have a lot of promise and, as standards become formalized and additional vendors sign on, their promise is being fulfilled. More and more products and technologies implementing the Web service specifications have begun to appear, and they are meeting with more success.

Enterprises often use Web services as a means to distribute data or information. In addition, many businesses use services to conduct business transactions. Such business transactions may require a service to access other services; in a sense, to perform a global transaction. Although in the process of being defined, currently there are no universally accepted standards for such global transactions.

Interoperability is a continuous challenge. Web services have already achieved a significant degree of interoperability, but further standards are needed for the sort of widespread interoperability that fulfills the vision of Web services.

An additional challenge with Web services is the coordination of multiple services for processing business logic. Often, what appears to the end user as a single business process is really implemented as a series of stages in a workflow, and each stage of the workflow might be implemented as a separate service. In such cases, all the services must coordinate with each other during the various steps of the business logic processing to achieve the desired goal. Standards are necessary for coordination among services. Such standards are in the process of being defined, but none has yet been universally accepted. Similar to those previously mentioned, various other standards for other areas, such as security and so forth, are currently being defined.

1.3.2. Security

It should come as no surprise to anyone, but security is just as important for Web services as it is for other enterprise applications. In fact, now that applications on the Web open an enterprise's business processes and data to distributed clients, security becomes an even more important factor.

Information systems security, while of utmost importance to IT managers and system architects, must also be handled with the proper balance. It is not only important to protect information assets to maximize their value, but care must be taken to not overprotect these assets to a degree that jeopardizes that very value. Traditionally, IT departments have maintained a relatively high level of control, if not complete control, over the environment of both servers and clients. When information assets are exposed in less-protected environments, such as through Web services, it becomes increasingly important to maintain tight security over the most sensitive assets, while allowing relatively easier access to other assets.

One of the difficulties in handling disparate systems is providing an integrated security model. Security needs to be compatible with existing mechanisms. In cases where customers need to access secure information, the mechanisms need to maintain high security (and user confidence) while remaining as unobtrusive and transparent as possible.

The key security issues for Web services concern authentication, authorization, and ensuring confidentiality. Web services standards for security are a high priority area for the community, but, as they are still evolving, they remain a work in progress. Chapter 7 examines these issues and provides some interim solutions.

1.3.3. Reliability, Availability, and Scalability

Web services are often about large-scale distributed applications. With these types of applications, the reliability, availability, and scalability of services of the underlying platform and its technologies are important considerations.

Reliability is the aspect of a Web service representing how well it maintains its service and service quality. Often, reliability is measured by the number of failures that occur in a given time period. For Web services, reliability may be more difficult to achieve because of the unreliable nature of the underlying transport, HTTP; HTTP provides only best-effort delivery and does not guarantee packet or in-order delivery. A Web service is considered more reliable the more easily and automatically it can handle changes in use patterns and system configurations.

Availability concerns whether the Web service is present or ready for immediate use. Does a client have to wait for the Web service, or is the client's request immediately handled? In other words, availability represents the probability that a service is available.

Web services that scale effectively can easily handle a large number of client interactions. For such Web services, the platform and technologies must efficiently manage system resources and services (such as database connections and transactions). The platform must also be able to handle XML parsing, which is done to validate a document's contents. XML parsing is a compute-intensive process that significantly affects performance. XML by itself entails a very verbose format that increases payload size significantly when compared to an equivalent binary format.

To achieve reliability, availability, and scalability, Web services should not only be flexible enough to run on any server configuration appropriate to anticipated client volumes, they should also be capable of easily switching configurations when necessary. A platform's support for clustered application deployment environments contributes to achieving many of these goals. It is also helpful when the platform can handle such changes without requiring the applications to be redesigned, recoded, or redeployed.